last executing test programs:

34.164421508s ago: executing program 32 (id=135):
faccessat2(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x7, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000080)={{&(0x7f0000ffe000/0x1000)=nil, 0x1000}, 0x1})

28.553625268s ago: executing program 3 (id=283):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

28.526269871s ago: executing program 3 (id=285):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000012c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)

28.501029713s ago: executing program 3 (id=288):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
fchdir(r0)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x800, &(0x7f0000000480)={0x7, 0x9}, 0x20)

28.463942996s ago: executing program 3 (id=289):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file1\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file1\x00', 0x0, 0x0)

28.300565849s ago: executing program 3 (id=297):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x18)
r1 = io_uring_setup(0x7d2e, &(0x7f0000002380)={0x0, 0xffffffff, 0x1046})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x13, 0x0, 0x2)

28.050563949s ago: executing program 3 (id=301):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000600)={'fscrypt:', @auto=[0x37, 0x32, 0x33, 0x66, 0x0, 0x0, 0x0, 0x65, 0x31, 0x0, 0x31, 0x0, 0x37, 0x0, 0x32, 0x62]}, &(0x7f0000000580)={0x0, "69dcaf2086ec9a8545f45826cb35be51ca73845d177dd8dba7221faeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700", 0x34}, 0x48, 0xfffffffffffffffe)
keyctl$search(0xa, r2, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000280)={'syz', 0x2}, 0x0)

28.020477031s ago: executing program 33 (id=301):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000600)={'fscrypt:', @auto=[0x37, 0x32, 0x33, 0x66, 0x0, 0x0, 0x0, 0x65, 0x31, 0x0, 0x31, 0x0, 0x37, 0x0, 0x32, 0x62]}, &(0x7f0000000580)={0x0, "69dcaf2086ec9a8545f45826cb35be51ca73845d177dd8dba7221faeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700", 0x34}, 0x48, 0xfffffffffffffffe)
keyctl$search(0xa, r2, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000280)={'syz', 0x2}, 0x0)

28.013283932s ago: executing program 0 (id=303):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000200)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nojournal_checksum}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
r0 = open(&(0x7f00000002c0)='./file2\x00', 0x189242, 0x0)
fallocate(r0, 0x10, 0x2, 0x7000000)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f00000000c0)='./file0/file0\x00')

27.921210859s ago: executing program 0 (id=306):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
r1 = socket$inet6(0xa, 0x1, 0x6)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000040)={{{@in=@loopback, @in=@loopback, 0x4e22, 0x0, 0x4, 0x8, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0xd}, 0x0, 0x0, 0x1}, {{@in=@empty, 0xfffffffd, 0x32}, 0x2, @in6=@private0, 0x9, 0x4, 0x0, 0x0, 0x3}}, 0xe8)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)

27.865163624s ago: executing program 0 (id=310):
socket(0xa, 0x5, 0x0)
r0 = socket(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e24, 0x6, @loopback, 0xffffcd0b}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000080)=0x8, 0x4)
sendmsg$inet6(r0, &(0x7f0000001740)={&(0x7f0000000140)={0xa, 0x8, 0x40008, @loopback, 0x9}, 0x1c, &(0x7f00000001c0)=[{&(0x7f00000002c0)="5665702f5e5648f3dab42167388ebf5ed679d647b515d24e4890314545f81e011fdeed7d3695847f", 0x28}], 0x1}, 0x200800d0)

27.846777675s ago: executing program 0 (id=311):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948697f7e3580436b532a82e315d56b17a5dba98436cc24babaae409f0aab0b40af116001bc85492455956e853ead08b5793d4ecf72378a3dfd9cc837b1c66212d9a2be8fd6341c2f837c7fe09924a51ec42912856cce3d3b2d092c80813aad03e1e63a655f4138730f302df339f30a4fbd453c9a0fba381d071ad7cb80a52bec572e29b0b9b55c235806b97e166609f8083ce776075c"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x1000c40, &(0x7f00000002c0), 0x5, 0x51c, &(0x7f0000000700)="$eJzs3cFvI1cZAPBvZjebNE2bFCoVENClFBa0WjvxtlHVU7mAUFUJUXHikIbEG0Vx4ih2ShNWavI/IFGJA4ITZyQQHCr1xBHBDW69lANSgRWoQeJgNONx1t3YG3c3awv795NGM29mMt97Y8178RfHL4CJdTUijiLiSkS8ERHzxf6kWOKV9pKd99Gd22snd26vJdFqvf6PJD+e7Yuun8k8XlxzJiK++62IHyRn4zYODrdWa7XqXlEuN7d3y42Dwxub26sb1Y3qTqWyvLS8+NLNFysDtWNmgHOe3f7Vh9/cfPV77/7uCx/86ejrP8qqNVcc627HRWo3feo0TuZyRLz6KIKNwKWiPVdGXREeSBoRn4qI5/Lnfz4u5a/mYHo81gDA/4FWaz5a891lAGDcpXkOLElLRS5gLtK0VGrn8J6O2bRWbzSv36rv76y3c2ULMZXe2qxVF4tc4UJMJVl56e1s+265Eh8v34yIpyLix9OP5eXS2uB5BgDgYj1+z/j/7+n2+A8AjLmeH57pfn++Mry6AADDMciHZwGA8WL8B4DJc3f8nx1pPQCA4fH+HwAmj/EfACbN+53x/9KoawIADMV3XnstW1onxfdfr795sL9Vf/PGerWxVdreXyut1fd2Sxv1+katWlqrb593vVq9vrv0Quy/VW5WG81y4+BwZbu+v9Ncyb/Xe6U6NZRWAQD389Sz7/0liYijlx/Ll+iay8FYDeMtHXUFgJGR84fJ5Vu4YXJ5jw+T69fFf/yeN5dn348Iv/MAQVtvP8APARft2mfl/2FSyf/D5JL/h8kl/w+Tq9VK+s35n56eAgCMlU+Y4/cnARhDQ/37PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIyJuXxZ6CqnaakU8URELMRUcmuzVl2MiCcj4s/TU9NZeWmkNQYAHl76t6SY/+va/PNz9x69kvxnOl9HxA9/+vpP3lptNveWsv3/PN3ffKfYXxlF/QGA83TG6c443vHRndtrnWWY9fnwG+3JRbO4J8XSPnI5LmerP87kkw7P/itplwvZ7yuXLiD+0XFEfKZX+5M8N7JQzHx6b/ws9hNDjZ9+LH6aH2uvs3vx6TNXnu4b87y5XmFSvJf1P6/0ev7SuJqvZ3pOfjyT91APr9P/nZzp/zrP+0ze1/Tq/64OGuOF33+777HjiM9d7hU/OY2f9In//IDx3//8F5/rd6z184hr0Tt+d6xyc3u33Dg4vJHd+OpGdadSWV5aXnzp5ouVcp6jLncy1d3aI8TfX77+ZN/2//K3RUd5Nv7MOe3/yn1b3TrtgH/x3ze+/6V+8Y8jvvbl3q//0/eJn42JXy22+/f0bauzv+k7fXcWf719/48/6et//Zy4HR/89XB9wFMBgCFoHBxurdZq1b0L3ZiKC75g10byiOpsYwQbMcRY2a/JD3udZ4qU2Wrn+ek+5w8/e/eZbN/I7+qFbIyuTwKG4+5DP+qaAAAAAAAAAAAAAAAA/TzyfydKR91CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxtn/AgAA//8LKMVX")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000809, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

27.734214374s ago: executing program 0 (id=313):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x5}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000001a0001000000000000000000020000000000000000000018"], 0x34}, 0x1, 0x0, 0x0, 0x24004880}, 0x0)

27.502660223s ago: executing program 0 (id=315):
r0 = socket(0x1, 0x3, 0x0)
setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000040)={0x0, 0x2710}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000180), &(0x7f00000000c0)=@tcp6=r0}, 0x20)
syz_fuse_handle_req(r0, &(0x7f0000004280)="3e51056d145e3e0b01fb5ce04d51284abe5b7b573434410cd45f0fb98b6ff676878cd2953781ca7146543f92c27f794a8815a79fb6ab28316c54d4de8accaa142e5986c7f830b83426818e5a187d1663bf76b1251f22102b417695167f0f7da1e1d405fce255ef834143fca129b52a29e6851410de6bbf1fd6ddbd65c0748d973371a5963895045e52c88ca90df9b6b70e153be92d6389e6ad4af0f9af04d7e2ff0beea069f3d7b628a01e750b727b7f57be1d9ebb16a4c15b4e026e58bb685ea7b9e5cfd936714b83c31585b3f9c41e02ce0f00ff5f66c8ebcee1af58bc09a027b8af0dee2771b74a5c37215cc4c06c9cdf2e6393f4b844c637520239c1b15a2a027feeb287e145615d12929f49f1f7fb07165a313b1c25d17961206300c9698099aa9a6d18c149e4bb3a3ae13511957eb771f62967a9793e71a0ea8d2992ee5155675a0b1d148668d0c134ce1b798b7cabcb76c82b2ee304f0ff819a22a9c319b05ef573411f9d2d112b28ba8c5d3169dd62251e0054c38c0d0d5136d53fbd550f05d69bf1bf7b7e928e2bb46cdfeb5ccd8f5fdfbf890f0988d02bf418aa96f45e3c63d4ba42e7d23064da743806180a7e8f1d85e7eec79f48de8da3e20f3e9e6797f1cf10a76b7ec7018c99dc141a92fa3db84e202b33020f42adaf8d5b9ad0c67872e2a697d6eb1e6af24846d618afdc9a166fd9f1005500056e262e413a4b479e3ba6f5439bca8b3cce3d7899bcde2c69c16773338e85128fed7087631939c62a64cba87c2fabeb55be7a5587b403aeb0c6782b543dc6e06610699f8f7af7397b5a19713adffbae2a244e3047881071cb1769581c4b75b6b8dd8219e0d4073630df60d04cd3c26c671f95089229b54df3fc3dcab798b003e4be3c7399f0be7a08b864b1c3d33dd69622f9d58cebe6867c5aab7a7b8c2592c1e7b27b640fa490f410ee39d807256c4846dc1938cca720a0b2f9ea3a5164731239df701b5c088ebfd21a2710a3f1c92e64a2b4c07afdbd3e74ae35d11bf916fb73312f14a91ef04d0645f82d25eab91e58e999babe23b774c262dc559baecd1e76e0e9afcaef65053a34e4e5647cd458c48cc4e958de0da2ed3e144eff042832f5b40d52cf2d2ab02cd6ec262d52a4155efd5587c27f01b1f8457b0138394b130d6e8843ae25e6f80dfe9a8819fd337c463ecc3384333b00b2ac1cabfb9056d82ca43de2ce6955d32929fbf7663d6db1c0f3dc4b1bf12c08a94181334c9d2ced01c92f75abebfe31ae3677aceda945819c30329d019a38b879584e3eec662c28ec8954e1aaff6cef4d1be0499706b00f6cb328438f3e8895e4106fd4fab0e986f8a5d18d79eb444eb1de22a4c6ae96ddf09b4e65241d6cb3ded36eeb9cb1fe1b6439e271158a0394d9656eb04fad8742afdf111b7077ae502cc6cf0737aebae51370932faf1c601b487da4c328cc12a792afe702ba487f838a2123ab84ad5a62fca69b0288c075ff71fee580cdc605b4cbd1c827e4ca6be2ff4c0220293c9551c4eb58ef5889f874939edc51ec57a43e5b5345a0f38bbffd68e7f09bdd1a03a2a27580067ecbd277a6a8f0b87587cc2516a53df9c1fbd3163a9d5d897c79cd5a224856f684e11b90d451bdb0de38f2eb675651e3a45a9bc5a9da8bb473cd0f55eb3cbfad953a1592d2eb932e3a9b9051771cd0ddf11bcb8458a5382cbf4dbe8d918593fd4bc66f67f5b45c43976717081c0038fb42c6df418b7c95ba55ca93551a64353e239e2524188f964228724720143ac6ce589c065d4054e1fbd5e26f6ef42a4421bf016bbe3e669ed62ca4f601c12ca960d7cfbc131533b8f6289cdf4c8703ca430a4808519db232c79d4ddbbe05b067160045feeaaea6d00179e4c279e6fbe57246d5187128f77a280ae222ed3b5ea516130ffdbbd670f478ffb9751a1e45030f905990fa324ccc5417b272c72e665ed8e58c6ebfb5bbf6efbc9db9c2d923f70d27ebabffed27c48adc208e2b5877cf1975869314d64f52f5ea2a4bff5af09aff098a52a8c44462a5b2a6495694b76f44e0d13ac83fee968fbe9173bdf5b4ff9f4646eef5ae539c9e692cff7e816ed0aeef77ce18a876e8a9e0c35419d14b76e3e741f88e78032882639a4b30854c0136d85b579f7d67ce83a8559b33aa691c70cec58b5379209d790185f1db211d6ed36047964fceae3a9886152beea693ba224c1b1e6ef237d87fa4bf79cfe8d568ef6076fce7250c9dce789c6840f8e8227da003dad8501d561faf00267158f81656e9f4254537f7feb1d6c5c76d5ece8d5433732a46387a331844126008ca0647bd580fdc1a1c55f8510271156e6dca68e7985b8cdfbe9b3bc4b6c2528593a14bdc65ffceab4cf047edc672725316b06727a36efa26b3b3a13e4c8e68a6539f908d8ac988bb90b4df40bfb548eccb14beee0fb248e1702fa60b168bb68a6233aec09a195d29920bdd1918368721c7d86455900a08a2696627c7e1d2afbc6f222f1a3d8207a26904b79b5073f0366c45fa9671eeed2a8b1095081e39a612507b460e8b9a49e3f9b14d5cc6bf138360b51bb99acfaf8c042bf1d1ff9e1e47efde8ffce92b5daaea87f12d49381493331d148b8d869b1477bb4fc541c0bd7d7bbeb67a1aa7611a2c31182c021e6f1b9b9c19d65855b364abd5cd2b56ccc6899a072f6524f0873f79f1705cb8235fe74e1c969fde301a1ed5e1692c97453a868e9cb5a8783b3880791491b1f104f6a2c71951d02160adb1bcc77a37a029d197a72ba1f7c2a987ec57ae21e61ac4ba075c09f6f3327c77532aeda47a7d72fd9c671f63a9d04d8fad5941d5ac46194b505796ba39a661df9896f2dadb231edff2bc5c11f22cd209ac0a2239a5902bcbe6cca96a4299c984eedb89da67acb62c1921a0549a92f69cc74f1b8d557a8ff7379650b688c63e95f131640a3169e85802edd4d19553b7f09365c2763ee1bad5ad120a54c795689ae03554ece7e526197b453ef81bddf367e6972e8540a5fbda3bcaaa19b2f3f991390a707a1eeea48112e56e534181bb6d1d542a7b81425e79765270151b32f347bd7484aac8024886876a1d9532071e28024053816c076f9657ddae4cb5ceea943097d0fe86d7363ceea178f016988ebe7c3f11fbee61e6624bcac370b458cb738e33140730c335e00f00ae0b6808a1ea41bc1186ff065d3098d82bd526fb55e131f8361a687bf1663c97445c2cacfa788f00be9549d64ad29294faa9a05bd325a83d97ac022d4bbb80c50c691f8a869599adc9998db08d265cc02db6df501c58d07510b5a7b3a3220315af68ed0fe7056d5686f415390c51be2ab4b6a444102612c280fff9458323da65ae5ac8b7cbd5dfdacbc5dbd50fb12a114e5c31c1ef43e32da6ba1f8a89f48c882671d9c5765a4654c40a4acd7ba9ad03b66ef260c8aa4cad5113a7deed4901677fb94e30c50900000000000000bf42d62f5f55ef859ae7b9bb6d28cd229cc87009b06a25ea86304a6d2853393be112bbcdcfbddd2129c6aba435eb76a16053bc277c941340d709d7851b68923e022f2c964de99923c0bf22253e1d4541e4bf358dd34e6134d65a468ae70b6c72942d55e8147e8c5aab34577af53572a7e179be35f26c49e2bf7c575e7ec7c7e7521889bb009b9b01d9bf8751441700ae2a8d7b23d7862de0cab2124abcfcc0fef37999cfe90f4eef809c5f3162183418fe0e1b3ba6e3764ebc3135fb268f251169f083cff0f4923cbab069b53371910129d3ca65e8ee285eb692febbfb35af82c18add3faf37185a688baa5ef57332267e9682d54cc2a9505b100e248ff461b49a5c0cbc464eb7caa65cb9bee7f8577d920581ce4a3c48576c32163efb1324a85d667389bba364b62390a0c58b17f8bb4ec7800f0f50784a3f7df02726784aef17b2c3d242ae885afd4c8d824d1db019c56c4cc1c85408c2260113a491458cdb99c26d8143a238f5646d2a4410bf41a86035a646ffad0d4ad7eb455269571cd4f3ac3d2fe94b37bd70f3915f8f42fda7f753c69524083d854395d00d514b74304702b9514ad2dc0e12c3e82cb338ed273b8abef6fb9509c67e805bf47a386306ab9309c4db01b69bf7f9c8e2fe53dbe1912ffcedee7b7a27d6687a0243e3ffb85ee9008045390b802e2ca3b462aed8d185d63a462cbf1f1ec8be129f732f7f84e4a84a387990d2d0621e900e1ed577858eff0a6785fe1a8caa81277f99bc0809a7a454dd000c2c8c3a99d8d15d869c1835e68ce463811abefd7755ab0f5892a268517eee026f192397edcf03ce046594f17f327d207274afc0ce4ca0b4b134705b9c9cab16b8daa2a9dfbc80cd5f6729a409cb1dec698cbe26afda53974afb23ba1c037503dccf361182907b3edff87d28b0d3bac4fd8b0ec64878acc72280ffd723e9137ebd2cfd4566bb0f2a968c59f07c908ca0ab06b269584dd0381faa82549173d37487f0b5fbd6fb512aece0447f69c8fb3025e476184e5847a9c63b2ef91aeafc888a7d54e75ebabe1943922946d90dd707731ad533407760b023adcc4b1ea523557bae9fba28ef74b7a8487e9200e4f11befde8e01981ab79e43e6e17612cffb5c173bd53d13375bf02abe31dc71093dcc286ae21f3955d3060c085ea313253b1c7bdc834aa8d64b1f427e1038ea27cab0abbf7533a6115ff730b900f0fd3c79ccd83d1b0b7a8d34980b2ec776dc6ae7e85f0f46d5c01db894f108c58f179387c1501fb04fc774666a90054aea3a2c12c67b270eb402aab6f488cf1030ec8216684c58885a54cbc6ca783b466c23e5b268877f52fe580a4d54b772251b5dfed42fd8a16b20949d5e9079c70bb7fad7728081d2c7a0402865a847c1d3f1bd99b24767e2556aaaade88aa76d3381c0af0f05c50fc1eab86b0b098e74d92cff2b57aae4822c991b6d2a989e4ae8570a15a0b95f422d20161d69ac1baef4119bc4c0f3d28bd688ca7a190a7924781072ffbe77d73f123db7157a3fefe21c1adcf24f76d8a9980ec2edb781dfde8d34dd5952fb3b99a4415c474a7a9fc663b88322a05a827b2294c4b42f356fb64700fa65c277e764e79c32f926f0a014d66ccaba6bf314ec4ae0ad917b3e31093eac1cfbf609dc0f1d28a47284befc326d9c68292e81e09ebefb830578ba591cc0906269a389ddfb1857a7f57f78ffe897e208cffc6a422a2932bbd9d8acbce1162ee77bea3dbc97c81bfbe734a88b9c8228ba6fda4f4fb8e34a30bb6644a0c4e983c4775dafd276a99ee256750a0aa644576ad42ecd31c35527a5c796a295e76456bd8ccb03b197eb84e6eba54943209e79cadd8a27a9143d031b6747568d5f2e5eda97f4e5d749a424e11224df46a71e93fb6f8848f42b2671f8752fbed11929f628b4f9c290addcd985229edb2eac2aacd900afcea9da54cd31d0fff2c31d59639d753e9039117dbaae7b52721b502c5acff6c1d9b3bda1fad38ee951afd2f147760787935ef70b8335809888468fad51d2581871e55f59c5ffef91c73d0d6b57c332dad94155d2640de2fda9745a0cbeccdb367bc6f80692e5db8e8ba6c75f744defb75b7a89ffe950736dc9b582702dc26e3c3a5d6ce78f906152c5aed687bd54cd3556765e6ce5f4e6afef13b1f5d506dae0a9085bd1fe69a921ed465013683c1d3cb64d84c1ae32f21c4e14bb02c15491bba4a51cb78021457b1e114fd898513d5e0bf970b47d2b80108f176050ebf78dde5cc82cb34ed2c99ccb4d7928df430a754e58b616dedc037ebd32aa4528217f5ede44bd46f746b0bb3d25170334c179b90e10d6fb6aea9b7d1aa1b72ff4285d68111c0f9a4735c886cb9794619f598d6d9818c6fb58104ecdd934ccedcd3ac57e5f3cf606ce71ed027767d4c38aaa2453530a8aa1b60c496a318ea1c6ee7a638d5d5563ea97193c176d5fbb5a07238e531ee0ad94398b0bcc2ea07d33292eb8e3cc47c469ad7bcbb29ed3f32e8c29b878194a7a958c0215204ef71b72efe6834e15f43559efeb6ca1090cd441573fa963bda420b379f4e92121d6dd331b3838887fe076b67c870b9fd82f2beaea3c3fce783c6d38b36856ee07bb937793082b8cadc3ddbae53992c5b05401e41563543db0d372cb96a54ad4a67292d093b371d7a711addebba573a514a4960102b4ec830f7530422de3ebf9ff5ec491ce124ca163234dd916d231f10a7acf150a8c1c423f5bc0347b5959a7cd73b6275c0fe1d562c33f37f3ce3f0c9ef35dc2158234880f0d19d08cf110c8312492809c8b59f2fc2e5f57d3870b3c2e4ee7056363b9f4c76ed31d99136baf33be8c1529fee46807db82a868c7755d7c0091c4a931b64c41c353489e2e1354f92d804400e4422a5d79a43f947b94dc5e5b62733522c05d8f6bc79a66d2e916156319930e3276252ab5abb298540800c8e83551800bf0940208e06006f0f4d4555aa059ac5979792ce423fdc814ba1c9cdd4250cc603e81020b2fc3afcbe881d96249d7eaf043fd450ca5713440c6361af785fa0db1f027252bd25b10aec2c2bad0a75855947091282c2db164735f0a0a4e365de20c70579bd4d8cb0597e2c1096bcaba0d976a790b6c0f0e0745f624f5479b956a67842f2d19d91d14f64dfc3f493885e495e012cccc5410163cac4eee4828c74216456803d229c9416e0526dde67edc2dc0cbca10d7091b53619a3746c71f2b6fb66c7d81cdd6dbb8b7944f9148ed5ffe6faf168938c921ba8b308bbbcdf10bef25379534e81b5a4cdee6c56a002151ed99af1db3f3565fb3a3e95675d1bd20b69d869405d84ae43ea421b014451c5f8039eebcdcc7718ddbd2a293a849892d8364d193c4a67aafffdd340913b85032374fae537638651fae1b6df28daea3a017945401a265bf1e651e61e70cf82ba03346396f089be14fe21b4e9af2e5ba91959463e8cd9564e019bb6267c59ec5ca650e981e1b798fbd04975d93150b50e01e61d41b4d7d37a5b34f1a9c9787182f48dc3f2b41dbf795c3889c62a1d54a3b3ad018f087fd0e82f40235abacb2d9f6d98eb8a98b50ac409c73600fa0acfb88684a020b25d00b8475ac0968aafdef7b3a508ccf40c005c9a9f8c43342ef0a03e133f7be24a2085512ca5461af4e4e8d97491834c49440eee1581a1414510584b5a78d768c8611ef731e521d1402e7e61f9b058d6f8880b3abb4019db1a60ac5903786307f301010bbef269cc1298d8911c58e2f0c68e50e2b93ba9365762b8554f8ad3ebf3ed2ccf198328255a641b1d38db97eb74d185773e7922ad0424aacac23da3c77e8fce83fd7f0a3f5933e66ea0f0e8fcdf0922df4d4d7fe4508ef922aa4909b2a4b3c3e89ed1936f55ee23ad0615f1927f2ee6ce67a8534941c8225e03803645714360743854a5632492ea0d0aa62401cb4ae72f6530c40f9e310bb024ae6547d641cb2d87e356a7b6b670920d2c40d7735de13ca6bd1feaf469259e2bf80b9e81ade19bff7f4037d7b74ee98c245c48a79b31f91bf1842a9d81591a4ddb11b07ee5d825de67ef8fa922e334580719e4d95a164500d5699e5342d569d8b18875b4563396b400393e59f0509353f4d0f684951cb9ceb7be269b2357daf495bc31727c232ec1158249386c8191e03166032159e856fdbeea75413c7f74f5a22bf56013156fc9598a76feca2cbe59bdfb704e975d7bae26b98ec7fc0c2cbbca2d235479f920a29ddebb6953b26e2d9f706d38f6beb5af6dfa6e499fff9ce2462017fe611538a4862922dbfbdb56b1aa80cff39633c2392203d3cecdbc33433932fd68194c82d58bbd2dfbfad76c99b6802cd0c21204a35114a75cb4b856af4ed118bafda9263e4076886c775db3521ebc294dfb0a2a25c5996d9c7b7afbfb0b2cdc199fba721c76bc5f583ceee1f5d863d6cb32ff9f6bdf61ea5f61b967e488c976e591a16105a750196d4af68a7295b5948600f0d312f744682f0a3e73c2cfe72b1719f6496f04d2b30b840ccc6c77d1f575716a48a07266d76990b7dc0ac7aa2e7430411a4c2f903aa3bfae69355e79147d7b5dd0bfd324a4d7ab232026bcb5fe714fa30c7e07e2cc17a08d18759ebaf3a1b55cb25c5bc4261e21a8f1e8f18b745a55b5c838c79354d254bd38788a3194f973e843b1d7232d5786b69d9465620f4fb21a3f1143516d07a52c6d243c3601f69ae899c055700dbce52d81a5936924e094aab0e636b07a958061ce7ca0e1503791cc10ce9199c8409ed5613398642d6cbe7f428ecb28bdf0768875a21f1cf81700cf2fa2e0764a8053ed13906b103a2886607782b27728a0dff3b68435504cc4d6de481e2592547292e922828e34373267acf052632f1c1f7df3ba981f088eb64903024af33f7034549e4a978e2840eb5da738b08ff21ffa4cc50fe324ac83888a7551ffa5bde37d8919772abdc42d7ab10201e0e9018e95283e772507b34a939e0971c42c3e8def7f7b71ae21d02d7fd4d42dd7ee950c929fb399335f04acde32bcb387134cd48151d9a2da947f91b80ee3a19d3c4e21f77435104b9fd5a096ad3db865cac2295903d1d827515f9a7bffbb9b27af00e9516f434b112600a22b9f5a4a2ed0a50a0a851d54149cb8efb15cda7096e7c465c41be5970bc45857b39e40b86482aee77bbca9cbbed51c75016383a4ab500e624567c086da2087e0fc3a9b03d8a759d3ed6926a305654e1b3a7e0d0c9894adfecbd0463b413ea782324c91c2b5ebd0bb978a69fec5b4eb122e60bb1f88f74287ad13469422fb64e383dafd0318127a5171a3b4b988ac9b921539fb8b094fbf2b3e74138c1cd0424a3e7b9424f925412098c39bf1371c32ca5489d76876a6df3a01ec3be7f9801755aeda1d84a03eb60e9d5a7bbe60dd7d78dd1f5cf8d3175de0942fcb0ef153b8fd0d15efa384c1d115cd1aa46bdd019e46f049b9abc04886e9c9e62c4776d245015fd8a207e6fbd52f0b0a613c363c9a6af7e1678311c225875eb7cd95de4631b263a9908c47ba151bfc8ab989fc6dc3a819cddd61fbb5efb69ca819de07e4d7031fea0d53fa1b6dbb5762e9762a33556885a6fb714a8911ef544f27a343e6b585bd068ecb9e225cfe8da13189d3a55c0430a18f109dde99d12210000c1dd2ad0222ed806e000f41d2eb9a36d6ff43358d79e4427fb59f4b1b21756a38eee8e96078e38209a09ba431be1796960a511784b1db6be698284160ae8c8e34104faae913679c225bb617038e9036d36611c0f2a34602ce04a24eb05b626a5ee30d6105f352714cae810acb69ada6e5bcc58123be1f17d08c8640764dfb91d973904c21d4f9bb8dc7fed676594567da69470fb4e6340679f68c0877cecea3948b4139689db494eea65e96b6d9285aa82a5dd7f9c1575b3dc895dc0c90219af519d21e5a555786332ccdef48ba6e80312f678f5302cb8534f2faf4cf2aaabe0a9c2ae57107dff11a51ef931c7471a33c300cc676d2877715b35298210a73384d4e3c0d1fa28169e3933cc6158ddbebbee12a57be75a6823bce0e71974abc110107873421c804f82b170f63287458186fae3d0423ee75f01aae5e9a6001f452e7c4b1d349c143ae11c268d3e8fb088b43e90b61c959de771519ae3dc426d52459cedaf544dd90492ae08ef3c064002bf2fb7eaf763ffedd8a9c6dbc493f7d39c3c60f0fbf9f423410f5ddb6e949e9fcd8e5a65aa0bbbc623224a728d852952d515a80acbe9ef3b8a6b8ac9a95c23a7d047208ba1687eaad6805f43f3ad694275bfbe34ae50fa0fad00f99ab9927449d7806a8291e941ef3467bb3b7a92ee6a5f7036468df3bb4c36c20c81a0fc98bd6fa973685ed526f6302dc7776f1d44207817271bf3a207313bedfc87e84abb40d34bb01d426ed7fe355a982e352bd97a9f3a3b83d679872fa7c572bc9c8fa24223b445cffb9d8b37632b428feb777abfb6c5663b2b12a7d419e4d0b4d2801437e369d20b613fb50543bf06c3a0608fb149926961d84b6ea3c87146b71295e5dbc239cf4586f3910100eba3b9a1545ce490aebe4ef1869c2088e16309f6a60d6034414dd93c19b0b38cc39473e5565d81e1d18908f7e0847debde84baab768896893632b834004a1c1bd49076ce6083c896011d31ebd6909375bf910cfa8d88d79e4118d1708f427718766401ff994b91e010852d9fe085f9ccb45422a10fe86b11f4e03294f03323ec9f8393fd8ce6d20623bd0af2391f75e1951732e401a3eea31df5a6b70817ba0dc44abc50eb646b91706c95c397e63a3102388cbadb13dc8c95b231b30231da7ed7ebe5629ddf799c9ddc822474573391ad83b692cda95389192f4f0d52c57ab4980cc629a3058a55543f778b671b7e1f4b9f5c38e54832b39160a8585f2bbd56f6eb3aad1262074313b271e1d641e6d6e2df747e018cd9e69dca6dcb090a16ec3bdd7f5f8176515392cfb251d30396df12c07287a59d94c8f6cf85c160fc18c9ce3376e687050e05dccb24c3cc7c0f6242f84dec1595eac4683c3b9a559ff2612414fe3214ca64b283877552d3969d3918203a762f385ba6a81c1627e2a8cb61be80b9feab1b842bbe8e77682cf02134b71a27ae5e7371e3f5f540d90ae04d4418ae6252a3f6b217c4ba075f044ec4343becfcf2fd7f04871ba2ed3eb31fa846734dc3db40246f4f689d8b5914bb4804aa2c5e4ec0730570cccaa4f993929b5409c5aad1856fb084c5062cd6f69c80ba87e3bce46c11dc898baed7a6c192f4f8be86dbdf0f5ed0625b56d365f5efceff7aaa3109a9afed3fa73ff500cd4dbba68ca845afaa1434aeff819a219d8a1e4ecfa4b08bc1c12b569752d576f233924729a429d360f00c389068153dd3f6e1f38b0803bc6d7a970f05c76fdd6520d8f3f3f1b79cde9c310a4c4a9f4491fbad53956661d86e2d7b173f471ce93829f31f1be9a9436d0fbcd99286a1d1d2593061ebf4b37133ab65a147921eed378c73e9cab938599935030459b5864dd4986925e359c633c23339292f3b1f085f9e9a56144c712992de05fd54d0f710dfc3081457682df5703058923c07201f57a0a21a0bcde96941f9927b5162e2d7de95358af827bb50898d876b928a51e927e100ec4cf75052a703f816bb8de764609da6d18553390c931290aae033cb92143b2a51ea600ccee9224c8a1c29636a5801df6929433a1358fd9d4dde4e8fede6173fb65a95ce54904b167f960edd3d917052dee785dd0f1c92a49d9839c17569914dd8dfc6b5151e74beabc276a9451f4cf7bbd26770b829b782cfd4ba15a94ea8e8e83015c5e34ebf810de7f199efecce0905df8d714fe102d8b3a9184701cdeb22ff9462db3a7741b0426d6b56eb6946eeb6e218a54dee83f96c40944fdcedc6f98d39e28cdafe27e5bdb1a58df29efcd8b2764fc3a162ed85ad1a6bf7d9b8aa25c6951167d911f55c1621b36f4d0f78d55934337b48dcb2dd8870923cedb82bda4d395a795f473ba54c2699e95638eb153cd848ea4dd2ab8b14b9a8cb9b8409e41a1e482f79310262f9476c8ce04d5d40d47d49aecd42ef931955c02300", 0x2000, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

27.492816274s ago: executing program 34 (id=315):
r0 = socket(0x1, 0x3, 0x0)
setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000040)={0x0, 0x2710}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000180), &(0x7f00000000c0)=@tcp6=r0}, 0x20)
syz_fuse_handle_req(r0, &(0x7f0000004280)="3e51056d145e3e0b01fb5ce04d51284abe5b7b573434410cd45f0fb98b6ff676878cd2953781ca7146543f92c27f794a8815a79fb6ab28316c54d4de8accaa142e5986c7f830b83426818e5a187d1663bf76b1251f22102b417695167f0f7da1e1d405fce255ef834143fca129b52a29e6851410de6bbf1fd6ddbd65c0748d973371a5963895045e52c88ca90df9b6b70e153be92d6389e6ad4af0f9af04d7e2ff0beea069f3d7b628a01e750b727b7f57be1d9ebb16a4c15b4e026e58bb685ea7b9e5cfd936714b83c31585b3f9c41e02ce0f00ff5f66c8ebcee1af58bc09a027b8af0dee2771b74a5c37215cc4c06c9cdf2e6393f4b844c637520239c1b15a2a027feeb287e145615d12929f49f1f7fb07165a313b1c25d17961206300c9698099aa9a6d18c149e4bb3a3ae13511957eb771f62967a9793e71a0ea8d2992ee5155675a0b1d148668d0c134ce1b798b7cabcb76c82b2ee304f0ff819a22a9c319b05ef573411f9d2d112b28ba8c5d3169dd62251e0054c38c0d0d5136d53fbd550f05d69bf1bf7b7e928e2bb46cdfeb5ccd8f5fdfbf890f0988d02bf418aa96f45e3c63d4ba42e7d23064da743806180a7e8f1d85e7eec79f48de8da3e20f3e9e6797f1cf10a76b7ec7018c99dc141a92fa3db84e202b33020f42adaf8d5b9ad0c67872e2a697d6eb1e6af24846d618afdc9a166fd9f1005500056e262e413a4b479e3ba6f5439bca8b3cce3d7899bcde2c69c16773338e85128fed7087631939c62a64cba87c2fabeb55be7a5587b403aeb0c6782b543dc6e06610699f8f7af7397b5a19713adffbae2a244e3047881071cb1769581c4b75b6b8dd8219e0d4073630df60d04cd3c26c671f95089229b54df3fc3dcab798b003e4be3c7399f0be7a08b864b1c3d33dd69622f9d58cebe6867c5aab7a7b8c2592c1e7b27b640fa490f410ee39d807256c4846dc1938cca720a0b2f9ea3a5164731239df701b5c088ebfd21a2710a3f1c92e64a2b4c07afdbd3e74ae35d11bf916fb73312f14a91ef04d0645f82d25eab91e58e999babe23b774c262dc559baecd1e76e0e9afcaef65053a34e4e5647cd458c48cc4e958de0da2ed3e144eff042832f5b40d52cf2d2ab02cd6ec262d52a4155efd5587c27f01b1f8457b0138394b130d6e8843ae25e6f80dfe9a8819fd337c463ecc3384333b00b2ac1cabfb9056d82ca43de2ce6955d32929fbf7663d6db1c0f3dc4b1bf12c08a94181334c9d2ced01c92f75abebfe31ae3677aceda945819c30329d019a38b879584e3eec662c28ec8954e1aaff6cef4d1be0499706b00f6cb328438f3e8895e4106fd4fab0e986f8a5d18d79eb444eb1de22a4c6ae96ddf09b4e65241d6cb3ded36eeb9cb1fe1b6439e271158a0394d9656eb04fad8742afdf111b7077ae502cc6cf0737aebae51370932faf1c601b487da4c328cc12a792afe702ba487f838a2123ab84ad5a62fca69b0288c075ff71fee580cdc605b4cbd1c827e4ca6be2ff4c0220293c9551c4eb58ef5889f874939edc51ec57a43e5b5345a0f38bbffd68e7f09bdd1a03a2a27580067ecbd277a6a8f0b87587cc2516a53df9c1fbd3163a9d5d897c79cd5a224856f684e11b90d451bdb0de38f2eb675651e3a45a9bc5a9da8bb473cd0f55eb3cbfad953a1592d2eb932e3a9b9051771cd0ddf11bcb8458a5382cbf4dbe8d918593fd4bc66f67f5b45c43976717081c0038fb42c6df418b7c95ba55ca93551a64353e239e2524188f964228724720143ac6ce589c065d4054e1fbd5e26f6ef42a4421bf016bbe3e669ed62ca4f601c12ca960d7cfbc131533b8f6289cdf4c8703ca430a4808519db232c79d4ddbbe05b067160045feeaaea6d00179e4c279e6fbe57246d5187128f77a280ae222ed3b5ea516130ffdbbd670f478ffb9751a1e45030f905990fa324ccc5417b272c72e665ed8e58c6ebfb5bbf6efbc9db9c2d923f70d27ebabffed27c48adc208e2b5877cf1975869314d64f52f5ea2a4bff5af09aff098a52a8c44462a5b2a6495694b76f44e0d13ac83fee968fbe9173bdf5b4ff9f4646eef5ae539c9e692cff7e816ed0aeef77ce18a876e8a9e0c35419d14b76e3e741f88e78032882639a4b30854c0136d85b579f7d67ce83a8559b33aa691c70cec58b5379209d790185f1db211d6ed36047964fceae3a9886152beea693ba224c1b1e6ef237d87fa4bf79cfe8d568ef6076fce7250c9dce789c6840f8e8227da003dad8501d561faf00267158f81656e9f4254537f7feb1d6c5c76d5ece8d5433732a46387a331844126008ca0647bd580fdc1a1c55f8510271156e6dca68e7985b8cdfbe9b3bc4b6c2528593a14bdc65ffceab4cf047edc672725316b06727a36efa26b3b3a13e4c8e68a6539f908d8ac988bb90b4df40bfb548eccb14beee0fb248e1702fa60b168bb68a6233aec09a195d29920bdd1918368721c7d86455900a08a2696627c7e1d2afbc6f222f1a3d8207a26904b79b5073f0366c45fa9671eeed2a8b1095081e39a612507b460e8b9a49e3f9b14d5cc6bf138360b51bb99acfaf8c042bf1d1ff9e1e47efde8ffce92b5daaea87f12d49381493331d148b8d869b1477bb4fc541c0bd7d7bbeb67a1aa7611a2c31182c021e6f1b9b9c19d65855b364abd5cd2b56ccc6899a072f6524f0873f79f1705cb8235fe74e1c969fde301a1ed5e1692c97453a868e9cb5a8783b3880791491b1f104f6a2c71951d02160adb1bcc77a37a029d197a72ba1f7c2a987ec57ae21e61ac4ba075c09f6f3327c77532aeda47a7d72fd9c671f63a9d04d8fad5941d5ac46194b505796ba39a661df9896f2dadb231edff2bc5c11f22cd209ac0a2239a5902bcbe6cca96a4299c984eedb89da67acb62c1921a0549a92f69cc74f1b8d557a8ff7379650b688c63e95f131640a3169e85802edd4d19553b7f09365c2763ee1bad5ad120a54c795689ae03554ece7e526197b453ef81bddf367e6972e8540a5fbda3bcaaa19b2f3f991390a707a1eeea48112e56e534181bb6d1d542a7b81425e79765270151b32f347bd7484aac8024886876a1d9532071e28024053816c076f9657ddae4cb5ceea943097d0fe86d7363ceea178f016988ebe7c3f11fbee61e6624bcac370b458cb738e33140730c335e00f00ae0b6808a1ea41bc1186ff065d3098d82bd526fb55e131f8361a687bf1663c97445c2cacfa788f00be9549d64ad29294faa9a05bd325a83d97ac022d4bbb80c50c691f8a869599adc9998db08d265cc02db6df501c58d07510b5a7b3a3220315af68ed0fe7056d5686f415390c51be2ab4b6a444102612c280fff9458323da65ae5ac8b7cbd5dfdacbc5dbd50fb12a114e5c31c1ef43e32da6ba1f8a89f48c882671d9c5765a4654c40a4acd7ba9ad03b66ef260c8aa4cad5113a7deed4901677fb94e30c50900000000000000bf42d62f5f55ef859ae7b9bb6d28cd229cc87009b06a25ea86304a6d2853393be112bbcdcfbddd2129c6aba435eb76a16053bc277c941340d709d7851b68923e022f2c964de99923c0bf22253e1d4541e4bf358dd34e6134d65a468ae70b6c72942d55e8147e8c5aab34577af53572a7e179be35f26c49e2bf7c575e7ec7c7e7521889bb009b9b01d9bf8751441700ae2a8d7b23d7862de0cab2124abcfcc0fef37999cfe90f4eef809c5f3162183418fe0e1b3ba6e3764ebc3135fb268f251169f083cff0f4923cbab069b53371910129d3ca65e8ee285eb692febbfb35af82c18add3faf37185a688baa5ef57332267e9682d54cc2a9505b100e248ff461b49a5c0cbc464eb7caa65cb9bee7f8577d920581ce4a3c48576c32163efb1324a85d667389bba364b62390a0c58b17f8bb4ec7800f0f50784a3f7df02726784aef17b2c3d242ae885afd4c8d824d1db019c56c4cc1c85408c2260113a491458cdb99c26d8143a238f5646d2a4410bf41a86035a646ffad0d4ad7eb455269571cd4f3ac3d2fe94b37bd70f3915f8f42fda7f753c69524083d854395d00d514b74304702b9514ad2dc0e12c3e82cb338ed273b8abef6fb9509c67e805bf47a386306ab9309c4db01b69bf7f9c8e2fe53dbe1912ffcedee7b7a27d6687a0243e3ffb85ee9008045390b802e2ca3b462aed8d185d63a462cbf1f1ec8be129f732f7f84e4a84a387990d2d0621e900e1ed577858eff0a6785fe1a8caa81277f99bc0809a7a454dd000c2c8c3a99d8d15d869c1835e68ce463811abefd7755ab0f5892a268517eee026f192397edcf03ce046594f17f327d207274afc0ce4ca0b4b134705b9c9cab16b8daa2a9dfbc80cd5f6729a409cb1dec698cbe26afda53974afb23ba1c037503dccf361182907b3edff87d28b0d3bac4fd8b0ec64878acc72280ffd723e9137ebd2cfd4566bb0f2a968c59f07c908ca0ab06b269584dd0381faa82549173d37487f0b5fbd6fb512aece0447f69c8fb3025e476184e5847a9c63b2ef91aeafc888a7d54e75ebabe1943922946d90dd707731ad533407760b023adcc4b1ea523557bae9fba28ef74b7a8487e9200e4f11befde8e01981ab79e43e6e17612cffb5c173bd53d13375bf02abe31dc71093dcc286ae21f3955d3060c085ea313253b1c7bdc834aa8d64b1f427e1038ea27cab0abbf7533a6115ff730b900f0fd3c79ccd83d1b0b7a8d34980b2ec776dc6ae7e85f0f46d5c01db894f108c58f179387c1501fb04fc774666a90054aea3a2c12c67b270eb402aab6f488cf1030ec8216684c58885a54cbc6ca783b466c23e5b268877f52fe580a4d54b772251b5dfed42fd8a16b20949d5e9079c70bb7fad7728081d2c7a0402865a847c1d3f1bd99b24767e2556aaaade88aa76d3381c0af0f05c50fc1eab86b0b098e74d92cff2b57aae4822c991b6d2a989e4ae8570a15a0b95f422d20161d69ac1baef4119bc4c0f3d28bd688ca7a190a7924781072ffbe77d73f123db7157a3fefe21c1adcf24f76d8a9980ec2edb781dfde8d34dd5952fb3b99a4415c474a7a9fc663b88322a05a827b2294c4b42f356fb64700fa65c277e764e79c32f926f0a014d66ccaba6bf314ec4ae0ad917b3e31093eac1cfbf609dc0f1d28a47284befc326d9c68292e81e09ebefb830578ba591cc0906269a389ddfb1857a7f57f78ffe897e208cffc6a422a2932bbd9d8acbce1162ee77bea3dbc97c81bfbe734a88b9c8228ba6fda4f4fb8e34a30bb6644a0c4e983c4775dafd276a99ee256750a0aa644576ad42ecd31c35527a5c796a295e76456bd8ccb03b197eb84e6eba54943209e79cadd8a27a9143d031b6747568d5f2e5eda97f4e5d749a424e11224df46a71e93fb6f8848f42b2671f8752fbed11929f628b4f9c290addcd985229edb2eac2aacd900afcea9da54cd31d0fff2c31d59639d753e9039117dbaae7b52721b502c5acff6c1d9b3bda1fad38ee951afd2f147760787935ef70b8335809888468fad51d2581871e55f59c5ffef91c73d0d6b57c332dad94155d2640de2fda9745a0cbeccdb367bc6f80692e5db8e8ba6c75f744defb75b7a89ffe950736dc9b582702dc26e3c3a5d6ce78f906152c5aed687bd54cd3556765e6ce5f4e6afef13b1f5d506dae0a9085bd1fe69a921ed465013683c1d3cb64d84c1ae32f21c4e14bb02c15491bba4a51cb78021457b1e114fd898513d5e0bf970b47d2b80108f176050ebf78dde5cc82cb34ed2c99ccb4d7928df430a754e58b616dedc037ebd32aa4528217f5ede44bd46f746b0bb3d25170334c179b90e10d6fb6aea9b7d1aa1b72ff4285d68111c0f9a4735c886cb9794619f598d6d9818c6fb58104ecdd934ccedcd3ac57e5f3cf606ce71ed027767d4c38aaa2453530a8aa1b60c496a318ea1c6ee7a638d5d5563ea97193c176d5fbb5a07238e531ee0ad94398b0bcc2ea07d33292eb8e3cc47c469ad7bcbb29ed3f32e8c29b878194a7a958c0215204ef71b72efe6834e15f43559efeb6ca1090cd441573fa963bda420b379f4e92121d6dd331b3838887fe076b67c870b9fd82f2beaea3c3fce783c6d38b36856ee07bb937793082b8cadc3ddbae53992c5b05401e41563543db0d372cb96a54ad4a67292d093b371d7a711addebba573a514a4960102b4ec830f7530422de3ebf9ff5ec491ce124ca163234dd916d231f10a7acf150a8c1c423f5bc0347b5959a7cd73b6275c0fe1d562c33f37f3ce3f0c9ef35dc2158234880f0d19d08cf110c8312492809c8b59f2fc2e5f57d3870b3c2e4ee7056363b9f4c76ed31d99136baf33be8c1529fee46807db82a868c7755d7c0091c4a931b64c41c353489e2e1354f92d804400e4422a5d79a43f947b94dc5e5b62733522c05d8f6bc79a66d2e916156319930e3276252ab5abb298540800c8e83551800bf0940208e06006f0f4d4555aa059ac5979792ce423fdc814ba1c9cdd4250cc603e81020b2fc3afcbe881d96249d7eaf043fd450ca5713440c6361af785fa0db1f027252bd25b10aec2c2bad0a75855947091282c2db164735f0a0a4e365de20c70579bd4d8cb0597e2c1096bcaba0d976a790b6c0f0e0745f624f5479b956a67842f2d19d91d14f64dfc3f493885e495e012cccc5410163cac4eee4828c74216456803d229c9416e0526dde67edc2dc0cbca10d7091b53619a3746c71f2b6fb66c7d81cdd6dbb8b7944f9148ed5ffe6faf168938c921ba8b308bbbcdf10bef25379534e81b5a4cdee6c56a002151ed99af1db3f3565fb3a3e95675d1bd20b69d869405d84ae43ea421b014451c5f8039eebcdcc7718ddbd2a293a849892d8364d193c4a67aafffdd340913b85032374fae537638651fae1b6df28daea3a017945401a265bf1e651e61e70cf82ba03346396f089be14fe21b4e9af2e5ba91959463e8cd9564e019bb6267c59ec5ca650e981e1b798fbd04975d93150b50e01e61d41b4d7d37a5b34f1a9c9787182f48dc3f2b41dbf795c3889c62a1d54a3b3ad018f087fd0e82f40235abacb2d9f6d98eb8a98b50ac409c73600fa0acfb88684a020b25d00b8475ac0968aafdef7b3a508ccf40c005c9a9f8c43342ef0a03e133f7be24a2085512ca5461af4e4e8d97491834c49440eee1581a1414510584b5a78d768c8611ef731e521d1402e7e61f9b058d6f8880b3abb4019db1a60ac5903786307f301010bbef269cc1298d8911c58e2f0c68e50e2b93ba9365762b8554f8ad3ebf3ed2ccf198328255a641b1d38db97eb74d185773e7922ad0424aacac23da3c77e8fce83fd7f0a3f5933e66ea0f0e8fcdf0922df4d4d7fe4508ef922aa4909b2a4b3c3e89ed1936f55ee23ad0615f1927f2ee6ce67a8534941c8225e03803645714360743854a5632492ea0d0aa62401cb4ae72f6530c40f9e310bb024ae6547d641cb2d87e356a7b6b670920d2c40d7735de13ca6bd1feaf469259e2bf80b9e81ade19bff7f4037d7b74ee98c245c48a79b31f91bf1842a9d81591a4ddb11b07ee5d825de67ef8fa922e334580719e4d95a164500d5699e5342d569d8b18875b4563396b400393e59f0509353f4d0f684951cb9ceb7be269b2357daf495bc31727c232ec1158249386c8191e03166032159e856fdbeea75413c7f74f5a22bf56013156fc9598a76feca2cbe59bdfb704e975d7bae26b98ec7fc0c2cbbca2d235479f920a29ddebb6953b26e2d9f706d38f6beb5af6dfa6e499fff9ce2462017fe611538a4862922dbfbdb56b1aa80cff39633c2392203d3cecdbc33433932fd68194c82d58bbd2dfbfad76c99b6802cd0c21204a35114a75cb4b856af4ed118bafda9263e4076886c775db3521ebc294dfb0a2a25c5996d9c7b7afbfb0b2cdc199fba721c76bc5f583ceee1f5d863d6cb32ff9f6bdf61ea5f61b967e488c976e591a16105a750196d4af68a7295b5948600f0d312f744682f0a3e73c2cfe72b1719f6496f04d2b30b840ccc6c77d1f575716a48a07266d76990b7dc0ac7aa2e7430411a4c2f903aa3bfae69355e79147d7b5dd0bfd324a4d7ab232026bcb5fe714fa30c7e07e2cc17a08d18759ebaf3a1b55cb25c5bc4261e21a8f1e8f18b745a55b5c838c79354d254bd38788a3194f973e843b1d7232d5786b69d9465620f4fb21a3f1143516d07a52c6d243c3601f69ae899c055700dbce52d81a5936924e094aab0e636b07a958061ce7ca0e1503791cc10ce9199c8409ed5613398642d6cbe7f428ecb28bdf0768875a21f1cf81700cf2fa2e0764a8053ed13906b103a2886607782b27728a0dff3b68435504cc4d6de481e2592547292e922828e34373267acf052632f1c1f7df3ba981f088eb64903024af33f7034549e4a978e2840eb5da738b08ff21ffa4cc50fe324ac83888a7551ffa5bde37d8919772abdc42d7ab10201e0e9018e95283e772507b34a939e0971c42c3e8def7f7b71ae21d02d7fd4d42dd7ee950c929fb399335f04acde32bcb387134cd48151d9a2da947f91b80ee3a19d3c4e21f77435104b9fd5a096ad3db865cac2295903d1d827515f9a7bffbb9b27af00e9516f434b112600a22b9f5a4a2ed0a50a0a851d54149cb8efb15cda7096e7c465c41be5970bc45857b39e40b86482aee77bbca9cbbed51c75016383a4ab500e624567c086da2087e0fc3a9b03d8a759d3ed6926a305654e1b3a7e0d0c9894adfecbd0463b413ea782324c91c2b5ebd0bb978a69fec5b4eb122e60bb1f88f74287ad13469422fb64e383dafd0318127a5171a3b4b988ac9b921539fb8b094fbf2b3e74138c1cd0424a3e7b9424f925412098c39bf1371c32ca5489d76876a6df3a01ec3be7f9801755aeda1d84a03eb60e9d5a7bbe60dd7d78dd1f5cf8d3175de0942fcb0ef153b8fd0d15efa384c1d115cd1aa46bdd019e46f049b9abc04886e9c9e62c4776d245015fd8a207e6fbd52f0b0a613c363c9a6af7e1678311c225875eb7cd95de4631b263a9908c47ba151bfc8ab989fc6dc3a819cddd61fbb5efb69ca819de07e4d7031fea0d53fa1b6dbb5762e9762a33556885a6fb714a8911ef544f27a343e6b585bd068ecb9e225cfe8da13189d3a55c0430a18f109dde99d12210000c1dd2ad0222ed806e000f41d2eb9a36d6ff43358d79e4427fb59f4b1b21756a38eee8e96078e38209a09ba431be1796960a511784b1db6be698284160ae8c8e34104faae913679c225bb617038e9036d36611c0f2a34602ce04a24eb05b626a5ee30d6105f352714cae810acb69ada6e5bcc58123be1f17d08c8640764dfb91d973904c21d4f9bb8dc7fed676594567da69470fb4e6340679f68c0877cecea3948b4139689db494eea65e96b6d9285aa82a5dd7f9c1575b3dc895dc0c90219af519d21e5a555786332ccdef48ba6e80312f678f5302cb8534f2faf4cf2aaabe0a9c2ae57107dff11a51ef931c7471a33c300cc676d2877715b35298210a73384d4e3c0d1fa28169e3933cc6158ddbebbee12a57be75a6823bce0e71974abc110107873421c804f82b170f63287458186fae3d0423ee75f01aae5e9a6001f452e7c4b1d349c143ae11c268d3e8fb088b43e90b61c959de771519ae3dc426d52459cedaf544dd90492ae08ef3c064002bf2fb7eaf763ffedd8a9c6dbc493f7d39c3c60f0fbf9f423410f5ddb6e949e9fcd8e5a65aa0bbbc623224a728d852952d515a80acbe9ef3b8a6b8ac9a95c23a7d047208ba1687eaad6805f43f3ad694275bfbe34ae50fa0fad00f99ab9927449d7806a8291e941ef3467bb3b7a92ee6a5f7036468df3bb4c36c20c81a0fc98bd6fa973685ed526f6302dc7776f1d44207817271bf3a207313bedfc87e84abb40d34bb01d426ed7fe355a982e352bd97a9f3a3b83d679872fa7c572bc9c8fa24223b445cffb9d8b37632b428feb777abfb6c5663b2b12a7d419e4d0b4d2801437e369d20b613fb50543bf06c3a0608fb149926961d84b6ea3c87146b71295e5dbc239cf4586f3910100eba3b9a1545ce490aebe4ef1869c2088e16309f6a60d6034414dd93c19b0b38cc39473e5565d81e1d18908f7e0847debde84baab768896893632b834004a1c1bd49076ce6083c896011d31ebd6909375bf910cfa8d88d79e4118d1708f427718766401ff994b91e010852d9fe085f9ccb45422a10fe86b11f4e03294f03323ec9f8393fd8ce6d20623bd0af2391f75e1951732e401a3eea31df5a6b70817ba0dc44abc50eb646b91706c95c397e63a3102388cbadb13dc8c95b231b30231da7ed7ebe5629ddf799c9ddc822474573391ad83b692cda95389192f4f0d52c57ab4980cc629a3058a55543f778b671b7e1f4b9f5c38e54832b39160a8585f2bbd56f6eb3aad1262074313b271e1d641e6d6e2df747e018cd9e69dca6dcb090a16ec3bdd7f5f8176515392cfb251d30396df12c07287a59d94c8f6cf85c160fc18c9ce3376e687050e05dccb24c3cc7c0f6242f84dec1595eac4683c3b9a559ff2612414fe3214ca64b283877552d3969d3918203a762f385ba6a81c1627e2a8cb61be80b9feab1b842bbe8e77682cf02134b71a27ae5e7371e3f5f540d90ae04d4418ae6252a3f6b217c4ba075f044ec4343becfcf2fd7f04871ba2ed3eb31fa846734dc3db40246f4f689d8b5914bb4804aa2c5e4ec0730570cccaa4f993929b5409c5aad1856fb084c5062cd6f69c80ba87e3bce46c11dc898baed7a6c192f4f8be86dbdf0f5ed0625b56d365f5efceff7aaa3109a9afed3fa73ff500cd4dbba68ca845afaa1434aeff819a219d8a1e4ecfa4b08bc1c12b569752d576f233924729a429d360f00c389068153dd3f6e1f38b0803bc6d7a970f05c76fdd6520d8f3f3f1b79cde9c310a4c4a9f4491fbad53956661d86e2d7b173f471ce93829f31f1be9a9436d0fbcd99286a1d1d2593061ebf4b37133ab65a147921eed378c73e9cab938599935030459b5864dd4986925e359c633c23339292f3b1f085f9e9a56144c712992de05fd54d0f710dfc3081457682df5703058923c07201f57a0a21a0bcde96941f9927b5162e2d7de95358af827bb50898d876b928a51e927e100ec4cf75052a703f816bb8de764609da6d18553390c931290aae033cb92143b2a51ea600ccee9224c8a1c29636a5801df6929433a1358fd9d4dde4e8fede6173fb65a95ce54904b167f960edd3d917052dee785dd0f1c92a49d9839c17569914dd8dfc6b5151e74beabc276a9451f4cf7bbd26770b829b782cfd4ba15a94ea8e8e83015c5e34ebf810de7f199efecce0905df8d714fe102d8b3a9184701cdeb22ff9462db3a7741b0426d6b56eb6946eeb6e218a54dee83f96c40944fdcedc6f98d39e28cdafe27e5bdb1a58df29efcd8b2764fc3a162ed85ad1a6bf7d9b8aa25c6951167d911f55c1621b36f4d0f78d55934337b48dcb2dd8870923cedb82bda4d395a795f473ba54c2699e95638eb153cd848ea4dd2ab8b14b9a8cb9b8409e41a1e482f79310262f9476c8ce04d5d40d47d49aecd42ef931955c02300", 0x2000, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

26.602463975s ago: executing program 7 (id=316):
r0 = add_key$keyring(&(0x7f0000000280), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$chown(0x4, r0, 0xee01, 0x0)
keyctl$setperm(0x5, r0, 0x220c0d12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee1, 0x8031, 0xffffffffffffffff, 0x0)
keyctl$describe(0x6, r0, &(0x7f00000003c0)=""/199, 0xc7)

26.377564653s ago: executing program 7 (id=320):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r0}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

26.364708084s ago: executing program 7 (id=321):
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = syz_open_dev$vcsa(&(0x7f0000000040), 0x1, 0x40002)
writev(r0, &(0x7f0000000c40)=[{0x0}, {&(0x7f00000005c0)="c21cfb", 0x3}, {&(0x7f00000007c0), 0x300}, {&(0x7f0000000900), 0x4000}], 0xe)
write$P9_RUNLINKAT(r0, &(0x7f0000000280)={0x7, 0x4d, 0x1}, 0x7)

26.310706408s ago: executing program 7 (id=322):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file1\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file1\x00', 0x0, 0x0)

26.232406995s ago: executing program 7 (id=325):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a000000050000000200000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r1}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)

25.780096171s ago: executing program 7 (id=335):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000900)='kfree\x00', r0}, 0x18)
syz_mount_image$ext4(0x0, &(0x7f0000000580)='./file0\x00', 0x19560c0, 0x0, 0x0, 0x0, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='gid=', @ANYRESHEX])
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, &(0x7f0000000100))

25.706472737s ago: executing program 35 (id=335):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000900)='kfree\x00', r0}, 0x18)
syz_mount_image$ext4(0x0, &(0x7f0000000580)='./file0\x00', 0x19560c0, 0x0, 0x0, 0x0, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='gid=', @ANYRESHEX])
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, &(0x7f0000000100))

15.807253191s ago: executing program 2 (id=644):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)={0x3b, 0x0, [{0xc0010140}]})

15.675099342s ago: executing program 2 (id=648):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000d8ffffffb703000008000000b70400000000925e850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r0}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

15.628477586s ago: executing program 2 (id=649):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
setitimer(0x1, 0x0, 0x0)

15.562336651s ago: executing program 2 (id=650):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file2\x00', 0x10, &(0x7f0000000080)={[{@nodiscard}, {@nocheckpoint_merge}, {@fastboot}, {@background_gc_off}, {@flush_merge}, {@fault_injection={'fault_injection', 0x3d, 0x4ef}}, {@grpjquota={'grpjquota', 0x3d, 'noacl'}}, {@noacl}, {@compress_cache}, {@alloc_mode_def}, {@noextent_cache}, {@grpjquota}, {@checkpoint_diasble}]}, 0x1, 0x550c, &(0x7f00000089c0)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DKJjT9WPRWdRc/sEtZ9eBJ0yQN2U0ypUnT2pMHj+LB/0QUPHn0b/Dg2Zt4ULwJSmYmuvUDhKaN3f5+MHnmffPmmecNy8IzUxLAuTWf/PJTKW7ElYiYjYjrEdl5qTgy63l4LiJuRsTMY0epmP9j4mJEXI2IG6Pkec5S8dZnt4e31n588+evv7104drnX303vV0D0/Z8RHR38vP9bh7TVh4fFvO1YTuL3dVhEfM3uo+KcZrH/eZWlmG/Nl5Xy+JKK1+f7uz1R3G7U6uPYqu9nc3v9PIL9oetcZ7sAw9ru9m40dzKYrufZrF1mNd1cJj/33bYH+R5GkW+D7P0MRiMYz7fPGjm+9l5lMV6b1DM53nTRvNgFIdFLC4X9bTTyOrYOs43/f/2Vru3d5AMm7v9dtpL1irVFyvVO+XqbtpoDpqr5Vq3cWc1WWh1RsvKg2atu95K01anWamn3cVkoVWvl6vVZOFuc6td6yXVamWlslReWyzObiev3X836TSShVF8pd3bG7Q7/WQ73U3yTywmy5WVlxaTW9Xk7Y3NZPPBvXsbm++8f/e9+y9vvPFqsehvZb0Qy0vLy+XqUnm5uniO9v9xUXSyMLH9w7GUpl0AwNmj/wem4eT6/90HESff/4f+fyLOVP87LmuC/e953z8ci/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODc+n7ui9ezk/l8fK2Yf6qYeqYYlyJiJiJ++wezcfFIztkiz9y/rJ/7Sw3flCLLMLrGpeK4GhHrxfHr0yf9LQAAAMCT68uPbn6ad+v5y/y0C+I05TdtZq5/MKF8pYiYm/9hQtlmRi/PTihZ9u/7QhxMKFt2A+vyhJLlt9wuTCrbfzJ7JFx+LJTyMHOq5QAAAKfiaCdwul0IAAAAp+mTaRfAdJRi/Chz/Cw4+8v7Px8IXjkyAgAAAM6g0rQLAAAAAE5c1v/7/T8AAAB4suW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3cJg5EcQB+Nnhh/2nRau/byt6gjC1hj3uMKCBNUEAOpIU0QA3klhIiiPA4BCIOkTy2lej7JGcylvnxBsFhZqQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALt1X68Xt1e/rtjm7fTt5RgMAAABcsq3Wi/qfWep/be5/b279bPpFRJQRcWnuPopPZ5mjJqd6ef7m9PnqVQ13EXXC4T0mzfUlIv401+OPrj8FAAAA+Lg2y9U8zdbTn9nQBdGntGhTfvubKa+IiGr2kCmtPOT9yhRWf7/H8T9TWr2ANc0UlpbcxrnS3qT+uR9X7aYnTZGa8uLLjkVmGzsAANCj0VnT7ywEAACAPv0bugCGUcTzVuZxK3CSmmZ77/NZDwAAAHiHiqELAAAAADpXz/97Ov9v7/w/AAAAGEY6/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAubav1YrNczdvm7Pbt5BkNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwxP68o0AIhEEY7F3fmcz9DysNmpqaVIHw8TcGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO/fzGkcVBwD8zc7OxlbFNcoeIqLgQS92u62tvYkHJXjwTxBCuq2xW3+0OdhSxFy8Sc69iB5FBCXe+j/0nEAu8ZbDHiJ4jszszO7kB7j+6Mwm+XzgzfvuMMz7vlkI+c57CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBh+O4kjtNDexQ38nObew+W037rUJ96tL69kLY0jqpM+mR4ufwh6ozDvTqSAQAA4GyIi/o+hLCTbCymfaOd1f9JcU1a83//7Cgu6vnDdX/RF7V/2n77dffF8UDt0TjpTW+sDPoXj6bSfHKznG3P/e0VzezJZ+9e4uwLaXyw9sIwyZ5n9O3jx++1snCuimwBgH/jQtHnQfH7UNr36kwMgDOjWSq8i/o/btebEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAVhmvh6SKOQggLzUmc2tp7sHxc/2h9e6FoVx8+XA9fT+6Z3iIJIdxYGfQvVjqb2Xb33v1bS4NB/071wSshhLpGfyef/q2Pprg4hFqej+D/Cfbn8i97RvI5IUGNP5QAADiVkryldf1OsrGYnovmQ9j/4WD9/3opDlPW/7sfX90sj1Wu/3uVzXD2dVdvf969e+/+myu3l272b/Y/fetS7+3e5WtXrlzrZu9Kut6YAAAA8N+08lau/xvzR9f/z5fiMGX9/8V3va/KY8Xq/2NNFv3qzgQAAOBse/7VP/+IjjkftVrhy6XV1Tu90XH8+dLoWEOq/9hc3sr1fzxfd1YAAABAFYZr0YH1/+ulOEy5/v/Mjy/9XL5nHEI4l6//X1j+bHC9uunMtCr+nLjuOQIAAFCvc3krr/8n2f7/xnjLQyOE8MZrozj/N4BT1f/x+9/8VB6rvP//cnVTnEmNzuh5ZH0nhGan7owAAAA4zZ7KW1rs/55sLH7yy/kPW/b/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFTtrwAAAP//RAE/8A==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
setxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000002b80)='system.posix_acl_access\x00', &(0x7f0000000400)=ANY=[@ANYBLOB="02000000010007000000000004000200000000001000060000000000200007"], 0x24, 0x3)

15.06906206s ago: executing program 2 (id=658):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x78)
sendfile(r0, r1, &(0x7f00000001c0), 0x8)
fcntl$addseals(r1, 0x409, 0x8)

14.410710543s ago: executing program 2 (id=659):
capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7})
mkdirat(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xc6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})

14.410623103s ago: executing program 36 (id=659):
capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7})
mkdirat(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xc6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})

10.237741658s ago: executing program 8 (id=769):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000020301040000000000000000004000f40800010001"], 0x1c}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x1c}}, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000580)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0xff0f000000000000)

10.174442333s ago: executing program 8 (id=774):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f0000000380), 0x0, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
ppoll(&(0x7f0000000000)=[{r0}], 0x1, 0x0, 0x0, 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0xb)

10.08478034s ago: executing program 8 (id=779):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000fdffffff00000000060000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000006000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10)
timer_settime(0x0, 0x1, 0x0, 0x0)
r1 = timerfd_create(0x0, 0x0)
timerfd_settime(r1, 0x0, &(0x7f0000000080)={{}, {0x0, 0x3938700}}, 0x0)
readv(r1, &(0x7f00000003c0)=[{&(0x7f0000000000)=""/33, 0x21}], 0x1)

9.983892759s ago: executing program 8 (id=782):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file2\x00', 0x10, &(0x7f0000000080)={[{@nodiscard}, {@nocheckpoint_merge}, {@fastboot}, {@background_gc_off}, {@flush_merge}, {@fault_injection={'fault_injection', 0x3d, 0x4ef}}, {@grpjquota={'grpjquota', 0x3d, 'noacl'}}, {@noacl}, {@compress_cache}, {@alloc_mode_def}, {@noextent_cache}, {@grpjquota}, {@checkpoint_diasble}]}, 0x1, 0x550c, &(0x7f00000089c0)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DKJjT9WPRWdRc/sEtZ9eBJ0yQN2U0ypUnT2pMHj+LB/0QUPHn0b/Dg2Zt4ULwJSmYmuvUDhKaN3f5+MHnmffPmmecNy8IzUxLAuTWf/PJTKW7ElYiYjYjrEdl5qTgy63l4LiJuRsTMY0epmP9j4mJEXI2IG6Pkec5S8dZnt4e31n588+evv7104drnX303vV0D0/Z8RHR38vP9bh7TVh4fFvO1YTuL3dVhEfM3uo+KcZrH/eZWlmG/Nl5Xy+JKK1+f7uz1R3G7U6uPYqu9nc3v9PIL9oetcZ7sAw9ru9m40dzKYrufZrF1mNd1cJj/33bYH+R5GkW+D7P0MRiMYz7fPGjm+9l5lMV6b1DM53nTRvNgFIdFLC4X9bTTyOrYOs43/f/2Vru3d5AMm7v9dtpL1irVFyvVO+XqbtpoDpqr5Vq3cWc1WWh1RsvKg2atu95K01anWamn3cVkoVWvl6vVZOFuc6td6yXVamWlslReWyzObiev3X836TSShVF8pd3bG7Q7/WQ73U3yTywmy5WVlxaTW9Xk7Y3NZPPBvXsbm++8f/e9+y9vvPFqsehvZb0Qy0vLy+XqUnm5uniO9v9xUXSyMLH9w7GUpl0AwNmj/wem4eT6/90HESff/4f+fyLOVP87LmuC/e953z8ci/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODc+n7ui9ezk/l8fK2Yf6qYeqYYlyJiJiJ++wezcfFIztkiz9y/rJ/7Sw3flCLLMLrGpeK4GhHrxfHr0yf9LQAAAMCT68uPbn6ad+v5y/y0C+I05TdtZq5/MKF8pYiYm/9hQtlmRi/PTihZ9u/7QhxMKFt2A+vyhJLlt9wuTCrbfzJ7JFx+LJTyMHOq5QAAAKfiaCdwul0IAAAAp+mTaRfAdJRi/Chz/Cw4+8v7Px8IXjkyAgAAAM6g0rQLAAAAAE5c1v/7/T8AAAB4suW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3cJg5EcQB+Nnhh/2nRau/byt6gjC1hj3uMKCBNUEAOpIU0QA3klhIiiPA4BCIOkTy2lej7JGcylvnxBsFhZqQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALt1X68Xt1e/rtjm7fTt5RgMAAABcsq3Wi/qfWep/be5/b279bPpFRJQRcWnuPopPZ5mjJqd6ef7m9PnqVQ13EXXC4T0mzfUlIv401+OPrj8FAAAA+Lg2y9U8zdbTn9nQBdGntGhTfvubKa+IiGr2kCmtPOT9yhRWf7/H8T9TWr2ANc0UlpbcxrnS3qT+uR9X7aYnTZGa8uLLjkVmGzsAANCj0VnT7ywEAACAPv0bugCGUcTzVuZxK3CSmmZ77/NZDwAAAHiHiqELAAAAADpXz/97Ov9v7/w/AAAAGEY6/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAubav1YrNczdvm7Pbt5BkNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwxP68o0AIhEEY7F3fmcz9DysNmpqaVIHw8TcGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO/fzGkcVBwD8zc7OxlbFNcoeIqLgQS92u62tvYkHJXjwTxBCuq2xW3+0OdhSxFy8Sc69iB5FBCXe+j/0nEAu8ZbDHiJ4jszszO7kB7j+6Mwm+XzgzfvuMMz7vlkI+c57CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBh+O4kjtNDexQ38nObew+W037rUJ96tL69kLY0jqpM+mR4ufwh6ozDvTqSAQAA4GyIi/o+hLCTbCymfaOd1f9JcU1a83//7Cgu6vnDdX/RF7V/2n77dffF8UDt0TjpTW+sDPoXj6bSfHKznG3P/e0VzezJZ+9e4uwLaXyw9sIwyZ5n9O3jx++1snCuimwBgH/jQtHnQfH7UNr36kwMgDOjWSq8i/o/btebEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAVhmvh6SKOQggLzUmc2tp7sHxc/2h9e6FoVx8+XA9fT+6Z3iIJIdxYGfQvVjqb2Xb33v1bS4NB/071wSshhLpGfyef/q2Pprg4hFqej+D/Cfbn8i97RvI5IUGNP5QAADiVkryldf1OsrGYnovmQ9j/4WD9/3opDlPW/7sfX90sj1Wu/3uVzXD2dVdvf969e+/+myu3l272b/Y/fetS7+3e5WtXrlzrZu9Kut6YAAAA8N+08lau/xvzR9f/z5fiMGX9/8V3va/KY8Xq/2NNFv3qzgQAAOBse/7VP/+IjjkftVrhy6XV1Tu90XH8+dLoWEOq/9hc3sr1fzxfd1YAAABAFYZr0YH1/+ulOEy5/v/Mjy/9XL5nHEI4l6//X1j+bHC9uunMtCr+nLjuOQIAAFCvc3krr/8n2f7/xnjLQyOE8MZrozj/N4BT1f/x+9/8VB6rvP//cnVTnEmNzuh5ZH0nhGan7owAAAA4zZ7KW1rs/55sLH7yy/kPW/b/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFTtrwAAAP//RAE/8A==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
setxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000002b80)='system.posix_acl_access\x00', &(0x7f0000000400)=ANY=[@ANYBLOB="02000000010007000000000004000200000000001000060000000000200007"], 0x24, 0x3)

9.501223708s ago: executing program 8 (id=788):
syz_mount_image$vfat(&(0x7f0000000580), &(0x7f0000000180)='./file0\x00', 0x1000802, &(0x7f00000001c0)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c6e6f6e756d7461696c003130dbbb3121258e322c262b537f5d0000006e695f7804590000000000003d312c696f63686172538c6c90392bc69373686f72746e616d65653ff959f53d6d697865642c636f6465706167653d3821332c696f6368617273650000000031323831e54f1bb0a3d72c007e3db5a829498e2a721ae5804ff8ccb41eff157cfdfcef90a6010100003ceeeac934b3165b4a0ea182cdd0666ab32f2d041a99ac9fc865ba946f1bb7759d02742dfcc68937ff86d7a54d6de8823119c767d45d6047209f4436383ee21373a9c3f450cb6d7c37b59a34407d4a0e6a382108ddd52580281f1d8ad71c4ceafb49960f1429b090d1429f519f9c2b0cb88ffa6fc04fa61c275bf560b9eeeb2d0c8b3ddeb56783f9908c21cf9b2ba0b76b9b60c991bb17c7d0accad1cdaf3259b7dc405d72e2bc3abe0cf37bda3dbfc05e2e55f8aa272b5ea736019c3c0a9b34115a445e0c5da1bd7352ec9529f5caa71f1ae71b36b500c79fffb487ed081232b5d93d3162c7f71f4d5756c9e5442fa3692127266a0c15dac9171edda86b148d17a48d4d90470e79620eeab5acf6f78f807298315e2b80fe1874098d75ab47837a96699e2a7db456f2a4368bece813135ed970951c7471ac16703820a799421cb24f32a5f49ab45bec637c38bcbdae4da3a05f96b2162c47d0b1277e1b1bcc981cce8f6f7f3dd8d06352eb387997b498a732d8442115755ff14d508891abd401b3cafcba75a6901fbe08002674d8663b8c40e9cf13fa4c4a092cb8004a1d2a6fe18cd5d702493d52a7110b17e64b9fa22fb3ace98b9ca35cb98c65f0902dd430373f6ae43c4a60c423b6f65b5ecc2093698072abc857ab2d36a261a7fc5776d39c3d5d5fad291c88ff9726d5ee32c6bcac1799ade9459eb39b56d985d29b988c72c9ad7e82b589f454a58d7cd5ace9436cf69acc217737c863d8938cc95767a0c9b14cb79f5b45ea2408d1da65a2ed8cf55a"], 0x4, 0x24e, &(0x7f0000000a00)="$eJzs3cFLk38YAPBnOtGf8GMeAkmC3ug+1OiuhII0KJId6pSkUjgTEoQ6qJ06d+pS/0Jdgq5Bh+jaPxBBWNBFO3kIFvqq07nlrLZFfj6XPez7PPt+33cv+26HPe/NM/Nz0wuLsxsba9HTk+nKjsTLgc1M9EVHdEZqNQCAf8lmuRzr5VS71wIAtIb9HwBOnsr+nzm0/2dW974TXG39ygCAZvH7HwBOnsnrNy6PFgpj19aTnoj5R0vFpWL6mI6PzsadKMVMDEYuvkeU96Txk4nC2GCy5XNfFOdXdupXloqdB+uHIhd9h+vHJwpjQ0nqYH1X9O7Uf+iNmRiOXJyqXT9cq74rIs7vmz8fuXh/KxaiFNOxVVupXx5KkktXClXzd2/nAQAAAAAAAAAAAAAAAAAAAABAM+Q7tlvnlLuTpGb/nnw+2VU1ntbv7w/0X43+QON7/YGq+/tkYyDb3mMHAAAAAAAAAAAAAAAAAACAv8Xi/QdzU6XSzL2fBXffPX9zVE6DQWZn3po53RHx+1M0GPx/7tPT+jkPj3N+/mzw+myLJ9067cetert2+/SFxf6L9XIi27Q1d/zKm/I117RL68VuMPLtyOTHk626wjurn+l/NjL1avnjl0Zfp40fSgAAAAAAAAAAAAAAAAAAcEJV/vTb7pUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQPtU7v9fJ8hE3aEGg9V2HyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwIAAD//8pHpIo=")
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000001980)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc001}, 0x4000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB='<\x00'], 0x3c}}, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x20, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/fscaps', 0xa0042, 0x148)

8.791355684s ago: executing program 8 (id=797):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r0)
setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000140)=0x2, 0x4)

8.730292559s ago: executing program 37 (id=797):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r0)
setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000140)=0x2, 0x4)

4.865140279s ago: executing program 5 (id=908):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x2, 0x3, 0x0, 0x3, 0x11, 0x0, 0x70bd2c, 0x25dfdbfc, [@sadb_key={0x3, 0x9, 0x80, 0x0, "1cdc0dca1d9f68846960e56de42944af"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x7}}]}, 0x88}, 0x1, 0x7}, 0x0)

4.826858942s ago: executing program 5 (id=910):
io_setup(0x490, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x76, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902640002010000000904010001020d0000052406000105240000000d240f01"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000007c0)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x80, 0x1c, {0x0, 0x0, 0xb, 0x0, 0x1, 0x4, 0x7, 0x40, 0x6, 0xe, 0x0, 0x1000}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

3.158214696s ago: executing program 1 (id=953):
r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f0000000140)='./file0\x00')
readlinkat(r1, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f00000003c0)=""/206, 0xce)
readlinkat(r1, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)=""/237, 0xed)

3.139978628s ago: executing program 1 (id=955):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="040000"])

3.055078045s ago: executing program 1 (id=957):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000093c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x76016, 0x3, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x400}}, 0x50)
utimensat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)={{0x77359400}, {0x0, 0x3fffffff}}, 0x0)

2.783834587s ago: executing program 9 (id=967):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x4011, &(0x7f0000000040)={[{@journal_dev={'journal_dev', 0x3d, 0x5}}, {@dioread_lock}, {@journal_checksum}, {@noblock_validity}, {@bh}, {@dioread_nolock}]}, 0x0, 0x64a, &(0x7f0000002380)="$eJzs3c9vFG8ZAPBnZrfd/kC3EKPiQRqNgURpaQFDjAn04okQ/HHzVGkhyEIJrdEiiW2CFxPjxYOJJw/if6EkXj158+DFkyEhxnAQQ77sN7M7W7a73Xa77Xbp9vNJls7Muzvvs2SffWfefd+ZAE6s6eyfNOJsRDxOIspNZcXIC6frz3vz32d3skcS1er3/5PEs18kG837SvK/k/mLPynXt5wptNe7uv70wWKlsvwkX59de/h4dnX96cX7DxfvLd9bfjT/zflrV69cvTZ36UDvL4tgJF+++fzHPy3/6tYP//j7d8ncn/55K4kb8T6PLXtfra8tHajm7P9sOqp1b7cVpBHXDrjvj8X/yo3PSU0p+0AkxUFGxH6kEXE9z5EvRDkK8SFZy/HL7w40OKCvqknU2qjpKnDyJNGx6P5Y/iXRbqyvMQFHoXEc0Di33+k8uF3az0MS4Ii8Xqj31dVzfyQiGvlfrPcNxlitb2DiTdLcz1PrVztYz1xdVsff/nrrefaIDv1wQH9sbDZ6uVvb/6SWm1NRPweYeJNuy/+F/CggzX8n+F7rjrvsPJ9uWZf/cHQ2NiPii3n7Pxpd53+a524j/3/UY/095v+pHqsDAAAAAACAofZyISK+sdP4v3Rr/M9ooX38z2RE3DiE+vf+/S99lS8kh1Ad0OT1QsS3dxz/uzXGd6qQr32mNh5gJLl7v7J8KSI+GxEXYqSUrc+17Ld5hPDFX5/5Xaf6m8f/ZY+s/sZYwHxPr4otY4mWFtcWD/q+gYjXmxFfqo3/PZdv2T7+J2v/k63xvx+G3WT5/bjLOs587cXtTmV75z/QL9U/RJzfsf3/cLid7H59jtna8cBs46ig3Zd//ps/d6pf/sPgZO3/xO75X0qar9ezur/9j0bE5fVitVN5r8f/o8kPCo39Z362uLb2ZC5iNLnZvn1+fzHDsGrkQyNfsvy/8NXd+/+2jv+b8nA8Ija6rPPz7yf/1alM+w+Dk+X/0u7tf3l7+7//hfkXU3/pVP/trtr/K7U2/UK+Rf8fNGu/Hke3CTqQcAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgmEsj4lQk6czWcprOzERMRsTnYiKtrKyuff3uyk8eLUXt7t9TMZI27vRbrq8njfv/TzWtz7esX46I0xHx28J4bX3mzkpladBvHgAAAAAAAAAAAAAAAAAAAD4Sk7U5/9VS6/z/zL8Lg44O6Lti/le+w8lT7PmV1dKhBgIcud7zHzjONveV/yN9jQU4ep3z/+27ak3L5u98pe8xAUej6/b/7073Ydj0eP7v5wIYAvr/4KTqsk9vrN9xAIOg/QcAAAAAgKFy+tzLfyQRsfGt8dojM5qXjQ80MqDf0j3KfQfA8DKGF06u4sqgIwAGxYR+INla+n/rZP+azqP/k/4EBAAAAAAAAAAAAAC0OX+28/x/cwNguO06/3+viwMAx9ou8/93mtjjcgEwRDrf+sO8Phh2zvGBvVp78/8BAAAAAAAAAAAA4CMw9vTBYqWy/GR1/fgtXO/pVYWIGGDwG4sH20+1NKjgx6JT0fv+VDoSEYP+jB3aQpZslcpytRqx95Mbl+AYYMx7f3WU+vzVBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1H0aAAD///UvHMY=")
syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00')
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
unshare(0x2040400)
r0 = syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x0)
ioctl$EVIOCGLED(r0, 0x80284504, &(0x7f0000000000)=""/52)

2.658478856s ago: executing program 9 (id=968):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x50, 0x20}, {0x20, 0x0, 0x0, 0xad}, {0x6, 0x3}]}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r2=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x3, 0x4)
sendto$packet(r0, &(0x7f00000000c0)="3f031c00eee8140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c153cfdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)

2.633433469s ago: executing program 9 (id=969):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3e8, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH71p0k0/qj1EPFgQEyaNNYKIuYiInqyRw/G/Kilm0aSFWwIqCjeevPqQfHg3+BJwf9AEE+epRAkLehxZXZn4prspt1u1sHs5wNT3ps3y3sz333zmjfzNoC+NRkRn0TEcESsRsRovj/Jt3i1sWXH3d3dXsq2JGq1t/9I6uV3dreXoukzmdPZP2nEVBqRfh5xvkW9mze3ri9WKisbeX6muvbBzObNreevrS1eXbm6cmPu4ouz85fmLs2+cGTneuv85Zeenn/j11uvfbP0y5Xv3svaeyYvaz6PozKZXbW0ddmFo66sZGfKbgAPJPt6DkTEYL3/j8ZAPdUwGh+/U2rjAICeqNVqA/vyAMCxlxjzAaDPFH/339ndXiq2UiYiKMXOQkScaMS/eL7bKBncexI01MPne5MR8X76/US2RY+ewwIAAAD0sx8WIuJyq/m/NJ5qOu5sRDyUrw8Yi4jxiHg4Ih7psv7JffmD8z/p7S6r4BA7CxEvN63tuNsU/9zYQJ47W4/9ULJ6rbJyIf8+TMXQSJafPaSOP7euf9GurHn+L9uy+ou5wLwdtwdH/v2Z5cXqYjfnzD92Po14crBV/JO9+d8kIia6qOPH8bWv2pXdO/70Uu3riGdb9v9k75jk8PVZM/X7wUxxVzjorZ8+e7dd/eJfrqz/nzo8/mNJ83q9zc7rePzcbxvtyh70/j+cXKk3cDjf99FitboxGzGcvHlw/1znbT6uiutRXK8s/lPPtB7/iyBkF/TRiHgsi2VEPBER5zqo89vxv062K9P/y5XFf7mj/t954pWJ139uV//99f/5emOm8j3+/3dv9xugstsJAAAAAAAAwNFI62u7k3R6L52m09ON3/CeiFNpZX2z+tzq+oc3lhtrwMdiKC3e9Bpteh90Nn8vuMjP7ctfzN8Z/nLkZD0/vbReWS775AGgT51uM/5nfh8pu3UAQM+cKLsBAMB/zvgPAP3H+A8A/cf4DwD9x/gPAP3H+A8AfaWb3/WXkJA4romy70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/b38HAAD//78JzGY=")
syz_mount_image$fuse(0x0, 0x0, 0x3000009, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3e8, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH71p0k0/qj1EPFgQEyaNNYKIuYiInqyRw/G/Kilm0aSFWwIqCjeevPqQfHg3+BJwf9AEE+epRAkLehxZXZn4prspt1u1sHs5wNT3ps3y3sz333zmjfzNoC+NRkRn0TEcESsRsRovj/Jt3i1sWXH3d3dXsq2JGq1t/9I6uV3dreXoukzmdPZP2nEVBqRfh5xvkW9mze3ri9WKisbeX6muvbBzObNreevrS1eXbm6cmPu4ouz85fmLs2+cGTneuv85Zeenn/j11uvfbP0y5Xv3svaeyYvaz6PozKZXbW0ddmFo66sZGfKbgAPJPt6DkTEYL3/j8ZAPdUwGh+/U2rjAICeqNVqA/vyAMCxlxjzAaDPFH/339ndXiq2UiYiKMXOQkScaMS/eL7bKBncexI01MPne5MR8X76/US2RY+ewwIAAAD0sx8WIuJyq/m/NJ5qOu5sRDyUrw8Yi4jxiHg4Ih7psv7JffmD8z/p7S6r4BA7CxEvN63tuNsU/9zYQJ47W4/9ULJ6rbJyIf8+TMXQSJafPaSOP7euf9GurHn+L9uy+ou5wLwdtwdH/v2Z5cXqYjfnzD92Po14crBV/JO9+d8kIia6qOPH8bWv2pXdO/70Uu3riGdb9v9k75jk8PVZM/X7wUxxVzjorZ8+e7dd/eJfrqz/nzo8/mNJ83q9zc7rePzcbxvtyh70/j+cXKk3cDjf99FitboxGzGcvHlw/1znbT6uiutRXK8s/lPPtB7/iyBkF/TRiHgsi2VEPBER5zqo89vxv062K9P/y5XFf7mj/t954pWJ139uV//99f/5emOm8j3+/3dv9xugstsJAAAAAAAAwNFI62u7k3R6L52m09ON3/CeiFNpZX2z+tzq+oc3lhtrwMdiKC3e9Bpteh90Nn8vuMjP7ctfzN8Z/nLkZD0/vbReWS775AGgT51uM/5nfh8pu3UAQM+cKLsBAMB/zvgPAP3H+A8A/cf4DwD9x/gPAP3H+A8AfaWb3/WXkJA4romy70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/b38HAAD//78JzGY=")
truncate(&(0x7f00000001c0)='./file1\x00', 0x42dc)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x1ff)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x4030582b, &(0x7f00000000c0)={0x0, r0, 0x10, 0x2000008, 0x8506, 0x40000f})

2.535176897s ago: executing program 9 (id=970):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000400)=0x9)
ioctl$KVM_GET_MP_STATE(r2, 0x8004ae98, &(0x7f00000000c0))

2.395549798s ago: executing program 9 (id=972):
r0 = socket(0xa, 0x3, 0xff)
setsockopt$inet6_int(r0, 0x29, 0x4d, &(0x7f0000000040)=0x7, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000000)=0x9, 0x4)
recvmmsg(r0, &(0x7f0000000dc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)=""/67, 0x43}, 0x9}], 0x1, 0x40000102, 0x0)
syz_emit_ethernet(0x4e, &(0x7f00000020c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3986dd6c370c8900182b01fe800000000000000000000000000025fe8000000000000000000000000000aaff"], 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)

2.311646264s ago: executing program 9 (id=973):
r0 = syz_usb_connect$cdc_ncm(0x2, 0x8f, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109027d0002010080000904000001020d0000052406000105240000000d240f0103000000fd0000000406241aff072908241c0101090000142413099f33760bf14377323063f9c8a04d113905241510000905810300020800040904010000020d00000904010102020d0000090582020002e1ad00090503020002"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000000)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x20, 0x80, 0x1c, {0x8, 0x70, 0x200ab8, 0x9, 0x5, 0x8000, 0x0, 0x3, 0x200, 0x0, 0x10, 0xfb}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f0000000080)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)

2.170679555s ago: executing program 1 (id=974):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000013c0)="d080", 0xfdef}], 0x1, 0x0, 0x0, 0x800300}, 0x20000801)
recvmsg(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x40002002)

1.799231955s ago: executing program 5 (id=975):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r0}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

1.7512044s ago: executing program 5 (id=976):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0100000001000000050008000100000001"], 0x50)

1.682755675s ago: executing program 5 (id=979):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W9rJHcdAPDvTLJp7i41WxU5C7bFVu6K3m7S2DaKtBVEHxXU+jzGZBNCNtmQ3dRLKJriCxBEVPAF+ETwBQjSlyDCgT4XFUX0Th/qjczuRPNnN1mSTfbcfD4w2d9v/n2/vyE7O39+zARwbb0QEW9FxFhEvBwR08X4tBgW8sp+Z75HD99byocksuydvyWRFOMO1pXXxyPiVmeRmIyIr38l4lvJybjN3b31xXq9tl3Uq62NrWpzd+/e2sbiam21tjk3N/va/Ovzr87PZIULtbMcEW986U8/+v7PvvzGrz7z7d8v/OXud/K0vvCxTt4RsXShAD101l1qb4sD+TbavoxgQ5K3pzQ27CwAAOhHfoz/4Yj4ZPv4fzrG2kdzAAAAwCjJ3pyKfyURGQAAADCy0oiYiiStFH0BpiJNK5VOH96Pxs203mi2Pr3S2NlczqdFlKOUrqzVazNFX+FylJK8Plv0sT2ov3KsPhcRz0TED6dvtOuVpUZ9edgXPwAAAOCauPX80fP/f06n7TIAAAAwYso9KwAAAMCocMoPAAAAo8/5PwAAAIy0r779dj5kB+/xXn53d2e98e695VpzvbKxs1RZamxvVVYbjdX2M/s2zlpfvdHY+mxs7tyvtmrNVrW5u7ew0djZbC2sHXkFNgAAAHCFnnn+g98lEbH/+RvtIYrnAAIc8cdhJwAM0tiwEwCGZnzYCQBDUzpzDnsIGHXJGdNPdt7pXCuMX19OPgAAwODd+fjJ+/8TxbSzrw0A/8/09QGA68fdPbi+SuftAXh70JkAw/KhzsdTvab3fHhHH/f/O9cYsuxciQEAAAMz1R6StFIcp09FmlYqEU+3XwtQSlbW6rWZ4vzgt9Olp/L6bHvJ5Mw+wwAAAAAAAAAAAAAAAAAAAAAAAABAR5YlkQEAAAAjLSL9c9J+mn/EnemXpo5eHTj21q+fvvPj+4ut1vZsxETy9+l81EREtH5SjH8l80oAAAAAeAJ0ztOLz9lhZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn08L2lg+Eq4/71ixFR7hZ/PCbbn5NRioib/0hi/NBySUSMDSD+/vsRcbtb/CQeZ1lWLrLoFv/GJccvtzdN9/hpRNwaQHy4zj7I9z9vdfv+pfFC+7P792+8GC6q9/4v/e/+b6zH/ufpY/Venn3wi2rP+O9HPDveff9zED/pxD8SIq+82Gcbv/mNvb2uEw6tslv8w7GqrY2tanN3797axuJqbbW2OTc3+9r86/Ovzs9UV9bqteJv1zA/+MQvH5/W/ps94pePtv/E9n+pr9Zn8e8H9x9+pFMpdYt/98Xuv7+3e8RPi9++TxXlfPqdg/J+p3zYcz//zXOntX+5R/snz2j/3b7aH597+Wvf+0PXKSe2BgBwFZq7e+uL9Xpt+5TCZB/zXHHhzScjjQEW4slIY1iF7Lud/8eLreeCi58oZBdZfDwGkMbEie/pWJx3hUnEfr6uPv8hAQCAEfO/g/7T7iABAAAAAAAAAAAAAAAAAAAAl+mcjyWbjIi+Zz4ec384TQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONV/AgAA//8FStFZ")

1.599426991s ago: executing program 5 (id=980):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x5, [@enum={0x3, 0x2, 0x0, 0xf, 0x9000000, [{0x40000005}, {0xc}]}, @volatile={0x8, 0x0, 0x0, 0x9, 0xffffffff}]}, {0x0, [0x0, 0x0, 0x61]}}, 0x0, 0x45}, 0x28)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x60b, 0x500a, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x50, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4f8}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x4}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000001c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="000706000000"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)
syz_open_dev$vcsn(0x0, 0xd8, 0x8503)

1.307929155s ago: executing program 1 (id=983):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008000000c8"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
fallocate(r2, 0x0, 0x11, 0x1afd)

1.166642037s ago: executing program 1 (id=986):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00220f0000001609005a000794a69b3283"], 0x0}, 0x0)

1.11373397s ago: executing program 4 (id=988):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r2}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r3, 0x1, 0x1d, &(0x7f0000000340)=r1, 0x4)

1.101060821s ago: executing program 4 (id=989):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_user(r2, &(0x7f0000000040)=ANY=[@ANYBLOB='system_u:object_r:auth_cache_t root'], 0x27)

1.086452102s ago: executing program 4 (id=990):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
setresuid(0x0, 0xee00, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000036000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, 0x0}], 0x1, 0x6d, 0x0, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0)={{0x100000, 0xeeef0000, 0x3, 0xac, 0x3, 0xd2, 0x81, 0x7, 0x0, 0x2b, 0x9}, {0x4000, 0x8080000, 0xe, 0xfd, 0x40, 0x9, 0x7f, 0x1, 0x1, 0x0, 0x3}, {0x3000, 0x1000, 0x8, 0x9, 0x1, 0x2, 0x0, 0x9, 0x0, 0xa7, 0x29, 0x91}, {0xf000, 0x100000, 0xa, 0xe7, 0x3, 0x2, 0x1, 0xfb, 0x8, 0x57, 0xe, 0xf0}, {0x4000, 0x2000, 0xd, 0xf7, 0x0, 0x86, 0xa, 0x7f, 0x2, 0x0, 0xf7, 0x43}, {0x1000, 0x8080000, 0x3, 0x80, 0xb1, 0x8, 0x4, 0x6, 0x80, 0xf, 0x9, 0x80}, {0xdddd0000, 0x11d004, 0xc, 0x5, 0x0, 0x5, 0x4, 0x3, 0x5, 0x80, 0x3, 0x4}, {0xd000, 0x1, 0x10, 0x5, 0x5, 0xf7, 0x1, 0x37, 0x2, 0x8, 0xf0, 0x1}, {0x1, 0x70}, {0xdddd0000, 0x8}, 0xe0010027, 0x0, 0xffff1000, 0x2004, 0x12, 0x8000, 0x3000, [0x8000000000000000, 0xfffffffffffffffc, 0x15e, 0x3]})

1.007641499s ago: executing program 4 (id=991):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001580)=ANY=[@ANYBLOB="0500000001000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x47, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x4cf68d79c8eac253, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

992.08328ms ago: executing program 4 (id=992):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000000000)=0x1, 0x4)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000080)=0x40, 0x4)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000180)="d2cf", 0x2}], 0x1}}], 0x1, 0x4000000)

368.4317ms ago: executing program 6 (id=999):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x6}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000001340)=@base={0xb, 0x8, 0x2, 0x9, 0x1}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x69, 0x11, 0x32}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x70)

258.711569ms ago: executing program 6 (id=1000):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28012, r0, 0x0)
mmap(&(0x7f00009c5000/0x1000)=nil, 0x1000, 0x3, 0x28012, r0, 0x0)
mlock2(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0)
mlock2(&(0x7f0000093000/0x3000)=nil, 0x3000, 0x1)
munlockall()

242.36055ms ago: executing program 6 (id=1001):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x59dc6d71776a1654}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r2, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)

123.01464ms ago: executing program 4 (id=1002):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000940)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x20, 0x0, 0x4, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f00000004c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="2009040000004a5feb"], 0x0, 0x0, 0x0, 0x0})

96.886512ms ago: executing program 6 (id=1003):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'syz_tun\x00', <r2=>0x0})
socket(0x2, 0xa, 0x300)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x808, r2, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)
syz_emit_ethernet(0x2e, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff0808"], 0x0)

64.050945ms ago: executing program 6 (id=1004):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0xd9}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80000001}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000008000000000018000380"], 0x44}}, 0x0)

0s ago: executing program 6 (id=1005):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000980)=ANY=[@ANYBLOB="9400000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0003010c0002800500010000000000080007400000000030000e802c0001801400"], 0x94}}, 0x48000)

kernel console output (not intermixed with test programs):

nect, device number 2
[   31.979520][  T788] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   32.043321][  T815] input: syz0 as /devices/virtual/input/input4
[   32.056275][  T788] EXT4-fs (loop4): 1 truncate cleaned up
[   32.063101][  T788] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   32.141169][  T283] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0)
[   32.201350][  T283] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1)
[   32.228752][  T841] loop5: detected capacity change from 0 to 128
[   32.279907][  T283] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2)
[   32.303728][  T841] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   32.319192][  T283] EXT4-fs (loop4): unmounting filesystem.
[   32.487942][  T871] Illegal XDP return value 4294967274 on prog  (id 71) dev N/A, expect packet loss!
[   32.582799][   T28] kauditd_printk_skb: 65 callbacks suppressed
[   32.582815][   T28] audit: type=1400 audit(32.571:219): avc:  denied  { ioctl } for  pid=876 comm="syz.3.178" path="socket:[18609]" dev="sockfs" ino=18609 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   32.657634][  T883] xt_bpf: check failed: parse error
[   32.762126][  T899] bridge0: port 3(vlan2) entered blocking state
[   32.768851][  T899] bridge0: port 3(vlan2) entered disabled state
[   32.803964][  T900] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   32.831952][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   32.843814][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   32.881122][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   32.899786][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   32.915862][    T6] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   32.916469][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   32.942607][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   32.956807][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   32.985944][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   33.020404][  T912] loop2: detected capacity change from 0 to 2048
[   33.042142][  T912] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   33.068417][  T687] EXT4-fs (loop5): unmounting filesystem.
[   33.076511][  T287] EXT4-fs (loop2): unmounting filesystem.
[   33.105822][    T6] usb 4-1: Using ep0 maxpacket: 32
[   33.116523][    T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   33.130690][    T6] usb 4-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[   33.163682][    T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   33.176809][   T28] audit: type=1400 audit(33.171:220): avc:  denied  { load_policy } for  pid=924 comm="syz.0.199" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   33.180528][  T925] SELinux: failed to load policy
[   33.198853][    T6] usb 4-1: config 0 descriptor??
[   33.328529][   T28] audit: type=1400 audit(33.321:221): avc:  denied  { unmount } for  pid=285 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   33.421664][  T949] netlink: 32 bytes leftover after parsing attributes in process `syz.2.210'.
[   33.505804][   T39] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   33.581430][  T951] loop2: detected capacity change from 0 to 40427
[   33.591474][  T951] F2FS-fs (loop2): fault_injection options not supported
[   33.600010][  T951] F2FS-fs (loop2): fault_type options not supported
[   33.607583][  T951] F2FS-fs (loop2): invalid crc value
[   33.614138][  T951] F2FS-fs (loop2): Found nat_bits in checkpoint
[   33.621726][    T6] hid (null): report_id 0 is invalid
[   33.637278][    T6] hid-generic 0003:0B05:19B6.0004: report_id 0 is invalid
[   33.648614][    T6] hid-generic 0003:0B05:19B6.0004: item 0 0 1 8 parsing failed
[   33.656254][  T951] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   33.686322][    T6] hid-generic: probe of 0003:0B05:19B6.0004 failed with error -22
[   33.692981][   T39] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   33.711340][   T39] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   33.724426][  T957] f2fs_ckpt-7:2: attempt to access beyond end of device
[   33.724426][  T957] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   33.726817][   T39] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   33.762592][   T39] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   33.772159][   T39] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   33.782137][   T39] usb 6-1: config 0 descriptor??
[   33.861669][    T6] usb 4-1: USB disconnect, device number 3
[   33.931032][   T28] audit: type=1400 audit(33.921:222): avc:  denied  { mount } for  pid=969 comm="syz.2.215" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[   33.964069][   T28] audit: type=1400 audit(33.951:223): avc:  denied  { unmount } for  pid=969 comm="syz.2.215" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[   34.064955][   T28] audit: type=1400 audit(34.051:224): avc:  denied  { mount } for  pid=983 comm="syz.2.223" name="/" dev="ramfs" ino=18753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   34.095442][   T28] audit: type=1400 audit(34.081:225): avc:  denied  { remount } for  pid=983 comm="syz.2.223" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   34.121702][  T988] syz.2.226[988] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   34.121773][  T988] syz.2.226[988] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   34.131210][   T28] audit: type=1400 audit(34.081:226): avc:  denied  { unmount } for  pid=983 comm="syz.2.223" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   34.182555][   T28] audit: type=1400 audit(34.081:227): avc:  denied  { unmount } for  pid=287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   34.208975][   T39] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   34.226923][   T39] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   34.234373][   T39] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   34.256258][   T39] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   34.266779][   T28] audit: type=1400 audit(34.171:228): avc:  denied  { setopt } for  pid=987 comm="syz.2.226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   34.287425][   T39] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   34.295024][   T39] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   34.315706][   T39] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   34.323520][   T39] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   34.331357][   T39] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   34.345830][   T39] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   34.353359][   T39] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   34.366241][   T39] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   34.368080][ T1005] loop4: detected capacity change from 0 to 8192
[   34.377459][   T39] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   34.388070][   T39] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   34.395952][   T39] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   34.413867][   T39] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[   34.446314][ T1015] netlink: 516 bytes leftover after parsing attributes in process `syz.3.238'.
[   34.450646][   T39] plantronics 0003:047F:FFFF.0005: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[   34.472958][   T39] usb 6-1: USB disconnect, device number 2
[   34.519038][ T1025] fido_id[1025]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[   34.592528][ T1033] loop0: detected capacity change from 0 to 1024
[   34.642898][ T1033] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   34.674483][  T285] EXT4-fs (loop0): unmounting filesystem.
[   34.865873][   T39] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   34.888104][ T1047] loop2: detected capacity change from 0 to 40427
[   34.905318][ T1047] F2FS-fs (loop2): fault_injection options not supported
[   34.913154][ T1047] F2FS-fs (loop2): invalid crc value
[   34.925484][ T1047] F2FS-fs (loop2): Found nat_bits in checkpoint
[   34.931976][    T6] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   34.969537][ T1047] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   35.043631][ T1059] f2fs_ckpt-7:2: attempt to access beyond end of device
[   35.043631][ T1059] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   35.066355][   T39] usb 4-1: Using ep0 maxpacket: 16
[   35.082191][ T1058] loop0: detected capacity change from 0 to 40427
[   35.086840][   T39] usb 4-1: config 0 has an invalid interface number: 64 but max is 0
[   35.112504][ T1058] F2FS-fs (loop0): Image doesn't support compression
[   35.122637][   T39] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   35.131483][ T1058] F2FS-fs (loop0): heap/no_heap options were deprecated
[   35.140150][    T6] usb 5-1: Using ep0 maxpacket: 16
[   35.142596][   T39] usb 4-1: config 0 has no interface number 0
[   35.146708][    T6] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   35.176542][ T1058] F2FS-fs (loop0): invalid crc value
[   35.181833][   T39] usb 4-1: New USB device found, idVendor=0bd3, idProduct=05f4, bcdDevice= 0.5b
[   35.185997][    T6] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[   35.205129][ T1058] F2FS-fs (loop0): Found nat_bits in checkpoint
[   35.212005][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   35.237189][    T6] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   35.240580][   T39] usb 4-1: config 0 descriptor??
[   35.256595][    T6] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   35.266696][   T39] usb 4-1: Found UVC 0.00 device <unnamed> (0bd3:05f4)
[   35.276303][ T1068] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   35.280361][    T6] usb 5-1: Product: syz
[   35.286436][   T39] usb 4-1: No valid video chain found.
[   35.301415][    T6] usb 5-1: Manufacturer: syz
[   35.306136][ T1068] SELinux: failed to load policy
[   35.306167][ T1058] F2FS-fs (loop0): Start checkpoint disabled!
[   35.325796][    T6] usb 5-1: SerialNumber: syz
[   35.332511][ T1058] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[   35.516705][  T450] usb 4-1: USB disconnect, device number 4
[   35.548821][    T6] usb 5-1: 0:2 : does not exist
[   35.558255][    T6] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[   35.573853][    T6] usb 5-1: USB disconnect, device number 4
[   35.648613][ T1087] loop5: detected capacity change from 0 to 40427
[   35.676055][ T1087] F2FS-fs (loop5): invalid crc value
[   35.708046][ T1087] F2FS-fs (loop5): Found nat_bits in checkpoint
[   35.709528][ T1106] netlink: 40 bytes leftover after parsing attributes in process `syz.2.273'.
[   35.723492][ T1106] netlink: 40 bytes leftover after parsing attributes in process `syz.2.273'.
[   35.732729][ T1106] netlink: 40 bytes leftover after parsing attributes in process `syz.2.273'.
[   35.759549][  T828] kworker/u4:65: attempt to access beyond end of device
[   35.759549][  T828] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[   35.773089][ T1087] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[   35.773979][  T828] kworker/u4:65: attempt to access beyond end of device
[   35.773979][  T828] loop0: rw=2049, sector=40976, nr_sectors = 8 limit=40427
[   35.807371][  T458] udevd[458]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   35.847194][ T1087] syz.5.265: attempt to access beyond end of device
[   35.847194][ T1087] loop5: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[   35.869249][  T687] syz-executor: attempt to access beyond end of device
[   35.869249][  T687] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   35.993118][ T1116] syz.5.276[1116] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   35.993171][ T1116] syz.5.276[1116] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   36.124114][ T1142] loop4: detected capacity change from 0 to 1024
[   36.142165][ T1142] EXT4-fs: Ignoring removed nomblk_io_submit option
[   36.170924][ T1142] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   36.182408][ T1164] loop3: detected capacity change from 0 to 512
[   36.214354][  T283] EXT4-fs (loop4): unmounting filesystem.
[   36.227765][ T1164] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   36.324008][  T535] EXT4-fs warning (device loop3): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   36.336435][  T535] EXT4-fs warning (device loop3): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   36.348396][  T535] EXT4-fs warning (device loop3): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   36.360397][  T535] EXT4-fs warning (device loop3): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   36.372188][  T535] EXT4-fs warning (device loop3): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   36.384055][  T535] EXT4-fs warning (device loop3): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   36.395973][  T535] EXT4-fs warning (device loop3): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   36.407610][  T535] EXT4-fs warning (device loop3): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   36.420660][  T535] EXT4-fs warning (device loop3): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   36.432816][  T535] EXT4-fs warning (device loop3): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   36.511359][  T535] EXT4-fs (loop3): unmounting filesystem.
[   36.548342][ T1188] netlink: 'syz.0.300': attribute type 15 has an invalid length.
[   36.556372][ T1188] netlink: 24 bytes leftover after parsing attributes in process `syz.0.300'.
[   36.615689][ T1192] loop0: detected capacity change from 0 to 1024
[   36.639677][ T1192] EXT4-fs: Ignoring removed nomblk_io_submit option
[   36.667697][ T1192] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   36.698600][  T285] EXT4-fs (loop0): unmounting filesystem.
[   36.798847][ T1212] loop0: detected capacity change from 0 to 512
[   36.817622][ T1202] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.825125][ T1202] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.833396][ T1202] device bridge_slave_0 entered promiscuous mode
[   36.833554][ T1212] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   36.840820][ T1202] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.863455][ T1202] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.871168][ T1202] device bridge_slave_1 entered promiscuous mode
[   36.884638][  T285] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic 0, entries 0, max 0(0), depth 0(0)
[   36.902035][  T285] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic 0, entries 0, max 0(0), depth 0(0)
[   36.965582][ T1202] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.972659][ T1202] bridge0: port 2(bridge_slave_1) entered forwarding state
[   36.979926][ T1202] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.986960][ T1202] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.008965][  T866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   37.016873][  T866] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.024130][  T866] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.033353][  T866] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   37.043439][  T866] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.043525][  T285] EXT4-fs (loop0): unmounting filesystem.
[   37.050516][  T866] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.066738][   T24] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   37.077173][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   37.085699][  T828] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.092798][  T828] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.110389][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   37.126673][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   37.138514][  T805] device bridge_slave_1 left promiscuous mode
[   37.145888][  T805] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.153594][  T805] device bridge_slave_0 left promiscuous mode
[   37.160370][  T805] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.168890][  T805] device veth1_macvtap left promiscuous mode
[   37.175040][  T805] device veth0_vlan left promiscuous mode
[   37.215883][  T335] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   37.241369][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   37.254006][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   37.261897][   T24] usb 3-1: Using ep0 maxpacket: 16
[   37.262206][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   37.268253][   T24] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[   37.274653][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   37.282657][   T24] usb 3-1: config 0 has no interface number 0
[   37.295736][   T24] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   37.297694][ T1202] device veth0_vlan entered promiscuous mode
[   37.314609][   T24] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   37.324659][   T24] usb 3-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[   37.327983][ T1202] device veth1_macvtap entered promiscuous mode
[   37.340268][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   37.341368][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   37.349142][   T24] usb 3-1: config 0 descriptor??
[   37.374310][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   37.393957][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   37.406972][  T335] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   37.420001][  T335] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[   37.429156][  T335] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   37.434932][ T1229] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.437975][  T335] usb 6-1: Product: syz
[   37.445289][ T1229] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.450939][  T335] usb 6-1: Manufacturer: syz
[   37.462971][  T335] usb 6-1: SerialNumber: syz
[   37.467562][ T1229] device bridge_slave_0 entered promiscuous mode
[   37.474305][ T1234] loop4: detected capacity change from 0 to 128
[   37.475134][ T1229] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.487839][ T1229] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.496385][ T1229] device bridge_slave_1 entered promiscuous mode
[   37.496922][  T335] hub 6-1:1.0: bad descriptor, ignoring hub
[   37.547875][ T1234] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   37.560646][  T335] hub: probe of 6-1:1.0 failed with error -5
[   37.656146][  T866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   37.664051][  T866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   37.681418][  T866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   37.690001][  T866] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   37.701966][ T1236] loop6: detected capacity change from 0 to 40427
[   37.712693][  T866] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.719838][  T866] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.729478][ T1236] F2FS-fs (loop6): fault_injection options not supported
[   37.736664][ T1236] F2FS-fs (loop6): fault_type options not supported
[   37.744075][  T866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   37.746273][ T1236] F2FS-fs (loop6): invalid crc value
[   37.753048][  T866] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   37.768605][  T866] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.769365][ T1236] F2FS-fs (loop6): Found nat_bits in checkpoint
[   37.775664][  T866] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.776424][  T866] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   37.811482][  T866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   37.819742][  T866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   37.832079][  T824] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   37.840673][ T1236] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   37.863886][  T866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   37.875354][  T866] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   37.883106][  T866] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   37.891978][ T1229] device veth0_vlan entered promiscuous mode
[   37.903373][ T1245] f2fs_ckpt-7:6: attempt to access beyond end of device
[   37.903373][ T1245] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   37.909691][  T866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   37.933187][ T1229] device veth1_macvtap entered promiscuous mode
[   37.945391][  T824] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   37.967634][  T824] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   37.970516][   T24] uclogic 0003:28BD:0071.0006: failed retrieving string descriptor #100: -71
[   37.984925][   T24] uclogic 0003:28BD:0071.0006: failed retrieving pen parameters: -71
[   37.993294][   T24] uclogic 0003:28BD:0071.0006: pen probing failed: -71
[   38.000720][   T24] uclogic 0003:28BD:0071.0006: failed probing parameters: -71
[   38.008469][   T24] uclogic: probe of 0003:28BD:0071.0006 failed with error -71
[   38.021911][   T24] usb 3-1: USB disconnect, device number 4
[   38.025915][    T6] usb 6-1: reset high-speed USB device number 3 using dummy_hcd
[   38.198387][ T1255] device bridge0 entered promiscuous mode
[   38.204227][ T1255] device macsec1 entered promiscuous mode
[   38.211323][ T1255] bridge0: port 3(macsec1) entered blocking state
[   38.217963][ T1255] bridge0: port 3(macsec1) entered disabled state
[   38.225422][ T1255] device bridge0 left promiscuous mode
[   38.273019][ T1261] loop7: detected capacity change from 0 to 512
[   38.310379][ T1261] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[   38.320576][  T283] EXT4-fs (loop4): unmounting filesystem.
[   38.346745][  T805] device bridge_slave_1 left promiscuous mode
[   38.353645][  T805] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.359688][   T28] kauditd_printk_skb: 25 callbacks suppressed
[   38.359702][   T28] audit: type=1400 audit(38.351:254): avc:  denied  { setopt } for  pid=1264 comm="syz.4.323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   38.386288][  T805] device bridge_slave_0 left promiscuous mode
[   38.395775][  T805] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.404745][ T1229] EXT4-fs warning (device loop7): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   38.417161][ T1229] EXT4-fs warning (device loop7): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   38.429835][ T1229] EXT4-fs warning (device loop7): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   38.443413][ T1229] EXT4-fs warning (device loop7): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   38.444608][  T805] device veth1_macvtap left promiscuous mode
[   38.455351][ T1229] EXT4-fs warning (device loop7): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   38.464404][   T28] audit: type=1400 audit(38.361:255): avc:  denied  { block_suspend } for  pid=1266 comm="syz.6.324" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   38.472914][ T1229] EXT4-fs warning (device loop7): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   38.505258][ T1229] EXT4-fs warning (device loop7): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   38.516767][  T805] device veth0_vlan left promiscuous mode
[   38.523337][ T1229] EXT4-fs warning (device loop7): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   38.535337][ T1229] EXT4-fs warning (device loop7): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   38.535344][ T1272] syz.6.327 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   38.562939][  T450] usb 6-1: USB disconnect, device number 3
[   38.575143][ T1229] EXT4-fs warning (device loop7): ext4_empty_dir:3147: inode #12: comm syz-executor: directory missing '.'
[   38.620088][   T28] audit: type=1400 audit(38.611:256): avc:  denied  { create } for  pid=1275 comm="syz.6.329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[   38.646363][ T1278] loop4: detected capacity change from 0 to 1024
[   38.654714][ T1278] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   38.663343][ T1278] EXT4-fs (loop4): orphan cleanup on readonly fs
[   38.670212][ T1278] EXT4-fs error (device loop4): ext4_free_blocks:6210: comm syz.4.330: Freeing blocks not in datazone - block = 0, count = 4096
[   38.684020][ T1278] EXT4-fs (loop4): 1 orphan inode deleted
[   38.689970][ T1278] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   38.710187][  T283] EXT4-fs (loop4): unmounting filesystem.
[   38.818395][ T1229] EXT4-fs (loop7): unmounting filesystem.
[   38.860303][ T1291] device syz_tun entered promiscuous mode
[   38.867426][ T1291] device syz_tun left promiscuous mode
[   39.066219][   T28] audit: type=1326 audit(39.061:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1302 comm="syz.5.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3480f8ebe9 code=0x7ffc0000
[   39.089493][   T28] audit: type=1326 audit(39.081:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1302 comm="syz.5.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3480f8ebe9 code=0x7ffc0000
[   39.120868][   T28] audit: type=1326 audit(39.101:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1302 comm="syz.5.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f3480f8ebe9 code=0x7ffc0000
[   39.125805][   T24] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   39.144157][   T28] audit: type=1326 audit(39.101:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1302 comm="syz.5.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3480f8ebe9 code=0x7ffc0000
[   39.196829][   T28] audit: type=1326 audit(39.101:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1302 comm="syz.5.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3480f8ebe9 code=0x7ffc0000
[   39.225634][ T1297] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.241497][ T1297] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.256909][ T1297] device bridge_slave_0 entered promiscuous mode
[   39.269779][   T28] audit: type=1326 audit(39.101:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1302 comm="syz.5.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f3480f8ebe9 code=0x7ffc0000
[   39.305115][ T1297] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.314465][ T1297] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.321726][   T28] audit: type=1326 audit(39.101:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1302 comm="syz.5.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3480f8ebe9 code=0x7ffc0000
[   39.353184][ T1297] device bridge_slave_1 entered promiscuous mode
[   39.382968][ T1314] loop6: detected capacity change from 0 to 512
[   39.402280][ T1314] EXT4-fs: Ignoring removed nomblk_io_submit option
[   39.405894][   T24] usb 3-1: Using ep0 maxpacket: 32
[   39.424691][ T1314] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[   39.427731][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   39.433760][ T1314] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters
[   39.463501][ T1314] EXT4-fs (loop6): Remounting filesystem read-only
[   39.470341][ T1314] EXT4-fs (loop6): 1 truncate cleaned up
[   39.476078][ T1314] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   39.483191][   T24] usb 3-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[   39.535937][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   39.598646][   T24] usb 3-1: config 0 descriptor??
[   39.667862][ T1202] EXT4-fs (loop6): unmounting filesystem.
[   39.704776][    T6] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   39.714874][ T1297] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.716426][ T1329] loop5: detected capacity change from 0 to 256
[   39.721976][ T1297] bridge0: port 2(bridge_slave_1) entered forwarding state
[   39.735936][ T1297] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.736351][    T6] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   39.742975][ T1297] bridge0: port 1(bridge_slave_0) entered forwarding state
[   39.774743][ T1329] exfat: Deprecated parameter 'utf8'
[   39.788643][  T824] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.814159][  T824] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.842689][  T805] device bridge_slave_1 left promiscuous mode
[   39.872850][  T805] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.887420][  T805] device bridge_slave_0 left promiscuous mode
[   39.893620][  T805] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.902506][ T1334] syz.5.351 (1334) used greatest stack depth: 21824 bytes left
[   39.916715][  T805] device veth1_macvtap left promiscuous mode
[   39.922972][  T805] device veth0_vlan left promiscuous mode
[   40.017496][   T24] hid (null): report_id 0 is invalid
[   40.035525][   T24] hid-generic 0003:0B05:19B6.0008: report_id 0 is invalid
[   40.043999][   T24] hid-generic 0003:0B05:19B6.0008: item 0 0 1 8 parsing failed
[   40.054497][   T24] hid-generic: probe of 0003:0B05:19B6.0008 failed with error -22
[   40.073797][  T824] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   40.089812][  T824] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   40.100482][  T824] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   40.109262][  T824] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   40.117553][  T824] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.124595][  T824] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.139135][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   40.156216][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   40.164657][  T793] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.171854][  T793] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.179943][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   40.188275][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   40.196747][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   40.204835][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   40.220479][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   40.229305][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   40.253774][ T1297] device veth0_vlan entered promiscuous mode
[   40.264554][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   40.273214][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   40.289890][ T1297] device veth1_macvtap entered promiscuous mode
[   40.302941][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   40.311461][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   40.320239][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   40.328860][   T19] usb 3-1: USB disconnect, device number 5
[   40.328924][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   40.343701][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   40.366374][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   40.375462][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   40.390308][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   40.407041][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   40.460803][ T1373] loop8: detected capacity change from 0 to 512
[   40.482453][ T1375] loop6: detected capacity change from 0 to 256
[   40.496374][ T1375] exfat: Deprecated parameter 'utf8'
[   40.514780][ T1373] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   40.553931][ T1373] EXT4-fs (loop8): shut down requested (2)
[   40.569272][ T1297] EXT4-fs (loop8): unmounting filesystem.
[   40.787589][ T1412] loop8: detected capacity change from 0 to 256
[   40.797096][ T1412] exfat: Deprecated parameter 'utf8'
[   40.988827][ T1435] loop8: detected capacity change from 0 to 512
[   41.007807][ T1435] EXT4-fs error (device loop8): ext4_orphan_get:1400: inode #15: comm syz.8.394: iget: bad extended attribute block 1
[   41.020697][ T1435] EXT4-fs error (device loop8): ext4_orphan_get:1405: comm syz.8.394: couldn't read orphan inode 15 (err -117)
[   41.032963][ T1435] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[   41.045833][  T288] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   41.072181][ T1443] loop6: detected capacity change from 0 to 256
[   41.089440][ T1443] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[   41.111329][ T1297] EXT4-fs (loop8): unmounting filesystem.
[   41.181934][ T1457] netlink: 277 bytes leftover after parsing attributes in process `syz.4.404'.
[   41.225825][  T288] usb 6-1: Using ep0 maxpacket: 16
[   41.232350][  T288] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[   41.240417][  T288] usb 6-1: config 0 has no interface number 0
[   41.246576][  T288] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   41.257761][  T288] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   41.267528][  T288] usb 6-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[   41.276664][  T288] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   41.286019][  T288] usb 6-1: config 0 descriptor??
[   41.445872][   T19] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[   41.626936][   T19] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   41.638101][   T19] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   41.647896][   T19] usb 9-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[   41.657050][   T19] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   41.665916][   T19] usb 9-1: config 0 descriptor??
[   41.857750][ T1483] loop2: detected capacity change from 0 to 512
[   41.874305][ T1483] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.416: casefold flag without casefold feature
[   41.891904][ T1483] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.416: couldn't read orphan inode 15 (err -117)
[   41.904427][  T288] uclogic 0003:28BD:0071.0009: failed retrieving string descriptor #100: -71
[   41.913409][  T288] uclogic 0003:28BD:0071.0009: failed retrieving pen parameters: -71
[   41.916328][ T1483] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   41.922670][  T288] uclogic 0003:28BD:0071.0009: pen probing failed: -71
[   41.937750][  T288] uclogic 0003:28BD:0071.0009: failed probing parameters: -71
[   41.945248][  T288] uclogic: probe of 0003:28BD:0071.0009 failed with error -71
[   41.962477][  T288] usb 6-1: USB disconnect, device number 4
[   41.989551][  T287] EXT4-fs (loop2): unmounting filesystem.
[   42.074617][   T19] hid-led 0003:0FC5:B080.000A: unknown main item tag 0x0
[   42.180187][ T1506] loop2: detected capacity change from 0 to 512
[   42.227064][ T1506] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   42.247523][ T1506] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #2: comm syz.2.426: corrupted inode contents
[   42.259862][ T1506] EXT4-fs error (device loop2): ext4_dirty_inode:6121: inode #2: comm syz.2.426: mark_inode_dirty error
[   42.271650][ T1506] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #2: comm syz.2.426: corrupted inode contents
[   42.284531][ T1506] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.426: mark_inode_dirty error
[   42.302834][ T1506] EXT4-fs (loop2): shut down requested (1)
[   42.328006][  T287] EXT4-fs (loop2): unmounting filesystem.
[   42.350145][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.360745][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.369115][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.379872][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.388265][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.396325][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.404139][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.411778][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.419462][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.427283][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.434843][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.450715][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.460209][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.468733][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.480220][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.492417][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.509840][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.517681][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.525641][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.534761][ T1533] I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   42.546506][ T1533] FAT-fs (loop13): unable to read boot sector
[   42.554246][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.566184][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.573741][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.583333][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.591162][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.598942][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.606876][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.614308][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.621742][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.629202][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.636629][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.644069][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.651503][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.659139][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.666656][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.674076][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.681481][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.689062][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.696486][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.703885][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.704500][  T504] usb 9-1: USB disconnect, device number 2
[   42.711326][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.711349][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.711366][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.711384][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.746892][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.754291][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.761775][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.769194][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.776637][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.784024][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.791529][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.798950][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.806382][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.813767][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.822070][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.829605][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.837036][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.844461][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.845871][  T288] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   42.851938][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.866840][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.874238][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.881706][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.889126][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.896686][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.904090][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.911525][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.919022][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.926595][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.933988][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.941449][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x7
[   42.948888][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.956404][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.963788][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.971236][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.979188][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.986623][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   42.994010][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   43.001437][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   43.009072][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   43.016621][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   43.024004][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   43.031465][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   43.038883][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   43.045789][  T288] usb 3-1: Using ep0 maxpacket: 32
[   43.046301][  T450] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[   43.052894][  T288] usb 3-1: config 0 has an invalid interface number: 18 but max is 0
[   43.066294][  T450] hid-generic 0401:0002:0007.000B: hidraw0: <UNKNOWN> HID vffffff.f6 Device [syz1] on syz1
[   43.082013][  T288] usb 3-1: config 0 has no interface number 0
[   43.102137][  T288] usb 3-1: config 0 interface 18 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[   43.122575][  T288] usb 3-1: config 0 interface 18 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8
[   43.165194][  T288] usb 3-1: config 0 interface 18 has no altsetting 0
[   43.185332][ T1553] Invalid ELF header len 16
[   43.187328][ T1549] fido_id[1549]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   43.209060][  T288] usb 3-1: New USB device found, idVendor=17ef, idProduct=a387, bcdDevice=6c.e0
[   43.222981][  T288] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   43.231226][  T288] usb 3-1: Product: syz
[   43.251998][  T288] usb 3-1: Manufacturer: syz
[   43.261168][ T1559] loop4: detected capacity change from 0 to 512
[   43.269958][  T288] usb 3-1: SerialNumber: syz
[   43.273618][ T1563] loop8: detected capacity change from 0 to 512
[   43.278024][  T288] r8152-cfgselector 3-1: config 0 descriptor??
[   43.306276][ T1541] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   43.306744][ T1559] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   43.314108][ T1541] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   43.341921][ T1563] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   43.356460][ T1559] EXT4-fs error (device loop4): ext4_do_update_inode:5256: inode #2: comm syz.4.451: corrupted inode contents
[   43.367895][   T28] kauditd_printk_skb: 1018 callbacks suppressed
[   43.367910][   T28] audit: type=1400 audit(299.365:1282): avc:  denied  { setattr } for  pid=1562 comm="syz.8.452" name="file1" dev="loop8" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   43.399722][ T1559] EXT4-fs error (device loop4): ext4_dirty_inode:6121: inode #2: comm syz.4.451: mark_inode_dirty error
[   43.412187][ T1559] EXT4-fs error (device loop4): ext4_do_update_inode:5256: inode #2: comm syz.4.451: corrupted inode contents
[   43.431690][ T1559] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz.4.451: mark_inode_dirty error
[   43.507492][ T1559] EXT4-fs (loop4): shut down requested (1)
[   43.518159][ T1297] EXT4-fs (loop8): unmounting filesystem.
[   43.554006][   T28] audit: type=1400 audit(299.545:1283): avc:  denied  { bind } for  pid=1583 comm="syz.6.462" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   43.575966][  T283] EXT4-fs (loop4): unmounting filesystem.
[   43.589431][ T1589] capability: warning: `syz.6.463' uses 32-bit capabilities (legacy support in use)
[   43.602063][   T28] audit: type=1400 audit(299.545:1284): avc:  denied  { create } for  pid=1583 comm="syz.6.462" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   43.627959][   T28] audit: type=1400 audit(299.545:1285): avc:  denied  { setopt } for  pid=1583 comm="syz.6.462" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   43.648194][   T28] audit: type=1400 audit(299.545:1286): avc:  denied  { connect } for  pid=1583 comm="syz.6.462" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   43.669321][   T28] audit: type=1400 audit(299.615:1287): avc:  denied  { read write } for  pid=1590 comm="syz.4.461" name="fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   43.693615][   T28] audit: type=1400 audit(299.615:1288): avc:  denied  { open } for  pid=1590 comm="syz.4.461" path="/dev/fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   43.741274][ T1595] netlink: 'syz.5.464': attribute type 5 has an invalid length.
[   43.774698][   T28] audit: type=1400 audit(299.765:1289): avc:  denied  { create } for  pid=1598 comm="syz.5.466" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   43.793599][   T28] audit: type=1400 audit(299.775:1290): avc:  denied  { ioctl } for  pid=1600 comm="syz.8.468" path="socket:[21588]" dev="sockfs" ino=21588 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   43.818166][   T28] audit: type=1400 audit(299.775:1291): avc:  denied  { bind } for  pid=1600 comm="syz.8.468" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   43.868634][ T1609] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=1609 comm=syz.5.472
[   43.926659][ T1619] loop6: detected capacity change from 0 to 256
[   44.020299][  T288] r8152-cfgselector 3-1: Unknown version 0x0000
[   44.030123][  T288] r8152-cfgselector 3-1: Unknown version 0x0000
[   44.058048][  T288] r8152-cfgselector 3-1: USB disconnect, device number 6
[   44.271831][ T1664] loop6: detected capacity change from 0 to 512
[   44.285529][ T1664] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   44.318328][ T1668] loop8: detected capacity change from 0 to 512
[   44.331903][ T1202] EXT4-fs (loop6): unmounting filesystem.
[   44.348642][ T1670] loop6: detected capacity change from 0 to 512
[   44.355472][ T1670] ext4: Bad value for 'mb_optimize_scan'
[   44.359738][ T1668] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[   44.382532][ T1668] EXT4-fs warning (device loop8): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   44.396984][ T1668] EXT4-fs (loop8): 1 truncate cleaned up
[   44.402848][ T1668] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   44.451204][ T1297] EXT4-fs (loop8): unmounting filesystem.
[   44.492782][ T1685] syz.4.503[1685] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   44.492833][ T1685] syz.4.503[1685] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   44.595649][ T1697] loop8: detected capacity change from 0 to 1024
[   44.649598][ T1697] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[   44.711322][ T1715] loop6: detected capacity change from 0 to 512
[   44.720698][ T1297] EXT4-fs (loop8): unmounting filesystem.
[   44.741872][ T1715] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   44.763513][ T1715] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   44.768034][ T1721] cgroup: fork rejected by pids controller in /syz2
[   44.812638][ T1202] EXT4-fs (loop6): unmounting filesystem.
[   45.247220][ T1764] netem: change failed
[   45.309652][ T1771] loop8: detected capacity change from 0 to 512
[   45.310410][ T1768] loop4: detected capacity change from 0 to 2048
[   45.324510][ T1771] EXT4-fs: Ignoring removed mblk_io_submit option
[   45.340503][ T1771] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   45.356356][ T1768] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   45.372213][ T1771] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[   45.387162][ T1771] EXT4-fs (loop8): 1 truncate cleaned up
[   45.399987][  T283] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[   45.400381][ T1776] loop6: detected capacity change from 0 to 256
[   45.416444][ T1771] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   45.431300][  T283] EXT4-fs (loop4): unmounting filesystem.
[   45.437055][ T1776] exfat: Deprecated parameter 'namecase'
[   45.439297][ T1776] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[   45.518262][ T1769] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.528136][ T1297] EXT4-fs (loop8): unmounting filesystem.
[   45.534088][ T1769] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.546926][ T1769] device bridge_slave_0 entered promiscuous mode
[   45.563508][ T1769] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.579585][ T1769] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.596843][ T1769] device bridge_slave_1 entered promiscuous mode
[   45.693419][ T1769] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.700505][ T1769] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.707811][ T1769] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.714855][ T1769] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.742008][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   45.749418][  T450] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   45.757099][  T869] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.764525][  T869] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.787748][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   45.796189][  T869] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.803276][  T869] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.810835][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   45.819341][  T869] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.826423][  T869] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.851341][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   45.859926][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   45.876778][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   45.886391][ T1769] device veth0_vlan entered promiscuous mode
[   45.895627][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   45.904651][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   45.912761][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   45.922313][ T1769] device veth1_macvtap entered promiscuous mode
[   45.930646][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   45.935815][  T450] usb 7-1: Using ep0 maxpacket: 16
[   45.939913][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   45.946649][  T450] usb 7-1: New USB device found, idVendor=0483, idProduct=1234, bcdDevice=ff.76
[   45.952262][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   45.961103][  T450] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   45.976594][  T450] usb 7-1: Product: syz
[   45.977821][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   45.980778][  T450] usb 7-1: Manufacturer: syz
[   45.980796][  T450] usb 7-1: SerialNumber: syz
[   45.984698][  T450] usb 7-1: config 0 descriptor??
[   45.989736][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   45.995905][   T19] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   45.999479][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   46.027965][  T869] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   46.036803][  T824] device bridge_slave_1 left promiscuous mode
[   46.042903][  T824] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.050633][  T824] device bridge_slave_0 left promiscuous mode
[   46.056895][  T824] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.064680][  T824] device veth1_macvtap left promiscuous mode
[   46.070950][  T824] device veth0_vlan left promiscuous mode
[   46.195837][   T19] usb 5-1: Using ep0 maxpacket: 32
[   46.202979][   T19] usb 5-1: config 0 has an invalid interface number: 151 but max is 0
[   46.216463][   T19] usb 5-1: config 0 has no interface number 0
[   46.230560][   T19] usb 5-1: New USB device found, idVendor=0403, idProduct=e548, bcdDevice=ad.d6
[   46.234456][   T24] usb 7-1: USB disconnect, device number 2
[   46.241299][   T19] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   46.253811][   T19] usb 5-1: Product: syz
[   46.258388][   T19] usb 5-1: Manufacturer: syz
[   46.263027][   T19] usb 5-1: SerialNumber: syz
[   46.272598][   T19] usb 5-1: config 0 descriptor??
[   46.280310][   T19] ftdi_sio 5-1:0.151: FTDI USB Serial Device converter detected
[   46.293778][   T19] ftdi_sio ttyUSB0: unknown device type: 0xadd6
[   46.337645][ T1821] loop2: detected capacity change from 0 to 512
[   46.354204][ T1821] EXT4-fs error (device loop2): ext4_orphan_get:1426: comm syz.2.558: bad orphan inode 15
[   46.370836][ T1821] ext4_test_bit(bit=14, block=5) = 0
[   46.376639][ T1821] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   46.394194][ T1769] EXT4-fs (loop2): unmounting filesystem.
[   46.499293][   T19] usb 5-1: USB disconnect, device number 5
[   46.509592][   T19] ftdi_sio 5-1:0.151: device disconnected
[   46.573115][ T1845] netem: change failed
[   46.617647][ T1851] Non-string source
[   46.729396][ T1857] binder: 1856:1857 ioctl c00c620f 200000000580 returned -22
[   46.750008][ T1853] loop2: detected capacity change from 0 to 40427
[   46.776848][ T1853] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   46.792074][ T1853] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   46.807540][ T1853] F2FS-fs (loop2): invalid crc value
[   46.829402][ T1853] F2FS-fs (loop2): Found nat_bits in checkpoint
[   46.896891][ T1853] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   46.906264][ T1853] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   47.037515][ T1875] loop4: detected capacity change from 0 to 256
[   47.054775][ T1875] FAT-fs (loop4): bogus logical sector size 133
[   47.061535][ T1875] FAT-fs (loop4): Can't find a valid FAT filesystem
[   47.182437][   T19] kernel write not supported for file bpf-prog (pid: 19 comm: kworker/0:1)
[   47.281949][ T1905] loop2: detected capacity change from 0 to 512
[   47.290470][ T1901] loop5: detected capacity change from 0 to 2048
[   47.347887][ T1905] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   47.406782][ T1901] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   47.447486][ T1901] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   47.477386][ T1769] EXT4-fs (loop2): unmounting filesystem.
[   47.519794][ T1901] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28
[   47.532836][ T1901] EXT4-fs (loop5): This should not happen!! Data will be lost
[   47.532836][ T1901] 
[   47.553161][ T1895] loop6: detected capacity change from 0 to 40427
[   47.554710][ T1901] EXT4-fs (loop5): Total free blocks count 0
[   47.562315][ T1919] loop2: detected capacity change from 0 to 512
[   47.566093][ T1901] EXT4-fs (loop5): Free/Dirty block details
[   47.573483][ T1908] loop8: detected capacity change from 0 to 40427
[   47.578088][ T1901] EXT4-fs (loop5): free_blocks=2415919104
[   47.590427][ T1895] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[   47.594735][ T1901] EXT4-fs (loop5): dirty_blocks=16
[   47.601060][ T1908] F2FS-fs (loop8): invalid crc value
[   47.603910][ T1901] EXT4-fs (loop5): Block reservation details
[   47.619840][ T1919] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.598: casefold flag without casefold feature
[   47.629004][ T1908] F2FS-fs (loop8): Found nat_bits in checkpoint
[   47.632922][ T1901] EXT4-fs (loop5): i_reserved_data_blocks=1
[   47.646562][ T1895] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[   47.647950][ T1919] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.598: couldn't read orphan inode 15 (err -117)
[   47.696399][ T1919] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   47.697278][ T1908] F2FS-fs (loop8): Start checkpoint disabled!
[   47.727666][ T1895] F2FS-fs (loop6): Found nat_bits in checkpoint
[   47.734845][  T828] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   47.744316][ T1919] syz.2.598 (pid 1919) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[   47.757560][ T1908] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[   47.807699][ T1769] EXT4-fs (loop2): unmounting filesystem.
[   47.810626][ T1895] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[   47.865331][ T1895] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   47.875228][  T828] kworker/u4:65: attempt to access beyond end of device
[   47.875228][  T828] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   47.993575][ T1939] syz.2.607 uses obsolete (PF_INET,SOCK_PACKET)
[   48.075000][ T1948] capability: warning: `syz.8.609' uses deprecated v2 capabilities in a way that may be insecure
[   48.366643][ T1993] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[   48.416601][ T1999] loop2: detected capacity change from 0 to 512
[   48.419368][   T28] kauditd_printk_skb: 66 callbacks suppressed
[   48.419385][   T28] audit: type=1400 audit(304.415:1358): avc:  denied  { unlink } for  pid=2000 comm="syz.8.632" name="#d" dev="tmpfs" ino=326 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   48.456394][ T1999] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   48.510027][ T1999] EXT4-fs (loop2): 1 truncate cleaned up
[   48.518910][ T1999] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   48.538212][ T2005] loop8: detected capacity change from 0 to 1024
[   48.586971][ T1769] EXT4-fs (loop2): unmounting filesystem.
[   48.596718][ T2005] EXT4-fs (loop8): revision level too high, forcing read-only mode
[   48.604664][ T2005] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e800e028, mo2=0000]
[   48.642429][   T28] audit: type=1400 audit(304.635:1359): avc:  denied  { watch } for  pid=2007 comm="syz.6.636" path="/86/file1" dev="tmpfs" ino=471 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   48.647799][ T2005] System zones: 0-1, 3-12
[   48.665805][  T288] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   48.677739][ T2005] EXT4-fs (loop8): orphan cleanup on readonly fs
[   48.688859][ T2005] EXT4-fs error (device loop8): ext4_free_blocks:6210: comm syz.8.634: Freeing blocks not in datazone - block = 0, count = 4096
[   48.702714][ T2005] EXT4-fs (loop8): Remounting filesystem read-only
[   48.709539][ T2005] EXT4-fs (loop8): 1 orphan inode deleted
[   48.715378][ T2005] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[   48.776276][ T1297] EXT4-fs (loop8): unmounting filesystem.
[   48.827943][ T2028] loop8: detected capacity change from 0 to 1024
[   48.852781][ T2028] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[   48.864860][ T2028] EXT4-fs error (device loop8): ext4_readdir:263: inode #12: block 80: comm syz.8.645: path /61/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=296, inode=0, rec_len=0, size=1024 fake=0
[   48.887337][  T288] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 196, using maximum allowed: 30
[   48.898434][  T288] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   48.899212][ T1297] EXT4-fs (loop8): unmounting filesystem.
[   48.908323][  T288] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 196
[   48.928624][  T288] usb 6-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[   48.954747][ T2035] loop6: detected capacity change from 0 to 1024
[   48.961192][  T288] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   48.985212][ T2035] EXT4-fs: Ignoring removed bh option
[   48.993516][  T288] usb 6-1: config 0 descriptor??
[   49.001909][ T2035] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000]
[   49.011834][ T2035] EXT4-fs error (device loop6): ext4_map_blocks:635: inode #3: block 2: comm syz.6.647: lblock 2 mapped to illegal pblock 2 (length 1)
[   49.015882][   T28] audit: type=1326 audit(305.005:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2043 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179618ebe9 code=0x7ffc0000
[   49.026132][ T2035] Quota error (device loop6): qtree_write_dquot: dquota write failed
[   49.058434][ T2035] EXT4-fs error (device loop6): ext4_map_blocks:635: inode #3: block 48: comm syz.6.647: lblock 0 mapped to illegal pblock 48 (length 1)
[   49.072757][   T28] audit: type=1326 audit(305.005:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2043 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f179618ebe9 code=0x7ffc0000
[   49.072809][ T2035] Quota error (device loop6): v2_write_file_info: Can't write info structure
[   49.104364][ T2035] EXT4-fs error (device loop6): ext4_acquire_dquot:6801: comm syz.6.647: Failed to acquire dquot type 0
[   49.113000][   T28] audit: type=1326 audit(305.005:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2043 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179618ebe9 code=0x7ffc0000
[   49.138634][   T28] audit: type=1326 audit(305.005:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2043 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179618ebe9 code=0x7ffc0000
[   49.138671][ T2035] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5917: Corrupt filesystem
[   49.161851][   T28] audit: type=1326 audit(305.005:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2043 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f179618ebe9 code=0x7ffc0000
[   49.194500][   T28] audit: type=1326 audit(305.005:1365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2043 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f179618ebe9 code=0x7ffc0000
[   49.225832][ T2035] EXT4-fs error (device loop6): ext4_evict_inode:279: inode #11: comm syz.6.647: mark_inode_dirty error
[   49.242100][ T2035] EXT4-fs warning (device loop6): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[   49.257152][ T2035] EXT4-fs (loop6): 1 orphan inode deleted
[   49.262974][ T2035] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   49.277638][  T828] EXT4-fs error (device loop6): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:65: lblock 1 mapped to illegal pblock 1 (length 1)
[   49.318908][  T828] EXT4-fs error (device loop6): ext4_release_dquot:6837: comm kworker/u4:65: Failed to release dquot type 0
[   49.335103][ T2035] EXT4-fs error (device loop6): ext4_map_blocks:635: inode #3: block 48: comm syz.6.647: lblock 0 mapped to illegal pblock 48 (length 1)
[   49.364389][ T1202] EXT4-fs (loop6): unmounting filesystem.
[   49.368205][ T2047] loop2: detected capacity change from 0 to 40427
[   49.392779][ T2047] F2FS-fs (loop2): fault_injection options not supported
[   49.404101][ T2047] F2FS-fs (loop2): Image doesn't support compression
[   49.416844][ T2047] F2FS-fs (loop2): invalid crc value
[   49.421400][ T2060] loop4: detected capacity change from 0 to 256
[   49.431214][ T2047] F2FS-fs (loop2): Found nat_bits in checkpoint
[   49.436673][  T288] holtek_kbd 0003:04D9:A055.000C: item fetching failed at offset 3/7
[   49.449216][ T2060] exfat: Deprecated parameter 'namecase'
[   49.456984][  T288] holtek_kbd: probe of 0003:04D9:A055.000C failed with error -22
[   49.475636][ T2060] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[   49.483228][ T2047] F2FS-fs (loop2): Start checkpoint disabled!
[   49.494533][ T2047] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   49.549521][ T1769] F2FS-fs (loop2): access invalid blkaddr:4043309056
[   49.556382][ T1769] CPU: 0 PID: 1769 Comm: syz-executor Not tainted 6.1.145-syzkaller-00015-g87b9d836c3d8 #0
[   49.566647][ T1769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   49.576879][ T1769] Call Trace:
[   49.580172][ T1769]  <TASK>
[   49.583209][ T1769]  __dump_stack+0x21/0x24
[   49.587536][ T1769]  dump_stack_lvl+0xee/0x150
[   49.592122][ T1769]  ? __cfi_dump_stack_lvl+0x8/0x8
[   49.597136][ T1769]  ? __cfi_f2fs_get_dnode_of_data+0x10/0x10
[   49.603031][ T1769]  dump_stack+0x15/0x24
[   49.607206][ T1769]  __f2fs_is_valid_blkaddr+0xda6/0x1460
[   49.612860][ T1769]  f2fs_is_valid_blkaddr+0x23/0x30
[   49.617982][ T1769]  f2fs_map_blocks+0xc93/0x3a60
[   49.622838][ T1769]  ? __cfi_f2fs_map_blocks+0x10/0x10
[   49.628132][ T1769]  ? xas_start+0x317/0x3e0
[   49.632539][ T1769]  ? xas_load+0x39e/0x3b0
[   49.636857][ T1769]  ? xa_load+0xad/0xd0
[   49.640930][ T1769]  f2fs_mpage_readpages+0xa3a/0x1b70
[   49.646216][ T1769]  ? dquot_release_reservation_block+0xa0/0xa0
[   49.652361][ T1769]  ? cgroup_rstat_updated+0xf5/0x370
[   49.657642][ T1769]  ? xas_nomem+0x6b/0x1f0
[   49.661978][ T1769]  f2fs_readahead+0xfc/0x240
[   49.666558][ T1769]  ? __cfi_f2fs_readahead+0x10/0x10
[   49.671741][ T1769]  read_pages+0x1b0/0xdd0
[   49.676067][ T1769]  ? __cfi___filemap_add_folio+0x10/0x10
[   49.681729][ T1769]  ? page_cache_ra_unbounded+0x720/0x720
[   49.687359][ T1769]  ? folio_add_lru+0x260/0x390
[   49.692148][ T1769]  ? filemap_add_folio+0x105/0x150
[   49.697266][ T1769]  page_cache_ra_unbounded+0x5d1/0x720
[   49.702730][ T1769]  ? __kernel_text_address+0xd/0x30
[   49.707926][ T1769]  ? __cfi_page_cache_ra_unbounded+0x10/0x10
[   49.713912][ T1769]  ? stack_trace_save+0x98/0xe0
[   49.718771][ T1769]  page_cache_ra_order+0x36a/0xb70
[   49.723901][ T1769]  ? slab_free_freelist_hook+0xc2/0x190
[   49.729487][ T1769]  ? kmem_cache_free+0x12d/0x300
[   49.734422][ T1769]  ? __x64_sys_newfstatat+0x9b/0xb0
[   49.739615][ T1769]  ? x64_sys_call+0x77c/0x9a0
[   49.744286][ T1769]  ? __cfi_page_cache_ra_order+0x10/0x10
[   49.749928][ T1769]  ondemand_readahead+0x817/0xdb0
[   49.754952][ T1769]  ? page_cache_sync_ra+0x490/0x490
[   49.760182][ T1769]  page_cache_sync_ra+0x41b/0x490
[   49.765294][ T1769]  f2fs_readdir+0x444/0x940
[   49.769807][ T1769]  ? cgroup_rstat_updated+0xf5/0x370
[   49.775090][ T1769]  ? __cfi_f2fs_readdir+0x10/0x10
[   49.780114][ T1769]  ? handle_mm_fault+0x17be/0x2640
[   49.785235][ T1769]  ? down_read_killable+0xb6/0x100
[   49.785807][  T288] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   49.790385][ T1769]  ? __cfi_down_read_killable+0x10/0x10
[   49.790413][ T1769]  ? fsnotify_perm+0x269/0x5b0
[   49.808194][ T1769]  ? security_file_permission+0x94/0xb0
[   49.813752][ T1769]  iterate_dir+0x271/0x610
[   49.818168][ T1769]  ? __cfi_f2fs_readdir+0x10/0x10
[   49.823210][ T1769]  __se_sys_getdents64+0xe5/0x240
[   49.828256][ T1769]  ? __x64_sys_getdents64+0x90/0x90
[   49.833460][ T1769]  ? __cfi_filldir64+0x10/0x10
[   49.838213][ T1769]  ? do_user_addr_fault+0x9ac/0x1050
[   49.843507][ T1769]  ? __bpf_trace_sys_enter+0x62/0x70
[   49.848800][ T1769]  __x64_sys_getdents64+0x7b/0x90
[   49.853818][ T1769]  x64_sys_call+0x15c/0x9a0
[   49.858316][ T1769]  do_syscall_64+0x4c/0xa0
[   49.862736][ T1769]  ? clear_bhb_loop+0x30/0x80
[   49.867407][ T1769]  ? clear_bhb_loop+0x30/0x80
[   49.872071][ T1769]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   49.878126][ T1769] RIP: 0033:0x7f17961c1553
[   49.882545][ T1769] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 72 3e f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[   49.902158][ T1769] RSP: 002b:00007ffc03d24de8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[   49.910565][ T1769] RAX: ffffffffffffffda RBX: 000055555eebc4e0 RCX: 00007f17961c1553
[   49.918524][ T1769] RDX: 0000000000008000 RSI: 000055555eebc4e0 RDI: 0000000000000005
[   49.926485][ T1769] RBP: 000055555eebc4b4 R08: 0000000000000000 R09: 0000000000000000
[   49.934448][ T1769] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[   49.942412][ T1769] R13: 0000000000000010 R14: 000055555eebc4b0 R15: 00007ffc03d270a0
[   49.950399][ T1769]  </TASK>
[   49.955023][ T1769] syz-executor: attempt to access beyond end of device
[   49.955023][ T1769] loop2: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[   49.970172][ T1769] syz-executor: attempt to access beyond end of device
[   49.970172][ T1769] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[   49.984256][  T288] usb 5-1: Using ep0 maxpacket: 16
[   49.984397][  T450] usb 6-1: USB disconnect, device number 5
[   49.991990][  T288] usb 5-1: New USB device found, idVendor=0483, idProduct=1234, bcdDevice=ff.76
[   50.008918][  T288] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   50.017237][  T288] usb 5-1: Product: syz
[   50.021462][  T288] usb 5-1: Manufacturer: syz
[   50.024701][  T824] kworker/u4:63: attempt to access beyond end of device
[   50.024701][  T824] loop2: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[   50.026134][  T288] usb 5-1: SerialNumber: syz
[   50.046115][  T288] usb 5-1: config 0 descriptor??
[   50.285112][  T288] usb 5-1: USB disconnect, device number 6
[   50.325285][ T2071] loop8: detected capacity change from 0 to 2048
[   50.350247][ T2066] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.357478][ T2066] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.365122][ T2066] device bridge_slave_0 entered promiscuous mode
[   50.372662][ T2071]  loop8: p1 < > p4
[   50.382474][ T2066] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.386497][ T2071] loop8: p4 size 8388608 extends beyond EOD, truncated
[   50.390445][ T2066] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.408051][ T2066] device bridge_slave_1 entered promiscuous mode
[   50.432319][  T476] udevd[476]: inotify_add_watch(7, /dev/loop8p4, 10) failed: No such file or directory
[   50.443673][  T458] udevd[458]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[   50.457893][ T2079] loop6: detected capacity change from 0 to 512
[   50.487616][ T2079] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   50.515142][ T1202] EXT4-fs (loop6): unmounting filesystem.
[   50.543515][ T2089] IPv4: Oversized IP packet from 127.202.26.0
[   50.602228][ T2066] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.609349][ T2066] bridge0: port 2(bridge_slave_1) entered forwarding state
[   50.616736][ T2066] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.623767][ T2066] bridge0: port 1(bridge_slave_0) entered forwarding state
[   50.657782][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   50.665988][  T828] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.673493][  T828] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.684677][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   50.693102][  T828] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.700176][  T828] bridge0: port 1(bridge_slave_0) entered forwarding state
[   50.715591][ T2108] loop5: detected capacity change from 0 to 128
[   50.722954][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   50.726141][ T2108] EXT4-fs: Ignoring removed nomblk_io_submit option
[   50.732126][  T828] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.744632][  T828] bridge0: port 2(bridge_slave_1) entered forwarding state
[   50.746053][ T2108] EXT4-fs: Ignoring removed nomblk_io_submit option
[   50.752863][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   50.767004][ T2108] EXT4-fs (loop5): Test dummy encryption mode enabled
[   50.767205][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   50.778944][ T2108] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   50.791084][  T869] device bridge_slave_1 left promiscuous mode
[   50.797490][  T869] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.811881][  T869] device bridge_slave_0 left promiscuous mode
[   50.824515][  T869] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.835853][  T288] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   50.844396][  T869] device veth1_macvtap left promiscuous mode
[   50.855934][  T869] device veth0_vlan left promiscuous mode
[   50.864758][  T687] EXT4-fs (loop5): unmounting filesystem.
[   51.006056][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   51.017219][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   51.018912][  T288] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   51.027017][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   51.045067][  T288] usb 7-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[   51.064484][  T288] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   51.070271][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   51.081259][ T2066] device veth0_vlan entered promiscuous mode
[   51.098303][  T288] usb 7-1: config 0 descriptor??
[   51.107551][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   51.119794][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   51.141073][ T2066] device veth1_macvtap entered promiscuous mode
[   51.152051][ T2132] loop4: detected capacity change from 0 to 512
[   51.157755][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   51.168410][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   51.177034][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   51.185345][ T2132] EXT4-fs: Ignoring removed i_version option
[   51.192009][ T2132] EXT4-fs: Ignoring removed nobh option
[   51.198570][ T2132] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   51.209236][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   51.219044][ T2132] EXT4-fs (loop4): 1 truncate cleaned up
[   51.224727][ T2132] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   51.226007][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   51.274477][  T283] EXT4-fs (loop4): unmounting filesystem.
[   51.313217][  T288] usbhid 7-1:0.0: can't add hid device: -71
[   51.319848][  T288] usbhid: probe of 7-1:0.0 failed with error -71
[   51.346749][  T288] usb 7-1: USB disconnect, device number 3
[   51.452890][ T2152] loop5: detected capacity change from 0 to 4096
[   51.486261][ T2152] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #15: comm syz.5.691: corrupted inode contents
[   51.541944][ T2152] EXT4-fs error (device loop5): ext4_dirty_inode:6121: inode #15: comm syz.5.691: mark_inode_dirty error
[   51.555982][ T2152] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #15: comm syz.5.691: corrupted inode contents
[   51.568497][ T2143] loop8: detected capacity change from 0 to 40427
[   51.579222][ T2143] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[   51.588725][ T2143] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[   51.606047][ T2152] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #15: comm syz.5.691: mark_inode_dirty error
[   51.618291][ T2143] F2FS-fs (loop8): invalid crc value
[   51.642390][ T2143] F2FS-fs (loop8): Found nat_bits in checkpoint
[   51.645164][ T2152] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #15: comm syz.5.691: corrupted inode contents
[   51.666462][ T2152] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #15: comm syz.5.691: mark_inode_dirty error
[   51.678193][ T2164] netlink: 72 bytes leftover after parsing attributes in process `syz.4.694'.
[   51.678470][ T2152] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #15: comm syz.5.691: corrupted inode contents
[   51.699916][ T2152] EXT4-fs error (device loop5): ext4_truncate:4314: inode #15: comm syz.5.691: mark_inode_dirty error
[   51.711561][ T2143] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[   51.711567][ T2152] EXT4-fs error (device loop5) in ext4_setattr:5660: Corrupt filesystem
[   51.727136][ T2156] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #15: comm syz.5.691: corrupted inode contents
[   51.732751][ T2143] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[   51.787454][  T687] EXT4-fs warning (device loop5): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[   51.820434][ T1297] syz-executor: attempt to access beyond end of device
[   51.820434][ T1297] loop8: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[   52.145926][  T288] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   52.167603][ T2202] netlink: 4 bytes leftover after parsing attributes in process `syz.5.711'.
[   52.307065][ T2213] netlink: 8 bytes leftover after parsing attributes in process `syz.8.716'.
[   52.326889][  T288] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   52.347675][  T288] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[   52.371198][  T288] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   52.383960][  T288] usb 5-1: Product: syz
[   52.388732][  T288] usb 5-1: Manufacturer: syz
[   52.393466][  T288] usb 5-1: SerialNumber: syz
[   52.417330][  T288] hub 5-1:1.0: bad descriptor, ignoring hub
[   52.423276][  T288] hub: probe of 5-1:1.0 failed with error -5
[   52.508950][ T2226] netlink: 96 bytes leftover after parsing attributes in process `syz.8.722'.
[   52.737834][ T2204] loop9: detected capacity change from 0 to 131072
[   52.749905][ T2204] F2FS-fs (loop9): Wrong NAT boundary, start(2560) end(184552960) blocks(1024)
[   52.795447][ T2204] F2FS-fs (loop9): Can't find valid F2FS filesystem in 2th superblock
[   52.803918][ T2204] F2FS-fs (loop9): Test dummy encryption mode enabled
[   52.816689][ T2204] F2FS-fs (loop9): fault_type options not supported
[   52.825157][ T2204] F2FS-fs (loop9): Unrecognized mount option "func=FILE_MMAP" or missing value
[   52.925814][ T2110] usb 5-1: reset high-speed USB device number 7 using dummy_hcd
[   53.113701][ T2230] loop8: detected capacity change from 0 to 131072
[   53.125599][ T2230] F2FS-fs (loop8): invalid crc value
[   53.146539][ T2230] F2FS-fs (loop8): Found nat_bits in checkpoint
[   53.210832][ T2230] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e4
[   53.286404][ T2250] syz.5.731[2250] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   53.286507][ T2250] syz.5.731[2250] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   53.333794][ T2240] loop9: detected capacity change from 0 to 40427
[   53.362720][ T2240] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[   53.371392][ T2240] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[   53.394192][ T2240] F2FS-fs (loop9): invalid crc value
[   53.421021][ T2240] F2FS-fs (loop9): Found nat_bits in checkpoint
[   53.446005][ T2110] usb 5-1: USB disconnect, device number 7
[   53.472193][ T2240] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[   53.479550][ T2240] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[   53.601271][ T2240] syz.9.728: attempt to access beyond end of device
[   53.601271][ T2240] loop9: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[   53.688094][   T28] kauditd_printk_skb: 56 callbacks suppressed
[   53.688112][   T28] audit: type=1400 audit(309.685:1420): avc:  denied  { block_suspend } for  pid=2277 comm="syz.6.744" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   53.885155][ T2290] netlink: 44 bytes leftover after parsing attributes in process `syz.9.742'.
[   53.900763][ T2290] netlink: 43 bytes leftover after parsing attributes in process `syz.9.742'.
[   53.920329][ T2290] netlink: 'syz.9.742': attribute type 5 has an invalid length.
[   53.928489][ T2290] netlink: 43 bytes leftover after parsing attributes in process `syz.9.742'.
[   53.966240][   T28] audit: type=1400 audit(309.965:1421): avc:  denied  { listen } for  pid=2297 comm="syz.6.751" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   54.005528][   T28] audit: type=1400 audit(309.985:1422): avc:  denied  { read write } for  pid=2298 comm="syz.9.752" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   54.033742][   T28] audit: type=1400 audit(309.985:1423): avc:  denied  { open } for  pid=2298 comm="syz.9.752" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   54.095550][ T2311] loop9: detected capacity change from 0 to 512
[   54.103367][   T28] audit: type=1400 audit(310.095:1424): avc:  denied  { setopt } for  pid=2308 comm="syz.4.756" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   54.151676][   T28] audit: type=1400 audit(310.145:1425): avc:  denied  { setcurrent } for  pid=2313 comm="syz.4.759" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   54.182082][   T28] audit: type=1400 audit(310.175:1426): avc:  denied  { mounton } for  pid=2309 comm="syz.9.757" path="/8/file0/file0" dev="loop9" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   54.215837][ T2311] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[   54.338403][ T2312] syz.6.754 (2312) used greatest stack depth: 21296 bytes left
[   54.428268][ T2343] loop9: detected capacity change from 0 to 1024
[   54.478930][ T2353] loop9: detected capacity change from 0 to 2048
[   54.525844][  T335] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   54.537677][ T2353]  loop9: p1 < > p4
[   54.545554][ T2353] loop9: p4 size 8388608 extends beyond EOD, truncated
[   54.549845][ T2365] input: syz1 as /devices/virtual/input/input5
[   54.552612][   T28] audit: type=1400 audit(310.545:1427): avc:  denied  { ioctl } for  pid=2364 comm="syz.6.780" path="/dev/uinput" dev="devtmpfs" ino=262 ioctlcmd=0x5566 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   54.584895][   T28] audit: type=1400 audit(310.555:1428): avc:  denied  { read } for  pid=87 comm="acpid" name="event3" dev="devtmpfs" ino=900 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   54.606888][   T28] audit: type=1400 audit(310.555:1429): avc:  denied  { open } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=900 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   54.656862][  T458] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   54.673288][ T2353] loop9: detected capacity change from 0 to 1024
[   54.680090][  T458] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   54.690621][  T458] Buffer I/O error on dev loop9, logical block 0, async page read
[   54.706901][  T335] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   54.721854][  T335] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   54.742834][  T476] udevd[476]: inotify_add_watch(7, /dev/loop9p4, 10) failed: No such file or directory
[   54.747037][  T458] udevd[458]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory
[   54.766313][  T335] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   54.781364][ T2375] netlink: 24 bytes leftover after parsing attributes in process `syz.9.784'.
[   54.793070][  T335] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   54.811847][  T335] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   54.829799][  T335] usb 5-1: config 0 descriptor??
[   54.837813][ T2375] netlink: 24 bytes leftover after parsing attributes in process `syz.9.784'.
[   54.906413][ T2368] loop8: detected capacity change from 0 to 40427
[   54.925495][ T2368] F2FS-fs (loop8): fault_injection options not supported
[   54.945984][ T2368] F2FS-fs (loop8): Image doesn't support compression
[   54.953942][ T2368] F2FS-fs (loop8): invalid crc value
[   54.976534][ T2368] F2FS-fs (loop8): Found nat_bits in checkpoint
[   55.012708][ T2372] loop6: detected capacity change from 0 to 40427
[   55.028263][ T2372] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[   55.035301][ T2368] F2FS-fs (loop8): Start checkpoint disabled!
[   55.036117][ T2372] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[   55.052124][ T2368] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[   55.066715][ T2372] F2FS-fs (loop6): Found nat_bits in checkpoint
[   55.108264][ T2372] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[   55.115717][ T2372] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   55.117938][ T1297] F2FS-fs (loop8): access invalid blkaddr:4043309056
[   55.130625][ T1297] CPU: 0 PID: 1297 Comm: syz-executor Not tainted 6.1.145-syzkaller-00015-g87b9d836c3d8 #0
[   55.140883][ T1297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   55.151038][ T1297] Call Trace:
[   55.154324][ T1297]  <TASK>
[   55.157250][ T1297]  __dump_stack+0x21/0x24
[   55.161589][ T1297]  dump_stack_lvl+0xee/0x150
[   55.166189][ T1297]  ? __cfi_dump_stack_lvl+0x8/0x8
[   55.171220][ T1297]  ? __cfi_f2fs_get_dnode_of_data+0x10/0x10
[   55.177109][ T1297]  dump_stack+0x15/0x24
[   55.181263][ T1297]  __f2fs_is_valid_blkaddr+0xda6/0x1460
[   55.186806][ T1297]  f2fs_is_valid_blkaddr+0x23/0x30
[   55.191909][ T1297]  f2fs_map_blocks+0xc93/0x3a60
[   55.196766][ T1297]  ? __cfi_f2fs_map_blocks+0x10/0x10
[   55.202051][ T1297]  ? xas_start+0x317/0x3e0
[   55.206463][ T1297]  ? xas_load+0x39e/0x3b0
[   55.210798][ T1297]  ? xa_load+0xad/0xd0
[   55.214864][ T1297]  f2fs_mpage_readpages+0xa3a/0x1b70
[   55.220146][ T1297]  ? dquot_release_reservation_block+0xa0/0xa0
[   55.226301][ T1297]  ? cgroup_rstat_updated+0xf5/0x370
[   55.231586][ T1297]  ? xas_nomem+0x6b/0x1f0
[   55.235919][ T1297]  f2fs_readahead+0xfc/0x240
[   55.240530][ T1297]  ? __cfi_f2fs_readahead+0x10/0x10
[   55.245737][ T1297]  read_pages+0x1b0/0xdd0
[   55.250097][ T1297]  ? __cfi___filemap_add_folio+0x10/0x10
[   55.255732][ T1297]  ? page_cache_ra_unbounded+0x720/0x720
[   55.261371][ T1297]  ? folio_add_lru+0x260/0x390
[   55.266147][ T1297]  ? filemap_add_folio+0x105/0x150
[   55.271442][ T1297]  page_cache_ra_unbounded+0x5d1/0x720
[   55.276901][ T1297]  ? __kernel_text_address+0xd/0x30
[   55.282104][ T1297]  ? __cfi_page_cache_ra_unbounded+0x10/0x10
[   55.288084][ T1297]  ? stack_trace_save+0x98/0xe0
[   55.292934][ T1297]  page_cache_ra_order+0x36a/0xb70
[   55.298050][ T1297]  ? slab_free_freelist_hook+0xc2/0x190
[   55.303595][ T1297]  ? kmem_cache_free+0x12d/0x300
[   55.308531][ T1297]  ? __x64_sys_newfstatat+0x9b/0xb0
[   55.313728][ T1297]  ? x64_sys_call+0x77c/0x9a0
[   55.318402][ T1297]  ? __cfi_page_cache_ra_order+0x10/0x10
[   55.324040][ T1297]  ondemand_readahead+0x817/0xdb0
[   55.329067][ T1297]  ? page_cache_sync_ra+0x490/0x490
[   55.334270][ T1297]  page_cache_sync_ra+0x41b/0x490
[   55.339295][ T1297]  f2fs_readdir+0x444/0x940
[   55.343796][ T1297]  ? cgroup_rstat_updated+0xf5/0x370
[   55.349112][ T1297]  ? __cfi_f2fs_readdir+0x10/0x10
[   55.354133][ T1297]  ? handle_mm_fault+0x17be/0x2640
[   55.359251][ T1297]  ? down_read_killable+0xb6/0x100
[   55.364358][ T1297]  ? __cfi_down_read_killable+0x10/0x10
[   55.369991][ T1297]  ? fsnotify_perm+0x269/0x5b0
[   55.374751][ T1297]  ? security_file_permission+0x94/0xb0
[   55.380295][ T1297]  iterate_dir+0x271/0x610
[   55.384707][ T1297]  ? __cfi_f2fs_readdir+0x10/0x10
[   55.389731][ T1297]  __se_sys_getdents64+0xe5/0x240
[   55.395894][ T1297]  ? __x64_sys_getdents64+0x90/0x90
[   55.401455][ T1297]  ? __cfi_filldir64+0x10/0x10
[   55.406229][ T1297]  ? do_user_addr_fault+0x9ac/0x1050
[   55.411524][ T1297]  ? debug_smp_processor_id+0x17/0x20
[   55.416901][ T1297]  __x64_sys_getdents64+0x7b/0x90
[   55.422189][ T1297]  x64_sys_call+0x15c/0x9a0
[   55.426689][ T1297]  do_syscall_64+0x4c/0xa0
[   55.431105][ T1297]  ? clear_bhb_loop+0x30/0x80
[   55.435799][ T1297]  ? clear_bhb_loop+0x30/0x80
[   55.440475][ T1297]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   55.446366][ T1297] RIP: 0033:0x7f320ffc1553
[   55.450777][ T1297] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 72 3e f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[   55.470381][ T1297] RSP: 002b:00007ffc5d751778 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[   55.478795][ T1297] RAX: ffffffffffffffda RBX: 00005555943dd4e0 RCX: 00007f320ffc1553
[   55.486769][ T1297] RDX: 0000000000008000 RSI: 00005555943dd4e0 RDI: 0000000000000005
[   55.494910][ T1297] RBP: 00005555943dd4b4 R08: 0000000000000000 R09: 0000000000000000
[   55.502873][ T1297] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[   55.510838][ T1297] R13: 0000000000000010 R14: 00005555943dd4b0 R15: 00007ffc5d753a30
[   55.518817][ T1297]  </TASK>
[   55.530333][  T335] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving
[   55.548071][ T1297] syz-executor: attempt to access beyond end of device
[   55.548071][ T1297] loop8: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[   55.563170][  T335] plantronics 0003:047F:FFFF.000D: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[   55.571489][ T1297] syz-executor: attempt to access beyond end of device
[   55.571489][ T1297] loop8: rw=0, sector=45064, nr_sectors = 8 limit=40427
[   55.633103][  T824] kworker/u4:63: attempt to access beyond end of device
[   55.633103][  T824] loop8: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[   55.738817][ T2401] loop6: detected capacity change from 0 to 128
[   55.904457][ T2413] netlink: 16 bytes leftover after parsing attributes in process `syz.6.802'.
[   56.044868][ T2420] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.054936][ T2420] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.062645][ T2420] device bridge_slave_0 entered promiscuous mode
[   56.070990][ T2420] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.088332][ T2420] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.096522][ T2420] device bridge_slave_1 entered promiscuous mode
[   56.105474][   T39] usb 5-1: USB disconnect, device number 8
[   56.175848][ T2110] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[   56.191639][ T2420] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.198745][ T2420] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.206060][ T2420] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.213087][ T2420] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.220486][   T24] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   56.239513][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   56.247445][  T828] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.254691][  T828] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.265101][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   56.273494][  T828] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.280632][  T828] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.289606][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   56.297955][  T828] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.305008][  T828] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.330853][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   56.339623][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   56.356607][ T2110] usb 10-1: Using ep0 maxpacket: 32
[   56.359776][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   56.363075][ T2110] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   56.377677][ T2420] device veth0_vlan entered promiscuous mode
[   56.385605][ T2110] usb 10-1: config 0 has no interfaces?
[   56.393958][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   56.394199][ T2443] loop5: detected capacity change from 0 to 512
[   56.401845][ T2110] usb 10-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[   56.412927][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   56.417547][   T24] usb 7-1: Using ep0 maxpacket: 16
[   56.424993][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   56.430001][ T2110] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   56.446260][   T24] usb 7-1: config 0 has an invalid interface number: 251 but max is 0
[   56.454448][   T24] usb 7-1: config 0 has no interface number 0
[   56.457595][ T2443] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.809: iget: bad extended attribute block 1
[   56.461248][ T2110] usb 10-1: config 0 descriptor??
[   56.476947][ T2443] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.809: couldn't read orphan inode 15 (err -117)
[   56.478132][   T24] usb 7-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[   56.500213][   T24] usb 7-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[   56.512113][ T2420] device veth1_macvtap entered promiscuous mode
[   56.524606][   T24] usb 7-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[   56.525699][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   56.533916][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   56.549982][   T24] usb 7-1: Product: syz
[   56.554155][   T24] usb 7-1: Manufacturer: syz
[   56.558794][   T24] usb 7-1: SerialNumber: syz
[   56.564714][   T24] usb 7-1: config 0 descriptor??
[   56.570663][ T2418] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[   56.581837][ T2418] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[   56.589759][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   56.599173][  T828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   56.673003][ T2454] device bridge0 entered promiscuous mode
[   56.678917][ T2454] device macsec1 entered promiscuous mode
[   56.685321][ T2454] bridge0: port 3(macsec1) entered blocking state
[   56.692628][ T2454] bridge0: port 3(macsec1) entered disabled state
[   56.700485][ T2454] device bridge0 left promiscuous mode
[   56.730872][   T19] usb 10-1: USB disconnect, device number 2
[   56.792193][ T2418] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[   56.805612][ T2418] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[   56.837100][  T805] device bridge_slave_1 left promiscuous mode
[   56.844859][  T805] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.855107][  T805] device bridge_slave_0 left promiscuous mode
[   56.861469][  T805] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.885913][  T805] device veth1_macvtap left promiscuous mode
[   56.895422][  T805] device veth0_vlan left promiscuous mode
[   57.016999][   T24] asix 7-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[   57.034579][   T24] asix 7-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -61
[   57.054698][   T24] asix: probe of 7-1:0.251 failed with error -5
[   57.217037][ T2492] syz.1.830[2492] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   57.217115][ T2492] syz.1.830[2492] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   57.333627][ T2501] device wireguard0 entered promiscuous mode
[   57.360538][ T2486] loop4: detected capacity change from 0 to 40427
[   57.370357][ T2486] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[   57.378979][ T2486] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   57.387324][ T2486] F2FS-fs (loop4): fault_injection options not supported
[   57.394429][ T2486] F2FS-fs (loop4): fault_type options not supported
[   57.409316][ T2486] F2FS-fs (loop4): invalid crc value
[   57.414305][  T805] tipc: Subscription rejected, illegal request
[   57.415711][ T2486] F2FS-fs (loop4): Found nat_bits in checkpoint
[   57.472146][ T2486] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   57.479325][ T2486] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   57.557552][ T2520] loop9: detected capacity change from 0 to 4096
[   57.586009][   T24] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   57.647443][ T2529] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   57.660757][ T2529] SELinux: failed to load policy
[   57.738794][ T2540] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   57.751357][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   57.765283][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   57.777162][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   57.793993][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   57.798909][ T2544] __nla_validate_parse: 1 callbacks suppressed
[   57.798938][ T2544] netlink: 44 bytes leftover after parsing attributes in process `syz.9.851'.
[   57.802342][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   57.836201][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   57.844683][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   57.853373][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   57.861764][   T24] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   57.875395][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   57.883923][   T24] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   57.895648][  T793] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   57.906142][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   57.933879][   T24] usb 6-1: config 0 descriptor??
[   57.966542][ T2547] syz.9.852 (2547) used greatest stack depth: 21280 bytes left
[   58.004319][ T2554] netlink: 8 bytes leftover after parsing attributes in process `syz.9.855'.
[   58.072138][ T2563] loop4: detected capacity change from 0 to 1024
[   58.110378][ T2563] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: block 4: comm syz.4.859: lblock 4 mapped to illegal pblock 4 (length 1)
[   58.134228][  T793] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: block 1: comm kworker/u4:44: lblock 1 mapped to illegal pblock 1 (length 3)
[   58.150275][  T793] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 3 with error 117
[   58.162834][  T793] EXT4-fs (loop4): This should not happen!! Data will be lost
[   58.162834][  T793] 
[   58.215798][  T335] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   58.351286][   T24] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   58.362188][   T24] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   58.378521][   T24] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   58.393643][   T24] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   58.406962][  T335] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   58.410159][   T24] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   58.424476][ T2603] loop4: detected capacity change from 0 to 1024
[   58.431106][  T335] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   58.434536][   T24] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   58.459090][  T335] usb 2-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[   58.466016][   T24] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving
[   58.471366][  T335] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   58.495995][   T24] plantronics 0003:047F:FFFF.000E: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[   58.513093][  T335] usb 2-1: config 0 descriptor??
[   58.932037][  T335] logitech 0003:046D:C29C.000F: hidraw1: USB HID v10.00 Device [HID 046d:c29c] on usb-dummy_hcd.1-1/input0
[   58.958612][   T24] usb 7-1: USB disconnect, device number 4
[   58.990179][   T28] kauditd_printk_skb: 27 callbacks suppressed
[   58.990196][   T28] audit: type=1400 audit(314.985:1457): avc:  denied  { associate } for  pid=2638 comm="syz.9.891" name="0" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   59.033659][ T2644] loop9: detected capacity change from 0 to 256
[   59.042671][ T2644] exFAT-fs (loop9): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[   59.061621][ T2644] process 'syz.9.892' launched './file0' with NULL argv: empty string added
[   59.070712][   T28] audit: type=1400 audit(315.065:1458): avc:  denied  { execute } for  pid=2643 comm="syz.9.892" name="file0" dev="loop9" ino=1048647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   59.100010][   T28] audit: type=1400 audit(315.095:1459): avc:  denied  { execute_no_trans } for  pid=2643 comm="syz.9.892" path="/48/file1/file0" dev="loop9" ino=1048647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   59.131642][   T28] audit: type=1400 audit(315.125:1460): avc:  denied  { bind } for  pid=2649 comm="syz.9.895" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   59.188539][ T2656] loop9: detected capacity change from 0 to 512
[   59.195452][ T2656] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[   59.206808][ T2656] EXT4-fs (loop9): 1 truncate cleaned up
[   59.218161][ T2656] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.898: bg 0: block 256: padding at end of block bitmap is not set
[   59.218901][ T2110] usb 6-1: USB disconnect, device number 6
[   59.238841][ T2656] EXT4-fs (loop9): Remounting filesystem read-only
[   59.247551][ T2656] syz.9.898 (2656) used greatest stack depth: 20928 bytes left
[   59.264962][ T2659] netlink: 8 bytes leftover after parsing attributes in process `syz.9.899'.
[   59.273829][ T2659] netlink: 8 bytes leftover after parsing attributes in process `syz.9.899'.
[   59.282877][ T2659] netlink: 2 bytes leftover after parsing attributes in process `syz.9.899'.
[   59.330949][  T335] logitech 0003:046D:C29C.000F: no inputs found
[   59.341553][   T28] audit: type=1400 audit(315.335:1461): avc:  denied  { getopt } for  pid=2666 comm="syz.9.903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   59.363248][  T335] usb 2-1: USB disconnect, device number 3
[   59.391822][ T2670] fido_id[2670]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[   59.475873][   T24] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[   59.625891][   T39] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[   59.657002][   T24] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   59.668960][   T24] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[   59.678221][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   59.686261][   T24] usb 7-1: Product: syz
[   59.690411][   T24] usb 7-1: Manufacturer: syz
[   59.694985][   T24] usb 7-1: SerialNumber: syz
[   59.701692][   T24] hub 7-1:1.0: bad descriptor, ignoring hub
[   59.707762][   T24] hub: probe of 7-1:1.0 failed with error -5
[   59.720935][   T28] audit: type=1400 audit(315.715:1462): avc:  denied  { getopt } for  pid=2674 comm="syz.4.906" lport=6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   59.816837][   T39] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   59.827166][   T39] usb 10-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   59.836379][   T39] usb 10-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   59.845539][   T39] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   59.854452][   T39] usb 10-1: config 0 descriptor??
[   59.867855][ T2684] serio: Serial port ptm0
[   59.889576][   T28] audit: type=1400 audit(315.885:1463): avc:  denied  { read } for  pid=2690 comm="syz.1.912" name="usbmon0" dev="devtmpfs" ino=159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   59.912664][ T2691] loop1: detected capacity change from 0 to 512
[   59.920380][ T2691] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   59.937309][ T2691] EXT4-fs (loop1): failed to initialize system zone (-117)
[   59.944822][ T2691] EXT4-fs (loop1): mount failed
[   60.085811][ T2110] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[   60.215837][  T335] usb 7-1: reset high-speed USB device number 5 using dummy_hcd
[   60.266640][   T39] usb 10-1: string descriptor 0 read error: -71
[   60.275789][ T2110] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   60.286021][   T39] usb 10-1: USB disconnect, device number 3
[   60.292101][ T2110] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[   60.301621][ T2110] usb 6-1: config 1 has no interface number 0
[   60.307813][ T2110] usb 6-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   60.322227][ T2110] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   60.331366][ T2110] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   60.339410][ T2110] usb 6-1: Product: syz
[   60.343576][ T2110] usb 6-1: Manufacturer: syz
[   60.348290][ T2110] usb 6-1: SerialNumber: syz
[   60.354189][ T2110] cdc_ncm 6-1:1.1: NCM or ECM functional descriptors missing
[   60.361674][ T2110] cdc_ncm 6-1:1.1: bind() failure
[   60.725884][ T2110] usb 7-1: USB disconnect, device number 5
[   60.839819][ T2711] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   60.848259][ T2711] device bridge_slave_0 left promiscuous mode
[   60.865448][ T2711] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.876971][ T2711] device bridge_slave_1 left promiscuous mode
[   60.887990][ T2711] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.919863][ T2716] kvm [2713]: vcpu2, guest rIP: 0x9114 disabled perfctr wrmsr: 0xc2 data 0x7
[   60.934346][ T2716] kvm [2713]: vcpu2, guest rIP: 0x9114 disabled perfctr wrmsr: 0xc1 data 0x7
[   60.958158][ T2716] kvm [2713]: vcpu2, guest rIP: 0x9114 vmx_set_msr: BTF|LBR in IA32_DEBUGCTLMSR 0x1, nop
[   60.973267][ T2716] kvm [2713]: vcpu2, guest rIP: 0x9114 disabled perfctr wrmsr: 0x187 data 0x1
[   60.973439][   T28] audit: type=1400 audit(316.965:1464): avc:  denied  { read append } for  pid=2713 comm="syz.9.921" name="snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   61.005347][ T2716] kvm [2713]: vcpu2, guest rIP: 0x9114 disabled perfctr wrmsr: 0x186 data 0x1
[   61.005962][   T28] audit: type=1400 audit(316.965:1465): avc:  denied  { open } for  pid=2713 comm="syz.9.921" path="/dev/snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   61.071651][   T28] audit: type=1400 audit(317.065:1466): avc:  denied  { mount } for  pid=2735 comm="syz.1.928" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[   61.217542][ T2758] syz.4.938[2758] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   61.217668][ T2758] syz.4.938[2758] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   61.290507][ T2760] loop1: detected capacity change from 0 to 8192
[   61.318905][ T2769] netlink: 88 bytes leftover after parsing attributes in process `syz.4.943'.
[   61.334386][ T2760] FAT-fs (loop1): Unrecognized mount option "18446744073709551615" or missing value
[   61.344111][ T2769] netlink: 48 bytes leftover after parsing attributes in process `syz.4.943'.
[   61.508197][ T2797] loop9: detected capacity change from 0 to 512
[   61.525578][ T2797] EXT4-fs error (device loop9): ext4_readdir:263: inode #12: block 32: comm syz.9.956: path /68/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   61.546623][ T2797] EXT4-fs (loop9): Remounting filesystem read-only
[   61.715823][  T335] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[   61.730310][ T2815] netlink: 'syz.9.963': attribute type 4 has an invalid length.
[   61.742033][ T2815] netlink: 'syz.9.963': attribute type 4 has an invalid length.
[   61.752321][ T2815] syz.9.963 (2815) used greatest stack depth: 20672 bytes left
[   61.768783][ T2817] loop9: detected capacity change from 0 to 512
[   61.777895][ T2817] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   61.844052][ T2827] loop9: detected capacity change from 0 to 1024
[   61.850902][ T2827] EXT4-fs: Ignoring removed bh option
[   61.857956][ T2827] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   61.869640][ T2827] EXT4-fs (loop9): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   61.880735][ T2827] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (31873!=20869)
[   61.890475][ T2827] EXT4-fs (loop9): filesystem has both journal inode and journal device!
[   61.908539][  T335] usb 5-1: New USB device found, idVendor=0b95, idProduct=772b, bcdDevice=a2.4c
[   61.918239][  T335] usb 5-1: New USB device strings: Mfr=24, Product=2, SerialNumber=3
[   61.926441][  T335] usb 5-1: Product: syz
[   61.930644][  T335] usb 5-1: Manufacturer: syz
[   61.935234][  T335] usb 5-1: SerialNumber: syz
[   61.951975][  T335] usb 5-1: config 0 descriptor??
[   62.013618][ T2832] loop9: detected capacity change from 0 to 512
[   62.359847][  T335] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[   62.371620][  T335] asix: probe of 5-1:0.0 failed with error -71
[   62.381541][  T335] usb 5-1: USB disconnect, device number 9
[   62.475808][   T39] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[   62.605827][  T450] usb 10-1: new full-speed USB device number 4 using dummy_hcd
[   62.657635][   T39] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   62.666421][   T39] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[   62.676654][   T39] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[   62.685824][   T39] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[   62.696834][   T39] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[   62.715819][   T39] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   62.724888][   T39] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   62.732989][   T39] usb 7-1: Product: syz
[   62.737177][   T39] usb 7-1: Manufacturer: syz
[   62.757203][   T39] cdc_wdm 7-1:1.0: skipping garbage
[   62.762448][   T39] cdc_wdm 7-1:1.0: skipping garbage
[   62.768554][   T39] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[   62.787102][  T450] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[   62.804689][  T450] usb 10-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64
[   62.829577][  T450] usb 10-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64
[   62.845729][  T335] usb 6-1: USB disconnect, device number 7
[   62.854406][  T450] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   62.866383][  T450] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   62.884763][  T450] usb 10-1: Product: syz
[   62.890495][  T450] usb 10-1: Manufacturer: syz
[   62.896492][  T450] usb 10-1: SerialNumber: syz
[   62.910505][ T2843] raw-gadget.3 gadget.9: fail, usb_ep_enable returned -22
[   62.946812][ T2853] loop5: detected capacity change from 0 to 512
[   62.972347][ T2853] EXT4-fs (loop5): 1 orphan inode deleted
[   62.986708][  T793] EXT4-fs error (device loop5): ext4_release_dquot:6837: comm kworker/u4:44: Failed to release dquot type 1
[   63.124959][ T2843] raw-gadget.3 gadget.9: fail, usb_ep_enable returned -22
[   63.139541][ T2843] raw-gadget.3 gadget.9: fail, usb_ep_enable returned -22
[   63.170720][   T19] usb 7-1: USB disconnect, device number 6
[   63.415840][  T335] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[   63.645827][  T335] usb 6-1: Using ep0 maxpacket: 16
[   63.652141][  T335] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[   63.661961][  T335] usb 6-1: config 0 interface 0 has no altsetting 0
[   63.668960][  T335] usb 6-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[   63.678309][  T335] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   63.687172][  T335] usb 6-1: config 0 descriptor??
[   63.762947][ T2843] raw-gadget.3 gadget.9: fail, usb_ep_enable returned -22
[   63.770197][   T19] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   63.770403][ T2843] raw-gadget.3 gadget.9: fail, usb_ep_enable returned -22
[   63.966939][   T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   63.978039][   T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   63.989493][   T19] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   64.002539][  T450] cdc_ncm 10-1:1.0: MAC-Address: 42:42:42:42:42:42
[   64.009132][   T19] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   64.018248][  T450] cdc_ncm 10-1:1.0: setting rx_max = 16384
[   64.024133][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   64.033124][   T19] usb 2-1: config 0 descriptor??
[   64.104458][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.112238][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.119901][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.127552][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.135237][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.143101][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.150748][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.161136][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.168617][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.169246][ T2900] af_packet: tpacket_rcv: packet too big, clamped from 1 to 4294967272. macoff=96
[   64.176140][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.192811][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.200321][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.207864][  T450] cdc_ncm 10-1:1.0: setting tx_max = 184
[   64.213643][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.224949][  T450] cdc_ncm 10-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.9-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[   64.237029][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.246287][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.260909][  T450] usb 10-1: USB disconnect, device number 4
[   64.267369][   T28] kauditd_printk_skb: 40 callbacks suppressed
[   64.267406][   T28] audit: type=1400 audit(320.265:1506): avc:  denied  { read } for  pid=141 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[   64.299330][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.307403][  T450] cdc_ncm 10-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.9-1, CDC NCM (NO ZLP)
[   64.316963][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.324400][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.333269][   T28] audit: type=1400 audit(320.295:1507): avc:  denied  { search } for  pid=141 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   64.356711][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x4
[   64.367084][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.374533][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.388509][   T28] audit: type=1400 audit(320.295:1508): avc:  denied  { read } for  pid=141 comm="dhcpcd" name="n15" dev="tmpfs" ino=6474 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   64.410087][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.419556][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.427183][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.428090][   T28] audit: type=1400 audit(320.295:1509): avc:  denied  { open } for  pid=141 comm="dhcpcd" path="/run/udev/data/n15" dev="tmpfs" ino=6474 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   64.434615][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.457469][   T28] audit: type=1400 audit(320.295:1510): avc:  denied  { getattr } for  pid=141 comm="dhcpcd" path="/run/udev/data/n15" dev="tmpfs" ino=6474 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   64.467636][   T19] plantronics 0003:047F:FFFF.0011: item 0 4 0 8 parsing failed
[   64.496796][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.504229][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.512219][   T19] plantronics 0003:047F:FFFF.0011: parse failed
[   64.518660][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.526235][   T19] plantronics: probe of 0003:047F:FFFF.0011 failed with error -22
[   64.534192][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.543619][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.551107][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.558563][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.566202][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.573644][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.582043][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.589605][  T335] hid-generic 0003:060B:500A.0010: unknown main item tag 0x0
[   64.596994][ T2914] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1004'.
[   64.606157][  T335] hid-generic 0003:060B:500A.0010: unexpected long global item
[   64.614010][  T335] hid-generic: probe of 0003:060B:500A.0010 failed with error -22
[   64.622833][   T19] ==================================================================
[   64.630935][   T19] BUG: KASAN: use-after-free in __list_del_entry_valid+0xa6/0x130
[   64.638776][   T19] Read of size 8 at addr ffff888117454cf0 by task kworker/0:1/19
[   64.646519][   T19] 
[   64.648858][   T19] CPU: 0 PID: 19 Comm: kworker/0:1 Not tainted 6.1.145-syzkaller-00015-g87b9d836c3d8 #0
[   64.658667][   T19] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   64.668736][   T19] Workqueue: rcu_gp srcu_invoke_callbacks
[   64.674558][   T19] Call Trace:
[   64.677839][   T19]  <TASK>
[   64.680776][   T19]  __dump_stack+0x21/0x24
[   64.685106][   T19]  dump_stack_lvl+0xee/0x150
[   64.689700][   T19]  ? __cfi_dump_stack_lvl+0x8/0x8
[   64.694727][   T19]  ? __list_del_entry_valid+0xa6/0x130
[   64.700184][   T19]  print_address_description+0x71/0x210
[   64.705730][   T19]  print_report+0x4a/0x60
[   64.710096][   T19]  kasan_report+0x122/0x150
[   64.714596][   T19]  ? __list_del_entry_valid+0xa6/0x130
[   64.720050][   T19]  __asan_report_load8_noabort+0x14/0x20
[   64.725689][   T19]  __list_del_entry_valid+0xa6/0x130
[   64.730971][   T19]  process_one_work+0x4b9/0xc40
[   64.735819][   T19]  worker_thread+0xa29/0x11f0
[   64.740516][   T19]  ? _raw_spin_lock_irqsave+0xb0/0x110
[   64.745983][   T19]  kthread+0x281/0x320
[   64.750048][   T19]  ? __cfi_worker_thread+0x10/0x10
[   64.755155][   T19]  ? __cfi_kthread+0x10/0x10
[   64.759741][   T19]  ret_from_fork+0x1f/0x30
[   64.764174][   T19]  </TASK>
[   64.767188][   T19] 
[   64.769503][   T19] Allocated by task 450:
[   64.773737][   T19]  kasan_set_track+0x4b/0x70
[   64.778350][   T19]  kasan_save_alloc_info+0x25/0x30
[   64.783472][   T19]  __kasan_kmalloc+0x95/0xb0
[   64.788066][   T19]  __kmalloc_node+0xb2/0x1e0
[   64.792665][   T19]  kvmalloc_node+0x294/0x480
[   64.797283][   T19]  alloc_netdev_mqs+0x8d/0xf90
[   64.802046][   T19]  alloc_etherdev_mqs+0x37/0x40
[   64.806891][   T19]  usbnet_probe+0x20c/0x2780
[   64.811477][   T19]  usb_probe_interface+0x610/0xaf0
[   64.816582][   T19]  really_probe+0x2cb/0x960
[   64.821088][   T19]  __driver_probe_device+0x198/0x280
[   64.826376][   T19]  driver_probe_device+0x54/0x3e0
[   64.831418][   T19]  __device_attach_driver+0x2e9/0x4a0
[   64.836823][   T19]  bus_for_each_drv+0x183/0x210
[   64.841671][   T19]  __device_attach+0x2a2/0x400
[   64.846432][   T19]  device_initial_probe+0x1a/0x20
[   64.851560][   T19]  bus_probe_device+0xc0/0x1f0
[   64.856319][   T19]  device_add+0xb4d/0xef0
[   64.860649][   T19]  usb_set_configuration+0x19c2/0x1f10
[   64.866108][   T19]  usb_generic_driver_probe+0x91/0x150
[   64.871564][   T19]  usb_probe_device+0x159/0x270
[   64.876415][   T19]  really_probe+0x2cb/0x960
[   64.880915][   T19]  __driver_probe_device+0x198/0x280
[   64.886285][   T19]  driver_probe_device+0x54/0x3e0
[   64.891312][   T19]  __device_attach_driver+0x2e9/0x4a0
[   64.896680][   T19]  bus_for_each_drv+0x183/0x210
[   64.901537][   T19]  __device_attach+0x2a2/0x400
[   64.906322][   T19]  device_initial_probe+0x1a/0x20
[   64.911354][   T19]  bus_probe_device+0xc0/0x1f0
[   64.916122][   T19]  device_add+0xb4d/0xef0
[   64.920483][   T19]  usb_new_device+0xa70/0x1520
[   64.925264][   T19]  hub_event+0x2a5d/0x4680
[   64.929684][   T19]  process_one_work+0x71f/0xc40
[   64.934528][   T19]  worker_thread+0xa29/0x11f0
[   64.939196][   T19]  kthread+0x281/0x320
[   64.943262][   T19]  ret_from_fork+0x1f/0x30
[   64.947672][   T19] 
[   64.949989][   T19] Freed by task 450:
[   64.953874][   T19]  kasan_set_track+0x4b/0x70
[   64.958460][   T19]  kasan_save_free_info+0x31/0x50
[   64.963483][   T19]  ____kasan_slab_free+0x132/0x180
[   64.968591][   T19]  __kasan_slab_free+0x11/0x20
[   64.973358][   T19]  slab_free_freelist_hook+0xc2/0x190
[   64.978725][   T19]  __kmem_cache_free+0xb7/0x1b0
[   64.983575][   T19]  kfree+0x6f/0xf0
[   64.987296][   T19]  kvfree+0x35/0x40
[   64.991126][   T19]  netdev_freemem+0x3f/0x60
[   64.995641][   T19]  netdev_release+0x7f/0xb0
[   65.000141][   T19]  device_release+0xa4/0x1d0
[   65.004728][   T19]  kobject_put+0x19d/0x280
[   65.009135][   T19]  put_device+0x1f/0x30
[   65.013282][   T19]  free_netdev+0x392/0x490
[   65.017688][   T19]  usbnet_disconnect+0x25a/0x3b0
[   65.022622][   T19]  usb_unbind_interface+0x223/0x8d0
[   65.027816][   T19]  device_release_driver_internal+0x508/0x820
[   65.033887][   T19]  device_release_driver+0x19/0x20
[   65.038998][   T19]  bus_remove_device+0x2ee/0x350
[   65.043933][   T19]  device_del+0x6a4/0xeb0
[   65.048259][   T19]  usb_disable_device+0x3a8/0x750
[   65.053282][   T19]  usb_disconnect+0x31e/0x860
[   65.057954][   T19]  hub_event+0x1bd5/0x4680
[   65.062370][   T19]  process_one_work+0x71f/0xc40
[   65.067212][   T19]  worker_thread+0xd2e/0x11f0
[   65.071884][   T19]  kthread+0x281/0x320
[   65.075947][   T19]  ret_from_fork+0x1f/0x30
[   65.080361][   T19] 
[   65.082677][   T19] Last potentially related work creation:
[   65.088382][   T19]  kasan_save_stack+0x3a/0x60
[   65.093059][   T19]  __kasan_record_aux_stack+0xb6/0xc0
[   65.098433][   T19]  kasan_record_aux_stack_noalloc+0xb/0x10
[   65.104240][   T19]  insert_work+0x51/0x300
[   65.108569][   T19]  __queue_work+0x9b1/0xd30
[   65.113068][   T19]  queue_work_on+0xd2/0x140
[   65.117599][   T19]  usbnet_link_change+0x176/0x1a0
[   65.122623][   T19]  usbnet_probe+0x1d55/0x2780
[   65.127299][   T19]  usb_probe_interface+0x610/0xaf0
[   65.132413][   T19]  really_probe+0x2cb/0x960
[   65.136915][   T19]  __driver_probe_device+0x198/0x280
[   65.142218][   T19]  driver_probe_device+0x54/0x3e0
[   65.147252][   T19]  __device_attach_driver+0x2e9/0x4a0
[   65.152621][   T19]  bus_for_each_drv+0x183/0x210
[   65.157470][   T19]  __device_attach+0x2a2/0x400
[   65.162233][   T19]  device_initial_probe+0x1a/0x20
[   65.167257][   T19]  bus_probe_device+0xc0/0x1f0
[   65.172014][   T19]  device_add+0xb4d/0xef0
[   65.176343][   T19]  usb_set_configuration+0x19c2/0x1f10
[   65.181801][   T19]  usb_generic_driver_probe+0x91/0x150
[   65.187253][   T19]  usb_probe_device+0x159/0x270
[   65.192103][   T19]  really_probe+0x2cb/0x960
[   65.196620][   T19]  __driver_probe_device+0x198/0x280
[   65.201904][   T19]  driver_probe_device+0x54/0x3e0
[   65.206932][   T19]  __device_attach_driver+0x2e9/0x4a0
[   65.212301][   T19]  bus_for_each_drv+0x183/0x210
[   65.217169][   T19]  __device_attach+0x2a2/0x400
[   65.221934][   T19]  device_initial_probe+0x1a/0x20
[   65.226956][   T19]  bus_probe_device+0xc0/0x1f0
[   65.231718][   T19]  device_add+0xb4d/0xef0
[   65.236047][   T19]  usb_new_device+0xa70/0x1520
[   65.240818][   T19]  hub_event+0x2a5d/0x4680
[   65.245233][   T19]  process_one_work+0x71f/0xc40
[   65.250350][   T19]  worker_thread+0xa29/0x11f0
[   65.255022][   T19]  kthread+0x281/0x320
[   65.259082][   T19]  ret_from_fork+0x1f/0x30
[   65.263510][   T19] 
[   65.265828][   T19] The buggy address belongs to the object at ffff888117454000
[   65.265828][   T19]  which belongs to the cache kmalloc-4k of size 4096
[   65.279995][   T19] The buggy address is located 3312 bytes inside of
[   65.279995][   T19]  4096-byte region [ffff888117454000, ffff888117455000)
[   65.293456][   T19] 
[   65.295772][   T19] The buggy address belongs to the physical page:
[   65.302180][   T19] page:ffffea00045d1400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x117450
[   65.312418][   T19] head:ffffea00045d1400 order:3 compound_mapcount:0 compound_pincount:0
[   65.320756][   T19] flags: 0x4000000000010200(slab|head|zone=1)
[   65.326840][   T19] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100043380
[   65.335425][   T19] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[   65.343995][   T19] page dumped because: kasan: bad access detected
[   65.350397][   T19] page_owner tracks the page as allocated
[   65.356101][   T19] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 283, tgid 283 (syz-executor), ts 23245450521, free_ts 23243386843
[   65.377283][   T19]  post_alloc_hook+0x1f5/0x210
[   65.382065][   T19]  prep_new_page+0x1c/0x110
[   65.386566][   T19]  get_page_from_freelist+0x2c7b/0x2cf0
[   65.392114][   T19]  __alloc_pages+0x1c3/0x450
[   65.396789][   T19]  alloc_slab_page+0x6e/0xf0
[   65.401384][   T19]  new_slab+0x98/0x3d0
[   65.405456][   T19]  ___slab_alloc+0x6f6/0xb50
[   65.410040][   T19]  __slab_alloc+0x5e/0xa0
[   65.414366][   T19]  __kmem_cache_alloc_node+0x203/0x2c0
[   65.419820][   T19]  kmalloc_trace+0x29/0xb0
[   65.424258][   T19]  ipv6_add_dev+0x614/0x1230
[   65.428901][   T19]  addrconf_notify+0x6d5/0xe40
[   65.433665][   T19]  raw_notifier_call_chain+0xa1/0x110
[   65.439038][   T19]  call_netdevice_notifiers+0x111/0x190
[   65.444582][   T19]  register_netdevice+0x10e2/0x14a0
[   65.449790][   T19]  veth_newlink+0x7a0/0xbe0
[   65.454293][   T19] page last free stack trace:
[   65.458955][   T19]  free_unref_page_prepare+0x742/0x750
[   65.464414][   T19]  free_unref_page+0x8f/0x530
[   65.469107][   T19]  __free_pages+0x67/0x100
[   65.473521][   T19]  __free_slab+0xca/0x1a0
[   65.477942][   T19]  __unfreeze_partials+0x160/0x190
[   65.483066][   T19]  put_cpu_partial+0xa9/0x100
[   65.487744][   T19]  __slab_free+0x1c4/0x280
[   65.492154][   T19]  ___cache_free+0xbf/0xd0
[   65.496653][   T19]  qlist_free_all+0xc6/0x140
[   65.501236][   T19]  kasan_quarantine_reduce+0x14a/0x170
[   65.506689][   T19]  __kasan_slab_alloc+0x24/0x80
[   65.511534][   T19]  slab_post_alloc_hook+0x4f/0x2d0
[   65.516817][   T19]  __kmem_cache_alloc_node+0x192/0x2c0
[   65.522277][   T19]  kmalloc_trace+0x29/0xb0
[   65.526694][   T19]  kobject_uevent_env+0x287/0x730
[   65.531713][   T19]  kobject_uevent+0x1d/0x30
[   65.536211][   T19] 
[   65.538562][   T19] Memory state around the buggy address:
[   65.544353][   T19]  ffff888117454b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.552408][   T19]  ffff888117454c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.560465][   T19] >ffff888117454c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.568524][   T19]                                                              ^
[   65.576243][   T19]  ffff888117454d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.584300][   T19]  ffff888117454d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   65.592378][   T19] ==================================================================
[   65.600428][   T19] Disabling lock debugging due to kernel taint
[   65.608548][ T2917] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1005'.
[   65.634667][  T335] usb 6-1: USB disconnect, device number 8
[   65.640609][ T2917] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1005'.
[   65.679725][ T2110] usb 2-1: USB disconnect, device number 4
[   65.795914][   T39] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[   65.985803][   T39] usb 5-1: Using ep0 maxpacket: 32
[   65.993893][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   66.004833][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   66.014691][   T39] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   66.023826][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   66.032843][   T39] usb 5-1: config 0 descriptor??
[   66.039081][   T39] hub 5-1:0.0: USB hub found
[   66.240352][   T39] hub 5-1:0.0: 1 port detected
[   66.846797][   T39] hub 5-1:0.0: activate --> -90
[   67.248021][   T19] usb 5-1: USB disconnect, device number 10
[   67.485834][   T39] usb 5-1-port1: config error