last executing test programs:

43.705077008s ago: executing program 4 (id=1686):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1900000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="000000000000000000f4ff000000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000040), &(0x7f0000000280)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da070000000000010902240001000000000904000009030000000921000000012222000905810308"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_control_io$hid(r2, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_4={0x3, 0x1, 0x2, "f7940ef7"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @global=@item_4={0x3, 0x1, 0x3, "bd6ac505"}, @local=@item_012={0x2, 0x2, 0x0, "1a70"}, @main=@item_012={0x2, 0x0, 0x8, "5294"}, @local=@item_4={0x3, 0x2, 0x1}, @local=@item_4={0x3, 0x2, 0x0, "83632df5"}]}}, 0x0}, 0x0)
r3 = dup(0xffffffffffffffff)
syz_usb_ep_write(r2, 0x81, 0x1, &(0x7f0000000000)='B')
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
setns(r3, 0x2000000)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0), 0x42, 0x0)
syz_open_dev$hiddev(&(0x7f0000000480), 0x1ff, 0x12b100)
mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="11d8cd3d7d958d731ef4ce65f35ce653e716bf0b8b60f5709e536bdbde6f59c444c51fb321bd11e38e2914a9aa41b4b6d9d64fa80a4f23bc8ca23ef4912a8da49c0a7c063e063cfdefa2c42949cd35f56bd724267a728df0a0d51277b9f776bd7775fca9f9bfc59d80488f064ffeb0d049397c95981542ef5ad540df1c5144ab0c1d43309a", @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
r5 = openat$binfmt_register(0xffffff9c, &(0x7f0000000180), 0x1, 0x0)
write$binfmt_register(r5, &(0x7f00000001c0)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x7fffffff, 0x3a, '/_', 0x3a, ']$@K-^\\', 0x3a, './file0'}, 0x30)
read$FUSE(r4, &(0x7f00000021c0)={0x2020}, 0x2020)
syz_mount_image$exfat(&(0x7f0000000380), &(0x7f0000000180)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[], 0x1, 0x14fe, &(0x7f0000002ac0)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

39.85982829s ago: executing program 4 (id=1698):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x4508, &(0x7f0000000c40), 0xa, 0x4e4, &(0x7f0000001400)="$eJzs3c9vG1kdAPDvTOKStClJgUOpRFvRorSCOklD24hDKRKip0pAuZeQOFEUJ45ip22iClLxByAhBEiceuLSvwAk1AN/AEJCgjvix65Wu+3uYQ+765XtcZqmdhztOnGVfD7SdN57Huf7fVN5PDPvyRPAkXU+Im5FRF9EXI6I4aw9zZbbtcpmY7sXzx/N1JYkqtW77yaRZG07/+aJxltiICJ+fDviZ8nrccvrG4vTxWJhNauPVZZWxsrrG1cWlqbnC/OF5cnJietTN6auTY13pZ+1ft38/v9++6s//uDmX7714N/33r7081paQ9nrrfrRDY2u5+r7oqk/Ilb3I1gP9GXrXMct/7rvuQAA0FntHP9LEfH1+vn/cPTVz04BAACAw6T63aH4KImoAgAAAIdWWp8Dm6T5bC7AUKRpPt+Yw/uVOJ4WS+XKN+dKa8uzjbmyI5FL5xaKhfFsTu1I5JJafaJeflm/uqM+GRGnIuI3w4P1en6mVJzt9c0PAAAAOCJO7Lj+/2C4cf0PAAAAHDIjvU4AAAAA2HevXP8/6V0eAAAAwP4x/g8AAACH2g/v3Kkt1ebzr2fvr68tlu5fmS2UF/NLazP5mdLqSn6+VJqv/2bfUqe/VyyVVr4dy2sPxyqFcmWsvL5xb6m0tlwZXHjlEdgAAADAATp17tm/kojY/M5gfak51uukgAORdNpg+127/+5vLsDB6svWT//U40SAA9ff6wSAnsn1OgGg5zrdB2g7eedv3c8FAADYH6Nf3Rr/H2y2Ncf/O98b6Dh6CLzB0l4nAAAcOOP/cHTltmYAAkfVF3c2JBGb26qff/y/Wv0seQEAAN0zVF+SNJ+NBQ5FmubzESfrjwXIJXMLxcJ4dn3wz+HcF2r1ifo7E6P/AAAAAAAAAAAAAAAAAAAAAAAAALBH1WoSVQAAAOBQi0jfSrIn+Y8OXxzaeX/gWPLhcH0dEQ/+cPd3D6crldWJWvt7W+2V32ftVz1PHAAAAN4Ezev05nU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTTi+ePZprLay8e27+473wvIkZaxe+Pgfp6IHIRcfz9JPq3vS+JiL4uxN98HBGnW8VPamnFSJZFq/iDPYyfRsSJLsSHo+xZ7fhzq9XnL43z9XXrz1+t/P8uxG9//Eu3jn99bY4/J/cY48zmLvEfR5zpb338acZP2sS/sMf4P/3Jxka716pPIkZbfv8kr8QaqyytjJXXN64sLE3PF+YLy5OTE9enbkxdmxofm1soFrJ/W8b49df+/Mlu/T/eJv5Io//n2vX/4h77//E/Hj7/cqOYaxX/0oXW37+nG/Ff2/9p9t33jaz8olr9xWhWTjYb+3O7s0//fna3/s+26X+n//9Le+z/5R/98j973BQAOADl9Y3F6WKxsKrQulCt2lEKh7IQA7tt0+sjEwAA0G0vT/p7nQkAAAAAAAAAAAAAAAAAAAAcXQfxS2M7Y+7yc9QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3zaQAAAP//6ajYQw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
process_vm_writev(r2, &(0x7f0000000a40)=[{&(0x7f0000000380)=""/96, 0x60}, {0x0}, {0x0}, {0x0}, {&(0x7f00000007c0)=""/63, 0x3f}, {&(0x7f0000000800)=""/181, 0xb5}, {&(0x7f00000008c0)}, {&(0x7f00000009c0)=""/102, 0x66}], 0x8, &(0x7f0000000e40), 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x35, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_GET_THP_DISABLE(0x2a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000400)=@framed, &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={0x0, r7}, 0x10)

27.436657181s ago: executing program 4 (id=1755):
socket(0x10, 0x3, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x7fffffff, 0x1000000, 0x0, "c10000d34700000000fa25ffff00ffffff00"})
r2 = syz_open_pts(r1, 0x141601)
ioctl$TIOCMBIS(r2, 0x5416, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000500)={[{@fat=@uid}, {@dots}, {@dots}, {@dots}, {@fat=@nfs}, {@nodots}, {@fat=@nfs_stale_rw}, {@nodots}, {@fat=@umask={'umask', 0x3d, 0x8b3}}, {@nodots}, {@dots}, {}, {@dots}, {@fat=@errors_continue}, {@nodots}, {@dots}, {@dots}, {@nodots}, {@fat=@time_offset={'time_offset', 0x3d, 0xfffffffffffffcea}}, {@dots}, {@nodots}, {@nodots}]}, 0xf9, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
syz_open_procfs(0x0, &(0x7f0000000100)='attr/exec\x00')
r6 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r6, 0x890b, &(0x7f0000000240)={0x0, {0x2, 0x4e24, @private=0xa010101}, {0x4, 0x4e25, @empty}, {0x2, 0x4e23, @remote}, 0x184, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000180)='veth0_to_batadv\x00', 0x3ff, 0x0, 0xfff})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x34, 0x4, 0x0, 0x0, 0xd0, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x6, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x3c, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@remote}, {@dev, 0x659}, {@broadcast, 0x3}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2, 0x9}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2, 0xfffffffe}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r9, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r9, 0x0)
r10 = dup(r8)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)

26.469194293s ago: executing program 4 (id=1770):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x4508, &(0x7f0000000c40), 0xa, 0x4e4, &(0x7f0000001400)="$eJzs3c9vG1kdAPDvTOKStClJgUOpRFvRorSCOklD24hDKRKip0pAuZeQOFEUJ45ip22iClLxByAhBEiceuLSvwAk1AN/AEJCgjvix65Wu+3uYQ+765XtcZqmdhztOnGVfD7SdN57Huf7fVN5PDPvyRPAkXU+Im5FRF9EXI6I4aw9zZbbtcpmY7sXzx/N1JYkqtW77yaRZG07/+aJxltiICJ+fDviZ8nrccvrG4vTxWJhNauPVZZWxsrrG1cWlqbnC/OF5cnJietTN6auTY13pZ+1ft38/v9++6s//uDmX7714N/33r7081paQ9nrrfrRDY2u5+r7oqk/Ilb3I1gP9GXrXMct/7rvuQAA0FntHP9LEfH1+vn/cPTVz04BAACAw6T63aH4KImoAgAAAIdWWp8Dm6T5bC7AUKRpPt+Yw/uVOJ4WS+XKN+dKa8uzjbmyI5FL5xaKhfFsTu1I5JJafaJeflm/uqM+GRGnIuI3w4P1en6mVJzt9c0PAAAAOCJO7Lj+/2C4cf0PAAAAHDIjvU4AAAAA2HevXP8/6V0eAAAAwP4x/g8AAACH2g/v3Kkt1ebzr2fvr68tlu5fmS2UF/NLazP5mdLqSn6+VJqv/2bfUqe/VyyVVr4dy2sPxyqFcmWsvL5xb6m0tlwZXHjlEdgAAADAATp17tm/kojY/M5gfak51uukgAORdNpg+127/+5vLsDB6svWT//U40SAA9ff6wSAnsn1OgGg5zrdB2g7eedv3c8FAADYH6Nf3Rr/H2y2Ncf/O98b6Dh6CLzB0l4nAAAcOOP/cHTltmYAAkfVF3c2JBGb26qff/y/Wv0seQEAAN0zVF+SNJ+NBQ5FmubzESfrjwXIJXMLxcJ4dn3wz+HcF2r1ifo7E6P/AAAAAAAAAAAAAAAAAAAAAAAAALBH1WoSVQAAAOBQi0jfSrIn+Y8OXxzaeX/gWPLhcH0dEQ/+cPd3D6crldWJWvt7W+2V32ftVz1PHAAAAN4Ezev05nU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTTi+ePZprLay8e27+473wvIkZaxe+Pgfp6IHIRcfz9JPq3vS+JiL4uxN98HBGnW8VPamnFSJZFq/iDPYyfRsSJLsSHo+xZ7fhzq9XnL43z9XXrz1+t/P8uxG9//Eu3jn99bY4/J/cY48zmLvEfR5zpb338acZP2sS/sMf4P/3Jxka716pPIkZbfv8kr8QaqyytjJXXN64sLE3PF+YLy5OTE9enbkxdmxofm1soFrJ/W8b49df+/Mlu/T/eJv5Io//n2vX/4h77//E/Hj7/cqOYaxX/0oXW37+nG/Ff2/9p9t33jaz8olr9xWhWTjYb+3O7s0//fna3/s+26X+n//9Le+z/5R/98j973BQAOADl9Y3F6WKxsKrQulCt2lEKh7IQA7tt0+sjEwAA0G0vT/p7nQkAAAAAAAAAAAAAAAAAAAAcXQfxS2M7Y+7yc9QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3zaQAAAP//6ajYQw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

13.640796617s ago: executing program 4 (id=1815):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x4508, &(0x7f0000000c40), 0xa, 0x4e4, &(0x7f0000001400)="$eJzs3c9vG1kdAPDvTOKStClJgUOpRFvRorSCOklD24hDKRKip0pAuZeQOFEUJ45ip22iClLxByAhBEiceuLSvwAk1AN/AEJCgjvix65Wu+3uYQ+765XtcZqmdhztOnGVfD7SdN57Huf7fVN5PDPvyRPAkXU+Im5FRF9EXI6I4aw9zZbbtcpmY7sXzx/N1JYkqtW77yaRZG07/+aJxltiICJ+fDviZ8nrccvrG4vTxWJhNauPVZZWxsrrG1cWlqbnC/OF5cnJietTN6auTY13pZ+1ft38/v9++6s//uDmX7714N/33r7081paQ9nrrfrRDY2u5+r7oqk/Ilb3I1gP9GXrXMct/7rvuQAA0FntHP9LEfH1+vn/cPTVz04BAACAw6T63aH4KImoAgAAAIdWWp8Dm6T5bC7AUKRpPt+Yw/uVOJ4WS+XKN+dKa8uzjbmyI5FL5xaKhfFsTu1I5JJafaJeflm/uqM+GRGnIuI3w4P1en6mVJzt9c0PAAAAOCJO7Lj+/2C4cf0PAAAAHDIjvU4AAAAA2HevXP8/6V0eAAAAwP4x/g8AAACH2g/v3Kkt1ebzr2fvr68tlu5fmS2UF/NLazP5mdLqSn6+VJqv/2bfUqe/VyyVVr4dy2sPxyqFcmWsvL5xb6m0tlwZXHjlEdgAAADAATp17tm/kojY/M5gfak51uukgAORdNpg+127/+5vLsDB6svWT//U40SAA9ff6wSAnsn1OgGg5zrdB2g7eedv3c8FAADYH6Nf3Rr/H2y2Ncf/O98b6Dh6CLzB0l4nAAAcOOP/cHTltmYAAkfVF3c2JBGb26qff/y/Wv0seQEAAN0zVF+SNJ+NBQ5FmubzESfrjwXIJXMLxcJ4dn3wz+HcF2r1ifo7E6P/AAAAAAAAAAAAAAAAAAAAAAAAALBH1WoSVQAAAOBQi0jfSrIn+Y8OXxzaeX/gWPLhcH0dEQ/+cPd3D6crldWJWvt7W+2V32ftVz1PHAAAAN4Ezev05nU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTTi+ePZprLay8e27+473wvIkZaxe+Pgfp6IHIRcfz9JPq3vS+JiL4uxN98HBGnW8VPamnFSJZFq/iDPYyfRsSJLsSHo+xZ7fhzq9XnL43z9XXrz1+t/P8uxG9//Eu3jn99bY4/J/cY48zmLvEfR5zpb338acZP2sS/sMf4P/3Jxka716pPIkZbfv8kr8QaqyytjJXXN64sLE3PF+YLy5OTE9enbkxdmxofm1soFrJ/W8b49df+/Mlu/T/eJv5Io//n2vX/4h77//E/Hj7/cqOYaxX/0oXW37+nG/Ff2/9p9t33jaz8olr9xWhWTjYb+3O7s0//fna3/s+26X+n//9Le+z/5R/98j973BQAOADl9Y3F6WKxsKrQulCt2lEKh7IQA7tt0+sjEwAA0G0vT/p7nQkAAAAAAAAAAAAAAAAAAAAcXQfxS2M7Y+7yc9QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3zaQAAAP//6ajYQw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
process_vm_writev(r3, &(0x7f0000000a40)=[{&(0x7f0000000380)=""/96, 0x60}, {0x0}, {0x0}, {0x0}, {&(0x7f00000007c0)=""/63, 0x3f}, {&(0x7f0000000800)=""/181, 0xb5}, {&(0x7f00000008c0)}, {&(0x7f00000009c0)=""/102, 0x66}], 0x8, &(0x7f0000000e40), 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x35, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_GET_THP_DISABLE(0x2a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={0x0}, 0x10)
ioctl$HCIINQUIRY(r2, 0x800448d4, &(0x7f0000000080)={0x0, 0x200, "408b7c"})

8.11920629s ago: executing program 2 (id=1852):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={0x0}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000001080)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000050000000000000001000084000000000300000002000000000000000000000000000005000000000000005f"], &(0x7f0000000280)=""/265, 0x41, 0x109, 0x1, 0x0, 0x0, @void, @value}, 0x20)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x4, 0x5, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

7.203968006s ago: executing program 2 (id=1854):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2cf6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, &(0x7f0000000280)={0x0, 0x21, 0x7, {0x7, 0x0, "3d7da32915"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020701200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000700000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b0af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r8}, 0x10)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r9, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r10, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r11 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x13, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
setsockopt$sock_int(r11, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
close_range(r10, 0xffffffffffffffff, 0x0)
readv(r5, &(0x7f0000000440)=[{&(0x7f0000000100)=""/78, 0x4e}], 0x1)

5.598340831s ago: executing program 1 (id=1857):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYRES16=r0, @ANYRESHEX=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1e, 0x0, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), 0x0}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r7, &(0x7f0000003100)={0x0, 0x0, &(0x7f00000030c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000000004030020080000000000"], 0x14}}, 0x0)

5.167425887s ago: executing program 0 (id=1859):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x4508, &(0x7f0000000c40), 0xa, 0x4e4, &(0x7f0000001400)="$eJzs3c9vG1kdAPDvTOKStClJgUOpRFvRorSCOklD24hDKRKip0pAuZeQOFEUJ45ip22iClLxByAhBEiceuLSvwAk1AN/AEJCgjvix65Wu+3uYQ+765XtcZqmdhztOnGVfD7SdN57Huf7fVN5PDPvyRPAkXU+Im5FRF9EXI6I4aw9zZbbtcpmY7sXzx/N1JYkqtW77yaRZG07/+aJxltiICJ+fDviZ8nrccvrG4vTxWJhNauPVZZWxsrrG1cWlqbnC/OF5cnJietTN6auTY13pZ+1ft38/v9++6s//uDmX7714N/33r7081paQ9nrrfrRDY2u5+r7oqk/Ilb3I1gP9GXrXMct/7rvuQAA0FntHP9LEfH1+vn/cPTVz04BAACAw6T63aH4KImoAgAAAIdWWp8Dm6T5bC7AUKRpPt+Yw/uVOJ4WS+XKN+dKa8uzjbmyI5FL5xaKhfFsTu1I5JJafaJeflm/uqM+GRGnIuI3w4P1en6mVJzt9c0PAAAAOCJO7Lj+/2C4cf0PAAAAHDIjvU4AAAAA2HevXP8/6V0eAAAAwP4x/g8AAACH2g/v3Kkt1ebzr2fvr68tlu5fmS2UF/NLazP5mdLqSn6+VJqv/2bfUqe/VyyVVr4dy2sPxyqFcmWsvL5xb6m0tlwZXHjlEdgAAADAATp17tm/kojY/M5gfak51uukgAORdNpg+127/+5vLsDB6svWT//U40SAA9ff6wSAnsn1OgGg5zrdB2g7eedv3c8FAADYH6Nf3Rr/H2y2Ncf/O98b6Dh6CLzB0l4nAAAcOOP/cHTltmYAAkfVF3c2JBGb26qff/y/Wv0seQEAAN0zVF+SNJ+NBQ5FmubzESfrjwXIJXMLxcJ4dn3wz+HcF2r1ifo7E6P/AAAAAAAAAAAAAAAAAAAAAAAAALBH1WoSVQAAAOBQi0jfSrIn+Y8OXxzaeX/gWPLhcH0dEQ/+cPd3D6crldWJWvt7W+2V32ftVz1PHAAAAN4Ezev05nU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTTi+ePZprLay8e27+473wvIkZaxe+Pgfp6IHIRcfz9JPq3vS+JiL4uxN98HBGnW8VPamnFSJZFq/iDPYyfRsSJLsSHo+xZ7fhzq9XnL43z9XXrz1+t/P8uxG9//Eu3jn99bY4/J/cY48zmLvEfR5zpb338acZP2sS/sMf4P/3Jxka716pPIkZbfv8kr8QaqyytjJXXN64sLE3PF+YLy5OTE9enbkxdmxofm1soFrJ/W8b49df+/Mlu/T/eJv5Io//n2vX/4h77//E/Hj7/cqOYaxX/0oXW37+nG/Ff2/9p9t33jaz8olr9xWhWTjYb+3O7s0//fna3/s+26X+n//9Le+z/5R/98j973BQAOADl9Y3F6WKxsKrQulCt2lEKh7IQA7tt0+sjEwAA0G0vT/p7nQkAAAAAAAAAAAAAAAAAAAAcXQfxS2M7Y+7yc9QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3zaQAAAP//6ajYQw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
process_vm_writev(r3, &(0x7f0000000a40)=[{&(0x7f0000000380)=""/96, 0x60}, {0x0}, {0x0}, {0x0}, {&(0x7f00000007c0)=""/63, 0x3f}, {&(0x7f0000000800)=""/181, 0xb5}, {&(0x7f00000008c0)}, {&(0x7f00000009c0)=""/102, 0x66}], 0x8, &(0x7f0000000e40), 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x35, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_GET_THP_DISABLE(0x2a)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000400)=@framed, &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={0x0, r8}, 0x10)
ioctl$HCIINQUIRY(r2, 0x800448d4, &(0x7f0000000080)={0x0, 0x200, "408b7c"})

4.713999715s ago: executing program 1 (id=1860):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x1, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', 0x0, &(0x7f0000001400)=ANY=[], 0x835, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
sendfile(0xffffffffffffffff, r0, 0x0, 0x80000000)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB='\x00'/21], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) (fail_nth: 1)

4.264406183s ago: executing program 0 (id=1864):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={0x0}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000001080)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000050000000000000001000084000000000300000002000000000000000000000000000005000000000000005f"], &(0x7f0000000280)=""/265, 0x41, 0x109, 0x1, 0x0, 0x0, @void, @value}, 0x20)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x4, 0x5, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

4.197730688s ago: executing program 3 (id=1866):
syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@dellink={0x20, 0x11, 0x101, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x20}}, 0x0)

4.148688232s ago: executing program 2 (id=1867):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40042, 0x1ff)
write$binfmt_elf32(r2, &(0x7f0000000040)=ANY=[], 0x158)
close(r2)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) (fail_nth: 1)

3.705195539s ago: executing program 0 (id=1868):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000050000000200000000100000", @ANYRES32, @ANYBLOB="ff0700000000000000000000000000008148b9fa", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40042, 0x1ff)
write$binfmt_elf32(r2, &(0x7f0000000040)=ANY=[], 0x158)
close(r2)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)

3.678886602s ago: executing program 0 (id=1869):
socket(0x10, 0x3, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x7fffffff, 0x1000000, 0x0, "c10000d34700000000fa25ffff00ffffff00"})
r2 = syz_open_pts(r1, 0x141601)
ioctl$TIOCMBIS(r2, 0x5416, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000500)={[{@fat=@uid}, {@dots}, {@dots}, {@dots}, {@fat=@nfs}, {@nodots}, {@fat=@nfs_stale_rw}, {@nodots}, {@fat=@umask={'umask', 0x3d, 0x8b3}}, {@nodots}, {@dots}, {}, {@dots}, {@fat=@errors_continue}, {@nodots}, {@dots}, {@dots}, {@nodots}, {@fat=@time_offset={'time_offset', 0x3d, 0xfffffffffffffcea}}, {@dots}, {@nodots}, {@nodots}]}, 0xf9, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
syz_open_procfs(0x0, &(0x7f0000000100)='attr/exec\x00')
r6 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r6, 0x890b, &(0x7f0000000240)={0x0, {0x2, 0x4e24, @private=0xa010101}, {0x4, 0x4e25, @empty}, {0x2, 0x4e23, @remote}, 0x184, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000180)='veth0_to_batadv\x00', 0x3ff, 0x0, 0xfff})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x30, 0x4, 0x0, 0x0, 0xc0, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback, {[@timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev, 0x659}, {@broadcast, 0x3}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2, 0x9}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2, 0xfffffffe}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r9, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r9, 0x0)
r10 = dup(r8)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)

3.671985853s ago: executing program 3 (id=1870):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r1, 0x40087703, 0xfffffffe)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r1, 0x0)
ioctl$ASHMEM_SET_NAME(r1, 0x40087708, &(0x7f00000007c0)='\x00\x00\x03\x06\x00\x00\x00\x05\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \x15\x9a\x9f\xf0:\xfd$\xad\xbb\x9a|c\xfc\"\xee\xc4\x93Q\x82\x16\xbf\xe3c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16=\xcc\xb0\x1b7\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\xa9\x96\xf8/0Xd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xf6<\xbfB\xe7\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xe1\x13Y\x86\xd8\xbfH\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\xf4[n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x9fZ\xff*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03i\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84x\x00\x00X\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\x94W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3a\x99\x17\x85\x9a\x05\xb1\x12K\\\xf2\xd5\b^[D~~\x84\\\xe4\x00')
ioctl$ASHMEM_SET_NAME(r1, 0x40087708, &(0x7f0000000300)='\x00\x00\x00\v\x00\x00\x00\x01\x00x\x92\x12\xbc\x00\x00\xbb\x0642\x9c\x1a\xd1\xcbx\xb0\xd6\x1e\x10gQ\xca\x0e;\xf7\'\x8c\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn\x05\x00\x00\x00-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \xac\xc4K\x03\xfa\x13Vz\xbf\xe3c\x8d \x0f\xb1\xe9\xf2oci(\xcb\x82\x05\xfe[H\xaf\x01\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafd%\xf1\xdbjE\x01\xd1sD5hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\x851Y9OB\xdeB\xe1\x02-&\"1hS\x92\xe4$-\x02\x00\xe4\x8e\"\x85\xc9x\xef\x81E.r\x89\xe5\x00\x9e\x97\x96\xb8j\x81\xf0\xdca\xfb\xa6\xff\xff\xff\xff\x00\x00\x00\x00d\xf0\xf1j\x11\x12\xc0\xbb\xfdq~#\xf7\xa8\"$,\xf4\x84|\x89o\x00<\xa6-\xb0\xd3\x80\xbe\xcf\a\x00\xfc\xa6\xb1\x05\x94\x84l\xbfA\xeb\xd8\t\x00\x00\x00CvNhx461\x04N<\xedV\xcet\xaa~\xf3j\x94\xec\x92\x86uY\xf6\xb5\t?,~\xa67\\\xb9\xc9K\xf8\x9d\x96\xc0\xb5\xc7wF\x99\x12\x97T\x90.\x9c\xe3\x9a\xf1\xb9\x9c\x13\xbc\x19\xde/\xaahB\t\x97\a03\xcd\xb3\xc8\xd5l\x14!\xf9Xg2\x1d\xeeB\xccT\x0e\xd8\xef\xc8\xe9\xb4\xf3l\xc3\xf2\x998\xc8\xc2|2\xee\xb4W\x99f.\xeb\xe9\x05\xcbkz3+\xdd\xe1*8\x95@0t0\xad\xe3#\xd7\x19\xe7Q\xdfmI\xe5\x1e\xe4\x87\xc9\x8f\xa7\xe0\xd9v\xf6\x01\x9d\x8f`,\x1a8\x81I\x86l\x8f2\r:\xc1\x02\xd6Z%\xa7Ks\x8bUolS\x05\xbe\x97\x1fGe\x94\xa6\xa3\xab\xdb\r\x17\xff[\xb1\x00\xff\x7f\x00\x00\x00\x00') (fail_nth: 1)

3.403239834s ago: executing program 2 (id=1871):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='ext4_evict_inode\x00', r0, 0x0, 0x2}, 0x18)
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x7, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r6}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r7}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f00000003c0)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
process_mrelease(0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0xb, 0x6, 0x10001, 0xd, 0x11082, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0xffffffff, 0x3, 0x0, 0x0, @void, @value, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000340)={r8, &(0x7f0000000080), &(0x7f0000000380)=""/173}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r9}, 0x10)

2.98428301s ago: executing program 3 (id=1873):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = inotify_init1(0x0)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, <r2=>0x0})
r3 = syz_open_procfs(r2, &(0x7f0000000040)='fd/4\x00')
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r3, 0x8004587d, &(0x7f0000000180)={@id={0x40000, 0x0, @b}}) (fail_nth: 1)

2.753733419s ago: executing program 0 (id=1874):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = inotify_init1(0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000500)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a505000000007751e841cca555077e3a159110193dd2ff1fa7c3205bfedbe9d8f3bd23cd78a07e32fe0231368b2264f9c504b2f1f65515b2e1a38d522be18bd10a48b043ccc42646d25dfd73d06d7535f7866925d86751dfced1fd8accae669e173a659c1cfd6587d47578f4c35235138d5521f9453559c35da860e8efbcbfb42c30d294a55e0146680bee88956f2b3599f455c7a3a49a01010000009f2f0517e4ca0e1803a2971a50f713d4e21b3336f1ae0796f23526ec0fd97f7325eac34c4dfafe7cc03b0864009d2e7d7ff6ff72ba8972b122b09789d99b3d0524f39d5ae913b2d22eb2c09244ba5dbe9180950f76f7049db5cb19d7962fed44e00f39ed8c13a11fa798de504e2865cd81f2b77fdd76c677f812d249c8130b018d4300000020000000db3947c85c3a9027ce9e856fa8b7fb05000000000000593d60abc9b3e67d127e56f3d3759dcfeb820634fd4d419efaefc74305b2bea2000600000051fcf5d62205561b6efaad206335a309f7b9e01446a6285f4665a7fe3cda2349f8bf400100000000000000f435f28fbeda75cf971f54a9698cf3270f420ee83f2d9babe7b922401639ce3c4ff0850a8e078374909413f3fbd3ced3284db730fc594609654d97836f171b766ffd7526847a6bfda9c648e8aa5c558aa6d463ec9d840f3914909187b6b0776952be71b0417d33d3ab25493418ba0fbacf768e07c1a939d31f606085b9e3efc93b0f58d5ec37494d9d10d76e603129e9a726579ac7d672cacd581b7ca77b3610b7403930fd42051d4b7443e5b49c000000000000007d6173050027791c9c1e04ad3711a66da2254a6f911b1469c62a6e1e3f9c1715c009a58e6eadac8f61b45853673df72dc813f7454ae22d79ac48034282f03040889500000000179dcf66d93907cedd49e0c5752f755849953957143a0335d2f62acbf18b25b5251ce63b29fe177745448ccc925770fac12cf9e291200df6bb669d5a57dd74df817ef2f8698f710c359afe73947afebdf5536e4db8b0231d0cbc798766ec60586f14b44775bc9d250e4515cb83275d3b495fa90000e66a060000cc914fae896ab129ccdf8792a8435972c8391d132a2fcbd40e865d62cc7c4e00000000100000000000000000000800002a77fbbccfdb1ab3d8434905f09726b8145ea99c76400000000000000000df0a10a54ce7e7ddbb709a27d977d1f91ab9ee940700009594c9a50961b7fcc56d82584dc8254df7c411fa61353a6897c4f3b9f152fdf6f2ab47add39aefecce96c94f360e129c9f2af569c794b68b2ead404bcdd4aa9cb6a128e1ad45fd4030e1e69adf4986b7860f3122d59c079f0f9a1732f691590f45512aec4ed2413f66cac7dd022301741c576dea82005b166d6c3b9ed0c297ac197a92188a618745e78dca0b3c62f1601243089d9c687563382b0b88a7d80fd7bf7fae8a690f52db1464d29b1b926414cd35705c89662c585e32c881d917b74f027674dbc017499ba15a2e2900000000000000000000000000007b593ecbdd162fee9f239a3c615b3e9a3fb0af254bdd247a5a5abdbc0123c950eec0f1800b295be71418dd65de15e11beef9630499c70fce74135a7c7c8e818b79b85ff65d59d89492d7a663d3f25651e252ab49d358eac853ffe182ee37a5db085a072647719cb8604ba2e0b80af3f1867bd8fb6afca671437e0a5a9d5a088436739262d894986882ec0fb419a377ef47f4920a5de6d8de0d3090b4cb6b773e825442d351f980eed0d997a4d98a5121e941b145e2186546c646128a3e69f52fcad83a026def90b9eb55f4a0a2251bbae428c6c017b5a47f1580831a7ce232857e6aa9e777e99da1a3ad03fdc93fa7ed96228deac5e3bce983971041297a6ba18783a2edc7e3901cc891035872c61e7ea375b0902be0c5cc7fdef968ba1ca17ce5e11f2f384cd28c1194f56d3cf074e8ba4e60e84dc2f352c3cd170581aee0c93ca8ceff84cda40325d340759e79e5c4bcec227e37f7ec2193c78877fb319ec1f2d4dcf1d46a15cde1d6cecce6ecdb0c0a3413394d51341a7b3606ad8c29b6dbf6be3265b562f562cf2ab122a6e7e33b28c3208de35161bfe19678df43a45b314e5a0f8754cfaf4f9d3fdf9c8f7b7c296bf2e632d25ba8ee6369b362a8e4c9dff176d482d32249c93680a04f6464f184acfd0376662fee9e1031e569248db9bc724cdd97976a4d7c5c5172d1383fa1e442f68a14b747a9f2597bf115dd0111fe8ba3584a43176f33bd39a408f8648b19839bba9cc47624ea19e46dbbdf0faf591bcdc8613828a0c5a40c04ae14bbf4a0e27828b0c7db030425a4bd69cf6dcb4b1d066f8ef4ea1c710e05819df82d5cc94ace6b41c2de37a2eaf24f24b3d9a7dd4d197d51407be3e90000000000000000dbc0b0d6e11ccb71437ebea7ad01d5b93a7a0561e4a1b3fa1aa9c75f3aaec4ace1b6201a3e007b657be62df59133b4d8f0f145d9fc954cc7792077268bf0977e2a699722ce3dbb97248b8a8a771dd0f7d9c97e6587524a44fd6d49330ccbc39ca277b84f7f0a39759ef0b4238cbd69fe341a925e8cdc5d7b2d6ddb7331a0000000000000000000000000375d6c629ed6277cfcc98fba94b205ce8f5f82170eb50b510b717fe625affa2504229e9fee9ad2d4c0aeae3ff5295b6339da67fec6d7e69553d92e710fc70222ea720117f0c4109279420ec77c97935384e8d105a6b959fd38835ce52fe5c1dffea2506e019b7262380a40c0688dcf593eaa9247dc11575e4d57c68aeca871519413c702410000000000f2c716f86b497fe972e687cd88e46f5578db4e2282725842b1a0d575320162a8b59b881854ed112acb60"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x9}]}, 0x10)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xe}}, 0x10)
sendmmsg$inet(r4, &(0x7f0000000e80)=[{{&(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10, 0x0}}], 0x1, 0xc044)
write$binfmt_misc(r4, &(0x7f0000000300), 0xfdef)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, <r5=>0x0})
openat$cgroup_devices(r0, &(0x7f0000000100)='devices.deny\x00', 0x2, 0x0)
r6 = syz_open_procfs(r5, &(0x7f0000000040)='fd/4\x00')
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r6, 0x8004587d, &(0x7f0000000280)={@desc={0x1, 0x0, @desc3}})

1.646151582s ago: executing program 2 (id=1875):
socket$inet(0x2, 0x3, 0x5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x103, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x25)
timerfd_settime(0xffffffffffffffff, 0x3, 0x0, 0x0)
syz_emit_ethernet(0x83, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
unshare(0x22020600)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./bus\x00', 0x18, &(0x7f0000000440)={[{@inline_data}, {}, {@alloc_mode_def}, {@six_active_logs}, {@noflush_merge}, {@disable_roll_forward}, {@inline_data}, {@nouser_xattr}, {@heap}, {@flush_merge}, {@noextent_cache}, {@adaptive_mode}, {@grpjquota}]}, 0x1, 0x5517, &(0x7f00000079c0)="$eJzs3E1vG1UXAODjpOl3+0avWLDrSBVSItVWnY8KdgFa8SFSRQUWrMCxHcut7YlixwlZsWCJWPBPEEisWPIbWLBmh1iA2CGBPDOBBKhUFMemzfNI4zP3+vrMuVZV6cxEDuDMmk9++akU1+NSRMxGxNWI7LxUHJm1PDwfEUlEzBw5SsX8HxPnI+JyRFwfJc9zloq3Prs1vLn645s/f/3thXNXPv/qu+ntGpi2FyKiu52f73XzmLby+LCYrw3bWeyuDIuYv9F9VIzTPO41N7MMe7XDdbUsLrfy9en2bn8Utzq1+ii22lvZ/HYvv2B/2DrMk33gYW0nGzeam1ls99Mstg7yuvYP8v/bDvqDPE+jyPdhlj4Gg8OYzzf3m/l+th9lsd4bFPN53rTR3B/FYRGLy0U97TSyOjZP8k3/t73V7u3uJ8PmTr+d9pLVSvXFSvVOubqTNpqD5kq51m3cWUkWWp3RsvKgWeuutdK01WlW6ml3MVlo1evlajVZuNvcbNd6SbVaWa7cLq8uFme3ktfuv5t0GsnCKL7S7u0O2p1+spXuJPknFpOlyvJLi8nNavL2+kay8eDevfWNd96/+979l9ffeLVY9LeykoWl20tL5ert8lJ18Qzt/+Oi6DHuH06kNO0CAJ4+/7b/v/G4/j/0/8CTO73+f+dBxOn3/6H/H4unqv896/3/KewfTkT/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwZn0/98Xr2cl8Pr5SzF8rpv5fjEsRMRMRv/2D2Th/LOdskWfuMevn/lLDN6XIMoyucaE4LkfEWnH8+r/T/hYAAADg2fXlRzc+zbv1/GV+2gUxSflNm5mrH4wpXyki5uZ/GFO2mdHLc2NKlv37Phf7Y8qW3cC6OKZk+S23c+PK9kRmj4WLR0IpDzMTLQcAAJiI453AZLsQAAAAJumTaRfAdJTi8FHm4bPg7C/v/3wgeOnY6Khrk6gPAAAAOLnStAsAAAAATl3W//v9PwAAAHi25b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8zs795KYNRHEAfja40H8qqrrvVbqDY/QIXXbZcoBeggN0Qa6QC3AGsssRIojwOAQiFok8tpXo+yRnMpb58QbBYmakAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3VTrxdWf7//a5uz27eQZDQAAAHDJtlov6n9mqf+xuf+5ufW16RcRUUbEpbn7KN6dZY6anOrx+f+nz1dPariOqBMO7zFprg8R8aO57r50/SkAAADA27VZruZptp7+zIYuiD6lRZvy089MeUVEVLPbTGnlIe9bprD6+z2O35nS6gWsaaawtOQ2zpX2LPXP/bhqNz1pitSUF192LDLb2AEAgB6Nzpp+ZyEAAAD06dfQBTCMIh62Mo9bgZPUNNt77896AAAAwCtUDF0AAAAA0Ll6/t/T+X/7l57/99f5fwAAAJBFOv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALm2r9WKzXM3b5uz27eQZDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD37M87CoRAGITB3vWdydz/sNKgqalJFQgff2MwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCb3/3l/8TUOJPMvTaWnkeStVNj69TYOzeO/jC+fg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCxPy8pEAJBEAVzxv9O+v6HlQQ9gwgR0PCoohYNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8EW/++X/xNQ4k8ydNpaOR5K1q8bWVWPvQePowXj7NwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCxcz+vcVRxAMDfzOxsbVVco+whIgoe9GK329ram3hQggf/BCGk2xq79Uebgy1FzMWb5NyL6FFEUOKt/0POCeQSbznsIYJnZWZnspMf4PprZpN8PvDmfXcY5n3fLIR8570EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKo7cncZIdOuM4Ls5t7j1cyvqtQ33m8dr2fNayOKoz6ZPhxeqHqNtcIgAAAJwdSVnfhxB20vWFrI87ef2fltdkNf+3T4/jsp4/XPeXfVn7Z+2Xn3ef3x+oMx4nu+nN5eHg0tFUWv/fLGfbM395RSt/8vm7lyT/QuL3Vp8bpfnzjL7e2HinnYfn6sgWAPgnLpZ9EZS/D2V9v8nEADgzWpXCu6z/k06zOQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUYbQanizjKIQw35rEma29h0vH9Y/XtufLdu3Ro7Xw5eSe2S3SEMLN5eHgUq2zmW337j+4vTgcDu7WH7wUQmhq9LeK6d/+YIqLQ2jk+Qj+oyAuvuxZyedkBA3+UAIA4FRKi5bV9Tvp+kJ2LpoL4Y/vDtb/r1biMGX9v/vhtc3qWNX6v1/bDGdfb+XOp7179x+8vnxn8dbg1uDjNy733+xfuX716vVe/q6k540JAAAA/067aNX6P547uv5/oRKHKev/z77pf1EdK1H/H2uy6Nd0JgAAAGfbsy///lt0zPmo3Q6fL66s3O2Pj/ufL4+PDaT6t50rWrX+T+aazgoAAACow2g1OrD+f6MShynX/5/6/oUfq/dMQgjni/X/i0ufDG/UN52ZVsefEzc9RwAAAJp1vmjV9f803/8f7295iEMIr70yjot/AzhV/Z+8+9UP1bGq+/+v1DfFmRR3x88j77shtLpNZwQAAMBp9kTRsmL/13R94aOfLrzftv8fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoG5/BgAA///U8j8V")
symlink(&(0x7f0000000580)='.\x02/file1\x00', &(0x7f00000002c0)='.\x02\x00')
syslog(0x2, 0x0, 0x0)
r3 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00')
setns(r3, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

1.645379242s ago: executing program 3 (id=1876):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x4508, &(0x7f0000000c40), 0xa, 0x4e4, &(0x7f0000001400)="$eJzs3c9vG1kdAPDvTOKStClJgUOpRFvRorSCOklD24hDKRKip0pAuZeQOFEUJ45ip22iClLxByAhBEiceuLSvwAk1AN/AEJCgjvix65Wu+3uYQ+765XtcZqmdhztOnGVfD7SdN57Huf7fVN5PDPvyRPAkXU+Im5FRF9EXI6I4aw9zZbbtcpmY7sXzx/N1JYkqtW77yaRZG07/+aJxltiICJ+fDviZ8nrccvrG4vTxWJhNauPVZZWxsrrG1cWlqbnC/OF5cnJietTN6auTY13pZ+1ft38/v9++6s//uDmX7714N/33r7081paQ9nrrfrRDY2u5+r7oqk/Ilb3I1gP9GXrXMct/7rvuQAA0FntHP9LEfH1+vn/cPTVz04BAACAw6T63aH4KImoAgAAAIdWWp8Dm6T5bC7AUKRpPt+Yw/uVOJ4WS+XKN+dKa8uzjbmyI5FL5xaKhfFsTu1I5JJafaJeflm/uqM+GRGnIuI3w4P1en6mVJzt9c0PAAAAOCJO7Lj+/2C4cf0PAAAAHDIjvU4AAAAA2HevXP8/6V0eAAAAwP4x/g8AAACH2g/v3Kkt1ebzr2fvr68tlu5fmS2UF/NLazP5mdLqSn6+VJqv/2bfUqe/VyyVVr4dy2sPxyqFcmWsvL5xb6m0tlwZXHjlEdgAAADAATp17tm/kojY/M5gfak51uukgAORdNpg+127/+5vLsDB6svWT//U40SAA9ff6wSAnsn1OgGg5zrdB2g7eedv3c8FAADYH6Nf3Rr/H2y2Ncf/O98b6Dh6CLzB0l4nAAAcOOP/cHTltmYAAkfVF3c2JBGb26qff/y/Wv0seQEAAN0zVF+SNJ+NBQ5FmubzESfrjwXIJXMLxcJ4dn3wz+HcF2r1ifo7E6P/AAAAAAAAAAAAAAAAAAAAAAAAALBH1WoSVQAAAOBQi0jfSrIn+Y8OXxzaeX/gWPLhcH0dEQ/+cPd3D6crldWJWvt7W+2V32ftVz1PHAAAAN4Ezev05nU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTTi+ePZprLay8e27+473wvIkZaxe+Pgfp6IHIRcfz9JPq3vS+JiL4uxN98HBGnW8VPamnFSJZFq/iDPYyfRsSJLsSHo+xZ7fhzq9XnL43z9XXrz1+t/P8uxG9//Eu3jn99bY4/J/cY48zmLvEfR5zpb338acZP2sS/sMf4P/3Jxka716pPIkZbfv8kr8QaqyytjJXXN64sLE3PF+YLy5OTE9enbkxdmxofm1soFrJ/W8b49df+/Mlu/T/eJv5Io//n2vX/4h77//E/Hj7/cqOYaxX/0oXW37+nG/Ff2/9p9t33jaz8olr9xWhWTjYb+3O7s0//fna3/s+26X+n//9Le+z/5R/98j973BQAOADl9Y3F6WKxsKrQulCt2lEKh7IQA7tt0+sjEwAA0G0vT/p7nQkAAAAAAAAAAAAAAAAAAAAcXQfxS2M7Y+7yc9QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3zaQAAAP//6ajYQw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
process_vm_writev(r3, &(0x7f0000000a40)=[{&(0x7f0000000380)=""/96, 0x60}, {0x0}, {0x0}, {0x0}, {&(0x7f00000007c0)=""/63, 0x3f}, {&(0x7f0000000800)=""/181, 0xb5}, {&(0x7f00000008c0)}, {&(0x7f00000009c0)=""/102, 0x66}], 0x8, &(0x7f0000000e40), 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x35, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000400)=@framed, &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={0x0, r8}, 0x10)
ioctl$HCIINQUIRY(r2, 0x800448d4, &(0x7f0000000080)={0x0, 0x200, "408b7c"})

1.442510619s ago: executing program 0 (id=1877):
socket$inet(0x2, 0x3, 0x5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x103, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x25)
timerfd_settime(0xffffffffffffffff, 0x3, 0x0, 0x0)
syz_emit_ethernet(0x83, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
unshare(0x22020600)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./bus\x00', 0x18, &(0x7f0000000440)={[{@inline_data}, {}, {@alloc_mode_def}, {@six_active_logs}, {@noflush_merge}, {@disable_roll_forward}, {@inline_data}, {@nouser_xattr}, {@heap}, {@flush_merge}, {@noextent_cache}, {@adaptive_mode}, {@grpjquota}]}, 0x1, 0x5517, &(0x7f00000079c0)="$eJzs3E1vG1UXAODjpOl3+0avWLDrSBVSItVWnY8KdgFa8SFSRQUWrMCxHcut7YlixwlZsWCJWPBPEEisWPIbWLBmh1iA2CGBPDOBBKhUFMemzfNI4zP3+vrMuVZV6cxEDuDMmk9++akU1+NSRMxGxNWI7LxUHJm1PDwfEUlEzBw5SsX8HxPnI+JyRFwfJc9zloq3Prs1vLn645s/f/3thXNXPv/qu+ntGpi2FyKiu52f73XzmLby+LCYrw3bWeyuDIuYv9F9VIzTPO41N7MMe7XDdbUsLrfy9en2bn8Utzq1+ii22lvZ/HYvv2B/2DrMk33gYW0nGzeam1ls99Mstg7yuvYP8v/bDvqDPE+jyPdhlj4Gg8OYzzf3m/l+th9lsd4bFPN53rTR3B/FYRGLy0U97TSyOjZP8k3/t73V7u3uJ8PmTr+d9pLVSvXFSvVOubqTNpqD5kq51m3cWUkWWp3RsvKgWeuutdK01WlW6ml3MVlo1evlajVZuNvcbNd6SbVaWa7cLq8uFme3ktfuv5t0GsnCKL7S7u0O2p1+spXuJPknFpOlyvJLi8nNavL2+kay8eDevfWNd96/+979l9ffeLVY9LeykoWl20tL5ert8lJ18Qzt/+Oi6DHuH06kNO0CAJ4+/7b/v/G4/j/0/8CTO73+f+dBxOn3/6H/H4unqv896/3/KewfTkT/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwZn0/98Xr2cl8Pr5SzF8rpv5fjEsRMRMRv/2D2Th/LOdskWfuMevn/lLDN6XIMoyucaE4LkfEWnH8+r/T/hYAAADg2fXlRzc+zbv1/GV+2gUxSflNm5mrH4wpXyki5uZ/GFO2mdHLc2NKlv37Phf7Y8qW3cC6OKZk+S23c+PK9kRmj4WLR0IpDzMTLQcAAJiI453AZLsQAAAAJumTaRfAdJTi8FHm4bPg7C/v/3wgeOnY6Khrk6gPAAAAOLnStAsAAAAATl3W//v9PwAAAHi25b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8zs795KYNRHEAfja40H8qqrrvVbqDY/QIXXbZcoBeggN0Qa6QC3AGsssRIojwOAQiFok8tpXo+yRnMpb58QbBYmakAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3VTrxdWf7//a5uz27eQZDQAAAHDJtlov6n9mqf+xuf+5ufW16RcRUUbEpbn7KN6dZY6anOrx+f+nz1dPariOqBMO7zFprg8R8aO57r50/SkAAADA27VZruZptp7+zIYuiD6lRZvy089MeUVEVLPbTGnlIe9bprD6+z2O35nS6gWsaaawtOQ2zpX2LPXP/bhqNz1pitSUF192LDLb2AEAgB6Nzpp+ZyEAAAD06dfQBTCMIh62Mo9bgZPUNNt77896AAAAwCtUDF0AAAAA0Ll6/t/T+X/7l57/99f5fwAAAJBFOv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALm2r9WKzXM3b5uz27eQZDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD37M87CoRAGITB3vWdydz/sNKgqalJFQgff2MwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCb3/3l/8TUOJPMvTaWnkeStVNj69TYOzeO/jC+fg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCxPy8pEAJBEAVzxv9O+v6HlQQ9gwgR0PCoohYNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8EW/++X/xNQ4k8ydNpaOR5K1q8bWVWPvQePowXj7NwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCxcz+vcVRxAMDfzOxsbVVco+whIgoe9GK329ram3hQggf/BCGk2xq79Uebgy1FzMWb5NyL6FFEUOKt/0POCeQSbznsIYJnZWZnspMf4PprZpN8PvDmfXcY5n3fLIR8570EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKo7cncZIdOuM4Ls5t7j1cyvqtQ33m8dr2fNayOKoz6ZPhxeqHqNtcIgAAAJwdSVnfhxB20vWFrI87ef2fltdkNf+3T4/jsp4/XPeXfVn7Z+2Xn3ef3x+oMx4nu+nN5eHg0tFUWv/fLGfbM395RSt/8vm7lyT/QuL3Vp8bpfnzjL7e2HinnYfn6sgWAPgnLpZ9EZS/D2V9v8nEADgzWpXCu6z/k06zOQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUYbQanizjKIQw35rEma29h0vH9Y/XtufLdu3Ro7Xw5eSe2S3SEMLN5eHgUq2zmW337j+4vTgcDu7WH7wUQmhq9LeK6d/+YIqLQ2jk+Qj+oyAuvuxZyedkBA3+UAIA4FRKi5bV9Tvp+kJ2LpoL4Y/vDtb/r1biMGX9v/vhtc3qWNX6v1/bDGdfb+XOp7179x+8vnxn8dbg1uDjNy733+xfuX716vVe/q6k540JAAAA/067aNX6P547uv5/oRKHKev/z77pf1EdK1H/H2uy6Nd0JgAAAGfbsy///lt0zPmo3Q6fL66s3O2Pj/ufL4+PDaT6t50rWrX+T+aazgoAAACow2g1OrD+f6MShynX/5/6/oUfq/dMQgjni/X/i0ufDG/UN52ZVsefEzc9RwAAAJp1vmjV9f803/8f7295iEMIr70yjot/AzhV/Z+8+9UP1bGq+/+v1DfFmRR3x88j77shtLpNZwQAAMBp9kTRsmL/13R94aOfLrzftv8fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoG5/BgAA///U8j8V")
symlink(&(0x7f0000000580)='.\x02/file1\x00', &(0x7f00000002c0)='.\x02\x00')
syslog(0x2, 0x0, 0x0)
r3 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00')
setns(r3, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

1.148036744s ago: executing program 3 (id=1878):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={0x0}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000001080)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000050000000000000001000084000000000300000002000000000000000000000000000005000000000000005f"], &(0x7f0000000280)=""/265, 0x41, 0x109, 0x1, 0x0, 0x0, @void, @value}, 0x20)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x4, 0x5, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

543.354304ms ago: executing program 1 (id=1879):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
connect$netlink(r1, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000980), 0xffffffffffffffff)
r3 = socket$netlink(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000680)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000000100)={'wg1\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x20, r2, 0x1, 0x0, 0x0, {0xd}, [@ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x20}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0x400, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xb, 0x6}, {0x1e, 0x4}, {0x3, 0x9}}, [@TCA_CHAIN={0x8, 0xb, 0x5}, @TCA_RATE={0x6, 0x5, {0x81, 0xf8}}, @TCA_RATE={0x6, 0x5, {0x8, 0x9}}]}, 0x3c}}, 0x0)

471.91742ms ago: executing program 1 (id=1880):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x16, 0x0, 0x8400, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r0, 0x0, 0x20000000}, 0x20)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000400)={r0, 0x0, 0x20000000}, 0x20)

443.819003ms ago: executing program 1 (id=1881):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000004c0)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'wg0\x00', <r3=>0x0})
sendto$packet(r2, &(0x7f0000000180)="0b03feff4f00020002004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r3}, 0x14) (fail_nth: 1)

66.198844ms ago: executing program 1 (id=1882):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x4508, &(0x7f0000000c40), 0xa, 0x4e4, &(0x7f0000001400)="$eJzs3c9vG1kdAPDvTOKStClJgUOpRFvRorSCOklD24hDKRKip0pAuZeQOFEUJ45ip22iClLxByAhBEiceuLSvwAk1AN/AEJCgjvix65Wu+3uYQ+765XtcZqmdhztOnGVfD7SdN57Huf7fVN5PDPvyRPAkXU+Im5FRF9EXI6I4aw9zZbbtcpmY7sXzx/N1JYkqtW77yaRZG07/+aJxltiICJ+fDviZ8nrccvrG4vTxWJhNauPVZZWxsrrG1cWlqbnC/OF5cnJietTN6auTY13pZ+1ft38/v9++6s//uDmX7714N/33r7081paQ9nrrfrRDY2u5+r7oqk/Ilb3I1gP9GXrXMct/7rvuQAA0FntHP9LEfH1+vn/cPTVz04BAACAw6T63aH4KImoAgAAAIdWWp8Dm6T5bC7AUKRpPt+Yw/uVOJ4WS+XKN+dKa8uzjbmyI5FL5xaKhfFsTu1I5JJafaJeflm/uqM+GRGnIuI3w4P1en6mVJzt9c0PAAAAOCJO7Lj+/2C4cf0PAAAAHDIjvU4AAAAA2HevXP8/6V0eAAAAwP4x/g8AAACH2g/v3Kkt1ebzr2fvr68tlu5fmS2UF/NLazP5mdLqSn6+VJqv/2bfUqe/VyyVVr4dy2sPxyqFcmWsvL5xb6m0tlwZXHjlEdgAAADAATp17tm/kojY/M5gfak51uukgAORdNpg+127/+5vLsDB6svWT//U40SAA9ff6wSAnsn1OgGg5zrdB2g7eedv3c8FAADYH6Nf3Rr/H2y2Ncf/O98b6Dh6CLzB0l4nAAAcOOP/cHTltmYAAkfVF3c2JBGb26qff/y/Wv0seQEAAN0zVF+SNJ+NBQ5FmubzESfrjwXIJXMLxcJ4dn3wz+HcF2r1ifo7E6P/AAAAAAAAAAAAAAAAAAAAAAAAALBH1WoSVQAAAOBQi0jfSrIn+Y8OXxzaeX/gWPLhcH0dEQ/+cPd3D6crldWJWvt7W+2V32ftVz1PHAAAAN4Ezev05nU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTTi+ePZprLay8e27+473wvIkZaxe+Pgfp6IHIRcfz9JPq3vS+JiL4uxN98HBGnW8VPamnFSJZFq/iDPYyfRsSJLsSHo+xZ7fhzq9XnL43z9XXrz1+t/P8uxG9//Eu3jn99bY4/J/cY48zmLvEfR5zpb338acZP2sS/sMf4P/3Jxka716pPIkZbfv8kr8QaqyytjJXXN64sLE3PF+YLy5OTE9enbkxdmxofm1soFrJ/W8b49df+/Mlu/T/eJv5Io//n2vX/4h77//E/Hj7/cqOYaxX/0oXW37+nG/Ff2/9p9t33jaz8olr9xWhWTjYb+3O7s0//fna3/s+26X+n//9Le+z/5R/98j973BQAOADl9Y3F6WKxsKrQulCt2lEKh7IQA7tt0+sjEwAA0G0vT/p7nQkAAAAAAAAAAAAAAAAAAAAcXQfxS2M7Y+7yc9QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3zaQAAAP//6ajYQw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
process_vm_writev(r3, &(0x7f0000000a40)=[{&(0x7f0000000380)=""/96, 0x60}, {0x0}, {0x0}, {0x0}, {&(0x7f00000007c0)=""/63, 0x3f}, {&(0x7f0000000800)=""/181, 0xb5}, {&(0x7f00000008c0)}, {&(0x7f00000009c0)=""/102, 0x66}], 0x8, &(0x7f0000000e40), 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x35, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_GET_THP_DISABLE(0x2a)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000400)=@framed, &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={0x0, r8}, 0x10)
ioctl$HCIINQUIRY(r2, 0x800448d4, &(0x7f0000000080)={0x0, 0x200, "408b7c"})

28.664068ms ago: executing program 2 (id=1883):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
getgroups(0x0, 0x0)
ioperm(0x0, 0x8, 0x4)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0xc, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x400000000000009, 0x0, 0x0)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x190)
ftruncate(0xffffffffffffffff, 0x7fff)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000e00)={'filter\x00', 0x7, 0x4, 0x3f8, 0xf0, 0xe0, 0x200, 0x310, 0xf0, 0x310, 0x4, 0x0, {[{{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}, {{@arp={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_macvtap\x00', 'wg1\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @empty, @multicast2}}}, {{@arp={@multicast1, @multicast2, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'gre0\x00', 'bridge0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x448)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x1000408, &(0x7f00000000c0)=ANY=[], 0x3c, 0x2dc, &(0x7f0000000740)="$eJzs3M9rE1sUwPGTNG3TlDZZPB6893j0oBvdDG3cC0FaEANKbcQfIEybiYaMSciESkRsXLn13zB02V1B6x/QjTtXbsRNN4KbgtZIMlOb1NQmqWka8v1AuSdz78nM5U7KmYGZndsvH2VSjpEyi+IPqvhFyrInEqlFjXzic5sx93PQbcpycfLL+/9VRGLx+Pyi6kJs6VJUVadnXj9+un5uqzh5a2N6c1y2I/d3Pkc/bv+9/c/O96WHaUfTjmZzRTV1OfehaC7blibTTsZQvWFbpmNpOutYBbc/V/R2K/l8Sc1sciqUL1iOo2a2pBmrpMWcFgslNR+Y6awahqFTIRkeuzP1Jt9pXqKyuGjGutzpSpd5+OO2fttbKOz/eN5Wm3sSld4dEwAAOKta1v+7zfW/z2v9jfW/pyzlWv1/887da23U/5tjR9T/uWPr/3p/ys5R/3cr+OumRGWk+/ofA6IwIVJZl4Nf9PN767P1gPofAAAAAAAAAAAAAAAAAAAAAIBBsFuthqvVarjW+sWNa3/j3gMj+5/7fZzojcb1d9c6UFt11n9INDy4FxSxX6wmVhNu6/bHUpIWWyyZlbB8q58PHjdeuBqf92ldRN7Ya17+2mpipDl/TsISaZ0/5+Zrc/6ohBrzoxKWv1rnR1vmj8mF8w35hoTl3YrkxJZk/bw+yH82p3rlevxQ/oQkWzwxBwAAAADAIDL0p5bX74ZxVL+b3879gdmW1+cB+TfQ37kDAAAAADAsnNKTjGnbVuHY4JWXcezgT97Atr/5pMFoB7PoLPD17JtPGuy/k7nzdO/2zNpZmMVABIHaSd+wJXTk4OkRb1Xa3sW491bm2pa96qExlzf++9q/uZ/6vyIAAAAAPXZQ9Pf7SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF6n8Tqxfs8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCt+BAAA///NJR5k")
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="0100000000000000010100c0"])
fcntl$setsig(0xffffffffffffffff, 0x3, 0x7fffffffffffffec)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r6 = dup(r5)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$LOOP_SET_BLOCK_SIZE(r6, 0x4c09, 0x2)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000140), 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==")
ftruncate(r0, 0x20cf01)
prlimit64(0x0, 0xb, &(0x7f0000000140)={0xec7e, 0x8b}, 0x0)

27.886498ms ago: executing program 3 (id=1884):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x301)
ioctl$USBDEVFS_SUBMITURB(r0, 0xc0105500, &(0x7f0000000000)=@urb_type_interrupt={0x1, {}, 0xf52, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x1, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
clock_adjtime(0x0, &(0x7f0000000680)={0x19b1, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffffffffffff, 0x0, 0x10000, 0xe5, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf4b})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000001f00000000000000ea1f850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0xff4d, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r5, &(0x7f0000002800)=[{&(0x7f0000002500)='\f7', 0x2}], 0x1)
write$cgroup_pid(r5, &(0x7f00000031c0), 0x12)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000040)={0x0, 'veth1_to_hsr\x00', {0x3}, 0xf800})

0s ago: executing program 4 (id=1872):
open$dir(0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3000010, &(0x7f0000000080), 0x1, 0x513, &(0x7f00000010c0)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOt7rW1aSpOmNOk6LYt28T8QQcEnn3wR/AOEZR78A2RgQF/EB1FRRGf0QVDnSpIbp5Mmbd1pm07z+cBpzrn35n7PuSEn98fpvQGMrRci4o2ImIiIlyOimE9P87TYLux3l7t/753ldkoiy976axJJPq23rnZ5MiKud98SUxHxtS9HfDM5HLe5u7exVKtVt/NypVXfqjR3926u15fWqmvVzfn5udcWXl94dWE2yz1WO0u9zE++9Pn3Pv2t3y3++ca329X63EeiEH3tOE3dphc626KnvY22zyLYCEzk7SmMuiIAAJxIex//gxHxic7+fzEmOntzfSZGUTMAAADgtGRfmI5/JxEZAAAAcGmlETEdSVrOxwJMR5peyc8NfDiupbVGs/Wp1cbO5kp7XkQpCunqeq06m48VLkUhaZfn8jG2vfIrfeX5iHgmIr5fvNopl5cbtZURn/sAAACAcXG97/j/H8W0kz/egP8TAAAAAC6u0tACAAAAcFk45AcAAIDLr//4/70R1QMAAAA4E1958812ynrPv155e3dno/H2zZVqc6Nc31kuLze2t8prjcZa55599ePWV2s0tj4Tmzu3Kq1qs1Vp7u4t1hs7m63F9UcegQ0AAACco2c+fvvXSUTsf/ZqJ0V+H0CAR/xh1BUATtPEqCsAjIy7eMP4Koy6AsDIJcfMN3gHAACefDMfPXz9v/f8f+cG4HIz1gcAxo/r/zC+CkYAwlhLI+ID3exTw5YZev3/lyeNkmURd4oHpzi/CAAA52u6k5K0nB8HTEealssRT0ekpSgkq+u16mx+fPCrYuGpdnmu887k2DHDAAAAAAAAAAAAAAAAAAAAAAAAAEBXliWRAQAAAJdaRPqnpHM3/4iZ4kvT/ecHriT/LMYf88KP3vrBraVWa3uuPf1vnWd5XYmI1g/z6a8MfXwYAAAAcNqS/aGzusfp+evcudYKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDFw/947y710nnH/8sWIKA2KPxlTndepKETEtb8nMXngfUlETJxC/P13I+LZQfGTeJBlWSmvxaD4V884fqmzaQbHTyPi+inEh3F2u93/vDHo+5fGC53Xwd+/yTw9ruH9X5pHfrbTzw3qf54+tLb6wBjP3f1ZZWj8dyOemxzc//T632RI/BcPre1fWZYdjvGNr+/tDYuf/ThiZuDvT/JIrEqrvlVp7u7dXK8vrVXXqpvz83OvLby+8OrCbGV1vVbN/w6M8b2P/fzBUe2/NiD+b3/T7X+Pav9Lw1ba5z93b937UDdbGBT/xosDf3+nYkj8NP/t+2Seb8+f6eX3u/mDnv/pneePav/KkO1/3Od/44Ttf/mr3/39CRcFAM5Bc3dvY6lWq24fkZk6wTJPYuYXUxeiGv9nJvtO95O7KPV5v5n23urDKb1WXYCKHchk5xZrIi5Ik/+XGWm3BAAAnIGHO/2jrgkAAAAAAAAAAAAAAAAAAACMr/O4nVh/zP3RNBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ej/DQAA///M/t/r")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x80000, 0x0, 0x0, 0x0, &(0x7f0000000380))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000400))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000001600)={'veth1\x00'})
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==")
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x2, 0x0)
mmap(&(0x7f0000feb000/0x4000)=nil, 0x4000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

kernel console output (not intermixed with test programs):

mm kworker/u4:3: corrupted in-inode xattr
[  383.708881][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  383.815545][    T6] usb 3-1: New USB device found, idVendor=0b54, idProduct=62a0, bcdDevice=a0.56
[  383.831667][    T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  383.855408][    T6] usb 3-1: Product: syz
[  383.868296][    T6] usb 3-1: Manufacturer: syz
[  383.881622][    T6] usb 3-1: SerialNumber: syz
[  383.892106][    T6] usb 3-1: config 0 descriptor??
[  384.030300][ T6984] loop3: detected capacity change from 0 to 40427
[  384.119722][ T6984] F2FS-fs (loop3): invalid crc value
[  384.141685][    T6] usb 3-1: USB disconnect, device number 22
[  384.147584][ T6984] F2FS-fs (loop3): Found nat_bits in checkpoint
[  384.195972][ T6984] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  384.206927][ T6984] FAULT_INJECTION: forcing a failure.
[  384.206927][ T6984] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  384.219906][ T6984] CPU: 1 PID: 6984 Comm: syz.3.1737 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  384.229602][ T6984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  384.239501][ T6984] Call Trace:
[  384.242621][ T6984]  <TASK>
[  384.245400][ T6984]  dump_stack_lvl+0x151/0x1c0
[  384.249917][ T6984]  ? io_uring_drop_tctx_refs+0x190/0x190
[  384.255381][ T6984]  ? down_read_trylock+0x3d6/0x7d0
[  384.260328][ T6984]  ? memset+0x35/0x40
[  384.264150][ T6984]  dump_stack+0x15/0x20
[  384.268140][ T6984]  should_fail+0x3c6/0x510
[  384.272395][ T6984]  should_fail_usercopy+0x1a/0x20
[  384.277254][ T6984]  _copy_from_user+0x20/0xd0
[  384.281677][ T6984]  io_submit_one+0xbf/0x1dd0
[  384.286109][ T6984]  ? lookup_ioctx+0x2c0/0x2c0
[  384.290618][ T6984]  ? asm_exc_page_fault+0x27/0x30
[  384.295481][ T6984]  ? blk_start_plug+0x5a/0x170
[  384.300079][ T6984]  __se_sys_io_submit+0x168/0x3c0
[  384.304937][ T6984]  ? __x64_sys_io_submit+0x90/0x90
[  384.309886][ T6984]  ? __ia32_sys_read+0x90/0x90
[  384.314486][ T6984]  __x64_sys_io_submit+0x7b/0x90
[  384.319262][ T6984]  x64_sys_call+0x58b/0x9a0
[  384.323597][ T6984]  do_syscall_64+0x3b/0xb0
[  384.327850][ T6984]  ? clear_bhb_loop+0x35/0x90
[  384.332365][ T6984]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  384.338091][ T6984] RIP: 0033:0x7ff7fdbddff9
[  384.342344][ T6984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  384.361788][ T6984] RSP: 002b:00007ff7fc857038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  384.370033][ T6984] RAX: ffffffffffffffda RBX: 00007ff7fdd95f80 RCX: 00007ff7fdbddff9
[  384.377844][ T6984] RDX: 0000000020000540 RSI: 0000000000003f0a RDI: 00007ff7fdd6f000
[  384.385655][ T6984] RBP: 00007ff7fc857090 R08: 0000000000000000 R09: 0000000000000000
[  384.393468][ T6984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  384.401276][ T6984] R13: 0000000000000000 R14: 00007ff7fdd95f80 R15: 00007fff58b637f8
[  384.409093][ T6984]  </TASK>
[  384.447688][ T6993] loop1: detected capacity change from 0 to 128
[  384.490295][ T6498] attempt to access beyond end of device
[  384.490295][ T6498] loop3: rw=524288, want=45072, limit=40427
[  384.490361][ T6993] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  384.502175][ T6498] attempt to access beyond end of device
[  384.502175][ T6498] loop3: rw=0, want=45072, limit=40427
[  384.512261][ T6993] ext4 filesystem being mounted at /36/mnt supports timestamps until 2038 (0x7fffffff)
[  384.544703][ T6498] attempt to access beyond end of device
[  384.544703][ T6498] loop3: rw=2049, want=45112, limit=40427
[  384.556309][ T6993] fscrypt: loop1: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12
[  385.041193][ T7002] loop0: detected capacity change from 0 to 256
[  385.047644][   T30] kauditd_printk_skb: 27 callbacks suppressed
[  385.047685][   T30] audit: type=1400 audit(1729429538.569:3268): avc:  denied  { read } for  pid=6992 comm="syz.1.1739" name="file0" dev="loop1" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  385.384552][ T7006] bridge0: port 1(bridge_slave_0) entered blocking state
[  385.415876][ T7006] bridge0: port 1(bridge_slave_0) entered disabled state
[  385.423783][ T7006] device bridge_slave_0 entered promiscuous mode
[  385.432107][ T6998] loop2: detected capacity change from 0 to 40427
[  385.441667][ T7006] bridge0: port 2(bridge_slave_1) entered blocking state
[  385.448621][ T7006] bridge0: port 2(bridge_slave_1) entered disabled state
[  385.454816][ T7013] binfmt_misc: register: failed to install interpreter file ./file0
[  385.455864][ T7006] device bridge_slave_1 entered promiscuous mode
[  385.486072][ T7015] loop0: detected capacity change from 0 to 2048
[  385.497117][ T6998] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  385.504783][ T6998] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  385.523352][ T6998] F2FS-fs (loop2): Unrecognized mount option "01777777777777777777777" or missing value
[  385.536561][ T7015] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  385.537303][ T7017] loop1: detected capacity change from 0 to 128
[  385.583006][ T7017] FAT-fs (loop1): bogus number of FAT sectors
[  385.595496][ T7017] FAT-fs (loop1): Can't find a valid FAT filesystem
[  385.603847][ T7006] bridge0: port 2(bridge_slave_1) entered blocking state
[  385.610699][ T7006] bridge0: port 2(bridge_slave_1) entered forwarding state
[  385.617809][ T7006] bridge0: port 1(bridge_slave_0) entered blocking state
[  385.624569][ T7006] bridge0: port 1(bridge_slave_0) entered forwarding state
[  385.666450][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  385.675986][ T1498] bridge0: port 1(bridge_slave_0) entered disabled state
[  385.683119][ T1498] bridge0: port 2(bridge_slave_1) entered disabled state
[  385.708747][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  385.717031][ T7017] loop1: detected capacity change from 0 to 2048
[  385.726478][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  385.745738][ T1498] bridge0: port 1(bridge_slave_0) entered blocking state
[  385.752591][ T1498] bridge0: port 1(bridge_slave_0) entered forwarding state
[  385.760444][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  385.772752][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  385.782804][ T1498] bridge0: port 2(bridge_slave_1) entered blocking state
[  385.789662][ T1498] bridge0: port 2(bridge_slave_1) entered forwarding state
[  385.798053][ T7017] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  385.866142][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  385.886014][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  385.896221][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  385.934115][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  385.956688][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  385.974948][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  385.985656][ T7006] device veth0_vlan entered promiscuous mode
[  385.998177][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  386.005944][  T313] EXT4-fs warning: 186 callbacks suppressed
[  386.005958][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  386.027409][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  386.037682][ T7006] device veth1_macvtap entered promiscuous mode
[  386.050168][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  386.058184][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  386.058347][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  386.081012][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  386.089627][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  386.098746][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  386.117850][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  386.126136][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  386.134375][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  386.143264][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  386.151352][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  386.189157][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  386.204227][   T39] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  386.236188][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  386.263647][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  386.272603][ T7044] loop3: detected capacity change from 0 to 512
[  386.289937][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  386.312476][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  386.327868][ T7044] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  386.348995][ T7044] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  386.363789][ T7044] EXT4-fs (loop3): 1 truncate cleaned up
[  386.365600][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  386.369695][ T7044] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  386.384752][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  386.485522][   T39] usb 2-1: Using ep0 maxpacket: 32
[  386.529324][ T5535] device bridge_slave_1 left promiscuous mode
[  386.536349][ T5535] bridge0: port 2(bridge_slave_1) entered disabled state
[  386.550054][ T5535] device bridge_slave_0 left promiscuous mode
[  386.556674][ T5535] bridge0: port 1(bridge_slave_0) entered disabled state
[  386.696903][ T5535] device veth1_macvtap left promiscuous mode
[  386.702878][ T5535] device veth0_vlan left promiscuous mode
[  386.726599][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  386.759988][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  386.770552][   T39] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  386.779474][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  386.789414][   T39] usb 2-1: config 0 descriptor??
[  386.836220][   T39] hub 2-1:0.0: USB hub found
[  386.983415][ T7056] bridge0: port 1(bridge_slave_0) entered blocking state
[  386.990290][ T7056] bridge0: port 1(bridge_slave_0) entered disabled state
[  386.997843][ T7056] device bridge_slave_0 entered promiscuous mode
[  387.005166][ T7056] bridge0: port 2(bridge_slave_1) entered blocking state
[  387.012119][ T7056] bridge0: port 2(bridge_slave_1) entered disabled state
[  387.022895][ T7056] device bridge_slave_1 entered promiscuous mode
[  387.055811][   T39] hub 2-1:0.0: 1 port detected
[  387.132435][ T7061] device pim6reg1 entered promiscuous mode
[  387.365372][ T7064] binfmt_misc: register: failed to install interpreter file ./file0
[  387.394421][ T7067] loop2: detected capacity change from 0 to 1024
[  387.407945][ T7067] EXT4-fs (loop2): Test dummy encryption mode enabled
[  387.415369][ T7067] EXT4-fs (loop2): Ignoring removed orlov option
[  387.423808][ T7067] EXT4-fs (loop2): Ignoring removed bh option
[  387.425572][   T39] hub 2-1:0.0: hub_hub_status failed (err = -71)
[  387.439773][   T39] hub 2-1:0.0: config failed, can't get hub status (err -71)
[  387.453177][ T7067] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,bh,barrier,,errors=continue. Quota mode: writeback.
[  387.598810][   T39] usbhid 2-1:0.0: can't add hid device: -71
[  387.606980][   T39] usbhid: probe of 2-1:0.0 failed with error -71
[  387.646430][   T39] usb 2-1: USB disconnect, device number 25
[  388.286045][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  388.293442][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  388.308101][ T7080] binfmt_misc: register: failed to install interpreter file ./file0
[  388.324513][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  388.332712][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  388.342586][ T2363] bridge0: port 1(bridge_slave_0) entered blocking state
[  388.349442][ T2363] bridge0: port 1(bridge_slave_0) entered forwarding state
[  388.358843][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  388.361815][ T7085] syz.2.1763[7085] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  388.372344][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  388.394217][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  388.407424][ T7085] syz.2.1763[7085] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  388.414747][   T30] audit: type=1107 audit(1729429542.209:3269): pid=7084 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  388.486132][ T2291] EXT4-fs error: 195 callbacks suppressed
[  388.486148][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  388.520365][ T2363] bridge0: port 2(bridge_slave_1) entered blocking state
[  388.527230][ T2363] bridge0: port 2(bridge_slave_1) entered forwarding state
[  388.527929][ T7095] binfmt_misc: register: failed to install interpreter file ./file0
[  388.548335][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  388.566087][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  388.582824][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  388.600747][ T7056] device veth0_vlan entered promiscuous mode
[  388.614416][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  388.622257][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  388.636987][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  388.650834][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  388.674361][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  388.685516][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  388.696920][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  388.709591][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  388.720028][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  388.735501][    T6] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  388.746124][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  388.755527][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  388.768441][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  388.787506][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  388.788679][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  388.825508][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  388.845310][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  388.855517][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  388.869281][ T7056] device veth1_macvtap entered promiscuous mode
[  388.890404][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  388.902677][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  388.939128][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  388.985594][    T6] usb 3-1: Using ep0 maxpacket: 32
[  389.018325][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  389.497125][ T7098] loop3: detected capacity change from 0 to 40427
[  389.563300][ T7098] F2FS-fs (loop3): invalid crc value
[  389.572215][ T7098] F2FS-fs (loop3): Found nat_bits in checkpoint
[  389.613256][ T7098] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  389.930726][ T7115] FAULT_INJECTION: forcing a failure.
[  389.930726][ T7115] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  389.945874][ T7115] CPU: 0 PID: 7115 Comm: syz.1.1769 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  389.955580][ T7115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  389.965475][ T7115] Call Trace:
[  389.968602][ T7115]  <TASK>
[  389.971377][ T7115]  dump_stack_lvl+0x151/0x1c0
[  389.975892][ T7115]  ? io_uring_drop_tctx_refs+0x190/0x190
[  389.981359][ T7115]  dump_stack+0x15/0x20
[  389.985349][ T7115]  should_fail+0x3c6/0x510
[  389.989602][ T7115]  should_fail_usercopy+0x1a/0x20
[  389.994461][ T7115]  _copy_from_user+0x20/0xd0
[  389.998895][ T7115]  core_sys_select+0x344/0x6e0
[  390.003488][ T7115]  ? poll_select_set_timeout+0x160/0x160
[  390.008954][ T7115]  ? fsnotify_perm+0x6a/0x5b0
[  390.013473][ T7115]  ? sigprocmask+0x280/0x280
[  390.017894][ T7115]  ? __mutex_lock_slowpath+0x10/0x10
[  390.023017][ T7115]  __se_sys_pselect6+0x322/0x3f0
[  390.027792][ T7115]  ? ksys_write+0x260/0x2c0
[  390.032129][ T7115]  ? __x64_sys_pselect6+0x100/0x100
[  390.037162][ T7115]  ? __ia32_sys_read+0x90/0x90
[  390.041763][ T7115]  ? debug_smp_processor_id+0x17/0x20
[  390.046970][ T7115]  __x64_sys_pselect6+0xe5/0x100
[  390.051749][ T7115]  x64_sys_call+0x71a/0x9a0
[  390.056083][ T7115]  do_syscall_64+0x3b/0xb0
[  390.060335][ T7115]  ? clear_bhb_loop+0x35/0x90
[  390.064850][ T7115]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  390.070578][ T7115] RIP: 0033:0x7fb4eabedff9
[  390.074832][ T7115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  390.094271][ T7115] RSP: 002b:00007fb4e9867038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  390.102522][ T7115] RAX: ffffffffffffffda RBX: 00007fb4eada5f80 RCX: 00007fb4eabedff9
[  390.110331][ T7115] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000040
[  390.118139][ T7115] RBP: 00007fb4e9867090 R08: 0000000000000000 R09: 0000000000000000
[  390.125949][ T7115] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000001
[  390.133763][ T7115] R13: 0000000000000000 R14: 00007fb4eada5f80 R15: 00007ffea99d6918
[  390.141577][ T7115]  </TASK>
[  390.145533][    T6] usb 3-1: New USB device found, idVendor=0b54, idProduct=62a0, bcdDevice=a0.56
[  390.154380][    T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  390.163117][    T6] usb 3-1: Product: syz
[  390.167305][    T6] usb 3-1: Manufacturer: syz
[  390.171708][    T6] usb 3-1: SerialNumber: syz
[  390.177029][    T6] usb 3-1: config 0 descriptor??
[  390.203470][ T7120] loop1: detected capacity change from 0 to 512
[  390.266130][ T7120] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  390.287628][ T7120] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  390.302826][ T7120] EXT4-fs (loop1): 1 truncate cleaned up
[  390.308855][ T7120] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  390.350948][  T370] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  390.418909][ T3454] usb 3-1: USB disconnect, device number 23
[  390.607852][ T7129] FAULT_INJECTION: forcing a failure.
[  390.607852][ T7129] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  390.735622][ T7129] CPU: 1 PID: 7129 Comm: syz.0.1772 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  390.745343][ T7129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  390.755238][ T7129] Call Trace:
[  390.758361][ T7129]  <TASK>
[  390.761139][ T7129]  dump_stack_lvl+0x151/0x1c0
[  390.765651][ T7129]  ? io_uring_drop_tctx_refs+0x190/0x190
[  390.771118][ T7129]  ? __rcu_read_unlock+0x7e/0xd0
[  390.775894][ T7129]  dump_stack+0x15/0x20
[  390.779888][ T7129]  should_fail+0x3c6/0x510
[  390.784140][ T7129]  should_fail_usercopy+0x1a/0x20
[  390.788999][ T7129]  _copy_from_user+0x20/0xd0
[  390.793424][ T7129]  __sys_bind+0x268/0x400
[  390.797589][ T7129]  ? __ia32_sys_socketpair+0xb0/0xb0
[  390.802716][ T7129]  ? __kasan_check_write+0x14/0x20
[  390.807658][ T7129]  ? switch_fpu_return+0x15f/0x2e0
[  390.812606][ T7129]  __x64_sys_bind+0x7a/0x90
[  390.816947][ T7129]  x64_sys_call+0x17f/0x9a0
[  390.821285][ T7129]  do_syscall_64+0x3b/0xb0
[  390.825539][ T7129]  ? clear_bhb_loop+0x35/0x90
[  390.830056][ T7129]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  390.835779][ T7129] RIP: 0033:0x7f2fe35bdff9
[  390.840030][ T7129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  390.859473][ T7129] RSP: 002b:00007f2fe2216038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  390.867719][ T7129] RAX: ffffffffffffffda RBX: 00007f2fe3776058 RCX: 00007f2fe35bdff9
[  390.875527][ T7129] RDX: 0000000000000006 RSI: 0000000020000140 RDI: 0000000000000005
[  390.883339][ T7129] RBP: 00007f2fe2216090 R08: 0000000000000000 R09: 0000000000000000
[  390.891152][ T7129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  390.898963][ T7129] R13: 0000000000000000 R14: 00007f2fe3776058 R15: 00007fff395de3e8
[  390.906779][ T7129]  </TASK>
[  391.025931][  T313] EXT4-fs warning: 162 callbacks suppressed
[  391.025950][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  391.078303][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  391.095575][  T370] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  391.095896][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  391.106489][  T370] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  391.121736][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  391.130354][  T370] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  391.162642][  T370] usb 4-1: config 0 descriptor??
[  391.215329][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  391.231120][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  391.275734][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  391.291735][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  391.361545][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  391.422014][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  391.666053][  T370] keytouch 0003:0926:3333.001B: fixing up Keytouch IEC report descriptor
[  391.683268][  T370] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.001B/input/input15
[  391.695628][ T2786] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  391.763441][  T370] keytouch 0003:0926:3333.001B: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  391.896173][  T370] usb 4-1: USB disconnect, device number 18
[  391.945554][ T2786] usb 3-1: Using ep0 maxpacket: 32
[  391.984308][ T7149] loop0: detected capacity change from 0 to 256
[  392.178957][ T7153] loop1: detected capacity change from 0 to 256
[  392.245617][ T2786] usb 3-1: New USB device found, idVendor=0b54, idProduct=62a0, bcdDevice=a0.56
[  392.255688][ T2786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  392.263549][ T2786] usb 3-1: Product: syz
[  392.267636][ T2786] usb 3-1: Manufacturer: syz
[  392.272070][ T2786] usb 3-1: SerialNumber: syz
[  392.277336][ T2786] usb 3-1: config 0 descriptor??
[  392.468929][ T7006] attempt to access beyond end of device
[  392.468929][ T7006] loop3: rw=524288, want=45072, limit=40427
[  392.480223][ T7006] attempt to access beyond end of device
[  392.480223][ T7006] loop3: rw=0, want=45072, limit=40427
[  392.493569][ T7006] attempt to access beyond end of device
[  392.493569][ T7006] loop3: rw=2049, want=45112, limit=40427
[  392.519040][ T2786] usb 3-1: USB disconnect, device number 24
[  392.731544][ T7156] bridge0: port 1(bridge_slave_0) entered blocking state
[  392.738478][ T7156] bridge0: port 1(bridge_slave_0) entered disabled state
[  392.746081][ T7156] device bridge_slave_0 entered promiscuous mode
[  392.760641][ T7156] bridge0: port 2(bridge_slave_1) entered blocking state
[  392.768143][ T7156] bridge0: port 2(bridge_slave_1) entered disabled state
[  392.775488][ T7156] device bridge_slave_1 entered promiscuous mode
[  392.849612][ T7156] bridge0: port 2(bridge_slave_1) entered blocking state
[  392.856468][ T7156] bridge0: port 2(bridge_slave_1) entered forwarding state
[  392.863537][ T7156] bridge0: port 1(bridge_slave_0) entered blocking state
[  392.870362][ T7156] bridge0: port 1(bridge_slave_0) entered forwarding state
[  392.895425][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  392.902740][ T1498] bridge0: port 1(bridge_slave_0) entered disabled state
[  392.910155][ T1498] bridge0: port 2(bridge_slave_1) entered disabled state
[  392.925351][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  393.013168][ T5535] bridge0: port 1(bridge_slave_0) entered blocking state
[  393.020050][ T5535] bridge0: port 1(bridge_slave_0) entered forwarding state
[  393.235592][ T7167] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1783'.
[  393.251461][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  393.259847][ T5535] bridge0: port 2(bridge_slave_1) entered blocking state
[  393.266725][ T5535] bridge0: port 2(bridge_slave_1) entered forwarding state
[  393.274399][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  393.282944][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  393.298379][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  393.307179][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  393.314454][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  393.322690][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  393.331247][ T7156] device veth0_vlan entered promiscuous mode
[  393.346579][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  393.355997][ T7156] device veth1_macvtap entered promiscuous mode
[  393.363999][  T881] device bridge_slave_1 left promiscuous mode
[  393.366894][ T7170] loop2: detected capacity change from 0 to 512
[  393.370946][  T881] bridge0: port 2(bridge_slave_1) entered disabled state
[  393.442766][ T7172] loop1: detected capacity change from 0 to 256
[  393.565483][  T313] EXT4-fs error: 215 callbacks suppressed
[  393.565498][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  393.621483][  T881] device bridge_slave_0 left promiscuous mode
[  393.664857][  T881] bridge0: port 1(bridge_slave_0) entered disabled state
[  393.673142][  T881] device veth1_macvtap left promiscuous mode
[  393.687203][ T7170] EXT4-fs (loop2): Test dummy encryption mode enabled
[  393.690670][  T881] device veth0_vlan left promiscuous mode
[  393.695876][ T7170] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #17: comm syz.2.1785: iget: bogus i_mode (0)
[  393.710753][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  393.723604][ T7170] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1785: couldn't read orphan inode 17 (err -117)
[  393.735648][ T7170] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsv0,norecovery,barrier,journal_dev=0x0000000000000003,test_dummy_encryption,journal_dev=0x0000000000006000,,errors=continue. Quota mode: none.
[  393.756066][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  393.776638][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  393.776998][ T7170] EXT4-fs (loop2): shut down requested (1)
[  393.806042][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  393.845485][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  393.857741][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  393.885492][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  393.905934][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  393.918579][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  393.933453][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  393.955557][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  394.008551][  T370] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  394.031139][ T7182] loop1: detected capacity change from 0 to 128
[  394.043749][ T7182] FAT-fs (loop1): bogus number of FAT sectors
[  394.050206][ T7182] FAT-fs (loop1): Can't find a valid FAT filesystem
[  394.193067][ T7185] device pim6reg1 entered promiscuous mode
[  394.427794][ T7182] loop1: detected capacity change from 0 to 2048
[  394.456823][ T7182] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  394.515558][  T370] usb 1-1: Using ep0 maxpacket: 32
[  394.844753][  T370] usb 1-1: New USB device found, idVendor=0b54, idProduct=62a0, bcdDevice=a0.56
[  394.853958][  T370] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.861947][  T370] usb 1-1: Product: syz
[  394.867182][  T370] usb 1-1: Manufacturer: syz
[  394.871589][  T370] usb 1-1: SerialNumber: syz
[  394.877034][  T370] usb 1-1: config 0 descriptor??
[  395.432145][   T39] usb 1-1: USB disconnect, device number 27
[  395.698333][ T7208] FAULT_INJECTION: forcing a failure.
[  395.698333][ T7208] name failslab, interval 1, probability 0, space 0, times 0
[  395.738092][ T7208] CPU: 1 PID: 7208 Comm: syz.2.1792 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  395.747802][ T7208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  395.757699][ T7208] Call Trace:
[  395.760820][ T7208]  <TASK>
[  395.763683][ T7208]  dump_stack_lvl+0x151/0x1c0
[  395.768195][ T7208]  ? io_uring_drop_tctx_refs+0x190/0x190
[  395.773662][ T7208]  ? __kasan_check_write+0x14/0x20
[  395.778618][ T7208]  ? mutex_unlock+0xb2/0x260
[  395.783037][ T7208]  dump_stack+0x15/0x20
[  395.787032][ T7208]  should_fail+0x3c6/0x510
[  395.791283][ T7208]  __should_failslab+0xa4/0xe0
[  395.795882][ T7208]  ? getname_flags+0xba/0x520
[  395.800394][ T7208]  should_failslab+0x9/0x20
[  395.804736][ T7208]  slab_pre_alloc_hook+0x37/0xd0
[  395.809507][ T7208]  ? getname_flags+0xba/0x520
[  395.814020][ T7208]  kmem_cache_alloc+0x44/0x200
[  395.818621][ T7208]  ? __ia32_sys_read+0x90/0x90
[  395.823227][ T7208]  getname_flags+0xba/0x520
[  395.827563][ T7208]  __x64_sys_unlinkat+0xb2/0xf0
[  395.832248][ T7208]  x64_sys_call+0x6e9/0x9a0
[  395.836586][ T7208]  do_syscall_64+0x3b/0xb0
[  395.840840][ T7208]  ? clear_bhb_loop+0x35/0x90
[  395.845352][ T7208]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  395.851081][ T7208] RIP: 0033:0x7f9c46cf6ff9
[  395.855335][ T7208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  395.874774][ T7208] RSP: 002b:00007f9c45970038 EFLAGS: 00000246 ORIG_RAX: 0000000000000107
[  395.883021][ T7208] RAX: ffffffffffffffda RBX: 00007f9c46eaef80 RCX: 00007f9c46cf6ff9
[  395.890834][ T7208] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c
[  395.898643][ T7208] RBP: 00007f9c45970090 R08: 0000000000000000 R09: 0000000000000000
[  395.906456][ T7208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  395.914264][ T7208] R13: 0000000000000000 R14: 00007f9c46eaef80 R15: 00007ffc12d32708
[  395.922255][ T7208]  </TASK>
[  395.933069][   T30] audit: type=1400 audit(1729429549.729:3270): avc:  denied  { map } for  pid=7210 comm="syz.3.1793" path="socket:[48130]" dev="sockfs" ino=48130 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  395.956469][   T30] audit: type=1400 audit(1729429549.729:3271): avc:  denied  { read accept } for  pid=7210 comm="syz.3.1793" path="socket:[48130]" dev="sockfs" ino=48130 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  395.964463][ T7211] loop3: detected capacity change from 0 to 2048
[  396.007484][ T7211] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  396.055831][ T2291] EXT4-fs warning: 227 callbacks suppressed
[  396.055847][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  396.077008][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  396.239054][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  396.255303][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  396.299166][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  396.315973][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  396.355773][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  396.370761][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  396.395718][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  396.415881][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  396.442427][ T7222] device pim6reg1 entered promiscuous mode
[  396.547406][   T30] audit: type=1326 audit(1729429550.349:3272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7225 comm="syz.2.1797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c46cf6ff9 code=0x7ffc0000
[  396.571915][   T30] audit: type=1326 audit(1729429550.349:3273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7225 comm="syz.2.1797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c46cf6ff9 code=0x7ffc0000
[  396.605555][   T30] audit: type=1326 audit(1729429550.349:3274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7225 comm="syz.2.1797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f9c46cf6ff9 code=0x7ffc0000
[  396.654350][   T30] audit: type=1326 audit(1729429550.349:3275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7225 comm="syz.2.1797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c46cf6ff9 code=0x7ffc0000
[  396.691035][   T30] audit: type=1326 audit(1729429550.349:3276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7225 comm="syz.2.1797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c46cf6ff9 code=0x7ffc0000
[  396.699402][ T7231] loop2: detected capacity change from 0 to 512
[  396.714378][   T30] audit: type=1326 audit(1729429550.349:3277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7225 comm="syz.2.1797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f9c46cf6ff9 code=0x7ffc0000
[  396.748901][   T30] audit: type=1326 audit(1729429550.349:3278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7225 comm="syz.2.1797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c46cf6ff9 code=0x7ffc0000
[  396.784321][ T7235] loop3: detected capacity change from 0 to 128
[  396.791337][   T30] audit: type=1326 audit(1729429550.349:3279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7225 comm="syz.2.1797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c46cf6ff9 code=0x7ffc0000
[  396.836702][ T7231] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  396.865685][ T7235] FAT-fs (loop3): bogus number of FAT sectors
[  396.874732][ T7235] FAT-fs (loop3): Can't find a valid FAT filesystem
[  396.885244][ T7231] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  396.926465][ T7231] EXT4-fs (loop2): 1 truncate cleaned up
[  396.942351][ T7231] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  397.029216][ T7235] loop3: detected capacity change from 0 to 2048
[  397.060585][ T7238] loop1: detected capacity change from 0 to 40427
[  397.129532][ T7238] F2FS-fs (loop1): Fix alignment : done, start(4096) end(16896) block(12288)
[  397.146294][ T7238] F2FS-fs (loop1): Mismatch start address, segment0(0) cp_blkaddr(512)
[  397.154439][ T7238] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  397.163735][ T7235] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  397.302195][ T7238] F2FS-fs (loop1): invalid crc value
[  397.325300][ T7238] F2FS-fs (loop1): Found nat_bits in checkpoint
[  397.397812][ T7238] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  397.404711][ T7238] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  397.466666][ T7245] attempt to access beyond end of device
[  397.466666][ T7245] loop1: rw=2049, want=45104, limit=40427
[  397.689123][ T7258] loop2: detected capacity change from 0 to 256
[  397.865476][ T2961] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  397.944521][ T7260] loop1: detected capacity change from 0 to 40427
[  397.987581][ T7260] F2FS-fs (loop1): invalid crc value
[  398.038465][ T7260] F2FS-fs (loop1): Found nat_bits in checkpoint
[  398.078108][ T7260] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0
[  398.096034][ T7260] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  398.105559][ T2961] usb 1-1: Using ep0 maxpacket: 16
[  398.265526][ T2961] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 11
[  398.274404][ T2961] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  398.285938][ T2961] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  398.322579][ T7270] FAULT_INJECTION: forcing a failure.
[  398.322579][ T7270] name failslab, interval 1, probability 0, space 0, times 0
[  398.335019][ T7270] CPU: 1 PID: 7270 Comm: syz.1.1805 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  398.344706][ T7270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  398.354604][ T7270] Call Trace:
[  398.357726][ T7270]  <TASK>
[  398.360506][ T7270]  dump_stack_lvl+0x151/0x1c0
[  398.365019][ T7270]  ? io_uring_drop_tctx_refs+0x190/0x190
[  398.370487][ T7270]  ? ___ratelimit+0xb2/0x5a0
[  398.374912][ T7270]  dump_stack+0x15/0x20
[  398.378902][ T7270]  should_fail+0x3c6/0x510
[  398.383157][ T7270]  __should_failslab+0xa4/0xe0
[  398.387755][ T7270]  ? getname_flags+0xba/0x520
[  398.392267][ T7270]  should_failslab+0x9/0x20
[  398.396607][ T7270]  slab_pre_alloc_hook+0x37/0xd0
[  398.401385][ T7270]  ? getname_flags+0xba/0x520
[  398.405897][ T7270]  kmem_cache_alloc+0x44/0x200
[  398.410494][ T7270]  getname_flags+0xba/0x520
[  398.414831][ T7270]  getname+0x19/0x20
[  398.418566][ T7270]  do_sys_openat2+0xd7/0x820
[  398.422990][ T7270]  ? do_sys_open+0x220/0x220
[  398.427418][ T7270]  ? release_firmware_map_entry+0x190/0x190
[  398.433143][ T7270]  ? ksys_write+0x260/0x2c0
[  398.437493][ T7270]  __x64_sys_creat+0x11f/0x160
[  398.442097][ T7270]  ? __x64_compat_sys_openat+0x290/0x290
[  398.447556][ T7270]  ? switch_fpu_return+0x15f/0x2e0
[  398.452500][ T7270]  ? exit_to_user_mode_prepare+0x7e/0xa0
[  398.457970][ T7270]  x64_sys_call+0x27b/0x9a0
[  398.462306][ T7270]  do_syscall_64+0x3b/0xb0
[  398.466571][ T7270]  ? clear_bhb_loop+0x35/0x90
[  398.471091][ T7270]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  398.476800][ T7270] RIP: 0033:0x7fb4eabedff9
[  398.481056][ T7270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  398.500495][ T7270] RSP: 002b:00007fb4e9825038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  398.508890][ T7270] RAX: ffffffffffffffda RBX: 00007fb4eada6130 RCX: 00007fb4eabedff9
[  398.516700][ T7270] RDX: 0000000000000000 RSI: 000000000000000d RDI: 0000000020000540
[  398.524595][ T7270] RBP: 00007fb4e9825090 R08: 0000000000000000 R09: 0000000000000000
[  398.532406][ T7270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  398.540220][ T7270] R13: 0000000000000000 R14: 00007fb4eada6130 R15: 00007ffea99d6918
[  398.548034][ T7270]  </TASK>
[  398.551357][ T2961] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[  398.561022][ T2961] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[  398.570632][ T2961] usb 1-1: config 1 interface 0 has no altsetting 0
[  398.577258][ T2961] usb 1-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  398.586198][ T2961] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  398.610718][ T7272] FAULT_INJECTION: forcing a failure.
[  398.610718][ T7272] name failslab, interval 1, probability 0, space 0, times 0
[  398.623263][ T7272] CPU: 1 PID: 7272 Comm: syz.3.1806 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  398.632959][ T7272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  398.642854][ T7272] Call Trace:
[  398.645979][ T7272]  <TASK>
[  398.648757][ T7272]  dump_stack_lvl+0x151/0x1c0
[  398.653269][ T7272]  ? io_uring_drop_tctx_refs+0x190/0x190
[  398.658736][ T7272]  ? __kasan_check_write+0x14/0x20
[  398.663681][ T7272]  ? push_rt_task+0x46e/0x5c0
[  398.668196][ T7272]  dump_stack+0x15/0x20
[  398.672190][ T7272]  should_fail+0x3c6/0x510
[  398.676443][ T7272]  __should_failslab+0xa4/0xe0
[  398.681044][ T7272]  should_failslab+0x9/0x20
[  398.685380][ T7272]  slab_pre_alloc_hook+0x37/0xd0
[  398.690159][ T7272]  __kmalloc+0x6d/0x270
[  398.694145][ T7272]  ? kvmalloc_node+0x1f0/0x4d0
[  398.698761][ T7272]  kvmalloc_node+0x1f0/0x4d0
[  398.703175][ T7272]  ? vm_mmap+0xb0/0xb0
[  398.707079][ T7272]  ? preempt_schedule_irq+0xe7/0x140
[  398.712198][ T7272]  ? preempt_schedule_notrace+0x130/0x140
[  398.717751][ T7272]  ? __kasan_check_write+0x14/0x20
[  398.722698][ T7272]  seq_read_iter+0x1ff/0xd00
[  398.727127][ T7272]  ? sysvec_reschedule_ipi+0x7d/0x150
[  398.732334][ T7272]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[  398.737801][ T7272]  ? iov_iter_init+0x53/0x190
[  398.742317][ T7272]  seq_read+0x44f/0x5c0
[  398.746314][ T7272]  ? release_firmware_map_entry+0x190/0x190
[  398.752035][ T7272]  ? seq_open+0x130/0x130
[  398.756201][ T7272]  ? fsnotify_perm+0x269/0x5b0
[  398.760800][ T7272]  ? security_file_permission+0x86/0xb0
[  398.766181][ T7272]  ? seq_open+0x130/0x130
[  398.770350][ T7272]  vfs_read+0x27d/0xd40
[  398.774340][ T7272]  ? kernel_read+0x1f0/0x1f0
[  398.778766][ T7272]  ? __rcu_read_unlock+0x7e/0xd0
[  398.783538][ T7272]  ? __fget_files+0x31e/0x380
[  398.788055][ T7272]  ? __fdget+0x1bc/0x240
[  398.792131][ T7272]  __x64_sys_pread64+0x1a6/0x230
[  398.796908][ T7272]  ? ksys_pread64+0x1d0/0x1d0
[  398.801421][ T7272]  ? exit_to_user_mode_prepare+0x7e/0xa0
[  398.806889][ T7272]  x64_sys_call+0x9f/0x9a0
[  398.811138][ T7272]  do_syscall_64+0x3b/0xb0
[  398.815390][ T7272]  ? clear_bhb_loop+0x35/0x90
[  398.819905][ T7272]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  398.825633][ T7272] RIP: 0033:0x7fc7e5219ff9
[  398.829890][ T7272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  398.849328][ T7272] RSP: 002b:00007fc7e3e51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  398.857574][ T7272] RAX: ffffffffffffffda RBX: 00007fc7e53d2130 RCX: 00007fc7e5219ff9
[  398.865386][ T7272] RDX: 00000000000000fe RSI: 0000000020000340 RDI: 000000000000000a
[  398.873197][ T7272] RBP: 00007fc7e3e51090 R08: 0000000000000000 R09: 0000000000000000
[  398.881008][ T7272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  398.888818][ T7272] R13: 0000000000000000 R14: 00007fc7e53d2130 R15: 00007fffa6a4aaa8
[  398.896634][ T7272]  </TASK>
[  398.899746][  T313] EXT4-fs error: 213 callbacks suppressed
[  398.899758][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  398.926443][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  398.931590][ T2961] ums-sddr09 1-1:1.0: USB Mass Storage device detected
[  398.945958][ T6191] attempt to access beyond end of device
[  398.945958][ T6191] loop1: rw=2049, want=40968, limit=40427
[  398.965809][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  398.978731][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  399.000312][ T7277] loop2: detected capacity change from 0 to 512
[  399.007660][ T7277] EXT4-fs (loop2): Ignoring removed nobh option
[  399.013801][ T7277] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  399.023425][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  399.025491][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  399.036717][ T7277] EXT4-fs (loop2): 1 truncate cleaned up
[  399.047478][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  399.052478][ T7277] EXT4-fs (loop2): mounted filesystem without journal. Opts: i_version,nobh,data_err=ignore,nolazytime,init_itable=0x0000000000000004,acl,,errors=continue. Quota mode: none.
[  399.085810][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  399.112429][ T7277] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #18: comm syz.2.1808: invalid indirect mapped block 2349660427 (level 0)
[  399.128910][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  399.149145][ T2961] scsi host1: usb-storage 1-1:1.0
[  399.191218][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  399.218672][ T6032] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /78/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  399.241075][ T7287] FAULT_INJECTION: forcing a failure.
[  399.241075][ T7287] name failslab, interval 1, probability 0, space 0, times 0
[  399.241481][ T6032] EXT4-fs error (device loop2): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  399.254174][ T7287] CPU: 1 PID: 7287 Comm: syz.1.1810 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  399.273940][ T6032] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /78/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  399.282551][ T7287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  399.282563][ T7287] Call Trace:
[  399.282568][ T7287]  <TASK>
[  399.282575][ T7287]  dump_stack_lvl+0x151/0x1c0
[  399.303886][ T6032] EXT4-fs error (device loop2): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  399.313451][ T7287]  ? io_uring_drop_tctx_refs+0x190/0x190
[  399.316860][ T6032] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /78/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  399.319351][ T7287]  ? vfs_write+0x94d/0x1110
[  399.374038][ T7287]  ? putname+0xfa/0x150
[  399.378024][ T7287]  dump_stack+0x15/0x20
[  399.382016][ T7287]  should_fail+0x3c6/0x510
[  399.386270][ T7287]  __should_failslab+0xa4/0xe0
[  399.390876][ T7287]  should_failslab+0x9/0x20
[  399.395208][ T7287]  slab_pre_alloc_hook+0x37/0xd0
[  399.399982][ T7287]  ? __se_sys_mount+0x9b/0x3b0
[  399.404582][ T7287]  __kmalloc_track_caller+0x6c/0x260
[  399.409703][ T7287]  ? __se_sys_mount+0x9b/0x3b0
[  399.414304][ T7287]  strndup_user+0x76/0x150
[  399.418559][ T7287]  __se_sys_mount+0x9b/0x3b0
[  399.422983][ T7287]  ? __x64_sys_mount+0xd0/0xd0
[  399.427585][ T7287]  ? debug_smp_processor_id+0x17/0x20
[  399.432791][ T7287]  __x64_sys_mount+0xbf/0xd0
[  399.437218][ T7287]  x64_sys_call+0x49d/0x9a0
[  399.441559][ T7287]  do_syscall_64+0x3b/0xb0
[  399.445809][ T7287]  ? clear_bhb_loop+0x35/0x90
[  399.450324][ T7287]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  399.456051][ T7287] RIP: 0033:0x7fb4eabedff9
[  399.460303][ T7287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  399.478307][ T7288] loop3: detected capacity change from 0 to 40427
[  399.479741][ T7287] RSP: 002b:00007fb4e9867038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  399.487894][ T6032] EXT4-fs error (device loop2): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  399.494234][ T7287] RAX: ffffffffffffffda RBX: 00007fb4eada5f80 RCX: 00007fb4eabedff9
[  399.494248][ T7287] RDX: 0000000020000340 RSI: 00000000200002c0 RDI: 0000000000000000
[  399.514241][ T6032] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /78/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  399.521400][ T7287] RBP: 00007fb4e9867090 R08: 0000000020000740 R09: 0000000000000000
[  399.521414][ T7287] R10: 0000000001004000 R11: 0000000000000246 R12: 0000000000000001
[  399.521425][ T7287] R13: 0000000000000000 R14: 00007fb4eada5f80 R15: 00007ffea99d6918
[  399.529514][ T6032] EXT4-fs error (device loop2): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  399.550222][ T7287]  </TASK>
[  399.596946][ T6032] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /78/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  399.621411][  T370] usb 1-1: USB disconnect, device number 28
[  399.642149][ T7291] loop1: detected capacity change from 0 to 512
[  399.648601][ T7288] F2FS-fs (loop3): fault_injection options not supported
[  399.657386][ T7288] F2FS-fs (loop3): invalid crc value
[  399.664625][ T7288] F2FS-fs (loop3): Found nat_bits in checkpoint
[  399.667491][ T7291] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  399.697309][ T7288] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  399.708842][ T7291] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  399.723573][ T7291] EXT4-fs (loop1): 1 truncate cleaned up
[  399.729211][ T7291] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  399.740948][  T881] tipc: Disabling bearer <udp:syz2>
[  399.746134][  T881] tipc: Left network mode
[  399.854996][ T7298] bridge0: port 1(bridge_slave_0) entered blocking state
[  399.861872][ T7298] bridge0: port 1(bridge_slave_0) entered disabled state
[  399.870242][ T7298] device bridge_slave_0 entered promiscuous mode
[  399.880116][ T7298] bridge0: port 2(bridge_slave_1) entered blocking state
[  399.889459][ T7298] bridge0: port 2(bridge_slave_1) entered disabled state
[  399.898733][ T7298] device bridge_slave_1 entered promiscuous mode
[  400.181739][ T7156] attempt to access beyond end of device
[  400.181739][ T7156] loop3: rw=2049, want=45104, limit=40427
[  400.333843][ T7298] bridge0: port 2(bridge_slave_1) entered blocking state
[  400.340704][ T7298] bridge0: port 2(bridge_slave_1) entered forwarding state
[  400.347832][ T7298] bridge0: port 1(bridge_slave_0) entered blocking state
[  400.354578][ T7298] bridge0: port 1(bridge_slave_0) entered forwarding state
[  400.399639][ T7309] bridge0: port 1(bridge_slave_0) entered blocking state
[  400.406568][ T7309] bridge0: port 1(bridge_slave_0) entered disabled state
[  400.413786][ T7309] device bridge_slave_0 entered promiscuous mode
[  400.432010][ T7309] bridge0: port 2(bridge_slave_1) entered blocking state
[  400.438944][ T7309] bridge0: port 2(bridge_slave_1) entered disabled state
[  400.446419][ T7309] device bridge_slave_1 entered promiscuous mode
[  400.494126][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  400.504241][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  400.523294][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  400.561903][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  400.574973][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  400.642340][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  400.657247][ T7322] loop1: detected capacity change from 0 to 512
[  400.663598][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  400.673122][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  400.681774][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  400.690013][  T881] device bridge_slave_1 left promiscuous mode
[  400.696746][  T881] bridge0: port 2(bridge_slave_1) entered disabled state
[  400.708772][  T881] device bridge_slave_0 left promiscuous mode
[  400.714696][  T881] bridge0: port 1(bridge_slave_0) entered disabled state
[  400.725045][ T7322] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  400.742569][  T881] device veth1_macvtap left promiscuous mode
[  400.748522][  T881] device veth0_vlan left promiscuous mode
[  400.769591][ T7322] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  400.794078][ T7322] EXT4-fs (loop1): 1 truncate cleaned up
[  400.804026][ T7322] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  400.899328][ T7330] FAULT_INJECTION: forcing a failure.
[  400.899328][ T7330] name failslab, interval 1, probability 0, space 0, times 0
[  400.912288][ T7330] CPU: 1 PID: 7330 Comm: syz.3.1820 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  400.921991][ T7330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  400.931884][ T7330] Call Trace:
[  400.935008][ T7330]  <TASK>
[  400.937785][ T7330]  dump_stack_lvl+0x151/0x1c0
[  400.942299][ T7330]  ? io_uring_drop_tctx_refs+0x190/0x190
[  400.947767][ T7330]  ? __kasan_check_write+0x14/0x20
[  400.952716][ T7330]  ? mutex_unlock+0xb2/0x260
[  400.957265][ T7330]  ? wait_for_completion_killable_timeout+0x10/0x10
[  400.963689][ T7330]  dump_stack+0x15/0x20
[  400.967688][ T7330]  should_fail+0x3c6/0x510
[  400.971934][ T7330]  __should_failslab+0xa4/0xe0
[  400.976531][ T7330]  ? getname_flags+0xba/0x520
[  400.981043][ T7330]  should_failslab+0x9/0x20
[  400.985381][ T7330]  slab_pre_alloc_hook+0x37/0xd0
[  400.990156][ T7330]  ? getname_flags+0xba/0x520
[  400.994668][ T7330]  kmem_cache_alloc+0x44/0x200
[  400.999355][ T7330]  getname_flags+0xba/0x520
[  401.003695][ T7330]  __x64_sys_unlink+0x3c/0x50
[  401.008215][ T7330]  x64_sys_call+0x289/0x9a0
[  401.012549][ T7330]  do_syscall_64+0x3b/0xb0
[  401.016799][ T7330]  ? clear_bhb_loop+0x35/0x90
[  401.021313][ T7330]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  401.027046][ T7330] RIP: 0033:0x7fc7e5219ff9
[  401.031296][ T7330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.050736][ T7330] RSP: 002b:00007fc7e3e51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[  401.058980][ T7330] RAX: ffffffffffffffda RBX: 00007fc7e53d2130 RCX: 00007fc7e5219ff9
[  401.066797][ T7330] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100
[  401.074602][ T7330] RBP: 00007fc7e3e51090 R08: 0000000000000000 R09: 0000000000000000
[  401.082413][ T7330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  401.090225][ T7330] R13: 0000000000000000 R14: 00007fc7e53d2130 R15: 00007fffa6a4aaa8
[  401.098042][ T7330]  </TASK>
[  401.105285][  T313] EXT4-fs warning: 204 callbacks suppressed
[  401.105299][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  401.127473][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  401.146340][ T7298] device veth0_vlan entered promiscuous mode
[  401.163543][ T7298] device veth1_macvtap entered promiscuous mode
[  401.174727][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  401.191713][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  401.192013][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  401.217841][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  401.251805][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  401.277184][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  401.280268][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  401.291058][ T7337] binfmt_misc: register: failed to install interpreter file ./file0
[  401.310812][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  401.326379][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  401.422585][ T7342] loop0: detected capacity change from 0 to 256
[  401.480830][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  401.558921][ T7344] syz.2.1823[7344] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  401.559013][ T7344] syz.2.1823[7344] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  401.618249][ T7348] loop3: detected capacity change from 0 to 512
[  401.651209][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  401.695808][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  401.715767][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  401.728379][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  401.736131][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  401.743424][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  401.751495][ T7348] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  401.760892][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  401.769612][ T2363] bridge0: port 1(bridge_slave_0) entered blocking state
[  401.776484][ T2363] bridge0: port 1(bridge_slave_0) entered forwarding state
[  401.794678][ T7359] loop0: detected capacity change from 0 to 512
[  401.801450][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  401.804664][ T7348] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  401.810444][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  401.824422][ T7348] EXT4-fs (loop3): 1 truncate cleaned up
[  401.831985][ T2363] bridge0: port 2(bridge_slave_1) entered blocking state
[  401.837352][ T7348] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  401.843716][ T2363] bridge0: port 2(bridge_slave_1) entered forwarding state
[  401.887466][ T7359] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  402.215255][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  402.225259][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  402.233403][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  402.241888][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  402.249333][ T7359] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  402.249548][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  402.264223][ T7359] EXT4-fs (loop0): 1 truncate cleaned up
[  402.271690][ T2363] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  402.277160][ T7359] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  402.624699][ T7309] device veth0_vlan entered promiscuous mode
[  402.644179][ T7370] loop1: detected capacity change from 0 to 512
[  402.670808][ T7309] device veth1_macvtap entered promiscuous mode
[  402.700428][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  402.708510][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  402.717048][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  402.727256][ T7370] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  402.737655][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  402.751984][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  402.772458][ T7370] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  402.806721][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  402.816639][  T367] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  402.851948][ T7370] EXT4-fs (loop1): 1 truncate cleaned up
[  402.859135][ T7370] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  402.875889][   T30] kauditd_printk_skb: 31 callbacks suppressed
[  402.875942][   T30] audit: type=1400 audit(1729429556.629:3311): avc:  denied  { mount } for  pid=7371 comm="syz.2.1830" name="/" dev="configfs" ino=13241 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  403.015772][ T2961] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  403.030120][   T30] audit: type=1400 audit(1729429556.639:3312): avc:  denied  { ioctl } for  pid=7371 comm="syz.2.1830" path="socket:[48521]" dev="sockfs" ino=48521 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  403.075920][ T7383] loop0: detected capacity change from 0 to 512
[  403.146087][ T7383] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  403.168286][ T7383] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  403.182829][ T7383] EXT4-fs (loop0): 1 truncate cleaned up
[  403.188388][ T7383] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  403.534512][   T30] audit: type=1400 audit(1729429557.329:3313): avc:  denied  { unmount } for  pid=7298 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  403.585731][ T2961] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  403.669726][ T2961] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  403.669923][ T7394] UDC core: couldn't find an available UDC or it's busy: -16
[  403.679624][ T2961] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  403.697897][ T2961] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  403.705466][ T7394] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  403.706492][ T2961] usb 4-1: config 0 descriptor??
[  404.347054][  T313] EXT4-fs error: 162 callbacks suppressed
[  404.347074][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  404.397617][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  404.425592][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  404.453693][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  404.496091][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  404.535560][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  404.547327][    T6] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  404.554913][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  404.595717][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  404.608201][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  404.921512][ T7408] device syzkaller0 entered promiscuous mode
[  405.150866][ T7410] loop0: detected capacity change from 0 to 256
[  405.190565][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  405.295797][ T2961] cp2112 0003:10C4:EA90.001C: unknown main item tag 0x0
[  405.320856][ T2961] cp2112 0003:10C4:EA90.001C: hidraw1: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.3-1/input0
[  405.499021][ T7420] loop1: detected capacity change from 0 to 40427
[  405.506030][ T7374] loop3: detected capacity change from 0 to 512
[  405.515560][ T2961] cp2112 0003:10C4:EA90.001C: error requesting version
[  405.522907][ T2961] cp2112: probe of 0003:10C4:EA90.001C failed with error -32
[  405.550466][ T7420] F2FS-fs (loop1): invalid crc value
[  405.557251][ T7374] EXT4-fs error (device loop3): ext4_orphan_get:1423: comm syz.3.1831: bad orphan inode 17
[  405.583154][ T7374] ext4_test_bit(bit=16, block=4) = 1
[  405.589575][ T7374] is_bad_inode(inode)=0
[  405.593546][ T7374] NEXT_ORPHAN(inode)=0
[  405.597873][ T7374] max_ino=32
[  405.599836][ T7422] loop0: detected capacity change from 0 to 40427
[  405.600927][ T7374] i_nlink=1
[  405.608665][ T7420] F2FS-fs (loop1): Found nat_bits in checkpoint
[  405.610276][ T7374] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  405.642647][ T7420] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0
[  405.649349][ T7420] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  405.671151][ T7422] F2FS-fs (loop0): invalid crc value
[  405.683530][ T7422] F2FS-fs (loop0): Found nat_bits in checkpoint
[  405.719797][ T7422] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0
[  405.727233][ T7422] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  405.763894][ T3454] usb 4-1: USB disconnect, device number 19
[  405.775625][    T6] usb 3-1: device descriptor read/64, error -71
[  405.825713][ T7420] attempt to access beyond end of device
[  405.825713][ T7420] loop1: rw=2049, want=45104, limit=40427
[  405.836970][ T7420] FAULT_INJECTION: forcing a failure.
[  405.836970][ T7420] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  405.849841][ T7420] CPU: 1 PID: 7420 Comm: syz.1.1838 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  405.859500][ T7420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  405.869403][ T7420] Call Trace:
[  405.872519][ T7420]  <TASK>
[  405.875294][ T7420]  dump_stack_lvl+0x151/0x1c0
[  405.879811][ T7420]  ? io_uring_drop_tctx_refs+0x190/0x190
[  405.885277][ T7420]  ? do_vfs_ioctl+0x38c/0x2a80
[  405.889876][ T7420]  dump_stack+0x15/0x20
[  405.893873][ T7420]  should_fail+0x3c6/0x510
[  405.898125][ T7420]  should_fail_usercopy+0x1a/0x20
[  405.902981][ T7420]  _copy_to_user+0x20/0x90
[  405.907238][ T7420]  simple_read_from_buffer+0xc7/0x150
[  405.912441][ T7420]  proc_fail_nth_read+0x1a3/0x210
[  405.917301][ T7420]  ? proc_fault_inject_write+0x390/0x390
[  405.922772][ T7420]  ? fsnotify_perm+0x269/0x5b0
[  405.927371][ T7420]  ? security_file_permission+0x86/0xb0
[  405.932751][ T7420]  ? proc_fault_inject_write+0x390/0x390
[  405.938222][ T7420]  vfs_read+0x27d/0xd40
[  405.942210][ T7420]  ? kernel_read+0x1f0/0x1f0
[  405.946636][ T7420]  ? __kasan_check_write+0x14/0x20
[  405.951585][ T7420]  ? mutex_lock+0xb6/0x1e0
[  405.955841][ T7420]  ? wait_for_completion_killable_timeout+0x10/0x10
[  405.962268][ T7420]  ? __fdget_pos+0x2e7/0x3a0
[  405.966686][ T7420]  ? ksys_read+0x77/0x2c0
[  405.970851][ T7420]  ksys_read+0x199/0x2c0
[  405.974937][ T7420]  ? vfs_write+0x1110/0x1110
[  405.979361][ T7420]  ? debug_smp_processor_id+0x17/0x20
[  405.984568][ T7420]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  405.990470][ T7420]  __x64_sys_read+0x7b/0x90
[  405.994808][ T7420]  x64_sys_call+0x28/0x9a0
[  405.999059][ T7420]  do_syscall_64+0x3b/0xb0
[  406.003311][ T7420]  ? clear_bhb_loop+0x35/0x90
[  406.007826][ T7420]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  406.013555][ T7420] RIP: 0033:0x7fb4eabeca3c
[  406.017805][ T7420] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  406.037249][ T7420] RSP: 002b:00007fb4e9867030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  406.045580][ T7420] RAX: ffffffffffffffda RBX: 00007fb4eada5f80 RCX: 00007fb4eabeca3c
[  406.053390][ T7420] RDX: 000000000000000f RSI: 00007fb4e98670a0 RDI: 000000000000000a
[  406.061289][ T7420] RBP: 00007fb4e9867090 R08: 0000000000000000 R09: 0000000000000000
[  406.069100][ T7420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  406.076913][ T7420] R13: 0000000000000000 R14: 00007fb4eada5f80 R15: 00007ffea99d6918
[  406.084727][ T7420]  </TASK>
[  406.125796][  T313] EXT4-fs warning: 129 callbacks suppressed
[  406.125810][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  406.155222][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  406.175707][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  406.200795][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  406.225779][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  406.240008][ T7438] loop0: detected capacity change from 0 to 512
[  406.247084][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  406.276974][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  406.293468][ T7441] loop1: detected capacity change from 0 to 256
[  406.301001][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  406.317817][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  406.338211][ T7438] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  406.349343][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  406.365016][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  406.365623][ T7438] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038 (0x7fffffff)
[  406.384880][ T7446] loop3: detected capacity change from 0 to 512
[  406.391961][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  406.392218][ T7438] EXT4-fs error (device loop0): ext4_add_entry:2484: inode #2: comm syz.0.1841: Directory hole found for htree leaf block 0
[  406.401779][    T6] usb 3-1: New USB device found, idVendor=0f30, idProduct=0111, bcdDevice= 0.00
[  406.430813][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  406.434416][ T7438] EXT4-fs (loop0): re-mounted. Opts: (null). Quota mode: writeback.
[  406.461979][    T6] usb 3-1: config 0 descriptor??
[  406.470619][ T7446] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  406.486289][ T7446] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038 (0x7fffffff)
[  406.520239][ T7446] EXT4-fs error (device loop3): ext4_add_entry:2484: inode #2: comm syz.3.1842: Directory hole found for htree leaf block 0
[  406.535009][ T7446] FAULT_INJECTION: forcing a failure.
[  406.535009][ T7446] name failslab, interval 1, probability 0, space 0, times 0
[  406.548133][ T7446] CPU: 0 PID: 7446 Comm: syz.3.1842 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  406.557831][ T7446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  406.567723][ T7446] Call Trace:
[  406.570848][ T7446]  <TASK>
[  406.573623][ T7446]  dump_stack_lvl+0x151/0x1c0
[  406.578138][ T7446]  ? io_uring_drop_tctx_refs+0x190/0x190
[  406.583607][ T7446]  dump_stack+0x15/0x20
[  406.587598][ T7446]  should_fail+0x3c6/0x510
[  406.591852][ T7446]  __should_failslab+0xa4/0xe0
[  406.596450][ T7446]  should_failslab+0x9/0x20
[  406.600790][ T7446]  slab_pre_alloc_hook+0x37/0xd0
[  406.605567][ T7446]  kmem_cache_alloc_trace+0x48/0x210
[  406.610683][ T7446]  ? bdi_split_work_to_wbs+0x4a0/0xac0
[  406.615982][ T7446]  bdi_split_work_to_wbs+0x4a0/0xac0
[  406.621100][ T7446]  ? sync_inodes_sb+0x8b0/0x8b0
[  406.625788][ T7446]  ? __dentry_kill+0x505/0x660
[  406.630385][ T7446]  ? shrink_dentry_list+0x35e/0x4b0
[  406.635419][ T7446]  ? shrink_dcache_sb+0x123/0x190
[  406.640280][ T7446]  ? reconfigure_super+0x5f5/0x860
[  406.645228][ T7446]  ? __se_sys_fsconfig+0x985/0xeb0
[  406.650176][ T7446]  __writeback_inodes_sb_nr+0x2c6/0x370
[  406.655557][ T7446]  ? writeback_inodes_sb_nr+0x30/0x30
[  406.660763][ T7446]  ? __flush_work+0x603/0x720
[  406.665277][ T7446]  ? cpumask_next+0x8a/0xb0
[  406.669615][ T7446]  ? get_nr_dirty_inodes+0x278/0x300
[  406.674736][ T7446]  writeback_inodes_sb+0x74/0x80
[  406.679510][ T7446]  sync_filesystem+0xa8/0x250
[  406.684023][ T7446]  ext4_remount+0x1c07/0x2cf0
[  406.688538][ T7446]  ? __kasan_check_write+0x14/0x20
[  406.693489][ T7446]  ? ext4_statfs+0xe00/0xe00
[  406.697911][ T7446]  ? shrink_dcache_sb+0x144/0x190
[  406.702772][ T7446]  ? _raw_spin_unlock+0x4d/0x70
[  406.707457][ T7446]  ? sb_prepare_remount_readonly+0x501/0x540
[  406.713273][ T7446]  ? ext4_statfs+0xe00/0xe00
[  406.717698][ T7446]  legacy_reconfigure+0xfa/0x110
[  406.722471][ T7446]  reconfigure_super+0x436/0x860
[  406.727246][ T7446]  __se_sys_fsconfig+0x985/0xeb0
[  406.732019][ T7446]  ? __x64_sys_fsconfig+0xd0/0xd0
[  406.736883][ T7446]  ? __ia32_sys_read+0x90/0x90
[  406.741489][ T7446]  ? debug_smp_processor_id+0x17/0x20
[  406.746689][ T7446]  __x64_sys_fsconfig+0xbf/0xd0
[  406.751381][ T7446]  x64_sys_call+0x919/0x9a0
[  406.755717][ T7446]  do_syscall_64+0x3b/0xb0
[  406.759970][ T7446]  ? clear_bhb_loop+0x35/0x90
[  406.764478][ T7446]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  406.770213][ T7446] RIP: 0033:0x7fc7e5219ff9
[  406.774462][ T7446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.793903][ T7446] RSP: 002b:00007fc7e3e93038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  406.802145][ T7446] RAX: ffffffffffffffda RBX: 00007fc7e53d1f80 RCX: 00007fc7e5219ff9
[  406.809958][ T7446] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000007
[  406.817769][ T7446] RBP: 00007fc7e3e93090 R08: 0000000000000000 R09: 0000000000000000
[  406.825582][ T7446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  406.833398][ T7446] R13: 0000000000000000 R14: 00007fc7e53d1f80 R15: 00007fffa6a4aaa8
[  406.841207][ T7446]  </TASK>
[  406.856199][ T7446] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: writeback.
[  406.885143][ T7454] loop0: detected capacity change from 0 to 512
[  406.926661][ T7454] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  406.943414][ T7451] loop1: detected capacity change from 0 to 40427
[  406.954195][ T7451] F2FS-fs (loop1): invalid crc value
[  406.956081][ T7456] loop3: detected capacity change from 0 to 512
[  406.966783][ T7454] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  406.967333][ T7451] F2FS-fs (loop1): Found nat_bits in checkpoint
[  406.981563][ T7454] EXT4-fs (loop0): 1 truncate cleaned up
[  406.993274][ T7454] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  407.009224][ T7456] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  407.026049][ T7451] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0
[  407.036315][ T7451] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  407.069772][ T7406] device pim6reg1 entered promiscuous mode
[  407.091946][    T6] pantherlord 0003:0F30:0111.001D: item fetching failed at offset 6/7
[  407.104678][    T6] pantherlord 0003:0F30:0111.001D: parse failed
[  407.110790][    T6] pantherlord: probe of 0003:0F30:0111.001D failed with error -22
[  407.124659][ T7456] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  407.139216][ T7456] EXT4-fs (loop3): 1 truncate cleaned up
[  407.185583][ T7451] attempt to access beyond end of device
[  407.185583][ T7451] loop1: rw=2049, want=45104, limit=40427
[  407.499101][ T7456] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  407.719536][    T6] usb 3-1: USB disconnect, device number 25
[  408.035676][  T470] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  408.087188][   T30] audit: type=1400 audit(1729429561.889:3314): avc:  denied  { relabelfrom } for  pid=7476 comm="syz.3.1848" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  408.106997][   T30] audit: type=1400 audit(1729429561.889:3315): avc:  denied  { relabelto } for  pid=7476 comm="syz.3.1848" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  408.215486][  T333] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  408.331995][  T470] usb 2-1: device descriptor read/64, error -71
[  408.344160][ T7488] loop3: detected capacity change from 0 to 256
[  408.466369][ T7492] device pim6reg1 entered promiscuous mode
[  408.745494][  T470] usb 2-1: device descriptor read/64, error -71
[  408.775473][  T333] usb 1-1: Using ep0 maxpacket: 32
[  408.935539][  T333] usb 1-1: config 244 has an invalid interface number: 63 but max is 0
[  408.943646][  T333] usb 1-1: config 244 has no interface number 0
[  408.949937][  T333] usb 1-1: config 244 interface 63 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  409.015541][  T470] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  409.115544][  T333] usb 1-1: New USB device found, idVendor=1410, idProduct=2400, bcdDevice=7b.ba
[  409.124473][  T333] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  409.132245][  T333] usb 1-1: Product: syz
[  409.136375][  T333] usb 1-1: Manufacturer: syz
[  409.140775][  T333] usb 1-1: SerialNumber: syz
[  409.285486][  T470] usb 2-1: device descriptor read/64, error -71
[  409.375498][ T2291] EXT4-fs error: 193 callbacks suppressed
[  409.375516][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  409.393252][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  409.393640][ T7472] UDC core: couldn't find an available UDC or it's busy: -16
[  409.412461][ T7472] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  409.415467][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  409.435489][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  409.465557][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  409.485503][    T6] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  409.485761][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  409.505528][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  409.508636][  T333] usb 1-1: USB disconnect, device number 29
[  409.545489][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  409.559040][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  409.585479][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  409.675489][  T470] usb 2-1: device descriptor read/64, error -71
[  409.795942][  T470] usb usb2-port1: attempt power cycle
[  409.887400][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  409.898263][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  409.908040][    T6] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  409.917210][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  409.929125][    T6] usb 3-1: config 0 descriptor??
[  409.939628][ T7502] loop0: detected capacity change from 0 to 512
[  410.016203][ T7502] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  410.037380][ T7502] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  410.051850][ T7502] EXT4-fs (loop0): 1 truncate cleaned up
[  410.057339][ T7502] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  410.175523][  T345] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  410.205560][  T470] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  410.415584][  T470] usb 2-1: device descriptor read/8, error -71
[  410.465484][  T345] usb 4-1: Using ep0 maxpacket: 32
[  410.597684][    T6] pyra 0003:1E7D:2CF6.001E: hidraw1: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.2-1/input0
[  410.685567][  T470] usb 2-1: device descriptor read/8, error -71
[  410.745523][  T345] usb 4-1: New USB device found, idVendor=0b54, idProduct=62a0, bcdDevice=a0.56
[  410.754390][  T345] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  410.762280][  T345] usb 4-1: Product: syz
[  410.766192][  T345] usb 4-1: Manufacturer: syz
[  410.770585][  T345] usb 4-1: SerialNumber: syz
[  410.779637][  T345] usb 4-1: config 0 descriptor??
[  410.845247][   T30] audit: type=1400 audit(1729429564.639:3316): avc:  denied  { setopt } for  pid=7497 comm="syz.2.1854" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  410.883400][ T7512] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1858'.
[  410.892403][ T7512] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1858'.
[  410.928223][ T7511] 9pnet: Insufficient options for proto=fd
[  410.934890][ T7511] 9pnet: Insufficient options for proto=fd
[  410.946596][ T7512] loop0: detected capacity change from 0 to 2048
[  411.022364][ T3454] usb 4-1: USB disconnect, device number 20
[  411.135840][ T2291] EXT4-fs warning: 234 callbacks suppressed
[  411.135856][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  411.156772][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  411.184102][ T7517] loop0: detected capacity change from 0 to 512
[  411.190440][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  411.206166][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  411.221912][ T7517] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  411.235788][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  411.246946][ T7517] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  411.250925][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  411.265564][ T7517] EXT4-fs (loop0): 1 truncate cleaned up
[  411.285082][ T7517] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  411.296140][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  411.319526][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  411.335872][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  411.355761][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  411.744432][ T7524] loop1: detected capacity change from 0 to 1024
[  411.747078][ T7526] FAULT_INJECTION: forcing a failure.
[  411.747078][ T7526] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  411.763563][ T7526] CPU: 0 PID: 7526 Comm: syz.3.1861 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  411.773255][ T7526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  411.783152][ T7526] Call Trace:
[  411.786277][ T7526]  <TASK>
[  411.789053][ T7526]  dump_stack_lvl+0x151/0x1c0
[  411.793568][ T7526]  ? io_uring_drop_tctx_refs+0x190/0x190
[  411.799036][ T7526]  dump_stack+0x15/0x20
[  411.803026][ T7526]  should_fail+0x3c6/0x510
[  411.807282][ T7526]  should_fail_usercopy+0x1a/0x20
[  411.812139][ T7526]  _copy_from_user+0x20/0xd0
[  411.816567][ T7526]  usbdev_ioctl+0x1da2/0x5e20
[  411.821081][ T7526]  ? usbdev_poll+0x200/0x200
[  411.825505][ T7526]  ? 0xffffffffa0018000
[  411.829496][ T7526]  ? is_bpf_text_address+0x172/0x190
[  411.834619][ T7526]  ? stack_trace_save+0x1c0/0x1c0
[  411.839484][ T7526]  ? __kernel_text_address+0x9b/0x110
[  411.844687][ T7526]  ? unwind_get_return_address+0x4d/0x90
[  411.850153][ T7526]  ? arch_stack_walk+0xf3/0x140
[  411.854845][ T7526]  ? stack_trace_save+0x113/0x1c0
[  411.859704][ T7526]  ? avc_has_extended_perms+0x90b/0x10f0
[  411.865170][ T7526]  ? memcpy+0x56/0x70
[  411.869162][ T7526]  ? avc_has_extended_perms+0xad7/0x10f0
[  411.874631][ T7526]  ? kasan_set_free_info+0x23/0x40
[  411.879576][ T7526]  ? __kasan_slab_free+0x11/0x20
[  411.884350][ T7526]  ? slab_free_freelist_hook+0xbd/0x190
[  411.889730][ T7526]  ? kmem_cache_free+0x116/0x2e0
[  411.894504][ T7526]  ? putname+0xfa/0x150
[  411.898496][ T7526]  ? do_sys_openat2+0x1fc/0x820
[  411.903183][ T7526]  ? _kstrtoull+0x3a0/0x4a0
[  411.907526][ T7526]  ? do_vfs_ioctl+0xbc1/0x2a80
[  411.912124][ T7526]  ? kstrtol_from_user+0x310/0x310
[  411.917070][ T7526]  ? __x64_compat_sys_ioctl+0x90/0x90
[  411.922279][ T7526]  ? __kasan_check_write+0x14/0x20
[  411.927225][ T7526]  ? proc_fail_nth_write+0x20b/0x290
[  411.932346][ T7526]  ? selinux_file_permission+0x2c4/0x570
[  411.937813][ T7526]  ? ioctl_has_perm+0x1f8/0x560
[  411.942503][ T7526]  ? ioctl_has_perm+0x3f5/0x560
[  411.947188][ T7526]  ? has_cap_mac_admin+0x3c0/0x3c0
[  411.952136][ T7526]  ? file_end_write+0x1c0/0x1c0
[  411.956823][ T7526]  ? selinux_file_ioctl+0x3cc/0x540
[  411.961854][ T7526]  ? __mutex_lock_slowpath+0x10/0x10
[  411.966976][ T7526]  ? selinux_file_alloc_security+0x120/0x120
[  411.972794][ T7526]  ? __fget_files+0x31e/0x380
[  411.977305][ T7526]  ? security_file_ioctl+0x84/0xb0
[  411.982250][ T7526]  ? usbdev_poll+0x200/0x200
[  411.986677][ T7526]  __se_sys_ioctl+0x114/0x190
[  411.991192][ T7526]  __x64_sys_ioctl+0x7b/0x90
[  411.995620][ T7526]  x64_sys_call+0x98/0x9a0
[  411.999870][ T7526]  do_syscall_64+0x3b/0xb0
[  412.004126][ T7526]  ? clear_bhb_loop+0x35/0x90
[  412.008638][ T7526]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  412.014367][ T7526] RIP: 0033:0x7fc7e5219ff9
[  412.018618][ T7526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  412.038056][ T7526] RSP: 002b:00007fc7e3e93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  412.046469][ T7526] RAX: ffffffffffffffda RBX: 00007fc7e53d1f80 RCX: 00007fc7e5219ff9
[  412.054278][ T7526] RDX: 0000000020000000 RSI: 00000000c0105500 RDI: 0000000000000003
[  412.062090][ T7526] RBP: 00007fc7e3e93090 R08: 0000000000000000 R09: 0000000000000000
[  412.069899][ T7526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  412.077716][ T7526] R13: 0000000000000000 R14: 00007fc7e53d1f80 R15: 00007fffa6a4aaa8
[  412.085527][ T7526]  </TASK>
[  412.123633][ T7524] EXT4-fs (loop1): Ignoring removed orlov option
[  412.137995][ T7524] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  412.157486][ T7524] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  412.225527][    T6] pyra 0003:1E7D:2CF6.001E: couldn't init struct pyra_device
[  412.233122][    T6] pyra 0003:1E7D:2CF6.001E: couldn't install mouse
[  412.243118][    T6] pyra: probe of 0003:1E7D:2CF6.001E failed with error -71
[  412.251841][ T7542] FAULT_INJECTION: forcing a failure.
[  412.251841][ T7542] name failslab, interval 1, probability 0, space 0, times 0
[  412.257811][    T6] usb 3-1: USB disconnect, device number 26
[  412.268428][ T7542] CPU: 1 PID: 7542 Comm: syz.2.1867 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  412.279770][ T7542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  412.289662][ T7542] Call Trace:
[  412.293132][ T7542]  <TASK>
[  412.295910][ T7542]  dump_stack_lvl+0x151/0x1c0
[  412.300423][ T7542]  ? io_uring_drop_tctx_refs+0x190/0x190
[  412.305890][ T7542]  ? file_end_write+0x1c0/0x1c0
[  412.310588][ T7542]  dump_stack+0x15/0x20
[  412.314572][ T7542]  should_fail+0x3c6/0x510
[  412.318824][ T7542]  __should_failslab+0xa4/0xe0
[  412.323425][ T7542]  ? getname_flags+0xba/0x520
[  412.327935][ T7542]  should_failslab+0x9/0x20
[  412.332277][ T7542]  slab_pre_alloc_hook+0x37/0xd0
[  412.337050][ T7542]  ? getname_flags+0xba/0x520
[  412.341562][ T7542]  kmem_cache_alloc+0x44/0x200
[  412.346164][ T7542]  getname_flags+0xba/0x520
[  412.350501][ T7542]  getname_uflags+0x26/0x30
[  412.354849][ T7542]  __x64_sys_execveat+0xb6/0xf0
[  412.359530][ T7542]  x64_sys_call+0x886/0x9a0
[  412.363874][ T7542]  do_syscall_64+0x3b/0xb0
[  412.368120][ T7542]  ? clear_bhb_loop+0x35/0x90
[  412.372634][ T7542]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  412.378363][ T7542] RIP: 0033:0x7f54a300fff9
[  412.382622][ T7542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  412.402581][ T7542] RSP: 002b:00007f54a1c89038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  412.410823][ T7542] RAX: ffffffffffffffda RBX: 00007f54a31c7f80 RCX: 00007f54a300fff9
[  412.418635][ T7542] RDX: 0000000000000000 RSI: 0000000020000140 RDI: ffffffffffffff9c
[  412.426444][ T7542] RBP: 00007f54a1c89090 R08: 0000000000000000 R09: 0000000000000000
[  412.434253][ T7542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  412.442066][ T7542] R13: 0000000000000000 R14: 00007f54a31c7f80 R15: 00007fff90b52968
[  412.449887][ T7542]  </TASK>
[  412.721377][ T7552] FAULT_INJECTION: forcing a failure.
[  412.721377][ T7552] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  412.745496][ T7552] CPU: 0 PID: 7552 Comm: syz.3.1870 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  412.755212][ T7552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  412.765107][ T7552] Call Trace:
[  412.768229][ T7552]  <TASK>
[  412.771007][ T7552]  dump_stack_lvl+0x151/0x1c0
[  412.775522][ T7552]  ? io_uring_drop_tctx_refs+0x190/0x190
[  412.780990][ T7552]  ? avc_has_extended_perms+0xad7/0x10f0
[  412.786542][ T7552]  dump_stack+0x15/0x20
[  412.790543][ T7552]  should_fail+0x3c6/0x510
[  412.794785][ T7552]  should_fail_usercopy+0x1a/0x20
[  412.799647][ T7552]  _copy_from_user+0x20/0xd0
[  412.804072][ T7552]  ashmem_ioctl+0x4af/0xe30
[  412.808412][ T7552]  ? ashmem_read_iter+0x1a0/0x1a0
[  412.813270][ T7552]  ? __x64_compat_sys_ioctl+0x90/0x90
[  412.818481][ T7552]  ? __kasan_check_write+0x14/0x20
[  412.823424][ T7552]  ? proc_fail_nth_write+0x20b/0x290
[  412.828548][ T7552]  ? selinux_file_permission+0x2c4/0x570
[  412.834012][ T7552]  ? ioctl_has_perm+0x1f8/0x560
[  412.838702][ T7552]  ? ioctl_has_perm+0x3f5/0x560
[  412.843389][ T7552]  ? has_cap_mac_admin+0x3c0/0x3c0
[  412.848336][ T7552]  ? file_end_write+0x1c0/0x1c0
[  412.853023][ T7552]  ? selinux_file_ioctl+0x3cc/0x540
[  412.858055][ T7552]  ? __mutex_lock_slowpath+0x10/0x10
[  412.863176][ T7552]  ? selinux_file_alloc_security+0x120/0x120
[  412.868991][ T7552]  ? __fget_files+0x31e/0x380
[  412.873505][ T7552]  ? security_file_ioctl+0x84/0xb0
[  412.878450][ T7552]  ? ashmem_read_iter+0x1a0/0x1a0
[  412.883311][ T7552]  __se_sys_ioctl+0x114/0x190
[  412.887826][ T7552]  __x64_sys_ioctl+0x7b/0x90
[  412.892251][ T7552]  x64_sys_call+0x98/0x9a0
[  412.896505][ T7552]  do_syscall_64+0x3b/0xb0
[  412.900757][ T7552]  ? clear_bhb_loop+0x35/0x90
[  412.905271][ T7552]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  412.910999][ T7552] RIP: 0033:0x7fc7e5219ff9
[  412.915252][ T7552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  412.934693][ T7552] RSP: 002b:00007fc7e3e93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  412.942938][ T7552] RAX: ffffffffffffffda RBX: 00007fc7e53d1f80 RCX: 00007fc7e5219ff9
[  412.950748][ T7552] RDX: 0000000020000300 RSI: 0000000040087708 RDI: 0000000000000005
[  412.958559][ T7552] RBP: 00007fc7e3e93090 R08: 0000000000000000 R09: 0000000000000000
[  412.966370][ T7552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  412.974180][ T7552] R13: 0000000000000000 R14: 00007fc7e53d1f80 R15: 00007fffa6a4aaa8
[  412.981999][ T7552]  </TASK>
[  413.010155][ T7556] FAULT_INJECTION: forcing a failure.
[  413.010155][ T7556] name failslab, interval 1, probability 0, space 0, times 0
[  413.022608][ T7556] CPU: 0 PID: 7556 Comm: syz.1.1860 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  413.032269][ T7556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  413.042167][ T7556] Call Trace:
[  413.045289][ T7556]  <TASK>
[  413.048069][ T7556]  dump_stack_lvl+0x151/0x1c0
[  413.052579][ T7556]  ? io_uring_drop_tctx_refs+0x190/0x190
[  413.058051][ T7556]  ? vfs_write+0x94d/0x1110
[  413.062392][ T7556]  dump_stack+0x15/0x20
[  413.066382][ T7556]  should_fail+0x3c6/0x510
[  413.070634][ T7556]  __should_failslab+0xa4/0xe0
[  413.075233][ T7556]  should_failslab+0x9/0x20
[  413.079572][ T7556]  slab_pre_alloc_hook+0x37/0xd0
[  413.084345][ T7556]  ? __se_sys_mount+0x9b/0x3b0
[  413.088947][ T7556]  __kmalloc_track_caller+0x6c/0x260
[  413.094559][ T7556]  ? __se_sys_mount+0x9b/0x3b0
[  413.099159][ T7556]  strndup_user+0x76/0x150
[  413.103414][ T7556]  __se_sys_mount+0x9b/0x3b0
[  413.107841][ T7556]  ? __x64_sys_mount+0xd0/0xd0
[  413.112444][ T7556]  ? debug_smp_processor_id+0x17/0x20
[  413.117646][ T7556]  __x64_sys_mount+0xbf/0xd0
[  413.122075][ T7556]  x64_sys_call+0x49d/0x9a0
[  413.126413][ T7556]  do_syscall_64+0x3b/0xb0
[  413.131446][ T7556]  ? clear_bhb_loop+0x35/0x90
[  413.135959][ T7556]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  413.141687][ T7556] RIP: 0033:0x7fb4eabedff9
[  413.145942][ T7556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.165381][ T7556] RSP: 002b:00007fb4e9825038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  413.173627][ T7556] RAX: ffffffffffffffda RBX: 00007fb4eada6130 RCX: 00007fb4eabedff9
[  413.181438][ T7556] RDX: 0000000020000400 RSI: 00000000200003c0 RDI: 0000000000000000
[  413.189248][ T7556] RBP: 00007fb4e9825090 R08: 00000000200002c0 R09: 0000000000000000
[  413.197060][ T7556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  413.204869][ T7556] R13: 0000000000000000 R14: 00007fb4eada6130 R15: 00007ffea99d6918
[  413.212687][ T7556]  </TASK>
[  413.273326][ T7560] loop0: detected capacity change from 0 to 256
[  413.396323][   T31] INFO: task syz.4.1131:4741 blocked for more than 123 seconds.
[  413.404893][   T31]       Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  413.412248][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  413.420803][   T31] task:syz.4.1131      state:D stack:28144 pid: 4741 ppid:  2433 flags:0x00004004
[  413.429910][   T31] Call Trace:
[  413.432981][   T31]  <TASK>
[  413.435774][   T31]  __schedule+0xccc/0x1590
[  413.440141][   T31]  ? release_firmware_map_entry+0x190/0x190
[  413.445894][   T31]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  413.451521][   T31]  ? prepare_to_wait_event+0x3e6/0x420
[  413.456856][   T31]  schedule+0x11f/0x1e0
[  413.460800][   T31]  wb_wait_for_completion+0x151/0x270
[  413.466028][   T31]  ? __bpf_trace_writeback_inode_template+0x30/0x30
[  413.472602][   T31]  ? io_schedule+0x120/0x120
[  413.477047][   T31]  ? down_read+0xd50/0x1900
[  413.481376][   T31]  sync_inodes_sb+0x2af/0x8b0
[  413.485909][   T31]  ? __down_common+0x550/0x550
[  413.490498][   T31]  ? preempt_schedule+0xd9/0xe0
[  413.495166][   T31]  ? __kasan_check_read+0x11/0x20
[  413.500056][   T31]  ? preempt_schedule_common+0xbe/0xf0
[  413.505327][   T31]  ? try_to_writeback_inodes_sb+0xc0/0xc0
[  413.510893][   T31]  ? preempt_schedule+0xd9/0xe0
[  413.515568][   T31]  ? schedule_preempt_disabled+0x20/0x20
[  413.521009][   T31]  ? _raw_spin_lock+0xa4/0x1b0
[  413.525656][   T31]  sync_inodes_one_sb+0x56/0x70
[  413.530296][   T31]  iterate_supers+0x12f/0x1f0
[  413.534807][   T31]  ? ksys_sync+0x1c0/0x1c0
[  413.539071][   T31]  ksys_sync+0xb9/0x1c0
[  413.543054][   T31]  ? sync_filesystem+0x250/0x250
[  413.547838][   T31]  ? exit_to_user_mode_prepare+0x7e/0xa0
[  413.553295][   T31]  __do_sys_sync+0xe/0x20
[  413.557476][   T31]  x64_sys_call+0x488/0x9a0
[  413.561800][   T31]  do_syscall_64+0x3b/0xb0
[  413.566060][   T31]  ? clear_bhb_loop+0x35/0x90
[  413.570566][   T31]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  413.576302][   T31] RIP: 0033:0x7f6c6f490ff9
[  413.580545][   T31] RSP: 002b:00007f6c6e0e9038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
[  413.588800][   T31] RAX: ffffffffffffffda RBX: 00007f6c6f649058 RCX: 00007f6c6f490ff9
[  413.596612][   T31] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  413.604414][   T31] RBP: 00007f6c6f503296 R08: 0000000000000000 R09: 0000000000000000
[  413.612237][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  413.620051][   T31] R13: 0000000000000000 R14: 00007f6c6f649058 R15: 00007ffd56f083d8
[  413.627863][   T31]  </TASK>
[  413.643522][   T31] NMI backtrace for cpu 1
[  413.644285][ T7565] FAULT_INJECTION: forcing a failure.
[  413.644285][ T7565] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  413.647662][   T31] CPU: 1 PID: 31 Comm: khungtaskd Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  413.647681][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  413.647690][   T31] Call Trace:
[  413.647696][   T31]  <TASK>
[  413.685854][   T31]  dump_stack_lvl+0x151/0x1c0
[  413.690364][   T31]  ? io_uring_drop_tctx_refs+0x190/0x190
[  413.695830][   T31]  dump_stack+0x15/0x20
[  413.699916][   T31]  nmi_cpu_backtrace+0x2f7/0x300
[  413.704691][   T31]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[  413.710677][   T31]  ? sched_show_task+0x3d8/0x620
[  413.715452][   T31]  ? __rcu_read_unlock+0xd0/0xd0
[  413.720226][   T31]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  413.726126][   T31]  nmi_trigger_cpumask_backtrace+0x15d/0x270
[  413.731944][   T31]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  413.737846][   T31]  arch_trigger_cpumask_backtrace+0x10/0x20
[  413.743576][   T31]  watchdog+0xdd7/0xf50
[  413.747570][   T31]  ? __kasan_check_write+0x14/0x20
[  413.752515][   T31]  ? hungtask_pm_notify+0x50/0x50
[  413.757374][   T31]  ? __kasan_check_read+0x11/0x20
[  413.762235][   T31]  ? __kthread_parkme+0xb2/0x200
[  413.767006][   T31]  kthread+0x421/0x510
[  413.770908][   T31]  ? hungtask_pm_notify+0x50/0x50
[  413.775771][   T31]  ? kthread_blkcg+0xd0/0xd0
[  413.780199][   T31]  ret_from_fork+0x1f/0x30
[  413.784453][   T31]  </TASK>
[  413.787314][ T7565] CPU: 0 PID: 7565 Comm: syz.3.1873 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  413.787435][   T31] Sending NMI from CPU 1 to CPUs 0:
[  413.797032][ T7565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  413.797043][ T7565] Call Trace:
[  413.797049][ T7565]  <TASK>
[  413.802074][    C0] NMI backtrace for cpu 0
[  413.802083][    C0] CPU: 0 PID: 7565 Comm: syz.3.1873 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  413.802099][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  413.802108][    C0] RIP: 0010:put_dec_trunc8+0xc/0x360
[  413.802128][    C0] Code: fe 48 c7 c7 e0 21 da 86 48 89 de e8 de 29 fc ff e9 0c fe ff ff 66 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 <53> 41 89 f5 49 89 fe 49 bc 00 00 00 00 00 fc ff df e8 2e fb e6 fe
[  413.802141][    C0] RSP: 0018:ffffc90000d16ff8 EFLAGS: 00000093
[  413.802155][    C0] RAX: ffffffff8288a34d RBX: 000000000000019d RCX: ffff8881228313c0
[  413.802167][    C0] RDX: 0000000000000000 RSI: 000000000000019d RDI: ffffc90000d170e0
[  413.802178][    C0] RBP: ffffc90000d17018 R08: ffffffff8288a2b5 R09: ffffc90000d170e0
[  413.802190][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 00000000ffff0a00
[  413.802200][    C0] R13: dffffc0000000000 R14: ffffc90000d170e0 R15: ffffc90000d17521
[  413.802213][    C0] FS:  00007fc7e3e936c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  413.802227][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  413.802238][    C0] CR2: 00007fddb24ef578 CR3: 000000011f32f000 CR4: 00000000003506b0
[  413.802253][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  413.802262][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  413.802272][    C0] Call Trace:
[  413.802276][    C0]  <NMI>
[  413.802282][    C0]  ? show_regs+0x58/0x60
[  413.802298][    C0]  ? nmi_cpu_backtrace+0x29f/0x300
[  413.802317][    C0]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[  413.802335][    C0]  ? put_dec_trunc8+0xc/0x360
[  413.802349][    C0]  ? put_dec_trunc8+0xc/0x360
[  413.802364][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  413.802380][    C0]  ? nmi_handle+0xa8/0x280
[  413.802396][    C0]  ? put_dec_trunc8+0xc/0x360
[  413.802410][    C0]  ? default_do_nmi+0x69/0x160
[  413.802425][    C0]  ? exc_nmi+0xad/0x100
[  413.802438][    C0]  ? end_repeat_nmi+0x16/0x31
[  413.802454][    C0]  ? put_dec+0x25/0xe0
[  413.802466][    C0]  ? put_dec+0xbd/0xe0
[  413.802482][    C0]  ? put_dec_trunc8+0xc/0x360
[  413.802496][    C0]  ? put_dec_trunc8+0xc/0x360
[  413.802511][    C0]  ? put_dec_trunc8+0xc/0x360
[  413.802525][    C0]  </NMI>
[  413.802530][    C0]  <TASK>
[  413.802536][    C0]  put_dec+0xd1/0xe0
[  413.802550][    C0]  number+0x333/0xf80
[  413.802565][    C0]  ? pointer+0xc40/0xc40
[  413.802580][    C0]  ? vsnprintf+0x1dd/0x1c70
[  413.802594][    C0]  ? memcpy+0x56/0x70
[  413.802610][    C0]  vsnprintf+0x1361/0x1c70
[  413.802626][    C0]  ? ptr_to_hashval+0x60/0x60
[  413.802642][    C0]  sprintf+0xd6/0x120
[  413.802656][    C0]  ? format_decode+0x72f/0x1f10
[  413.802670][    C0]  ? vsprintf+0x40/0x40
[  413.802685][    C0]  ? vsnprintf+0x1c70/0x1c70
[  413.802699][    C0]  ? vsnprintf+0x1dd/0x1c70
[  413.802714][    C0]  info_print_prefix+0x16e/0x510
[  413.802731][    C0]  ? trace_raw_output_console+0xd0/0xd0
[  413.802747][    C0]  ? prb_final_commit+0x90/0x90
[  413.802762][    C0]  ? __kasan_check_write+0x14/0x20
[  413.802777][    C0]  ? _prb_commit+0x243/0x300
[  413.802793][    C0]  console_unlock+0x633/0x10e0
[  413.802814][    C0]  ? __kasan_check_write+0x14/0x20
[  413.802831][    C0]  ? vprintk_emit+0x340/0x340
[  413.802844][    C0]  ? __kasan_check_write+0x14/0x20
[  413.802859][    C0]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  413.802878][    C0]  ? _raw_spin_lock+0x1b0/0x1b0
[  413.802898][    C0]  ? __kasan_check_write+0x14/0x20
[  413.802913][    C0]  ? _raw_spin_trylock_bh+0x190/0x190
[  413.802931][    C0]  ? preempt_count_add+0x92/0x1a0
[  413.802947][    C0]  vprintk_emit+0x132/0x340
[  413.802962][    C0]  ? vprintk_store+0x1620/0x1620
[  413.802979][    C0]  vprintk_default+0x26/0x30
[  413.802993][    C0]  vprintk+0x74/0x80
[  413.803008][    C0]  _printk+0xd1/0x120
[  413.803022][    C0]  ? unwind_next_frame+0x3cb/0x700
[  413.803040][    C0]  ? panic+0x760/0x760
[  413.803055][    C0]  ? get_stack_info_noinstr+0x1b/0x130
[  413.803070][    C0]  ? get_stack_info+0x3b/0x100
[  413.803085][    C0]  show_trace_log_lvl+0x288/0x380
[  413.803103][    C0]  ? dump_stack_lvl+0x151/0x1c0
[  413.803120][    C0]  show_stack+0x37/0x40
[  413.803134][    C0]  dump_stack_lvl+0x151/0x1c0
[  413.803151][    C0]  ? io_uring_drop_tctx_refs+0x190/0x190
[  413.803168][    C0]  ? do_vfs_ioctl+0x1a90/0x2a80
[  413.803184][    C0]  dump_stack+0x15/0x20
[  413.803199][    C0]  should_fail+0x3c6/0x510
[  413.803214][    C0]  should_fail_usercopy+0x1a/0x20
[  413.803229][    C0]  _copy_to_user+0x20/0x90
[  413.803244][    C0]  simple_read_from_buffer+0xc7/0x150
[  413.803260][    C0]  proc_fail_nth_read+0x1a3/0x210
[  413.803278][    C0]  ? proc_fault_inject_write+0x390/0x390
[  413.803295][    C0]  ? fsnotify_perm+0x269/0x5b0
[  413.803312][    C0]  ? security_file_permission+0x86/0xb0
[  413.803329][    C0]  ? proc_fault_inject_write+0x390/0x390
[  413.803346][    C0]  vfs_read+0x27d/0xd40
[  413.803361][    C0]  ? kernel_read+0x1f0/0x1f0
[  413.803374][    C0]  ? __kasan_check_write+0x14/0x20
[  413.803389][    C0]  ? mutex_lock+0xb6/0x1e0
[  413.803404][    C0]  ? wait_for_completion_killable_timeout+0x10/0x10
[  413.803423][    C0]  ? __fdget_pos+0x2e7/0x3a0
[  413.803436][    C0]  ? ksys_read+0x77/0x2c0
[  413.803450][    C0]  ksys_read+0x199/0x2c0
[  413.803465][    C0]  ? vfs_write+0x1110/0x1110
[  413.803479][    C0]  ? debug_smp_processor_id+0x17/0x20
[  413.803494][    C0]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  413.803511][    C0]  __x64_sys_read+0x7b/0x90
[  413.803526][    C0]  x64_sys_call+0x28/0x9a0
[  413.803539][    C0]  do_syscall_64+0x3b/0xb0
[  413.803552][    C0]  ? clear_bhb_loop+0x35/0x90
[  413.803566][    C0]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  413.803580][    C0] RIP: 0033:0x7fc7e5218a3c
[  413.803592][    C0] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  413.803605][    C0] RSP: 002b:00007fc7e3e93030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  413.803619][    C0] RAX: ffffffffffffffda RBX: 00007fc7e53d1f80 RCX: 00007fc7e5218a3c
[  413.803630][    C0] RDX: 000000000000000f RSI: 00007fc7e3e930a0 RDI: 0000000000000006
[  413.803640][    C0] RBP: 00007fc7e3e93090 R08: 0000000000000000 R09: 0000000000000000
[  413.803650][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  413.803659][    C0] R13: 0000000000000000 R14: 00007fc7e53d1f80 R15: 00007fffa6a4aaa8
[  413.803673][    C0]  </TASK>
[  414.419067][ T7565]  dump_stack_lvl+0x151/0x1c0
[  414.423576][ T7565]  ? io_uring_drop_tctx_refs+0x190/0x190
[  414.429044][ T7565]  ? do_vfs_ioctl+0x1a90/0x2a80
[  414.433730][ T7565]  dump_stack+0x15/0x20
[  414.437722][ T7565]  should_fail+0x3c6/0x510
[  414.441974][ T7565]  should_fail_usercopy+0x1a/0x20
[  414.446834][ T7565]  _copy_to_user+0x20/0x90
[  414.451090][ T7565]  simple_read_from_buffer+0xc7/0x150
[  414.456297][ T7565]  proc_fail_nth_read+0x1a3/0x210
[  414.461157][ T7565]  ? proc_fault_inject_write+0x390/0x390
[  414.466631][ T7565]  ? fsnotify_perm+0x269/0x5b0
[  414.471227][ T7565]  ? security_file_permission+0x86/0xb0
[  414.476608][ T7565]  ? proc_fault_inject_write+0x390/0x390
[  414.482074][ T7565]  vfs_read+0x27d/0xd40
[  414.486068][ T7565]  ? kernel_read+0x1f0/0x1f0
[  414.490846][ T7565]  ? __kasan_check_write+0x14/0x20
[  414.495786][ T7565]  ? mutex_lock+0xb6/0x1e0
[  414.500038][ T7565]  ? wait_for_completion_killable_timeout+0x10/0x10
[  414.506465][ T7565]  ? __fdget_pos+0x2e7/0x3a0
[  414.510887][ T7565]  ? ksys_read+0x77/0x2c0
[  414.515054][ T7565]  ksys_read+0x199/0x2c0
[  414.519135][ T7565]  ? vfs_write+0x1110/0x1110
[  414.523561][ T7565]  ? debug_smp_processor_id+0x17/0x20
[  414.528767][ T7565]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  414.534668][ T7565]  __x64_sys_read+0x7b/0x90
[  414.539007][ T7565]  x64_sys_call+0x28/0x9a0
[  414.543260][ T7565]  do_syscall_64+0x3b/0xb0
[  414.547513][ T7565]  ? clear_bhb_loop+0x35/0x90
[  414.552027][ T7565]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  414.557754][ T7565] RIP: 0033:0x7fc7e5218a3c
[  414.562009][ T7565] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  414.581450][ T7565] RSP: 002b:00007fc7e3e93030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  414.589693][ T7565] RAX: ffffffffffffffda RBX: 00007fc7e53d1f80 RCX: 00007fc7e5218a3c
[  414.597504][ T7565] RDX: 000000000000000f RSI: 00007fc7e3e930a0 RDI: 0000000000000006
[  414.605316][ T7565] RBP: 00007fc7e3e93090 R08: 0000000000000000 R09: 0000000000000000
[  414.613128][ T7565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  414.620938][ T7565] R13: 0000000000000000 R14: 00007fc7e53d1f80 R15: 00007fffa6a4aaa8
[  414.628765][ T7565]  </TASK>
[  414.675960][  T313] EXT4-fs error: 182 callbacks suppressed
[  414.675974][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  414.744095][ T7557] bridge0: port 1(bridge_slave_0) entered blocking state
[  414.754562][ T7557] bridge0: port 1(bridge_slave_0) entered disabled state
[  414.763568][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  414.783224][ T7557] device bridge_slave_0 entered promiscuous mode
[  414.798833][ T7557] bridge0: port 2(bridge_slave_1) entered blocking state
[  414.805811][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  414.820274][ T7578] EXT4-fs (sda1): shut down requested (1)
[  414.826404][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  414.843995][ T7575] loop3: detected capacity change from 0 to 512
[  414.850464][ T7557] bridge0: port 2(bridge_slave_1) entered disabled state
[  414.854054][ T7578] Aborting journal on device sda1-8.
[  414.865493][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  414.870997][ T7557] device bridge_slave_1 entered promiscuous mode
[  414.886097][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  414.906608][ T7575] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  414.925610][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  414.951876][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  414.976442][ T7575] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  414.990750][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  415.015619][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  415.027986][ T7575] EXT4-fs (loop3): 1 truncate cleaned up
[  415.033758][ T7575] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  415.108086][ T7557] bridge0: port 2(bridge_slave_1) entered blocking state
[  415.114931][ T7557] bridge0: port 2(bridge_slave_1) entered forwarding state
[  415.122071][ T7557] bridge0: port 1(bridge_slave_0) entered blocking state
[  415.128837][ T7557] bridge0: port 1(bridge_slave_0) entered forwarding state
[  415.246685][ T5535] bridge0: port 1(bridge_slave_0) entered disabled state
[  415.254504][ T5535] bridge0: port 2(bridge_slave_1) entered disabled state
[  415.268254][ T7573] loop2: detected capacity change from 0 to 40427
[  415.283367][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  415.301222][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  415.376929][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  415.395083][ T5535] bridge0: port 1(bridge_slave_0) entered blocking state
[  415.401943][ T5535] bridge0: port 1(bridge_slave_0) entered forwarding state
[  415.410767][ T7573] F2FS-fs (loop2): Fix alignment : done, start(4096) end(16896) block(12288)
[  415.551096][ T7573] F2FS-fs (loop2): Mismatch start address, segment0(0) cp_blkaddr(512)
[  415.576898][ T7573] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  415.633603][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  415.677431][ T7573] F2FS-fs (loop2): invalid crc value
[  415.708698][ T5535] bridge0: port 2(bridge_slave_1) entered blocking state
[  415.715560][ T5535] bridge0: port 2(bridge_slave_1) entered forwarding state
[  415.737548][ T7588] device pim6reg1 entered promiscuous mode
[  415.739430][ T7573] F2FS-fs (loop2): Found nat_bits in checkpoint
[  415.744009][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  415.758122][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  415.766264][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  415.791017][ T7557] device veth0_vlan entered promiscuous mode
[  415.791580][ T7581] loop0: detected capacity change from 0 to 40427
[  415.798173][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  415.813757][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  415.821856][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  415.829477][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  415.836082][ T7581] F2FS-fs (loop0): Fix alignment : done, start(4096) end(16896) block(12288)
[  415.845251][ T7581] F2FS-fs (loop0): Mismatch start address, segment0(0) cp_blkaddr(512)
[  415.845653][ T7573] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  415.853963][ T7581] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  415.868732][ T7573] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  415.876829][ T7581] F2FS-fs (loop0): invalid crc value
[  415.880531][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  415.893937][ T5535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  415.903592][ T7557] device veth1_macvtap entered promiscuous mode
[  415.910469][ T7581] F2FS-fs (loop0): Found nat_bits in checkpoint
[  415.921438][ T7589] attempt to access beyond end of device
[  415.921438][ T7589] loop2: rw=2049, want=45104, limit=40427
[  415.924635][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  415.954316][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  415.963551][ T7602] FAULT_INJECTION: forcing a failure.
[  415.963551][ T7602] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  415.976005][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  415.998154][ T7602] CPU: 0 PID: 7602 Comm: syz.1.1881 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[  416.007855][ T7602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  416.017750][ T7602] Call Trace:
[  416.020876][ T7602]  <TASK>
[  416.023650][ T7602]  dump_stack_lvl+0x151/0x1c0
[  416.028165][ T7602]  ? io_uring_drop_tctx_refs+0x190/0x190
[  416.033632][ T7602]  ? fsnotify_perm+0x6a/0x5b0
[  416.038145][ T7602]  dump_stack+0x15/0x20
[  416.042135][ T7602]  should_fail+0x3c6/0x510
[  416.046392][ T7602]  should_fail_usercopy+0x1a/0x20
[  416.051256][ T7602]  _copy_from_user+0x20/0xd0
[  416.055679][ T7602]  __sys_sendto+0x33a/0x720
[  416.060019][ T7602]  ? __ia32_sys_getpeername+0x90/0x90
[  416.065226][ T7602]  ? __ia32_sys_read+0x90/0x90
[  416.069824][ T7602]  ? debug_smp_processor_id+0x17/0x20
[  416.075032][ T7602]  __x64_sys_sendto+0xe5/0x100
[  416.079632][ T7602]  x64_sys_call+0x15c/0x9a0
[  416.083972][ T7602]  do_syscall_64+0x3b/0xb0
[  416.088224][ T7602]  ? clear_bhb_loop+0x35/0x90
[  416.092736][ T7602]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  416.098465][ T7602] RIP: 0033:0x7fb4eabedff9
[  416.102717][ T7602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  416.122158][ T7602] RSP: 002b:00007fb4e9867038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  416.130406][ T7602] RAX: ffffffffffffffda RBX: 00007fb4eada5f80 RCX: 00007fb4eabedff9
[  416.138214][ T7602] RDX: 000000000001fffc RSI: 0000000020000180 RDI: 0000000000000006
[  416.146027][ T7602] RBP: 00007fb4e9867090 R08: 0000000020000140 R09: 0000000000000014
[  416.153839][ T7602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  416.161650][ T7602] R13: 0000000000000000 R14: 00007fb4eada5f80 R15: 00007ffea99d6918
[  416.169557][ T7602]  </TASK>
[  416.177791][  T313] EXT4-fs warning: 143 callbacks suppressed
[  416.177805][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  416.179196][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  416.188753][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  416.199403][ T1498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  416.206625][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  416.244429][ T7581] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  416.258447][ T7581] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  416.259764][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  416.290727][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  416.310735][ T7596] attempt to access beyond end of device
[  416.310735][ T7596] loop0: rw=2049, want=45104, limit=40427
[  416.353964][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  416.372482][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  416.395090][ T7605] loop1: detected capacity change from 0 to 512
[  416.401620][   T30] audit: type=1326 audit(1729429570.199:3317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7606 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7e5219ff9 code=0x7ffc0000
[  416.424981][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
SYZFAIL: posix_spawn failed
 (errno 5: Input/output error)
[  416.448547][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  416.496270][ T7605] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  416.502952][   T30] audit: type=1326 audit(1729429570.199:3318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7606 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7e5219ff9 code=0x7ffc0000
[  416.528791][ T7605] EXT4-fs warning (device loop1): ext4_multi_mount_protect:403: Unable to create kmmpd thread for loop1.
[  416.529748][   T30] audit: type=1326 audit(1729429570.239:3319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7606 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7e5219ff9 code=0x7ffc0000
[  416.563465][   T30] audit: type=1326 audit(1729429570.239:3320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7606 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7e5219ff9 code=0x7ffc0000
[  416.564114][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  416.595597][   T30] audit: type=1326 audit(1729429570.239:3321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7606 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7e5219ff9 code=0x7ffc0000
[  416.628607][   T30] audit: type=1326 audit(1729429570.239:3322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7606 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7fc7e5219ff9 code=0x7ffc0000
[  416.652138][   T30] audit: type=1326 audit(1729429799.248:3323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7606 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7e5219ff9 code=0x7ffc0000
[  416.675494][   T30] audit: type=1326 audit(1729429799.248:3324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7606 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7e5219ff9 code=0x7ffc0000
[  416.700921][   T30] audit: type=1326 audit(1729429799.248:3325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7606 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7e5219ff9 code=0x7ffc0000
[  416.765996][   T30] audit: type=1326 audit(1729429799.248:3326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7606 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7e5219ff9 code=0x7ffc0000
[  417.386199][ T1498] device bridge_slave_1 left promiscuous mode
[  417.392128][ T1498] bridge0: port 2(bridge_slave_1) entered disabled state
[  417.399400][ T1498] device bridge_slave_0 left promiscuous mode
[  417.405297][ T1498] bridge0: port 1(bridge_slave_0) entered disabled state
[  417.412864][ T1498] device veth1_macvtap left promiscuous mode
[  417.418690][ T1498] device veth0_vlan left promiscuous mode
[  418.556559][ T1498] device bridge_slave_1 left promiscuous mode
[  418.562466][ T1498] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.569817][ T1498] device bridge_slave_0 left promiscuous mode
[  418.575772][ T1498] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.583223][ T1498] device bridge_slave_1 left promiscuous mode
[  418.589193][ T1498] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.596321][ T1498] device bridge_slave_0 left promiscuous mode
[  418.602211][ T1498] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.609918][ T1498] device bridge_slave_1 left promiscuous mode
[  418.615847][ T1498] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.622955][ T1498] device bridge_slave_0 left promiscuous mode
[  418.628954][ T1498] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.636502][ T1498] device bridge_slave_1 left promiscuous mode
[  418.642388][ T1498] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.649724][ T1498] device bridge_slave_0 left promiscuous mode
[  418.655712][ T1498] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.663688][ T1498] device veth1_macvtap left promiscuous mode
[  418.669524][ T1498] device veth0_vlan left promiscuous mode
[  418.675298][ T1498] device veth1_macvtap left promiscuous mode
[  418.681111][ T1498] device veth0_vlan left promiscuous mode
[  418.686890][ T1498] device veth1_macvtap left promiscuous mode
[  418.692677][ T1498] device veth0_vlan left promiscuous mode
[  418.698591][ T1498] device veth1_macvtap left promiscuous mode
[  418.704375][ T1498] device veth0_vlan left promiscuous mode
[  419.705510][  T313] EXT4-fs error: 263 callbacks suppressed
[  419.705529][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  419.723266][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  419.760785][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  419.772963][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  419.805490][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  419.817570][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  419.845507][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  419.857711][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  419.885499][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  419.897652][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  421.185711][  T313] EXT4-fs warning: 297 callbacks suppressed
[  421.185725][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  421.206417][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  421.235739][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  421.250672][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  421.275715][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  421.295749][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  421.315784][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  421.335736][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  421.355714][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  421.375759][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  424.715495][ T2291] EXT4-fs error: 315 callbacks suppressed
[  424.715509][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  424.735503][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  424.755516][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  424.785494][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  424.797565][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  424.825496][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  424.837585][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  424.865499][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  424.877589][ T2291] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.471: corrupted in-inode xattr
[  424.905486][  T313] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm kworker/u4:3: corrupted in-inode xattr
[  426.205720][  T313] EXT4-fs warning: 316 callbacks suppressed
[  426.205732][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  426.235748][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  426.255691][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  426.285711][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  426.300797][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  426.325725][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  426.345675][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  426.365674][ T2291] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295
[  426.385668][  T313] EXT4-fs warning (device loop4): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 4294967295