last executing test programs: 9.597429416s ago: executing program 0 (id=5099): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r2, 0xffffd000) 9.560275569s ago: executing program 0 (id=5100): sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0xffffff8d, &(0x7f0000002800)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r1, &(0x7f00000061c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f}}, 0x50) syz_fuse_handle_req(r1, &(0x7f00000021c0)="d56cea33946c0eae3241d3604bfce89adddb2eb96960338db7572fa254eb7c69dc0cb526989630e26224c258c8d70ccacc5564d67723f4756c0399174c5460c4995942d24092c36dc820e97344798b5bb45423f853bf50e374323abacf0388cd091016b7a3d7843f4d3ae1658bd34d967e3323a64908442788dbc99c1f4248da53fb5be2c8001236b994ca594e3b3c588beaf3cb1c32c072d768b9e665e7d87044fdfc1fd6452593e6793963153f3850bf85042a5c139799ba8f6cb8d877fc436c4f1601270d6e29d60a4c80d6315e46f4219494ce897127d0b76f5d681e90f4e9282468ef7993cd92076aed266c1db8b81b93adc4969c9b89b32b8768c9f39f2d148e933dbb651746a9364f49986ef73b4c29f647b82b83216bb8179fe5346fdacdc5fda4bd48875cd2f1cf57a0c9a91e059446bac310a6d68948675c35a8e442168fd84d78d9800e5b05bdbce3a6eac65bee7279a3628f2a08931d3d52ce490652c20f8ae529eaf24bf421dad976c68b234ee6f6210c9f9aac3a55c6939d6aa3805b95619546264ff3ff82d0dc690e8ead61b6ed528c3c117cd771a3b7feb214ce8d720640d97f14b399b7f46dc4aad83117e8e642ccb117d13f345536fc3801c124cfaf8aa7aafff6c8df3fdd4469c077eccbd8ddacad80d9113dfde26ae67b226185743b2d53667fb3016fe114f87484ab614ddf0887c4b2c85351ab21a0ece6c066a154b38b4d7c1792d2db2cc5f8ceb42078187949d354b7a08d1529f3d10814757179c860db031dad4a3dc13ca01d1013238ed5f7a9674fcc77f0d34e2118fb851c970d86ecf9de1cfdb8d3ab197480e263c3207c3d7ebe17f9547c7c56b08e83de875294d0fd68df1926ecac24350b2c70bd73e14122ed480c564353d34049e67c26036fc35d04022cd35d6ac00756d3b8550bb22ae80a4bd630a00268d07fa249b0bf545dfbf01bea2f12b30738c6e13156244eb24e6d69ba7c3acdbbefe8bbc06b821aebf836ca07a3cc7b6b24686ed8f3b23085c893e72188b797651c5ab5cceb1465414a325f793a3af6d06eed7eb734ad05bc1f6619e8485259f570a482a67273ee01fe15dd938afce026f1111c7a38ed6d1aba34f009ce1e99140fd0db2de74150541fd48dd2ec5b1d15669de2ffe3a198184b6186ccda31aa64c585ff8cb65b67fe1455753895a88b6ab4c6bf1bb8329739178147e6f15801bfa707bd9ec9da662573ce07af684bb7c880a7d63b0a0a7300881408c44e95c679ea32b0eab845d0b333f245e8d6006258678704aa8cccdaf80cc46138d5b7a0804fdfa34c91d61a0d2fa6c62e7d1a675e5743f845ab40ea5df0182d6eb9781905c94751c75a411699a76f48433142c5f109d5dfddcc0b1dc6254efd5ea50d6ffbc7b9ca031e1a0123844b63c48b964645c6d24707582825e219bcd61677ed4fc45ee1f4be91b4c1b856d65a86acf22b8b0d588bc473248ac040326b1490c2fea24bc0c0a721e2ed63e39973cd4d38df1001dba9b9d995c229655dd26f3cd3d64077ec111e2c370717cb4cd068e0d3a52f1027d3df953e1f1ac768a7215a3695722b1b6714ce43801451a9532212b651d073c780d61712aebadd145c1cd95c1dc0dcf51850046ae5771e365f45858a36e48afe563ec0afee3803ff6a35bc25217b53eda39bb813b8d3d728c21a0b80d014003143666c0d1398cc46a01aaaf97117edda217f984010e7c5cf32535a669d4f11f6b70e3a3b823987ef7c9f878415063bf05205e13bcf7acb287bd0bb0fce77529a711f0ed145ea2ecf2194658dff17c5681cf8c7ad8521d235a705292af4878b3f124be2df661026c091d6c07aae1a74c919f7478d1083f70b3a0fe00c2e220ab998b4595268b6f7cabbfc85e59dfb6ab7a794cd3fd70d5cc4d70ca933a4452df5a345cb31f3267de53519ba39c915d492cd4652843f1d30a5fb311e3b5d868347969f013c5e3b4841b22240abcb61a14ff567186766ce8f6ae64877f672835dbff4fcf19c8230d8a402397630effb698a8b0c9a28ae028d7938ffde488fd64113085bce504cd0551e0eb3730c3f781cbecf0c41d2338766d3f6096661c1f1bec3162b8a0c4099fccd9480e821df8782c2e070530befb62bccd8539fe9dc7d8d3f9bded1bb34db3f2d6050885c8f1d57f5e603f629de7491f5fd9fafcceb565abeaec838b10a763a00a4607d4330bdcedc066d8cf9790d806e03c219866bb8f053a6e602645436d1f469df1d5008f5dcd4bdb7ce5b76ec015a8f4693cb2a63ceb2be00bcf221f0ca32db4efaf8f7022622b335fa8dea4afdd86be10be6c4d66e5f57416add4480509cb98cf31cdda84644eeb782eea041d4bc0e005a20bccc3c4a08cefcdb91cc2c61d9231c4e36e96f6edd2133f9b34e7da90ce20d1c60ff223c6a204bb942766a359b923573bbbaf2a827d79e4f649e79a840216ac4ddb3409c94e71ff08d109bc3f0cf6583219de7d7131a956f835ecf5c131a0b1e056a86d800a0204243f3b695029578c064306a31db53f28a8f0c0302486cd05970904e9b5c53100ac1aabb3110a89820e4d8307c3d46084999d0456c53fec61a9242b486eb41a90f3300fdfd0d8a472e8da7a842588721d1df1f5e4cc425efebc75a904ef4cc881346a4bc23eef4d492e3efccebab86ae4213f42671370579ee7f8341396e9515619e100a8fae2c5cba0139a088579ece7a603c8b8bab9998223fe862dff8480aeaa5970c90b894e5f71c2784e4dfd50ed3e9ed91036e8356c09464de13b4a95227203133b2c2c71cd6323492f083bda58ad7721b6666b9cd93f93f0288482813fd8aade02cca81cd35257e023504ac4f86be1c7a810b67c6d7077f5cdbd305b618a05c03d196894bfb1a6ff511e59ac8ce45d16cee95e1de0797a543728caaa43e5ae42a12b6bb7910d18d4e1ea89d264491287eb23a76095a12a39c46a7c85349e2969edaed3c1fa6a2150494f63f4c98c65fcdd650ac7424ac1ae64421294356ac1e4dbf9d4c817f081f4f7751ebf56788d799bac29dc0bfe83ead7ab3e338b8b84df4cad2b549aaac4e6048a6fa8f8f6f1f7e0e51c8b3c872f18c466e590222b03230f46bc8e9a0171bbd2096c7a480d6a6f29bd74b60105bebda42e59cc830c4b31f6c52687b4ec2ba869149ae363d711d099f94ceade1ada193e931ed9aea0a280ed5f25ad5ab3b4083f140ca17b43e5f6aef2c24a28a0262c80a040187e052ea7d54a528b6fcc176ed3afc07fe6a661d050fb4a3a6abfa3dac5f3230540b45af060781cb5499c2894d6a4a2bf908ddd48d6b34207f56c31229e206c88db3552ceb6e82a0fa2bf7f97baf603d37d6a8b1f2b1f5f95b251129ed05351681908b7cf5cf6cc86dd854174cc19713b4d262b021952b6da5f20f57bbacca62f5b7124409aa625bbea59819baebc1bc2dd188feba48c998d0dbed60d44b8a4f0ac28f6c1c8c9998f7406f1a34e4ce902be2420f7ff51a5ab3b1faa86ab2ec1edbea2493cae090abde43ff27d685c993dedb24eb255772cc56fbd104f4f5275f10d54d7cacb8cbf188ae1a4d29ea880068fb2696b3ba6e8a7c15939e1f7c394ab4bd4c4bef2383121cbeb18646a8e013d570cee3eeecd7fbe84a619f8aa2e34f2e1e9b99d0c7d7d179d9df8d2e2f1cd7ba2c7e60166dc14e5e4ed9c41195935e2884b5bd0057ed0155a5d4c6482e8f554e4cd0d0aef7d6487801ab54d54eb41755d833ab83883b40f47595063ad2a0fee5c661f86b8ab04ad0047d988ad86b3c520eb78dc3d750a57e777f5d766349f1a687e090f744206cb5d048346061b414060f6826d8a884e93f73f1f1f4cb8bd6e8d1215d436d390dbda35b555f550e11e6d8008fce1c429bd9bbd04a1fbb9de28663c1be4d8d7e506bc681ada28a69014b972919b5f70cbb770349324c9af0b7ee7ff4cc8bfe807fb9faa0a69498448b22192d578a1e82582b943051beb543ddca8b643ee6c76ee32278aa8bc92b44a8439a24ed5040545349ab05e831d4511a8da03ca539659585b2267a73775f1cb7c2c5548d3508c896f99a8e5cb55160ab1267e320ac2d7c8f8b57079dd14d301636a1374e24541f8d453978998ed256b381bcf638bb372ce1ebefb341656c02f4092a7667ffec5505e4938dcb03d404654430e244f9f7f7d0fb4189a93f7c2bd7a4fcb3ccff79e41a98adcac3e4c19eebebaec15bd8cea1df0e509cdef62ae10c66734d162caf35a6e511baa717f769c2e449892224fa8ae78de9138cf6ea1d939998a8cb68b0e83cf604e03b99634796d3d495e4617f8fdd9764631e7ed6eafa797deb1159259777bf2915d48b63286f6d6528ad4ca5783609263d9a03aad41ec8ef1e2e1e77734d27229f801192be238468854945c20dab4e1baff9dd593361efda1de95e04561d33cd73a45dff5f85b2e85b0747a49345ac8d38add8ef9c14685eb3d3432f3f994e3ddd4e45b16005870485253afc4f08d8a6d8023b722284d11d56c6ff9209a5bacb7ce1708244bd21878b8cd5c13ab453bd589f6196322de9faede39ce6f94c75d008d2d7ced27a2375cc62c3d5c15c1c4301a01299d8f4c41e5a44e4130e9555a356d6b19728c7d3c86cb9a1ddf906ab63a9447f8233bcd09bd74cf9749f085f0c4689ef40dbc41a7a299f0f891d9d0d3e39409d4d774da53bfb6e8ce668ce50885558e909add2cb9bda2f7e9232541b1a7f742a99740f486ef4f7c98e4052f2da705c56a18d5a8289ae6cbb9dc7de13a8cf420b7a930abaae813b40517d84ae984dfc94cd1021e0e4a7a9e7de841018d474083ca28a829ee03fe625cafcbedadcdef6621ccd679fcd9c9a9ab2136211f8c9a679895aa39facf2d6668e5098b3dd8e0ad78d8caf250dc38f2c9518bccb353ef3418d3906827514c1959d58344ee11a0ef1c1424495cc1a9910187685a47d6dd91f07e5081c5ac3f1b6e363069694dd9072684c5ab0ba56157c10f5fa8409e5bc43b38b31f24a306ca5f7e3de9a392eac1984e877ecb3dfd044f1449b4ae9b586051b1780c0ce462919f4a4b54ad8011d013c3962fc6697d33c2dc6771fec664c82cb16144619b207deb4391866d6c1976b945c5959d19018f15376ce3b05666747743527f22b54171da4dabee2f4e469a5521067de4f92e2bad02e15e812b6cbd27ec88a9eccf600ce7f5643392da9ff6b6412f8e7c68d8c8b9e0006e41777e2a1363a9556befbbb110dff3a84b179da3838acde0b25f53798733a9fb463d76b630aef7c8a43f6219482b34b893fd99cf3a013ecefde7c5c6528e304c1868ff3fd8dd5aba348a05dc950b1c4c281cbb28b800d6d0da180fdee06ec3bad6f97180295ed1d77078156a885b5b0c501ea563e8871adb97dd6052de0ab369bf2d98f434bb2d172d9967bb73d3eba6b52bb8d55d8963bf58d310afedb51c0f94c7814b6da30fd8056ab7be74ac31b1b75c217e3ab93eadcb2d253e5d8bbe47c0f1a411a9e502cf4301d898d905cd5db828e56a722394fa11cca64a03a42e7fc1b3481b71ca0b6a3d9bd1fc8229f7f9d3e6aa0d48051942579fb759201d4715db9a2d399e0745a66dbbd571accf1f2e15573ce832e91bd1f042ab758d9ec13e354f38454cc42668c8d60358916f7e937015f6c38732bcf6131ecde001892cb20fe47153e7e23b1cd2fc4a22662e7bde09f7df10fcbf475783fe23a0fdcb2c3bd8b28453ce523ac19ff77e68c3e9fa0193b796ea68f44132b3a96adebc04181e503f52be4778ef422ce3e6ca38514fa18b500ca518590479e8c73a7942dc2e237d82cda953ae1b296b97ee8ed62e2e755d6ddea7c0334e1b8d76c278bdc454724003106cb6fdc85340d1e784ac8b6551eaabc33c502163ce0d401627bd22ba6be90089372bfa3f91ee745e45844ef8dc0fe3936bef07f9c1d3aadfa4c8e99be6b038bed6beb9597add881da2acc1a3a471f500d68f639cd2bf6f4afab919a2cf747bcbb42b95684e8741b485c3297cf07c7bd98d6653421b61f701a06b82be0fbeecd32eb00feca9c5732bb5e565bccf8c9feb27a50760a785bbb50402768cbd458811e284a604b3374faf3480e1736743665617de9c32fd10e37105ac6dd5303f1a6dc78950bce56215c2a2f9e0ccbc0bf9fe8ccf7647ed29e2aa4948689d681a7a9fe582631338f3eea3df846f28564038ab75aa2a8ee5416b66ceeda9d8f56ecefe07f6a21ace83a2e15ad408d0a480f56708e3d1c96020b124c58f6ff5247f73aff7f77d389167650b8a0b98c97f87a1e5d6c08fa99874ff144bfa905e9da3812f010eeee00f3c9b594450faab5342e1b6e98fed5714a802b67b3e5b1964a62606aacb8222efd4980823f076675ae859e64de7b08f7a0b3d8bc829e1a93eb3b4975b4761cd7fa743e393da537c91f658ea2b23c94244498cdc4bc32c8b9859b9d9792eeabdce635b2d61c311949204826054dba0880505e2b53cc3521fa8b68bbba2ec05050bd3244c02752af1555625ddf50a3656c0043005c43c26a2dc907d5dd67efa831ad974151067b436a75fe99b8c94c9ca9737279fa1aaa09b0108c48c79c7e4ec1eeccfd43aa8e7ab6cacf5a956fc47d4ce77fe719d6eec1730d3e3b3be71d313f644177b6d16df0180848c28b850fbf71168a1ee4e5639bc46f2555b3984dbb91520538dfa6a1905abfb7238ff344d0a7d760f040718a57cfb56634e7de7584097f69f87630693bcf410796266cc3f50302feacfb556bad2506b7191023817527dfe5973101712bda922472076633133a11a76e8bc7d763a2cdaa53fa8d47d442fcc572f791d66d10d8d6a9058ecbbcd6d3dbe45d67b75e1091dd0368bea33ef0f56ba68885630429c24800922062e1066f2d4c4b795332ab03239548df4e6e01c432fe5eb29e8e63f6c7ba4f2edefa208c69e781786e4717c2f71dc2032a98cf1e6d66c10831e17ee776edc6b060ae20d025dc570a88e17da771acd32b7b93d46e43a917b8e2ba8232ad2707324b9b04dd8ee50c3c5a4372c0b1461ab2b7424faf00c7162bd8e8ffc7fadcb055403b0fa7087226ba4330e746af97a3f915f0b9e105759e81fe94a0df0cd6c324fb0b871491b5516c2fbc82c77b07159e3f4c0b7952b74cb4e203a69f241485191e1afc76d12a56db065b0513a41582f655340603c73cb39b728c97d1e919ecf963b91ec2282d25dc426db873394055beb0f9ba20545e2465ce2d0d962f42e1e4c79bdea4cd2829269ff7ef650bbeb5083d39dc7aad668af0b01c521192c548857473b29991f7bb917b5814fe945f4c3ed9bbe0563f4004b391b76860e9fd6b7c0baae82e4ac033f62a2c6ce6a2311b8700b06b5215e604a9b99d37e00450fc7790e893176e9fecda220f838a078a8ef7da7d499b1fe0eb8780c4b9705a6a10674e61b5c228fae1c13488f98c10c1792fa40229dba44b1cb534f9fab6a14407687761d738c91f4b8d4371a1de1a47bde0563a6fc88c4886be5d48c4cb89078c255eb1639598379daf50a672cbf4d8add2d4af6c02aeb1d0f86b611abd363409c7c7fc0b66f307ad3df24241fe06d0f7617d6c3987bb9e5d8f1712aebf095fad19b3b4fcb9cc4fb39012f333c4b040666259ee7bc43cff299a527a8914d71324e91c774b84e9392e615453e9fc648c539059b66f780c888892fe8b30eba799ed18fab08ebc3b9da8bc12a249456351bc0ebafc9f54d5d24697fb53eeb5e734527d690620989f605f57dc65a15a754d304be592acc616cd528b6986064b4457b96cf1fb0ab383a0585acf9887b18e1d6d3aff1e7f2328ea0313a2b36f6f79d671d9ddc4d34fb8fb55a596b2a16c63757083fb4bd01be2e1d82e47c5a44e052279097c5a18feae9884e102cf087611a3b94467ad61635dae6275974f6e6ca7a42ded0ee4577574d56b142853a8c955d92d1eb780de11dc9289acd193214ed4c9f5f26d0481cb3c0c0b8d4c9ad929c61ffeed66bf2e4f7018049593b99358d93559847d55654cee93da30f6578d2e295909791d227a12c09cd4a0edec25d3155086b64a787997a53265cbffb7fe6a2bfd589e12b4d0e21a600276e920397888443584aa99a06d7cfef8e68eeab8fa739c3d8fb74581ceff295110742e763320bed3a4be982b3ebed15ecde37e849aaa91959327d25149f38854ea1137f870aff99979e5e74cc9e45be12e3f0f9912a0955e718a4917e835bca50f43ce92a6bc60ed006b8f623fbacebbfb3dcb4fabd9941a5487c6f637de9a2005a6bc4062e1210a08a51d6f8a5e3f6f97fe90dc7e2e21d4d2f038c0fbc1918aa00e230a4a0e5c41a4808fb9a731271fcc1e73713c9592aa4b2ddccd0d13c3cb68d51166623153445c9ec955c6870dc8543c0684883186082e34ea5714febf8b46921015c3623220d17529896e1a6edac6e32fea2ba30db203238300353602c17dddad7608cad8170b520f6d9d32cdf0156a1de4e9b9eea78f73255ddc6da6994a6018ff900d9886590602ca6a072d8aa5645e2adac0744e2d5b2e1038c746635d5814692c3498aa9043b68f8ce79c44678c5a7d5bc26c085475853b229b2af3dc822ec58047f313c778aae2b64995148174e42908f3ecacd3921855790c0c5a25814416930293010b4f917979d837f4ef9d2d6dce804f5c0926244097746252124a6e0055559ffab197c38778f717362152af8f6dbf7ee03df050ab9b8909556691c2c2775f0f9c26a545db7ba698a4ce37de877705ea97ac0a002db274ea8360a4aa732c2d5e7417138c60cbea69d3b4993ada6a9d8f51d851543a6500a31bac5a057dbef498001f08a44e3c4141900e18b6d73c28c8c67dca805edeb5376384cefe75be1f127225e4d9724b7047d68fa2ed4629e91711a37c80158a07dbce78918931402b472a98a5d5c6b66a2d116314577e94298c37bc441499a9ecea132d87c5d305a0f8f0b3ed16f3b820941082c73b28391d8482ca0cfa78e1e09aa588b0eb1849c6c7916a6bbe56134a6bd93ea306dec125982628dea1db6d022d210627959e1dc819c841f173ed25f356909222e481a1ebb31185fbaeacbd359d2779efe4554ccdac7f4bcc528f656a45049331e16e9c0c796423ec9c7cba15c69d4a8a7741699910f33cc9798a8bf1e48182f08029a14d0131654fd388225d7509e1d7a484e9c7df34d1680bfc6b8d1f6f3920cc4113509fe42dfbd6b261000da9651f7e18088f6c2564472046e5eb7e8c9f8b5286a7452741a7103ced710bfb8e699fb8b1a85c0ae887cc06ef2ff9e2a2b1a77bb4d44ddd4a4e1ba60afcb92baaef108b60486d409889cbb2b1cc77ddff7e4b6caf8cf3488764d84bf3605eb9df709ac6cb36d1a3de89cdd6657f0e6b4009e6dac5d9be14f4ed997cf61e5aaec932520c321359cf286adf6e2dc3094794ae61a4f16089d06e3dc62c958950e73213c1e865c894fe7b8a30de65f5534a1e9c5d19ed49397980126322cb9c72c46a86d7487571300d85b3b5661555f20ab63a78f846c1b8f51a19610a11ffee44f7ccf0f1d67f4148b2c828d74c7f3993965c9067114467a71d242113a68574e28601fce343a023ecc68a72d75259f9a5dce144a7f61ef327192f6474d2bbd06fde3049fe7fb306ba3f54337008d7dbdeaf28a37a224e38ade23adb076cefd3148efcb62539a96d4dfc53f369e34c3d493ac3a5e8c8881133be630a2a906703da62ce7cc02ace9f666d6c3d4b9763a83548825ee1efb54ee3475b09e2616c5bdde3d193181bf020e8ac9ac25f32604b6c11de8ad1a15b9f908c6d7e79181aad1d741b7434aa92597a835c53b9e4b61d6069fa4ee921824d17c98784a8c04590f8d2cf877662b410cae4ebd1ba3616074c020d8cb6099a095735635490d318821310ddd016150edb80370b8d4e2f05557fd619b17192c13353cdae76d495821c610c8641e5b3dff1e7f2ea77b17810ca7975b8e36b7f501a8710b326ef92672096ef66598510902fe663e2a9ef00c3a052f1cfb1739fccb4371f8f28bb92654de5bf87cc2863e92e6d7e4b45d773f90f434eafc8f8398a48527af829a6cae359e7af5941bef158f53798058351107ce58f79ed21036770f6e10e7da92bbca25f369ee83a0f894bbf366a1361f8125b4ffd8e8b4d47ec68cd6b37c840cc5beb8cf65b2269ea1a0e9c371a571f30458ff8ad9bbf8723c19ddae1de5ca7461a436ffcd103c01a20f3252ba0965ee928cfb0d002b9aa4d4f20c805b77e67c8d991c4d07e5419bec9626a32c115d28253dd5f16c17182c1779edf49bdfe3823d87fec88929801163a27bfaeddfd8cdccae8cc3bfd6a9f2e2fec5971fa560c434debd434ff4d0058dcb05d9f3ac5193c458472d6d1685f9f46c8864900c5edbaeeee08971ee1c087f2e11467ff4766743bccf9e3414feedd6dcb904b92a05eec5de8db95444b920c995c770edcedcf7bffc48836c8f30037dde47f0e66fd79550de0ebc3c0c3eba0b66e2a353542eeb20397800e5f41635c5ec2f9a271461bcee8e570ddf945b186f15ab5cabe2a3123189935c6b9010b31732c425a9b2582b097486a5a7b1880b2f16104484e1ca83fa9c278b87e30e4b0cf6ed66c87a979c05683ac94a295d1c53e6f0975a079dd9a2825fdd6ae0926ba1a69f3f69f408eea9d00fbd43235a52c53d11963a611b81dd9f5e05582e1822398873e883662a64c225be19e0b85e102e23fb73d5dcb11435a5437d7418b0409f2e60793038f55ed54c79882b3a17e74ae2148bd558d131dbf446edeb0d05353492534e216761cfcf6582d066a8235a2bd5eb383350a52d7fc2761514e27b6125cb3e387c103dd62e31f5b789c217811c80ccbe3f10fec7a19ad32dc9271368b6d6ba549c45dfd8018507c40962b6ac6468c3078edb71d8ec7f728be8cc23dea1139ac30c2e8d0fc077280e420fbbffc896863db5f1e76922d7dd8e4479c1be822e74212c6f74765e108f916a1b83f6efc8ea54080e9a28b1ba5813a1fefddbe2d0cda413ee1463985b51b59f818f440c9b6a10e4ebf71d37995ae9694ba5867ca2eb2f7bf4e58d26149f2b25943fba216beb3de1f954bcf1bd32ce358b5d23023ab456ebbc493ead41e25b62b5b4ace6c5c18c9a8d512a9cbb4dd59f33663f6138d6b06bc8eb1ec9caccc0077b2e68e7a09d412dfa352e7e5c3942b710ab1648e16d0adda424d9fc2d15c619f4e8093c2b9521e4cdb3f22e655f52ce0fcc1bfd94e56cba8decadb68214451be53f9286c82d2a4912bd2394d1133be908409d791d6d8c2194ca37a76a38d6d0a1fced6478848891d9264cfc08fa849d720339ce00977cad8d9738372184098a7333dd1564d1d7754b4aa4afd6217585804159d31f53017869cb78b718c837b7fd176ce19e3d6996b6f055ed3ba7cd55b0349676c0c113c33d070081ce4ef29af156c4ac8ce760013688d0295d90271e23ef3ca10ec2b3b889855a153c867ce79297a10a02d21e5e8995fbc10d2f4d4bf521565376053b80937bfafaac688108f9962b7c72cf0111874ac8ae27d024ee2f9d57f15b9910a7486ef7542c6629fb0520c93a445542d", 0x2000, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) lseek(r3, 0x0, 0x1) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x22701, 0x0) write$binfmt_aout(r4, &(0x7f0000000080)=ANY=[], 0xff2e) ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000ffff00"}) r5 = syz_open_pts(r4, 0x0) r6 = dup3(r5, r4, 0x0) read$FUSE(r6, &(0x7f00000041c0)={0x2020}, 0x2020) read$FUSE(r6, &(0x7f0000006200)={0x2020}, 0x2020) 7.842376087s ago: executing program 4 (id=5104): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x2, 0x2004, 0x5}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r4, 0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000300807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, 0x0, 0x20000000) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) rt_sigaction(0xa, &(0x7f0000000080)={&(0x7f0000000100)="2437460f1c2bc4a2f99c9022000000c4a2f10027460f38e741c44240f29a3b470000a5c43b3be5c436fe0d094e486ff5f5bb559a00000f75bed5370b1c2665d2950e000000dbf5", 0x0, 0x0}, 0x0, 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000180)=""/109, 0x6d}], 0x1, 0x0, 0x0) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, 0x2, 0x3, 0x101, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)={0x2c, 0x2, 0x3, 0x101, 0x0, 0x0, {0x0, 0x0, 0x1000}, [@NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x12}, @NFQA_CFG_FLAGS={0x8}, @NFQA_CFG_CMD={0x8, 0x1, {0x0, 0x0, 0x18}}]}, 0x2c}}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)) fchdir(0xffffffffffffffff) 6.976105681s ago: executing program 4 (id=5106): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180800000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = getpid() sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mremap(&(0x7f00003d1000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000b04000/0x4000)=nil) r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) close_range(r7, 0xffffffffffffffff, 0x0) 6.910740026s ago: executing program 1 (id=5108): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000000000010"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}}) write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="b0"], 0xb0) mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) chdir(&(0x7f0000000000)='./file0\x00') mount$incfs(0x0, &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0) (fail_nth: 2) 6.635148437s ago: executing program 3 (id=5109): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file1\x00', 0x8, &(0x7f0000000540)=ANY=[@ANYBLOB='dots,dots,nodots,nodots,dots,nodots,nodots,nodots,nodots,flush,dots,dots,flush,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c6e66732c646f74732c747a3d5554432c646f74732c646973636172642c6572726f72733d72656d6f756e742d726f2c7379735f696d6d757461626c652c646f74732c00fe7f0f39808431642bbfa1717c86e2007de4316ee8296d83619084222de0720670e9fd588dbca8d2eb7b91d52394959824"], 0xfd, 0x1bf, &(0x7f0000000680)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) clock_gettime(0x0, &(0x7f0000000380)={0x0, 0x0}) clock_gettime(0x0, &(0x7f00000003c0)={0x0, 0x0}) utimensat(r0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)={{r1, r2/1000+60000}, {r3, r4/1000+10000}}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r5 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4000}, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, 0x0, 0x0, 0x2, 0x0) ioprio_get$pid(0x3, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1f, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x7f, 0x0, 0x9, 0x1849, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x85, 0x4, 0x4}, 0x48) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r9}, 0x10) socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r10 = getpid() sched_setscheduler(r10, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) 6.629297637s ago: executing program 0 (id=5110): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x8, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@noop, @lsrr={0x83, 0xb, 0x0, [@private, @rand_addr]}]}}}}}) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r0 = dup(0xffffffffffffffff) sched_setaffinity(0x0, 0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x2440, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r2 = fsopen(0x0, 0x1) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) fsmount(r2, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, &(0x7f0000000500)="eae9a1000037017aacf30fa6c0f30fc7720dc4e118541bd3a9f4a60000660f1c460d66f30f2b2b0f09660f01df", 0x2d}], 0x1, 0x0, 0x0, 0x0) r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0) r4 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r3, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) r5 = socket(0x0, 0x0, 0x100) connect$inet(r5, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) sendmmsg$inet(r5, 0x0, 0x0, 0x0) ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r4) ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x1, r4}) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/85, &(0x7f0000000480)=""/65}) unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x0) ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x90) 6.577107561s ago: executing program 1 (id=5111): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = syz_open_dev$vcsa(&(0x7f00000005c0), 0x4, 0x800) r1 = socket$inet(0x2, 0x3, 0x8d) setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="8e"], 0x1) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000000c0)={0x0, @local, @local}, &(0x7f0000000140)=0xc) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000000)={@private2, 0x0, r2}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000680)={'syztnl0\x00', &(0x7f0000000600)={'syztnl1\x00', r2, 0x4, 0xff, 0x1, 0xfffff801, 0x8, @rand_addr=' \x01\x00', @empty, 0x7800, 0x80, 0x9, 0x8000000}}) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0xfffffffd, 0x0, 0x7ffe, 0x1b00, r0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001280)={&(0x7f0000000500)='percpu_free_percpu\x00', r7}, 0x10) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000b00)=@base={0x6, 0x4, 0x70be, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48) syz_usb_control_io$hid(r5, 0x0, 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='mm_page_alloc\x00', r8}, 0x10) syz_clone3(&(0x7f00000004c0)={0x60000, &(0x7f0000000000), &(0x7f0000000200)=0x0, &(0x7f0000000280), {0x2c}, &(0x7f0000000300)=""/78, 0x4e, &(0x7f0000000380)=""/51, &(0x7f00000003c0)=[0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0], 0x6}, 0x58) sched_setscheduler(r9, 0x2, &(0x7f0000000400)=0x80000001) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000ffa000/0x4000)=nil) syz_open_dev$ptys(0xc, 0x3, 0x1) syz_usb_control_io$hid(r5, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00222200000096231306e53f070c0000002a9000070d00be0083"], 0x0}, 0x0) r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0xbf23}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r10, &(0x7f0000000b40), &(0x7f00000003c0)=@tcp6, 0xbf23}, 0x20) timer_create(0x2, &(0x7f0000000540)={0x0, 0x3d, 0x2, @tid=r9}, &(0x7f0000000580)) 5.735337794s ago: executing program 3 (id=5112): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = syz_open_dev$vcsa(&(0x7f00000005c0), 0x4, 0x800) r1 = socket$inet(0x2, 0x3, 0x8d) setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="8e"], 0x1) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000000c0)={0x0, @local, @local}, &(0x7f0000000140)=0xc) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000000)={@private2, 0x0, r2}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000680)={'syztnl0\x00', &(0x7f0000000600)={'syztnl1\x00', r2, 0x4, 0xff, 0x1, 0xfffff801, 0x8, @rand_addr=' \x01\x00', @empty, 0x7800, 0x80, 0x9, 0x8000000}}) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0xfffffffd, 0x0, 0x7ffe, 0x1b00, r0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001280)={&(0x7f0000000500)='percpu_free_percpu\x00', r7}, 0x10) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000b00)=@base={0x6, 0x4, 0x70be, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48) syz_usb_control_io$hid(r5, 0x0, 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='mm_page_alloc\x00', r8}, 0x10) syz_clone3(&(0x7f00000004c0)={0x60000, &(0x7f0000000000), &(0x7f0000000200)=0x0, &(0x7f0000000280), {0x2c}, &(0x7f0000000300)=""/78, 0x4e, &(0x7f0000000380)=""/51, &(0x7f00000003c0)=[0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0], 0x6}, 0x58) sched_setscheduler(r9, 0x2, &(0x7f0000000400)=0x80000001) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000ffa000/0x4000)=nil) syz_open_dev$ptys(0xc, 0x3, 0x1) syz_usb_control_io$hid(r5, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00222200000096231306e53f070c0000002a9000070d00be0083"], 0x0}, 0x0) r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0xbf23}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r10, &(0x7f0000000b40), &(0x7f00000003c0)=@tcp6, 0xbf23}, 0x20) timer_create(0x2, &(0x7f0000000540)={0x0, 0x3d, 0x2, @tid=r9}, &(0x7f0000000580)) 5.664778239s ago: executing program 0 (id=5113): syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x42, &(0x7f00000000c0)=ANY=[@ANYBLOB="6673796e635f6d6f64653d706f7369782c6e6f696e6c696e655f646174612c6469736361726400aa19fd46b492dc6cf59d696e6c696e655f64656e7472792c00"], 0x1, 0x54f3, &(0x7f000000ab40)="$eJzs3M9rI+UbAPAn7XZ/f/dbRNDbDixCC5uw6XYXvVXdxR/Ypfjj4EnTZBqym2RKk6a1Jw8exYP/iSh48ujf4MGzt8WD4k1QMjPRrSgITRu7/Xxg8sz75s0zz5tD4ZkpCeDMWkx++akS1+JSRMxHxNWI/LxSHrm1IjwfEdcjYu6Jo1LO/zFxPiIuR8S1cfIiZ6V86/Oboxt3fnzz52++u3Duyhdffz+7XQOz9kJE9LaL871eEbN2ER+W841RJ4+91VEZizd6j8pxVsS9dDPPsNeYrGvk8Xa7WJ9t7w7GcavbaI5ju7OVz2/3iwsORu1JnvwDDxs7+biVbuaxM8jy2D4o6to/KP62HQyGRZ5Wme+jPH0Mh5NYzKf7abGf7Ud5bPaH5XyRN2ul++M4KmN5uWhm3VZex+ZRvun/trc6/d39ZJTuDDpZP7lTq79Yq9+t1neyVjpMV6uNXuvuarLU7o6XVYdpo7fWzrJ2N601s95ystRuNqv1erJ0L93sNPpJvV67XbtVvbNcnt1MXnvwXtJtJUvj+EqnvzvsdAfJVraTFJ9YTlZqt19aTm7Uk3fWN5KNt+/fX99494N77z94ef2NV8tFh8t6nK4mSyu3Vlaq9VvVlfryGdr/J2XRU9w/HEll1gUAnD76f2AWTnv/H/r/qThV/e+krLPa/x/D/uFI9P8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGfWDwtfvp6fLBbjK+X8/8qpZ8pxJSLmIuK3vzEf5w/lnC/zLPzD+oW/1PBtJfIM42tcKI/LEbFWHr/+/7i/BQAAAHh6ffXx9c+Kbr14WZx1QZyk4qbN3NUPp5SvEhELi4+nlG1u/PLslJLFcxFxLvanlC2/gXVxSsmKW27nppXtX5k/FC4+ESpFmDvRcgAAgBNxuBM42S4EAACAk/TprAtgNioxeZQ5eRac/+f9nw8ELx0aAQAAAKdQZdYFAAAAAMcu7//9/h8AAAA83Yrf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5n535yUoeiOACfFvoe74+RGOduxRkswyU4dGhYgJtgCbgFN8AacOYSDBjaEq3BxKS3bSTfl7SX25Afp4TJuZcUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuvRcrOaP91cPbXO2u3bS3A0AAABwzKZYzcsX02r+r75+Vl+6qOdZROQRcax3H8WvRuaozim+eH/xqYaniDJh/xm/6+NvRFzXx+t5198CAAAAnK71YjmruvXqNB26IPpULdrk/28S5WURUUxfEqXl+9NlorDy9z2Ou0Rp5QLWJFFYteQ2TpX2LaPGMPkwZNWQ91oOAADQi2Yn0G8XAgAAQJ9uhy6AYWRx2Mo87AWX/7x/3xD805gBAAAAP1A2dAEAAABA58r+3/P/AAAA4LRVz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS5tiNV8vlrO2OdtdO2nuBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Y3/eUSAEwiAM9q7vTOb+h5UGTU1NqkD4+BuDAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODN7/7yf2JqnEnmXhtLzyPJ2qmxdWrsnRtHfxhfvwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICL/XlJgRAIgiiYM/530vc/rCToGUSIgIZHFbVoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+KLf/fJ/YmqcSeZOG0vHI8naVWPrqrH3oHH0YLz9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICLnft5jaOKAwD+ZmZna6viGmUPEVHwoBe73dbWXj0owYN/ghDSbY1u/dHmYEsRcvEmOfciehQRlHjr/9BzC73UWw57iCAeI/MrmfwAt4TMbJLPB9687w6bed83CSHfeS8LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCZfLATJ9mhV8Rxee7R5r2lrH+8p888WHsyn7UsjppM+nh4vf4i6reXCAAAAKdHUtX3IYSn6fpC1se9vP5Pq/dkNf9PLxZxVc/vrfurvqr9s/bnHxuvbg/UK8bJLnp9eTy6sD+VztHNckb8u1XYc/ql//3CTn7n82cvSf4NiT9efWWS5vcz+uHhww+7eXjmqBIHAA7rfNWXQfX3UNYP20wMgFOjUyu8q/o/6bWbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEATJqvh+SqOQgjznZ0483jz3tJB/YO1J/NVu3L//lr9mtkl0hDC9eXx6EKDc5l1t+/c/WJxPB7daj54I4TQ3uhl8OkU7wmhzQwFhw3i8md9VvI5HkHLv5gAADhx0rJldf3TdH0hOxfNhbD18+76/+1aHKas/zc+u/KoPla9/h82NsPZN1i5+fXg9p277y7fXLwxujH68r2Lw/eHl65evnx1kD8rGXhiAgAAwOF0y1av/+O5/ev/52pxmLL+/+bH4Xf1sRL1/4F2Fv3azgQAAOB0e/nNf/6ODjgfdbvh28WVlVvD4rj9+mJxbCHVZ3ambPX6P5lrOysAAACgCZPVaNf6/7VaHKZc/3/hl9d+q18zCSGcLdf/zy99Nb7W3HRmWhP/Ttz2HAEAAGjX2bLV1//TfP9/vL3lIQ4hvPNWEZcfAzhV/Z989P2v9bHq+/8vNTfFmRT3i/uR9/0QOv22MwIAAOAke65sWbH/V7q+8Pnv5z7p2v8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0LT/AgAA//8Yl0ni") mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000000c0), 0x4) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, 0x0, &(0x7f0000000040)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x200000, &(0x7f0000000840)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@redirect_dir_on}, {@redirect_dir_follow}, {@lowerdir={'lowerdir', 0x3d, './bus'}}], [{@appraise_type}, {@uid_eq}]}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000006c0)={r0, 0x0, 0x0, 0x63, &(0x7f0000000000), &(0x7f00000004c0)=""/99, 0x1, 0x0, 0xfe0, 0x89, &(0x7f0000000b00)="3b0740209e4da94751a58b2315e8201e53d441afe861f6a2bc0964b0138f802f464d517fd3410be82a88cdf2f835c4f852a6ff6593a1c56b734395492ae6d76a8eb9d440a1a034fb70a7b57c27d939cceec4ed5e8cce6367de4105c07d73e83845e9e139d9db76bc1a3fa03c702b1beedf4f34d7ec47b67d9c03b17d5daa8c80a5bb4dc853db459dd12ee78481aca085dbd5b954614d6f9d746524c408b568db34649b654fa0f6fcb81cb4de7995418b054ad79ecb9c722ea16a4799f8041188d866d2361815747d4d59ac4e30f606d879d9fadb2c7f0a18920a8f1a82f21782d313db604b851124774794d35d18813acf905335fa18d71caedd6bdcd24acd9e19fc2047e2aa141c4e120a686196c719b65bd38f678e72e2c2e62823f68066e0287b2d518cfd8fc4a25ce1d5638b9f05f4aa7828a2c5ad133b670903dbfb44bfb8ad3b1dff3481dca487db4bab27f7564195097f6e17f41a2350a46b7c374428be00c9684a4ae5b6867592ea6502fae9fa4aa9b4d008980fd9e2a3f0e839587b040c507f53b108693f007cf069a2f06fc62c7601ac114c8fb62762326474f15b3bf652f95d1381e60f6c851ebc716e16dbe1c39a8337ac5c45fffb36e3bbc46ea5186581c9f953be02263b918fb8776dadb43ddab7c938b52b6bd8468c487aa2d80d5d4a6d497063cbdabecbc3d38bb57ca1f27197f6ea437c068efa815444dea2840e773807ec12d7ad92fffcfac81986e62b754c15612059012b07bc6a14296472322788af9614fe66f5a3a87b3487304d51c49f7161296a041f4e79312ac15e36660c664e46ec28d57162f80915ff5162f613c9a44ce475ba20ad2a3918335e82b5a8cc175e46bfaf73ba539c5698fdffb0b2c941eca2bfea25a67ae63240374bca7df5dcf1c397a6d59b25ac32ab210472e420181c7cadd449a7d7410d7f289b6c18a1e10cbc376ba38a0c9d41df202854dfc7c07a6027152c0392a4aab4ffbd1a9c76faf3c69ce53b6b61feaaa3bed9f051c87f76efc2b4a4993c1c381c28fa7c90b6fd6709e413f05af22cce56789262bf97dce7e5c8f09fc6802cafbf1a170741118ef3a25f31e50890c2e04a287a22da13ab368d7d1f468b040d82a180591d448ac193ae7a05505bfec2428d025e4d5fa793c8291f8e807896bffd089a0bae9c49b195d870ffd87d67fb6bfa52b16b61243e6af5ca93b144adc6a72efb72aad9bedec19bf780238244f153ce8f31111d373ffa202ce7d2693ab97c7e132b503daf59058efea1c0893119eb27ebb0746c42a3f02c2ba1aab0976a6ceb595d217118a2f5c1038920f5cecf974e14321bdb2f96fb2f0cdbd620c151c6ffe0ea909f29ad7700d5ba0092058c8ea5fea972eba50f09cca940d524a5ba7aafb00f594403d1e9b5f03ea40e3c2c8cff499ffb29a1028d1d30464554cfe488094ccb8bbfd219c2f7524e0e5c37ef438ba0ddb28b79beeb38a15b67c8c3543185638efcecd3666a38b4b9b1d5437b7b3055bd34d50dc376be1a534cdca478651b9b60a8baa917f69304dd5a444c21757aaa8d7d459333f411dffffa5ad1acd90e7e6028a368105042a25d93ae3e75df2e1527e7f7ef1ffe1a9d2388dfec581ab740c2599acdce54f987228b7ae56f41adcc65eff0ae118270931def39ba5cda4a5d51bcdabb889018029c03a3b9ac69bd4d4f70eb1565876a7c24364a2fe702f6d1cadbe8f28edcbadf80952abc18e9c3ff919c5ae0154f36ebfb617a7837ccc6f0c82668c796d2a1737edcfbd0d8659bb322f3795c204d968a3ae57b5049acb59bb6b79d0badbfc488d4d052f211c4a932a1aa53804d79ea0c7f51a100e2a34349ba7a29856c84881dddc7c9c76ef8ef5f54e0c46c49562cec5953edf27c98a32ad24dead375cc5ad10aae3e0972cfddadfe1f409791fdbf83a4a3da71fce09092b2ce8ed486d55443c5078a1cb2f60189a13b3c4f9f9ece62e8e997bcc1175f87336b72b882cd7920ed7e86a22fe61d168e21002e95f87387089b213ae378dcb87a0138a144eaf36f6c9b563426572dfbc8b3e018267d5bacb4e1b06961db6530f8292ec9d6007eeb9fa67a3b82b59227e3e81327edaf09a2b2ead0e43996fdee4fcf4cb4e6a44dd7ab859393645fb8766535680bb7c3fe421d2f73653dc3bff9d5930b1c52e15120aa30b44be898c0e8b691e73406ddcb9f5ff592a3b811a493c341d301f74e4ea50c11572d8f87a2ecbba520388f392ec8f3016d84411da8feb898e39655fe476b91688f1a7e7ce14326fceeed6092fda1175f7d23927c1ba839bdf1595a884f0d9200dbcab488816d453d484dc0bf77b0aa8ecbde4d375a8f858e0ea2b9d7538813be2d1338f16c1cbb0879352f40e8cd6cca23ff074a817dbe49cb172429fc50e14de743b05e236936c0956b9656caf369c66c030e35d68e246c1bf069691fb83f622026498ff08c17ef194ec8f09da1737e92d3563af654817db5e27be6362c2d2dcf4025e66362dd407e5d3656376bc7e53fef6eaebc09323ff0f19ccfc59a46c0e920cffa110f6ac0a971a3bd5d7556f45f9b4ede6a8bc39e847511c1bd4c358ab1aa8d7c1036301e22e8502e394a06878a8ffa55786b12236db60b31adaca4eed245e9ddd0cbf132f503e3ec8981500cb8d9c6331798fac3079cac251bd27169528fe73bafbd528c3e3ed24595ce5f3301bd6df8d13be86fc3b4d248dc547774563ad63d96ae6f4afa58f9e5c4addb00b0a9acdb1c3f6aa6dbee018912f37babd395cee5f87f9dfee05c15e3aca0f4bcbfe42440f1d538c5951b41ea998ffaf3e31ff90fbe77c960bbba8f38cb07a1d71fe13da81724f889a89b1b42118b20f920c2b97350857681ab4adaef6e3fc74f67b3b8019fdd6416e1c2482ac6a4061e1a66479baa85bd1258176ef77b797cf62a4afb342a0a3899897f7122a8fc1bd130e251e0064d73d7c671241a646f36066feb418a6a60057dd2088c9e06e5cf991aeeeeb2ccdda07b2f24790973cbdb18540f09a8d6a55ffd4e47e5350c33b10558a072871bce29e1f70e7978c57bc7040d0ba08ccf73ff268d358c21eaa1e0b661904510e48ce108a752ee0010d056e5f897577f3b4e4753e04f57405055156a1b2f268d1f423b59933c80ff2b2953f9ce6612ea8e313d8e583be564f13fa0cf86736ca5ae3612801255dab99b441ec6d23156549f4405d8037592e2c0dec6ceea57d3aac5d32c72bed7dc040f7e5543f8280d3af00fce4199d074d63f508cae921711db6bd59ef9827719121d2f6a7321289b1d2acef1d803c2808dafbbdc9c1c73daecc142f951e751700fc41b7baea4861c483487cb29b942585b46919d054794d1a4ec48a083da095fc40acdcb0f89899dabbcfe1c916ccbf43fa4b98cc438230a1ab74166086ff20443aa632811a0a67edc12df6dae5608d037c4fa0579ae9a87b0c20091210ede64c66cf1296a465be6bd7bf7b04ebfb3839cacb4bf282ae275284a2d803c57c43ce0c2a162cd44e1633e26190643f540619cd29c93a588b5a1c1a8e0be7bcd2a807a335073a18df46c3de196a6d535e49db70d12b87400a86eec020f8eff31fd5b568f9bdf76789633efe92f7a0860c061eff78b2929d9c70d05ba8d0eaf9eaeb32177340c4b92b65802b1a39a3315c362b3a218234d921b385a94f42fad9393fb4c955192fc7e591cf110bacba2ed0394829ae5149b715df96dcdaa0877739431c69a0de104b8ff967182515f81462233256811ece675d0254730791175a9dbc370b821b0b60f34583524f0daf088e114ac40c63558f3f286852a86b7331f7b2334a6fa017464f025f210c77d642a9b7d6aac3b8b4358340eb29a1c73df7339bcf76788cc1438338b4ccea92bcf843df9491473a6ba6db6697f0c4ffbfe516fb8261799a0a1b128417135a7064cb15a4c6b1c1307d532d20450cac39f4d2823e4ad8864f8b10c5828aa3b49636f4f893dacaca506fba69f24523225880e45e1bf8c194a85f88fecb19b36f81c66ea8313a460170393bfff5b0639c323ac88f07cfdf7c0def57fe96fd89e9acc33222675bc2b5b207d545104e1c53d2c8a7aca07a300ef290dc47e98ea7c9ceca247e86a711627bc741cc9db0146204ae1f95f355055d3850d0e10ee4f16225214382969722b95bdcc29e92119771e42c141f8f0d9c8bb75d9df103aba0cf5af707577d66ac6430048093695113bb04b576d89608838774b15cdf5dfcab1b7aee0ab677861b1f34d0537424e438d34b29bc18880a4ac3c854760ec927c5e7afd520722a67c211c134f3b38d90471c6c9152a1521b85d457e4d3019907f487b125e01abc09162478c2293828173d8bc86ba338c69ff4d0e724add09dd4a6c38697e4ea67d9229adf00dae31ae597cf574ea906bfe47f5d4b991872b3d3d9ddf99589125a78a10b035df9eedd672e72c9afe307d7d05580ad299148841ee113f468c4adcb9ff2e291803d5d18353788a4b8a50fb09e1a523734f2a75cc8da5e1535fa55b13d76978211828476b834345cfe6a73376ffc4be913c2646db31d343c12fc4d57a8bbfdc57e637d97e0765156d2304a63e7178a748b848a0a817629a32927aa1afc999245ec0e6f23d1043c22d57bb6ed7318261aa5d398f77733367243a7cd635c06be2957939e671bc0215ad1dcd2a564d7722917840602be9ccee2af3b1a880cdf4e889d6813ecb2a9bbb5b8598bda327192f5bc4561ece4f1d038b0af72dd57d73f4c8e0014688ea9a6736baee06cd942bca4ea136f0a2e30183412545ddd61b5afca9ec648b7c07003c2dc17c75d330ef08614237c69711bb4b9bea876d2a29ab5e06783839db73139a4d8b6d0a69d249b322a8ef866dba4b95f0360e64a069f9a9b6324e867b0650c88edc4f21590a98476da001981f091d1079f20c1df0a15ae53ce68d2b27a16f00cd3bfacc797b7be8ea1b64cfc3fba351b7b40b6f185498341c658224a2ef38ad7c2bf1aff2049d1f316dd1d441533296d7658125e103c6402ed4475aa9ef92762966336daffd7ce0bb748a73a17db2b2862395a4951c91776a9aafd57267991746987c1131b8453ffd56cc61097de2499b06ec101f541b67349307a4615c84cf9f4c9278d281baf83c28cc94c3e76498b93ddd9483eeb13f1a8ada0ff413aaca986c3b66963361d949da05f40bc482129b2e6c3c0635787b2af4c4b8396fce4205cf76f16d78371da9e381158447ab7c189c31eb9c937f3ac1d0d99ee0e9afbf7f81a10dab953eb33a3d5e8bc319e5e9211f01f7ac69bbcd270b8ed70a0735b80ea9708a2348ab2d7e506ecf1938e1b58c1817b3cba8a594ebbfede8223c85efdc07b01451bd770b8446da4fb147d08c0c218704875b7cbe375ab43c578499027c7f99f724a6c1587c551a228c7d3253a5ee3caef86edad3c7f34d087b07931fd68bcad3150dc4d92fb33b57edd501cba9c1392bdbcbdda300e44809724d3f0fa15775c442a1b5c6c46e237e1895c3a9091b23c8383d634f72750f3e51c6fc11b6876833e1fa1043b75aea05f8c002d4bd4a14bc348a1ceaafcb19d11fa680dd9734ec0f642065d440811392085673594cfdfd4b6ee06c00fdaa2a0aff1eafe23706a2fe80c85dcedbf8c07b81e16df1e5c45f78280592e8a09fc9db93c45512ab9d94d5279b711c105fd125e9c652d1a395179ab3cea6b2a6b68949422dd32e41fa228186145cc73cdb465aa36ed1", &(0x7f0000000540)="9c8a987f8bfd3e0a8042c4fb7d008f9fbab6297457c5ef2cc211031f594ad4e2fbe228ae42e13fb2d7dd4625827df79b712b3078ea0f11d1b88a5da4e31775227d57c709e1e49a0bc8cc6eaa0bed103c88d3c5b51e1fc3fce9b1bb037883354b2bfe5072717bde67305d6c92d8486c3a5c457479ca1a417c2d224e01f01ce484440b6480879a674826", 0x2, 0x0, 0x9}, 0x50) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]}) 5.64655301s ago: executing program 4 (id=5107): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file1\x00', 0x8, &(0x7f0000000480)={[{@dots}, {@dots}, {@nodots}, {@nodots}, {@dots}, {@nodots}, {@nodots}, {@nodots}, {@nodots}, {@fat=@flush}, {@dots}, {@dots}, {@fat=@flush}, {@fat=@gid}, {@fat=@nfs}, {@dots}, {@fat=@tz_utc}, {@dots}, {@fat=@discard}, {@fat=@errors_remount}, {@fat=@sys_immutable}, {@dots}]}, 0xfd, 0x1bf, &(0x7f0000000680)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa") bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, 0x0, 0x0, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800003f0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549cab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9d0000000094bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b992ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e6255a2e5cd64402a4de537bf113fc7370099e4faebe3f8803d000000004c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2000000000000000000000000632ff0fa874ac0769142daca624cb4e0206734b6ed975359c4c61af929e56449437f109207ab97933bfa547d54f09f318a621c0180844af3362417ea3266d51c40f1f6abeaa2e90ce22d20600e22cd20de", @ANYBLOB="d23c17f6ec95b3b885b061be4d1d842e4a63ec77a88347691f71d1e41301cf3df73c16fd088806b677d36dfdfecb4a080900060031622d37a921b1c072bdbff76ef2fed6da828ab4e0f87928c18c0380050249fb6a2be8b8ea56db5b017149cfa27eb8080778c490a639625353dde9d1c6d1e69c8f629356c70f7c3b140340ce0d51592813652003977d21460538702c7a359af24a7cd83ee44c1c69a7abd35b7d27fe6f33ed371b3db09d05553843a2ae2fc8b1246690dd9db1b67e10fbeea0f8a5045a9f351faac4ffcb8f9a57b03f295c9517551310dda73d40c81eabda5628dc79bf012d0b37b49a05b0d275d46b97c4d8b237341491a2de17488a4fb9b18bf56c96c4ee499a69841d03c75e5837b20cdd1400d9d6d6fb17f88178adc14763fab9740607eccb9a03dee8abf7639e2f9530593b41172f8261bca7a34acd8eff67d25e03ac7532262f5c1256b5ba7bbb5a9966aaf4dddcf9000000000000"], 0xf, 0x2a6, &(0x7f0000000a00)="$eJzs3c9qK2UUAPAz+deoiwRxowgO6MJVuXXrplGuIHalRFAXGrz3giThwi0ErGDsqk/g0vfwEdy48Q0Et4K7dlEZmcxMk9CkrTWm0Pv7rQ7zzTlz8n0lXeXMV6+Ph4+eJnF8+nu020nU9mM/zpLoRi0qP0QjAID74yzL4q/sNpmN2ua7AQC2ofj/X7jrXgCA7fjks88/6h0cPPw4Tdvxaudk0k8iYnwy6RfrvSfxTYzicTyITpxHZBeK+IMPDx5GI811463xdNLPM8df/lrW7/0ZMcvfi050V+fvpYWF/Omk34wXI43ek2bVaideWZ3/zor86Lfi7TcX+t+NTvz2dTyNUTyKPHee//1emr6f/Xj63Rf5Y/L8pBb9ndl9c1l9m+cCAAAAAAAAAAAAAAAAAAAAAMD9tpumSTG+Zza/J79Uzt+pn8/Wd9NKd3k+T5GfVIWK+UBZlCN6pln8VM3XeZCmaVbeOM9vxGsNLxYAAAAAAAAAAAAAAAAAAACA3OG3R8PBaPT42UaCahpA9bP+29bZX7jyRhwNB/X1BXdu/qzFaQN5r1feHI1GbGhbrgteyPvZeOWd+eF+GkVQHcy/L9hcn/Xye0XRo+EgLZeqTR4Okuue1a4O7ufFpVb8103IZn8S59nymbYvWl3Oam1o51svrVz6O8uym9V594/ijMoryWzExs2e3iyDlR8wD9qXz+KX9QXXfmXUN/LFAwAAAAAAAAAAAAAAAAAAXDL/0e+KxeMrU2v/W1MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGXz9/9XQTsilq9cCqZl8lX3lEErnh3e8UcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgOfBPAAAA//8s7E5o") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000006c0)={{r0}, &(0x7f0000000500), &(0x7f0000000680)}, 0x20) getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000000300)={'filter\x00', 0x4e, "9fad78894fbd1437c691a5c343a3d0d18dbc195b6791f3038246cc6e1e71dd4de22d1708c995b09db3f0b20383fab1553582a023f8ed94e7dc62a49181916c372d74d387daad157318ecfe491fa5"}, &(0x7f0000000000)=0x72) syz_clone(0x630c0700, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2) 4.468236948s ago: executing program 4 (id=5114): syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x42, &(0x7f00000000c0)=ANY=[@ANYBLOB="6673796e635f6d6f64653d706f7369782c6e6f696e6c696e655f646174612c6469736361726400aa19fd46b492dc6cf59d696e6c696e655f64656e7472792c00"], 0x1, 0x54f3, &(0x7f000000ab40)="$eJzs3M9rI+UbAPAn7XZ/f/dbRNDbDixCC5uw6XYXvVXdxR/Ypfjj4EnTZBqym2RKk6a1Jw8exYP/iSh48ujf4MGzt8WD4k1QMjPRrSgITRu7/Xxg8sz75s0zz5tD4ZkpCeDMWkx++akS1+JSRMxHxNWI/LxSHrm1IjwfEdcjYu6Jo1LO/zFxPiIuR8S1cfIiZ6V86/Oboxt3fnzz52++u3Duyhdffz+7XQOz9kJE9LaL871eEbN2ER+W841RJ4+91VEZizd6j8pxVsS9dDPPsNeYrGvk8Xa7WJ9t7w7GcavbaI5ju7OVz2/3iwsORu1JnvwDDxs7+biVbuaxM8jy2D4o6to/KP62HQyGRZ5Wme+jPH0Mh5NYzKf7abGf7Ud5bPaH5XyRN2ul++M4KmN5uWhm3VZex+ZRvun/trc6/d39ZJTuDDpZP7lTq79Yq9+t1neyVjpMV6uNXuvuarLU7o6XVYdpo7fWzrJ2N601s95ystRuNqv1erJ0L93sNPpJvV67XbtVvbNcnt1MXnvwXtJtJUvj+EqnvzvsdAfJVraTFJ9YTlZqt19aTm7Uk3fWN5KNt+/fX99494N77z94ef2NV8tFh8t6nK4mSyu3Vlaq9VvVlfryGdr/J2XRU9w/HEll1gUAnD76f2AWTnv/H/r/qThV/e+krLPa/x/D/uFI9P8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGfWDwtfvp6fLBbjK+X8/8qpZ8pxJSLmIuK3vzEf5w/lnC/zLPzD+oW/1PBtJfIM42tcKI/LEbFWHr/+/7i/BQAAAHh6ffXx9c+Kbr14WZx1QZyk4qbN3NUPp5SvEhELi4+nlG1u/PLslJLFcxFxLvanlC2/gXVxSsmKW27nppXtX5k/FC4+ESpFmDvRcgAAgBNxuBM42S4EAACAk/TprAtgNioxeZQ5eRac/+f9nw8ELx0aAQAAAKdQZdYFAAAAAMcu7//9/h8AAAA83Yrf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5n535yUoeiOACfFvoe74+RGOduxRkswyU4dGhYgJtgCbgFN8AacOYSDBjaEq3BxKS3bSTfl7SX25Afp4TJuZcUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuvRcrOaP91cPbXO2u3bS3A0AAABwzKZYzcsX02r+r75+Vl+6qOdZROQRcax3H8WvRuaozim+eH/xqYaniDJh/xm/6+NvRFzXx+t5198CAAAAnK71YjmruvXqNB26IPpULdrk/28S5WURUUxfEqXl+9NlorDy9z2Ou0Rp5QLWJFFYteQ2TpX2LaPGMPkwZNWQ91oOAADQi2Yn0G8XAgAAQJ9uhy6AYWRx2Mo87AWX/7x/3xD805gBAAAAP1A2dAEAAABA58r+3/P/AAAA4LRVz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS5tiNV8vlrO2OdtdO2nuBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Y3/eUSAEwiAM9q7vTOb+h5UGTU1NqkD4+BuDAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODN7/7yf2JqnEnmXhtLzyPJ2qmxdWrsnRtHfxhfvwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICL/XlJgRAIgiiYM/530vc/rCToGUSIgIZHFbVoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+KLf/fJ/YmqcSeZOG0vHI8naVWPrqrH3oHH0YLz9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICLnft5jaOKAwD+ZmZna6viGmUPEVHwoBe73dbWXj0owYN/ghDSbY1u/dHmYEsRcvEmOfciehQRlHjr/9BzC73UWw57iCAeI/MrmfwAt4TMbJLPB9687w6bed83CSHfeS8LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCZfLATJ9mhV8Rxee7R5r2lrH+8p888WHsyn7UsjppM+nh4vf4i6reXCAAAAKdHUtX3IYSn6fpC1se9vP5Pq/dkNf9PLxZxVc/vrfurvqr9s/bnHxuvbg/UK8bJLnp9eTy6sD+VztHNckb8u1XYc/ql//3CTn7n82cvSf4NiT9efWWS5vcz+uHhww+7eXjmqBIHAA7rfNWXQfX3UNYP20wMgFOjUyu8q/o/6bWbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEATJqvh+SqOQgjznZ0483jz3tJB/YO1J/NVu3L//lr9mtkl0hDC9eXx6EKDc5l1t+/c/WJxPB7daj54I4TQ3uhl8OkU7wmhzQwFhw3i8md9VvI5HkHLv5gAADhx0rJldf3TdH0hOxfNhbD18+76/+1aHKas/zc+u/KoPla9/h82NsPZN1i5+fXg9p277y7fXLwxujH68r2Lw/eHl65evnx1kD8rGXhiAgAAwOF0y1av/+O5/ev/52pxmLL+/+bH4Xf1sRL1/4F2Fv3azgQAAOB0e/nNf/6ODjgfdbvh28WVlVvD4rj9+mJxbCHVZ3ambPX6P5lrOysAAACgCZPVaNf6/7VaHKZc/3/hl9d+q18zCSGcLdf/zy99Nb7W3HRmWhP/Ttz2HAEAAGjX2bLV1//TfP9/vL3lIQ4hvPNWEZcfAzhV/Z989P2v9bHq+/8vNTfFmRT3i/uR9/0QOv22MwIAAOAke65sWbH/V7q+8Pnv5z7p2v8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0LT/AgAA//8Yl0ni") mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000000c0), 0x4) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@nfs_export_on}]}) 3.978985694s ago: executing program 0 (id=5116): socketpair$tipc(0x1e, 0x2, 0x0, 0x0) socket$packet(0x11, 0x2, 0x300) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x10) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x2, 0x13, 0x0, 0x0, 0x5, 0x0, 0x0, 0x25dfdbfe, [@sadb_address={0x3, 0x5, 0x6c, 0x20, 0x0, @in={0x2, 0x4e21, @multicast1}}]}, 0x28}}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='net/tcp6\x00') preadv(r6, &(0x7f0000000340)=[{&(0x7f0000000280)=""/173, 0xad}], 0x1, 0xfffffffc, 0x0) 3.915225999s ago: executing program 2 (id=5117): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180800000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = getpid() sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mremap(&(0x7f00003d1000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000b04000/0x4000)=nil) r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) close_range(r7, 0xffffffffffffffff, 0x0) 3.862825672s ago: executing program 1 (id=5118): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = getpid() sched_setscheduler(r2, 0x0, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) ioctl$TIOCGWINSZ(0xffffffffffffffff, 0x5413, &(0x7f0000000280)) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r5) mkdir(&(0x7f0000000000)='./control\x00', 0x0) unlinkat(0xffffffffffffffff, 0x0, 0x0) rmdir(&(0x7f0000000040)='./control\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000002680), 0x0, 0x0, &(0x7f0000002780)) pipe2$9p(0x0, 0x0) dup(0xffffffffffffffff) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) socket$nl_route(0x10, 0x3, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f00000001c0), 0xfffffdef) socket(0x10, 0x803, 0x0) 3.277679666s ago: executing program 4 (id=5119): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x0, 0x400, 0x9, 0x1}, 0x48) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file1\x00', 0x8, &(0x7f0000000480)={[{@dots}, {@dots}, {@nodots}, {@nodots}, {@dots}, {@nodots}, {@nodots}, {@nodots}, {@nodots}, {@fat=@flush}, {@dots}, {@dots}, {@fat=@flush}, {@fat=@gid}, {@fat=@nfs}, {@dots}, {@fat=@tz_utc}, {@dots}, {@fat=@discard}, {@fat=@errors_remount}, {@fat=@sys_immutable}, {@dots}]}, 0xfd, 0x1bf, &(0x7f0000000680)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800003f0000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549cab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9d0000000094bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b992ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e6255a2e5cd64402a4de537bf113fc7370099e4faebe3f8803d000000004c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2000000000000000000000000632ff0fa874ac0769142daca624cb4e0206734b6ed975359c4c61af929e56449437f109207ab97933bfa547d54f09f318a621c0180844af3362417ea3266d51c40f1f6abeaa2e90ce22d20600e22cd20de", @ANYBLOB="d23c17f6ec95b3b885b061be4d1d842e4a63ec77a88347691f71d1e41301cf3df73c16fd088806b677d36dfdfecb4a080900060031622d37a921b1c072bdbff76ef2fed6da828ab4e0f87928c18c0380050249fb6a2be8b8ea56db5b017149cfa27eb8080778c490a639625353dde9d1c6d1e69c8f629356c70f7c3b140340ce0d51592813652003977d21460538702c7a359af24a7cd83ee44c1c69a7abd35b7d27fe6f33ed371b3db09d05553843a2ae2fc8b1246690dd9db1b67e10fbeea0f8a5045a9f351faac4ffcb8f9a57b03f295c9517551310dda73d40c81eabda5628dc79bf012d0b37b49a05b0d275d46b97c4d8b237341491a2de17488a4fb9b18bf56c96c4ee499a69841d03c75e5837b20cdd1400d9d6d6fb17f88178adc14763fab9740607eccb9a03dee8abf7639e2f9530593b41172f8261bca7a34acd8eff67d25e03ac7532262f5c1256b5ba7bbb5a9966aaf4dddcf9000000000000"], 0xf, 0x2a6, &(0x7f0000000a00)="$eJzs3c9qK2UUAPAz+deoiwRxowgO6MJVuXXrplGuIHalRFAXGrz3giThwi0ErGDsqk/g0vfwEdy48Q0Et4K7dlEZmcxMk9CkrTWm0Pv7rQ7zzTlz8n0lXeXMV6+Ph4+eJnF8+nu020nU9mM/zpLoRi0qP0QjAID74yzL4q/sNpmN2ua7AQC2ofj/X7jrXgCA7fjks88/6h0cPPw4Tdvxaudk0k8iYnwy6RfrvSfxTYzicTyITpxHZBeK+IMPDx5GI811463xdNLPM8df/lrW7/0ZMcvfi050V+fvpYWF/Omk34wXI43ek2bVaideWZ3/zor86Lfi7TcX+t+NTvz2dTyNUTyKPHee//1emr6f/Xj63Rf5Y/L8pBb9ndl9c1l9m+cCAAAAAAAAAAAAAAAAAAAAAMD9tpumSTG+Zza/J79Uzt+pn8/Wd9NKd3k+T5GfVIWK+UBZlCN6pln8VM3XeZCmaVbeOM9vxGsNLxYAAAAAAAAAAAAAAAAAAACA3OG3R8PBaPT42UaCahpA9bP+29bZX7jyRhwNB/X1BXdu/qzFaQN5r1feHI1GbGhbrgteyPvZeOWd+eF+GkVQHcy/L9hcn/Xye0XRo+EgLZeqTR4Okuue1a4O7ufFpVb8103IZn8S59nymbYvWl3Oam1o51svrVz6O8uym9V594/ijMoryWzExs2e3iyDlR8wD9qXz+KX9QXXfmXUN/LFAwAAAAAAAAAAAAAAAAAAXDL/0e+KxeMrU2v/W1MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGXz9/9XQTsilq9cCqZl8lX3lEErnh3e8UcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgOfBPAAAA//8s7E5o") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000006c0)={{r0}, &(0x7f0000000500), &(0x7f0000000680)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x10) getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000000300)={'filter\x00', 0x4e, "9fad78894fbd1437c691a5c343a3d0d18dbc195b6791f3038246cc6e1e71dd4de22d1708c995b09db3f0b20383fab1553582a023f8ed94e7dc62a49181916c372d74d387daad157318ecfe491fa5"}, &(0x7f0000000000)=0x72) syz_clone(0x630c0700, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2) 3.169425284s ago: executing program 2 (id=5120): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f0000000840)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x7d}}, {@test_dummy_encryption}, {@resgid}, {@delalloc}, {@usrquota}], [{@dont_appraise}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRESDEC=r2, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x20000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) bind$unix(0xffffffffffffffff, 0x0, 0x0) fsopen(&(0x7f0000000000)='tmpfs\x00', 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000280)='system.posix_acl_access\x00', &(0x7f0000000dc0)={{}, {0x1, 0x2}, [], {}, [{0x8, 0x7}], {0x10, 0x1}, {0x20, 0x2}}, 0x2c, 0x3) ioctl$EXT4_IOC_GETSTATE(0xffffffffffffffff, 0x40046629, 0x0) r4 = open(0x0, 0x14113e, 0x0) write$binfmt_script(r4, 0x0, 0x0) r5 = fsopen(&(0x7f0000000080)='sysfs\x00', 0x0) fstat(r5, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x810412, &(0x7f0000000780)=ANY=[@ANYRES32=r7, @ANYBLOB="749235c63bc001e29d7d09ef375f63128afacfe8f0ceeecb4e9488820a629fbf61482e779fe677d802f4fdfb224c8e9d9df582f661c26d2970f7ab1e0f14f11584b083ba27367e9700cdb013122b6f2409000000005e9299d7a3ffff531126f8c5b59b3e9a83964da1c7aeb1e1", @ANYRES32, @ANYRES16=r5, @ANYRES32, @ANYRESOCT=r6, @ANYRESHEX=r7, @ANYRESOCT], 0x2, 0x1eb, &(0x7f0000000900)="$eJzsmb/P0kAYx7937Qvv+8YYXRxcHHyNr1FKW9SwEIOJuwn4a5NIIWgBAzUBEhOJC4ujg4mr/4CDA5ODm5urDmpi4iCjc81dj7a0WPHHoPH5JFy/z91zz91zLU8TAEEQ/y0fP3x9/+hiuX4GwAHsIa/6P2uRD4/5v3ty7/TjyqWnz98+e9U7eH+ejMcA+P7m6+8AeFnV4AXmg63E+J661sFDfQUcp5S+BoYTSt8Ex1WlHTDcUPp2TPd3lHAd41bfbbY6rmOKxhKN3dIS6+sAFlOGJoBtmZvvs9j4cDy503BdZ5AUW/5yndTQJiKHaHrW+cn9VTkqyhb7E/fr+uzhVNiG6jdj52eBw1K6BIaa0mXkYRhGdCSx/I/qUXwtK3+WTgns5/PPEjik7vGPnA8XVnou/NltkPhHReoRFV/osOfIYv46PevT37L5XxCycAFIDb3Z/b3IyyK11ieqT0wHTsbqkw49rB9Fr3u3OBxPCp1uo+20nZ5tl86bZ03znF2UhShoM+rftqxPu7H4yXfIkhzLYdTwvIE1AryBFdp20EYJoPai/0XO4bL+cewfD2KIR0WmnV+/BlMfLq9C7SdfKQRBEARBEARBEARBEARBEBszW7GOgclfQdUfVf53sC9L728BAAD//8J6XIQ=") r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fadvise64(r8, 0x0, 0x0, 0x3) 3.049616263s ago: executing program 0 (id=5121): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES64=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r3}, 0x10) setitimer(0x2, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='io.stat\x00', 0x26e1, 0x0) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) bind$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4}, 0xe) connect$bt_l2cap(r4, 0x0, 0x0) setsockopt$bt_BT_SECURITY(r4, 0x112, 0x4, 0x0, 0x0) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x0, @any, 0xfffa}, 0xe) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x2a}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0xe, 0x0, &(0x7f0000000480)="1f6c00c2231bc4cb50017d870800", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r7 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000994bd740f60d5600b5a0000000010902120001000000000904"], 0x0) syz_usb_control_io$printer(r7, 0x0, &(0x7f00000005c0)={0x34, &(0x7f0000000240)={0x20, 0x12, 0xbf, "7687c59daa0f15f8b0c6b5002f473d883621c24480c5de8a679b862ee9e92bbc9d7779f61ca3c26fbe3fc9619395216be699428eab1c17686c5d0b25d5abe91a72ad06520e8a4028b52e414c7a7803c0284c8fc555e9857a770d507689626ad9fe61d09318b120870b906931b02ee002699e34716bb15f925c858138f34ac6b2e5f58ca0895bf0d3da21adc3c8df113304f12256f10c109cda752e3f2ac1e4b6498a858dd1fbfbed5d011bc4ea719f881b250072808f2b008db40a6081ba04"}, &(0x7f00000003c0)={0x0, 0xa, 0x1}, &(0x7f0000000400)={0x0, 0x8, 0x1, 0x5}, &(0x7f0000000cc0)=ANY=[@ANYBLOB="2000cc00000000cae16f7491621230ed4598432fe21ec31f89cb4fa6729f526aca4f774f260eb3d5330382ee02de00c0d864de031b473060d8ced87edf71b0303f810ece99f4e570fd9e7b1e5cb5a58635c7e9f6baa2f9bc510cbcc51f4ce8a0a54efdd1b4a6eecc693f70bdd66c404f1d2913407e8ce0b8b9f01538d7f7580e0e6989f7cc9ed253e8e95bad97a3e683f3d480a022cb0c25945a7ad6d82ad2441dfa91df725aa8734c529d0bb7d1190e4c9c6faca1729b93a8ef4c40bd72bcf98f105d18d32560003331ba9b9926fb681f7bb8826372308e8c4a50c67fcdc8e459e1fd58a389728f6a485067d94386b06a41bede1dde9bbed6c85414523969f2ab452c12ec9ec74c250debc49f3452626d574fc203b94f70704d4c81aae102db6955f70ad30977"], &(0x7f0000000540)={0x20, 0x1, 0x1}, &(0x7f0000000580)={0x20, 0x0, 0x1, 0xb}}) syz_usb_control_io$cdc_ncm(r7, 0x0, &(0x7f0000000340)={0x44, &(0x7f0000000140)=ANY=[@ANYBLOB="17000600000061e1248a9986"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r7, &(0x7f0000000180)={0x14, &(0x7f00000000c0)={0x40, 0x11, 0x5f, {0x5f, 0x21, "8ddece344d77188a13858adfd77c7980709457b9348930364566cad9220c3bc585f1617e832327b5d7b87c100e814630a038fe41503066a261bea7d30006d4b90056c2af092fa569e558418b6b9981f9299a2047706c4e44bab5ae4e43"}}, &(0x7f0000000140)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000280)={0x0, 0xa, 0x1, 0x3}, &(0x7f00000002c0)={0x0, 0x8, 0x1, 0xf}, &(0x7f0000000300)={0x20, 0x80, 0x1c, {0x101, 0x9, 0x4000000, 0x8, 0x1, 0x40, 0x1, 0x8, 0xfffe, 0x15, 0x458a, 0xc0ea}}, &(0x7f0000000340)={0x20, 0x85, 0x4, 0x5}, &(0x7f0000000380)={0x20, 0x83, 0x2}, &(0x7f00000003c0)={0x20, 0x87, 0x2, 0x1}, &(0x7f0000000400)={0x20, 0x89, 0x2}}) syz_usb_control_io$uac1(r7, &(0x7f00000008c0)={0x14, &(0x7f0000000700)={0x0, 0x2a, 0x63, {0x63, 0x1, "e9d953476826dc0c5a49c688e02c1e93093a21be2c70401647e0acb7bfa581d34aa0be56bd66afb53de347347f861f499f9260b88bf5b8b91b4f1ce82562d9734c9ba41c5905eede836ef5e7315bb2277eb2692fb8ad7fe49266263ce52db7968b"}}, &(0x7f0000000780)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x424}}}, &(0x7f0000000c40)={0x44, &(0x7f0000000a40)={0x0, 0x30, 0xbd, "c01b9870364f4619146b070791c7e2011d219d31eb062a579369a2302419793646e2984dcf38a191c88a0d3985450275a54c7f5ec03abe1057153b942d0708e7aa9e8f4a3f07e13c745784588970d18ca09dffb9f0851dfa43ec1a4445f49e01628b52d3178ca3b4d7af475d338a6b3300ad8dbd16a8d26f00fdb8f67348573d76b969a7fdb3dd0de4447ead970b86af04c8dcd12ec542aec2c9ddaee95f0c859c93962cbc0a7190dc59713629394b3b4dde243888e571acb758fc27e7"}, &(0x7f0000000900)={0x0, 0xa, 0x1, 0x81}, &(0x7f0000000940)={0x0, 0x8, 0x1, 0x6}, &(0x7f0000000600)={0x20, 0x81, 0x2, "9cfc"}, &(0x7f0000000b40)={0x20, 0x82, 0x3, "06c0eb"}, &(0x7f0000000b80)={0x20, 0x83, 0x2, "9ec2"}, &(0x7f0000000980)=ANY=[@ANYBLOB="9d20c207f7f6da0100000021"], &(0x7f0000000c00)={0x20, 0x85, 0x3, "d50800"}}) connect$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.memory_pressure_enabled\x00', 0x0, 0x0) dup3(r1, r5, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x7, &(0x7f0000000040)=0x6, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x3654}]}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='lp\x00', 0x3) 2.904422824s ago: executing program 1 (id=5122): unshare(0x22020400) socket$unix(0x1, 0x1, 0x0) unshare(0xa030500) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) (fail_nth: 2) 2.269359661s ago: executing program 1 (id=5123): unshare(0x40000200) socket$unix(0x1, 0x1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffff8, 0x0) unshare(0x6030080) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000280)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10) r4 = syz_open_procfs(0x0, &(0x7f0000000bc0)='environ\x00') preadv(r4, &(0x7f0000000380)=[{0x0}, {&(0x7f0000000040)=""/99, 0x63}], 0x2, 0x0, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) 2.236490244s ago: executing program 1 (id=5124): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = syz_open_dev$vcsa(&(0x7f00000005c0), 0x4, 0x800) r1 = socket$inet(0x2, 0x3, 0x8d) setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="8e"], 0x1) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000000c0)={0x0, @local, @local}, &(0x7f0000000140)=0xc) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000000)={@private2, 0x0, r2}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000680)={'syztnl0\x00', &(0x7f0000000600)={'syztnl1\x00', r2, 0x4, 0xff, 0x1, 0xfffff801, 0x8, @rand_addr=' \x01\x00', @empty, 0x7800, 0x80, 0x9, 0x8000000}}) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0xfffffffd, 0x0, 0x7ffe, 0x1b00, r0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001280)={&(0x7f0000000500)='percpu_free_percpu\x00', r7}, 0x10) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000b00)=@base={0x6, 0x4, 0x70be, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48) syz_usb_control_io$hid(r5, 0x0, 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='mm_page_alloc\x00', r8}, 0x10) syz_clone3(&(0x7f00000004c0)={0x60000, &(0x7f0000000000), &(0x7f0000000200)=0x0, &(0x7f0000000280), {0x2c}, &(0x7f0000000300)=""/78, 0x4e, &(0x7f0000000380)=""/51, &(0x7f00000003c0)=[0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0], 0x6}, 0x58) sched_setscheduler(r9, 0x2, &(0x7f0000000400)=0x80000001) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000ffa000/0x4000)=nil) syz_open_dev$ptys(0xc, 0x3, 0x1) syz_usb_control_io$hid(r5, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00222200000096231306e53f070c0000002a9000070d00be0083"], 0x0}, 0x0) r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0xbf23}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r10, &(0x7f0000000b40), &(0x7f00000003c0)=@tcp6, 0xbf23}, 0x20) timer_create(0x2, &(0x7f0000000540)={0x0, 0x3d, 0x2, @tid=r9}, &(0x7f0000000580)) 2.00898112s ago: executing program 4 (id=5125): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'syztnl1\x00', &(0x7f00000001c0)={'gretap0\x00', 0x0, 0x7800, 0x1, 0x5, 0x329, {{0x3e, 0x4, 0x0, 0x5, 0xf8, 0x64, 0x0, 0x3c, 0x2f, 0x0, @empty, @rand_addr=0x64010101, {[@cipso={0x86, 0x6d, 0x0, [{0x1, 0x11, "3e9b063474acb059167231a2da02cd"}, {0x1, 0xc, "55910ea1dbb0371aa2a8"}, {0x0, 0x5, "15388c"}, {0x1, 0x7, "4472c282c9"}, {0x6, 0x10, "003cf6c456f7311d49bea9a3af18"}, {0x1, 0xc, "4828196f3e9dba84bf5a"}, {0x7, 0x4, "a4ad"}, {0x2, 0xe, "e22857daf629ffd9a2ea4ad8"}, {0x2, 0x10, "3e01f75972e780ce890bcdbc1916"}]}, @timestamp_prespec={0x44, 0x2c, 0x61, 0x3, 0x7, [{@empty, 0x3690}, {@remote, 0x2}, {@local, 0x1}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xe871}, {@broadcast, 0x4}]}, @rr={0x7, 0xf, 0x7, [@loopback, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x42}]}, @lsrr={0x83, 0x1b, 0xa3, [@broadcast, @remote, @empty, @multicast2, @multicast1, @rand_addr=0x64010101]}, @timestamp={0x44, 0x20, 0x36, 0x0, 0x9, [0x0, 0x0, 0x220, 0x10, 0xfffffff8, 0x6, 0x4]}]}}}}}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, 0x0, &(0x7f00000002c0)}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1e7d, 0x2d5a, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x8}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r5, 0x0, 0x0) syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, 0x0) syz_usb_control_io$hid(r5, &(0x7f0000000140)={0x24, 0x0, 0x0, &(0x7f0000000480)={0x0, 0x22, 0x8, {[@main=@item_012={0x2, 0x0, 0xa, 't|'}, @main=@item_4={0x3, 0x0, 0xc, "bac18c3f"}]}}, 0x0}, 0x0) socket$key(0xf, 0x3, 0x2) times(0x0) 1.974358053s ago: executing program 3 (id=5126): open(0x0, 0x14507e, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x0, 0x0) fcntl$lock(r0, 0x7, &(0x7f0000000140)={0x1, 0x0, 0x40b7400000200, 0x6}) 1.939854226s ago: executing program 2 (id=5127): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000000000010"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}}) write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',fscache']) chdir(&(0x7f0000000000)='./file0\x00') mount$incfs(0x0, &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) open(&(0x7f00000001c0)='.\x00', 0xfffffffe, 0x0) 1.933424147s ago: executing program 3 (id=5128): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x2, 0x2004, 0x5}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r4, 0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000300807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10) sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, 0x0, 0x20000000) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) rt_sigaction(0xa, &(0x7f0000000080)={&(0x7f0000000100)="2437460f1c2bc4a2f99c9022000000c4a2f10027460f38e741c44240f29a3b470000a5c43b3be5c436fe0d094e486ff5f5bb559a00000f75bed5370b1c2665d2950e000000dbf5", 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000240)) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, 0x2, 0x3, 0x101, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)={0x2c, 0x2, 0x3, 0x101, 0x0, 0x0, {0x0, 0x0, 0x1000}, [@NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x12}, @NFQA_CFG_FLAGS={0x8}, @NFQA_CFG_CMD={0x8, 0x1, {0x0, 0x0, 0x18}}]}, 0x2c}}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)) fchdir(0xffffffffffffffff) 1.932660316s ago: executing program 2 (id=5129): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00'}) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0xb, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$incfs(0xffffffffffffffff, &(0x7f0000000080)='.pending_reads\x00', 0x0, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) pipe(&(0x7f00000000c0)={0xffffffffffffffff}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001000"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c00128009000100626f5c64000000000c000280060019"], 0x3c}}, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) close(r5) r6 = socket$tipc(0x1e, 0x2, 0x0) r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000100)={0x3, 0x4, 0x4, 0xa, 0x0, r4, 0xcf, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x3}, 0x48) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000040)={'gretap0\x00', &(0x7f0000000380)={'ip_vti0\x00', 0x0, 0x20, 0x7800, 0x200, 0x0, {{0x27, 0x4, 0x0, 0x1e, 0x9c, 0x68, 0x0, 0xfb, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, {[@timestamp_prespec={0x44, 0xc, 0xd1, 0x3, 0x7, [{@multicast2, 0x7}]}, @end, @timestamp_prespec={0x44, 0x2c, 0x7, 0x3, 0x9, [{@multicast1, 0x5}, {@local, 0x5}, {@multicast2, 0x7fff}, {@broadcast, 0x6}, {@rand_addr=0x64010100, 0x7}]}, @cipso={0x86, 0xf, 0x3, [{0x2, 0x4, '\x00v'}, {0x5, 0x5, "364ea1"}]}, @timestamp_prespec={0x44, 0x3c, 0xa0, 0x3, 0x0, [{@private=0xa010101, 0xb7}, {@private=0xa010102, 0x7ff}, {@private=0xa010102, 0x6}, {@empty, 0x80}, {@multicast1, 0x100008}, {@multicast2, 0x2}, {@local, 0x6}]}, @end]}}}}}) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)={0x2, 0x4, 0x8, 0x1, 0x80, r7, 0x5, '\x00', r8, r4, 0x4, 0x3, 0x4}, 0x48) setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000000)={0x43, 0x0, 0x0, 0x3}, 0x10) bind$tipc(r6, 0x0, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000300)) 1.06851169s ago: executing program 3 (id=5130): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180800000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = getpid() sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mremap(&(0x7f00003d1000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000b04000/0x4000)=nil) r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) close_range(r7, 0xffffffffffffffff, 0x0) 953.415709ms ago: executing program 2 (id=5131): r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) r1 = syz_open_dev$mouse(&(0x7f00000001c0), 0x3ff, 0x400000) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, r1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r2}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r3, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000240)=ANY=[@ANYRESDEC=r4, @ANYRES16=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r6 = getpid() getpeername$netlink(r0, &(0x7f0000000000), &(0x7f0000000180)=0xc) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4) ptrace$ARCH_GET_CPUID(0x1e, 0x0, 0x0, 0x1011) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000480)='./file0\x00', 0x446, &(0x7f0000000600)=ANY=[@ANYRES32=0x0, @ANYRES64, @ANYRESDEC=0x0, @ANYRESHEX, @ANYRESDEC, @ANYRES8], 0x0, 0x300, &(0x7f0000000b80)="$eJzs3M9PE1sUwPFDW0pbAmXx8l7eS164eW+jmwlU10pjIDE2kSA1/khMBphq07ElnQZTY0RXbo3/gRsXhCULE4zyD7Bxpxs37tiYuJCFcUynM5SWoUBLW4XvJyFzmHvP9FymkDMNM1s3nt/PZSwto5ckEFHSJyKyLTIiAfH0uduAE4dltydydvDrh3+v3bx1JZlKTc4oNZWcPZdQSg2Pvn3wKOpOWx+QzZE7W18Snzf/3Px768fsvaylspbKF0pKV3OFTyV9zjTUQtbKaUpNm4ZuGSqbt4xidbxQHc+YhcXFstLzC0OxxaJhWUrPl1XOKKtSQZWKZRW8q2fzStM0NRQTHCS9MjOjJ1tMnj/mYtAhxWJSD4pIdM9IeqUnBQEAgJ5q7P8Dopr2/y+P1v+v/rdRGry+Nuz2/+thv/7//Mfqser6/4iI+Pb/3uv79f+v3xyt/9/bEZ0YdvwQk+r6/2CHK0JnjIb37OqrhZXBYlKPub+/jqe3V8ecgP4fAAAAAAAAAAAAAAAAAAAAAIDfwbZtx23bjntb72tARCIi4n3vkxoUkYs9KBnHqI3zjxOgduNeaFjEfLaUXkpXt+6EDRExxZAxict35/3gqsTenUeqYkTemctu/vJSuno7WTIjWSd/XOL90phv21OXU5Pjqqo+v19iu/MTEpc//PMTvvlhOfP/rnxN4vJ+XgpiyoJTRy3/8bhSl66mGvKjzjwAAAAAAE4CTe3wvX7XtP3Gq/k719eNnw8Ea9fXY77X5yH5J9TbtQMAAAAAcFpY5Yc53TSNYpMgKgfPaT0IdejI3goPm+X9L0PnVtok8F68biji7qw/F21WKO7jYdusOSCtZI1WVqPa/Yl5HxvtN0emJ7p/Bp3grxevvh3fAS+sRQ5YaetBsPkboL9rf4AAAAAAdE2t6ff2TPS2IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATqFuPB2t12sEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfhU/AwAA//9BFQYp") 134.91012ms ago: executing program 3 (id=5132): r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000001480)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x500, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket$unix(0x1, 0x1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000002a00)=ANY=[@ANYBLOB="b7000000026d0300bfa30000000000000703000000feffff620af0fff8ffffff71a4f0ff000000002704000000ffffffdd0a05000000000014000000016d030063030000000000001d44010000000000620a00fe00ffffffdb03000000000000b5000000000000009500000000000000023bc065b70300c6dfa041b63af4a3912435b1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e5f58b7382a8b7e8177168001815548000000000000000275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7f300c095199fe3ff3128e599b0eaebbdbd732c9cc20eec363e4a8f6456e5ccae25ea21714ee18cf5d803e04d83b46e21557c0afc646cb7790b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda8ebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987af1714e72ba7616536fd9aa58f2477184b6a89adaf17b0baf587aef370a2d426a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a277c7a775d55dfc28abbe9b5ea62d84f3a10746443d64364f56e24e6d2105bd901128c7e0ec82770c8206b1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7d26b34381fcb59b854e9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009df5daf87068a608628efc56c752af4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9610f0000d36f38df9ba60248d9a0d61282dfb15eb6841bb64a1b3045024a982f3c48153baae2c4e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c3560811ea6c3560a43364d402ccdd9069bd50b994fd6a34ee18022a579dfc0229cc0dc9881610270928eeeb883418f562ae00003ea96d10f172c0374d6eed82640700dfffffffffff499c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c64a403ade624d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca5f1380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f254a9bf93f04bf072f0bc2d38092909ef3613861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf82807773e534015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d2a9441eb315209d199e029e9135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d8516800ef3f9a6a8906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe3907000000466f4ca2195234648e0a1ca50db6f3d9436a7d55a9ad382400000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b45eb6dc5f6a9257d2283c42efc54fa84323a3304f41ff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f928ba7554ba51dd5ab2b7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f80724a5bfc1e8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f068840a754c02181561542c2571f983e96735600000554f327a353511ccedde99493c31ac05a7b57f03ca91a01ba2c60ca99e8ebc15ec3d59901da21afd6400000000832503969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d40460780000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120968308c31db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98c2c73e1661261173f359e93d2c80000000998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebccbaf1ea4a003fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91cda6b52a373803a9e0600f86909bc90addb7b9aee813df534aac4b32fc7741c7e3f426b9ed20debd883593ff5d691b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca3f0a18ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa84feda91f3edb32231ec75300000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579c23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b88b5e7885e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d0f086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db1829f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2744c46570e8f46da1ab990ca053cbfe801000000000000000000000000000000d55d7182af2ea5f8d0ad495e3eb9421963a5a683c3dcb2d300aa3b2cfe946d2348c35f5d67d68ac07c8f84b3679e77c2e629ecec7c12c35d6b6971b8ae13cc0095f5a3bfdcffffffffffffffff61ed2b3ecfb16d19037c8c88c91dda1f904fbbc864e95ad43d6dd6d5eadbcea25682ba4b91e14c3fbfdfd1d480e7f13a65dbaa1af102d97681656bf56ff0cf36518f674237ce097d39008cc3257778de878bcd37467386f993be6d20c93a7791e7f2a155ce379b4cda2500108052aeb9bd03ffbda9ff485d6576a492d436d52edcd420e7deaa4343a0add3941ceb3a805e46beef9dca77a4edcbb42aa0caf0bbd6cec72d85540293cb4849b0610800000000000000000000000000000000f9814d5f6c8673c143ff2f901e71b8818665b56f7a03afe3d900007656659db4cb06aaaf9f02cfab5b9e61cc00e8e194299219a3f4c4c53bddea4cc48737842952ff08aeac15685df194ca89da8cf6d29a2be9779181fd5d105af5786094d9130f5826b18b9667b971a994f3fd06961912052f441e96884fcdc91f4a974242aabfc8adbadc9ca27955b5c90f1ed9a46ed044272383d3768871a9c8cfd7948aea445c55684351002ed4a4af45341de8e5e1f33624bd2ec1591dd00bbe05000000f89a928662e9b9449db34394fc5e946fadaee576e28ac0feab4e3585ed43d206218f524083840a78b723621f3b706bb7f5e42b5376642f8ad4028d4ead407240e7467d1b37a7e20690d7672c7e926fded95cf805516ad836eb730619a05af36fb28329d6feb33219cc9164461a8ba3afd5949b9a6046c53663df30a149414089c1ae8f3476236b05dde8dda4843a62c591f8d2b1a62d0db8dc826219bd87398b33e13e3a7a1511573cb1a8cdce3a8fea40792297d023ef52de2e75b9dbbfb8713178e2409b8d3b981bc2ae74621e536b9d3f09a15dada1561a8192d65cc59d7ed5a6bd610000000000000000000000000000000000000000000000b41248c570c4223a471b755ce6956908e2b0e5dbc5e71ff2373d3ed89c2e2eafac81c21ac2436d2ffacffe2fc0d601a50221c88a47b264c5129004f350963b52702c5a360000000000000000000000000000000b4077dc8a1801a8bf833350d302c5439ea3dd0f3b8eb1dc93af1fbf863d33a38a53a02ec1e5b90cb673d6b0cfe7f35b20e438653e0f73ddfc78e3e1d1cc9798af0eb9b61bb4fc72454a57237b68ea614ad898374e952784a18ffb9dc4447acd7ad28a63f88007ad8cba31a6fdd9982c97a913dffe69654d3a00b98c45ead9b9619f946c82f5789379d0d942020652ccfac45e1ef5e93e72b7d5381a3c61fbabc1286285110540075bc7aee3e595f9850b9e96887d53404add0021b198be851d9f797d964fe7501997524d28ce7b1d5f8203d9f756efd5676c5d85052030c27e2a99ee39007d9b3c305b1c7d14899b42149d6c437d863651d30426e36ff66bafa93ce3f76c18b8c91ac65b7ab49f03b7c0d0687e1ee0369e88d674f51fe69423000000000000596444d8a7bf983d6f0342b2987e520100000000000000f37cda7868234eeefbd472c7b396c182f2b9a8bf2f85ad1a7b18681784c8fcf0cf5e34baebc594de0d6c9244a834b82a162739619b5f2e3c24378417f71f855b7958fbae631a8aa30b2120a9e23d8711f529b0cd7ce6ee2b0841a4d9e82e6ef54089b64175338ed7effe440c97c663a1000000000033f9ee8bc74fb676198caf54f9a07461c30b4b65890f2b64e68eb2a265f641e68af046fb8751055c6dba7e49068656dbf01c26b3812cec4204084e4c3f5abb86121a3eddd10720d3b66a3a8033aab499cf56b7e5b01d37c1d7b4f5968040cd727efc9a1d69fa550313969508472efa833327d1bcae9167e3316f272ba2efdebf91f15b4a2bc27ea303834692d92961d3dcff0e4f55d9e3e7c66e8d3324216c4c77b95c000c5f30d56da969b1ce3a3e1a8ce5a632b3c404e7b455cac15273ce31a57dc7bed120f5396671eb7f8670ddc26ecc7461b1badfc98076c95aa811954827767c023c51e183cf1de0230912617f72169a3f9bda12d14667855757ca543b524491e213929a9d095abb9e57f33ad7e5301e5995e65246bc06f931d983596a4979d403f1b3984123633e9af67a0972612b5874f2000000009a8c3199c30dd0c416da1c22e346958bda493b297fcb98181ac449ca17a08e27ae81320e316e018fc9c77e7434079bc06ca1d315a94d177a888cc189fa5649bf5b9ab787118c29d735cc6dfaa965ea9ebbbaff83a06292aff2e3ed23750786136f113cdb04b881f721d02bd3c99b9dd3fa2713cda74eb3dd3422c736dc5c7bd3d1d008b5af391dac38341744dc38e8620fd4b35974ef1d93a907f37a84e1d630dd93fcde4aaf59e0e1f64ba3eec9da0b3d3b241fa52d9db1b137140b27434e74b783f9b62cc516f99e425ed603c5e65c0c3b08815a4aac7c1db4e47261148fa3a54359a2157b9a0fcecd54abbfaaee20f9a6dcc5380f01f22b8fd02b340118a65cef1597f5ce8d8a602120a3b2bb8ccc199dc36b2110a2200a2d3eaff9bc85ff68cd233fb2c8198682bd1c99fd7d66f3554439db4145028bc69579e516fd32253f641b0bffebc32cd3e90d67c77017ae323d8d31bd9f061d270d89737acea845067d8fd36fcce1ae9cd64beeae55d4c8159262240837b2854e5e08c58551453f1b9e46c6a7aaa972255fe7ad8f653168ce260000000000000000008b816f1b5e51781fa92c8b2c886bd992507715f8554276f56e3498156ca6d639de489096f49f2e1850d7399b1fe3801d3b2c0f65abcb67ac3ded74b099f76fee439abfb20c23864280855f395e3449859040832ea50df150deb14fc420a8e91ec84ccd338ada3c5778cbd52bcc2ac93b00e64959286b99231afa239dbefc90a21180f12a03c370980c8101d8a014f6139e998c938bccc92bfc987af6f02ec667c9597c19cc4193c09d152093013629b93e5104447e54ba7bc95ed2b3532421d6a0424c1e000000000000c1af53b85ab7060d6797a18cac2bf246a16f503e09832de7f7aa523d2325b4e3b651b1883ab9a3012f2b5b91e2782250a650d2dddca42a671f083b4a3739a651feb7c1c6903f50ce2cb6501fa22cf55230792a1e2fc902c9115a3b912dcef392b050c9a2870e7da0ca2ce908ff7bc5c72b591004ec3034b189a580e7f6ef153c04bb5599ab22686c5520a02e14a53f105d7b6a097e86b61500bdd7e6e133a9870ec9c0bb77c90702910cc39a0f3a419f12ba636b5837a5ecb110c89fb8d14da2d04175b18a14b2618d05fb58e9a832a4993472e5d068fe44e92676e484662a656d93a0f368c0cfc70c68459b61f194aac3"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) 0s ago: executing program 2 (id=5133): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r5 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe4, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000180018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10) r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f00000005c0)=[@reply={0x40406301, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x48, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000340)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): 2-1: USB disconnect, device number 67 [ 1019.692174][ T30] kauditd_printk_skb: 67 callbacks suppressed [ 1019.692195][ T30] audit: type=1326 audit(1725426954.476:1174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18429 comm="syz.4.5028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65bda63eb9 code=0x7ffc0000 [ 1019.725501][ T30] audit: type=1326 audit(1725426954.476:1175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18429 comm="syz.4.5028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65bda63eb9 code=0x7ffc0000 [ 1019.749356][ T30] audit: type=1326 audit(1725426954.476:1176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18429 comm="syz.4.5028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65bda63eb9 code=0x7ffc0000 [ 1020.097473][ T30] audit: type=1326 audit(1725426954.476:1177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18429 comm="syz.4.5028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65bda63eb9 code=0x7ffc0000 [ 1020.158237][T10378] usb 3-1: new high-speed USB device number 71 using dummy_hcd [ 1020.170608][ T30] audit: type=1326 audit(1725426954.476:1178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18429 comm="syz.4.5028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65bda63eb9 code=0x7ffc0000 [ 1020.194229][ T30] audit: type=1326 audit(1725426954.476:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18429 comm="syz.4.5028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65bda63eb9 code=0x7ffc0000 [ 1020.218299][ T30] audit: type=1326 audit(1725426954.476:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18429 comm="syz.4.5028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65bda63eb9 code=0x7ffc0000 [ 1020.241797][ T60] usb 5-1: new high-speed USB device number 61 using dummy_hcd [ 1020.249444][ T30] audit: type=1326 audit(1725426954.476:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18429 comm="syz.4.5028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65bda63eb9 code=0x7ffc0000 [ 1020.273372][ T30] audit: type=1326 audit(1725426954.476:1182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18429 comm="syz.4.5028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65bda63eb9 code=0x7ffc0000 [ 1020.299404][ T30] audit: type=1326 audit(1725426954.476:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18429 comm="syz.4.5028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65bda63eb9 code=0x7ffc0000 [ 1020.418198][T10378] usb 3-1: Using ep0 maxpacket: 16 [ 1020.530973][T18440] device pim6reg1 entered promiscuous mode [ 1020.538730][T10378] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1020.618197][ T60] usb 5-1: Using ep0 maxpacket: 32 [ 1020.708248][T10378] usb 3-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 1020.727320][T10378] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1020.735349][T10378] usb 3-1: Product: syz [ 1020.748184][T10378] usb 3-1: Manufacturer: syz [ 1020.748371][ T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1020.752715][T10378] usb 3-1: SerialNumber: syz [ 1020.773580][ T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1020.788584][T10378] usb 3-1: config 0 descriptor?? [ 1020.793781][ T60] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1020.810628][T18445] loop3: detected capacity change from 0 to 40427 [ 1020.817054][ T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1020.838408][ T60] usb 5-1: config 0 descriptor?? [ 1020.920644][T18445] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1020.938279][ T6112] usb 2-1: new high-speed USB device number 68 using dummy_hcd [ 1020.947798][T18445] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1021.383978][T18455] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1021.392537][T18455] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 1021.403933][T18455] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1021.493999][T18457] overlayfs: unrecognized mount option "appraise_type=imasig" or missing value [ 1021.671410][ T60] savu 0003:1E7D:2D5A.0072: hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0 [ 1021.698341][T10378] usb 3-1: Found UVC 0.00 device syz (045e:0721) [ 1021.708242][T10378] usb 3-1: No valid video chain found. [ 1021.807990][T18274] F2FS-fs (loop3): Inconsistent error blkaddr:5633, sit bitmap:0 [ 1021.826283][T18274] CPU: 0 PID: 18274 Comm: syz-executor Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1021.836359][T18274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1021.846256][T18274] Call Trace: [ 1021.849378][T18274] [ 1021.852156][T18274] dump_stack_lvl+0x151/0x1c0 [ 1021.856669][T18274] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1021.862135][T18274] ? arch_stack_walk+0xf3/0x140 [ 1021.866828][T18274] dump_stack+0x15/0x20 [ 1021.870814][T18274] f2fs_is_valid_blkaddr+0xc87/0x12d0 [ 1021.876025][T18274] f2fs_map_blocks+0x1622/0x3ab0 [ 1021.881404][T18274] ? __stack_depot_save+0x34/0x470 [ 1021.886360][T18274] ? f2fs_do_map_lock+0x70/0x70 [ 1021.891040][T18274] ? debug_smp_processor_id+0x17/0x20 [ 1021.896249][T18274] ? try_charge_memcg+0x213/0x1550 [ 1021.901197][T18274] f2fs_mpage_readpages+0xc9a/0x21a0 [ 1021.906320][T18274] ? dquot_release_reservation_block+0xa0/0xa0 [ 1021.912303][T18274] ? workingset_activation+0x3f0/0x3f0 [ 1021.917604][T18274] f2fs_readahead+0xfd/0x250 [ 1021.922022][T18274] ? blk_start_plug+0x5a/0x170 [ 1021.926623][T18274] read_pages+0x15e/0xb00 [ 1021.930789][T18274] ? lru_cache_add+0x279/0x540 [ 1021.935395][T18274] ? page_cache_ra_unbounded+0x920/0x920 [ 1021.940858][T18274] ? add_to_page_cache_lru+0x225/0x2c0 [ 1021.946151][T18274] ? add_to_page_cache_locked+0x40/0x40 [ 1021.951529][T18274] ? __kasan_check_write+0x14/0x20 [ 1021.956477][T18274] page_cache_ra_unbounded+0x6cb/0x920 [ 1021.961774][T18274] ? read_cache_pages_invalidate_pages+0x1c0/0x1c0 [ 1021.968110][T18274] ? _raw_spin_unlock+0x4d/0x70 [ 1021.972799][T18274] ondemand_readahead+0x9c8/0xfa0 [ 1021.977654][T18274] ? do_wp_page+0x979/0xb60 [ 1021.981998][T18274] ? page_cache_sync_ra+0x4d0/0x4d0 [ 1021.987027][T18274] ? debug_smp_processor_id+0x17/0x20 [ 1021.992236][T18274] ? kasan_quarantine_put+0x34/0x1a0 [ 1021.997357][T18274] page_cache_sync_ra+0x2e9/0x4d0 [ 1022.002218][T18274] ? force_page_cache_ra+0x420/0x420 [ 1022.007440][T18274] f2fs_readdir+0x52d/0xba0 [ 1022.011784][T18274] ? f2fs_fill_dentries+0xd60/0xd60 [ 1022.016813][T18274] ? avc_policy_seqno+0x1b/0x70 [ 1022.021501][T18274] ? __kasan_check_read+0x11/0x20 [ 1022.026361][T18274] ? security_file_permission+0x86/0xb0 [ 1022.031743][T18274] iterate_dir+0x265/0x610 [ 1022.036081][T18274] ? f2fs_fill_dentries+0xd60/0xd60 [ 1022.041115][T18274] __se_sys_getdents64+0x1c1/0x460 [ 1022.046062][T18274] ? __x64_sys_getdents64+0x90/0x90 [ 1022.051096][T18274] ? filldir+0x680/0x680 [ 1022.055181][T18274] __x64_sys_getdents64+0x7b/0x90 [ 1022.060037][T18274] x64_sys_call+0x5ae/0x9a0 [ 1022.064375][T18274] do_syscall_64+0x3b/0xb0 [ 1022.068630][T18274] ? clear_bhb_loop+0x35/0x90 [ 1022.073163][T18274] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1022.078880][T18274] RIP: 0033:0x7ff62b384053 [ 1022.083123][T18274] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8 [ 1022.102564][T18274] RSP: 002b:00007fff8b8b46e8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 1022.110812][T18274] RAX: ffffffffffffffda RBX: 00005555563194e0 RCX: 00007ff62b384053 [ 1022.118620][T18274] RDX: 0000000000008000 RSI: 00005555563194e0 RDI: 0000000000000005 [ 1022.126517][T18274] RBP: 00005555563194b4 R08: 0000000000000000 R09: 0000000000000000 [ 1022.134332][T18274] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8 [ 1022.142143][T18274] R13: 0000000000000010 R14: 00005555563194b0 R15: 00007fff8b8b6990 [ 1022.149961][T18274] [ 1022.184480][ T26] usb 3-1: USB disconnect, device number 71 [ 1022.191917][ T743] usb 5-1: USB disconnect, device number 61 [ 1022.198667][T18274] F2FS-fs (loop3): Inconsistent error blkaddr:5633, sit bitmap:0 [ 1022.208230][ T6112] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1022.219080][T18274] CPU: 1 PID: 18274 Comm: syz-executor Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1022.229044][T18274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1022.238944][T18274] Call Trace: [ 1022.242070][T18274] [ 1022.244840][T18274] dump_stack_lvl+0x151/0x1c0 [ 1022.249329][ T6112] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1022.249357][T18274] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1022.264464][T18274] dump_stack+0x15/0x20 [ 1022.268450][T18274] f2fs_is_valid_blkaddr+0xc87/0x12d0 [ 1022.273664][T18274] f2fs_get_read_data_page+0x50f/0x850 [ 1022.278957][T18274] ? f2fs_get_block+0x1b0/0x1b0 [ 1022.283651][T18274] ? force_page_cache_ra+0x420/0x420 [ 1022.288761][T18274] f2fs_find_data_page+0x19c/0x420 [ 1022.293706][T18274] f2fs_readdir+0x53a/0xba0 [ 1022.298045][T18274] ? f2fs_fill_dentries+0xd60/0xd60 [ 1022.303079][T18274] ? avc_policy_seqno+0x1b/0x70 [ 1022.307780][T18274] ? __kasan_check_read+0x11/0x20 [ 1022.312624][T18274] ? security_file_permission+0x86/0xb0 [ 1022.318004][T18274] iterate_dir+0x265/0x610 [ 1022.322259][T18274] ? f2fs_fill_dentries+0xd60/0xd60 [ 1022.327293][T18274] __se_sys_getdents64+0x1c1/0x460 [ 1022.332242][T18274] ? __x64_sys_getdents64+0x90/0x90 [ 1022.337273][T18274] ? filldir+0x680/0x680 [ 1022.341355][T18274] __x64_sys_getdents64+0x7b/0x90 [ 1022.346561][T18274] x64_sys_call+0x5ae/0x9a0 [ 1022.351100][T18274] do_syscall_64+0x3b/0xb0 [ 1022.355352][T18274] ? clear_bhb_loop+0x35/0x90 [ 1022.359872][T18274] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1022.365595][T18274] RIP: 0033:0x7ff62b384053 [ 1022.369851][T18274] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8 [ 1022.389288][T18274] RSP: 002b:00007fff8b8b46e8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 1022.397533][T18274] RAX: ffffffffffffffda RBX: 00005555563194e0 RCX: 00007ff62b384053 [ 1022.405344][T18274] RDX: 0000000000008000 RSI: 00005555563194e0 RDI: 0000000000000005 [ 1022.413502][T18274] RBP: 00005555563194b4 R08: 0000000000000000 R09: 0000000000000000 [ 1022.421325][T18274] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8 [ 1022.429129][T18274] R13: 0000000000000010 R14: 00005555563194b0 R15: 00007fff8b8b6990 [ 1022.436953][T18274] [ 1022.488297][ T6112] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 1022.497166][ T6112] usb 2-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 1022.528251][ T6112] usb 2-1: Product: syz [ 1022.533018][ T6112] usb 2-1: config 0 descriptor?? [ 1022.603949][T12961] attempt to access beyond end of device [ 1022.603949][T12961] loop3: rw=2049, want=41000, limit=40427 [ 1022.864280][T18473] loop2: detected capacity change from 0 to 128 [ 1022.929703][T18473] netlink: 112 bytes leftover after parsing attributes in process `syz.2.5039'. [ 1022.951140][T18474] bridge0: port 1(bridge_slave_0) entered blocking state [ 1022.958033][T18474] bridge0: port 1(bridge_slave_0) entered disabled state [ 1022.965775][T18474] device bridge_slave_0 entered promiscuous mode [ 1022.974217][T18474] bridge0: port 2(bridge_slave_1) entered blocking state [ 1022.982892][T18474] bridge0: port 2(bridge_slave_1) entered disabled state [ 1022.990478][T18474] device bridge_slave_1 entered promiscuous mode [ 1023.069171][T18474] bridge0: port 2(bridge_slave_1) entered blocking state [ 1023.076032][T18474] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1023.083190][T18474] bridge0: port 1(bridge_slave_0) entered blocking state [ 1023.090034][T18474] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1023.237774][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1023.252208][ T1234] bridge0: port 1(bridge_slave_0) entered disabled state [ 1023.324593][ T1234] bridge0: port 2(bridge_slave_1) entered disabled state [ 1023.352348][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1023.364033][T18485] loop2: detected capacity change from 0 to 4096 [ 1023.371193][ T542] bridge0: port 1(bridge_slave_0) entered blocking state [ 1023.378070][ T542] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1023.388702][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1023.397444][ T542] bridge0: port 2(bridge_slave_1) entered blocking state [ 1023.404313][ T542] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1023.432780][T18486] UDC core: couldn't find an available UDC or it's busy: -16 [ 1023.440092][T18486] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 1023.474246][T12961] device bridge_slave_1 left promiscuous mode [ 1023.503487][T12961] bridge0: port 2(bridge_slave_1) entered disabled state [ 1023.528698][T12961] device bridge_slave_0 left promiscuous mode [ 1023.534745][T12961] bridge0: port 1(bridge_slave_0) entered disabled state [ 1023.543640][T12961] device veth1_macvtap left promiscuous mode [ 1023.549776][T12961] device veth0_vlan left promiscuous mode [ 1023.566490][T18485] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 1023.680712][T18480] loop4: detected capacity change from 0 to 40427 [ 1023.708969][T18491] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 1023.731636][T18491] EXT4-fs error (device loop2): ext4_dirty_inode:6024: inode #18: comm syz.2.5041: mark_inode_dirty error [ 1023.743178][T18491] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 1023.754251][T18491] EXT4-fs error (device loop2): ext4_dirty_inode:6024: inode #18: comm syz.2.5041: mark_inode_dirty error [ 1023.766111][T18491] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:476: comm syz.2.5041: Invalid block bitmap block 0 in block_group 0 [ 1023.780437][T18491] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 1023.790478][T18491] EXT4-fs error (device loop2): ext4_dirty_inode:6024: inode #18: comm syz.2.5041: mark_inode_dirty error [ 1023.791796][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1023.802098][T18491] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 1023.819313][T18480] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1023.821986][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1023.843366][T18491] EXT4-fs error (device loop2): ext4_alloc_file_blocks:4509: inode #18: comm syz.2.5041: mark_inode_dirty error [ 1023.853063][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1023.866282][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1023.885573][T18474] device veth0_vlan entered promiscuous mode [ 1023.897635][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1023.897686][T18388] EXT4-fs error (device loop2): ext4_map_blocks:602: inode #2: block 16: comm syz-executor: lblock 0 mapped to illegal pblock 16 (length 1) [ 1023.909029][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1023.927612][T18480] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1023.936064][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1023.951261][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1024.001873][T18474] device veth1_macvtap entered promiscuous mode [ 1024.033337][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1024.040788][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1024.048057][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1024.056183][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1024.064443][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1024.072023][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1024.135109][T18498] overlayfs: unrecognized mount option "appraise_type=imasig" or missing value [ 1024.313128][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1024.371635][T10378] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1024.379948][T10378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1024.457750][T18269] F2FS-fs (loop4): Inconsistent error blkaddr:5633, sit bitmap:0 [ 1024.503029][T18269] CPU: 0 PID: 18269 Comm: syz-executor Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1024.513103][T18269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1024.523000][T18269] Call Trace: [ 1024.526121][T18269] [ 1024.528899][T18269] dump_stack_lvl+0x151/0x1c0 [ 1024.533415][T18269] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1024.538875][T18269] ? arch_stack_walk+0xf3/0x140 [ 1024.543563][T18269] dump_stack+0x15/0x20 [ 1024.547560][T18269] f2fs_is_valid_blkaddr+0xc87/0x12d0 [ 1024.552766][T18269] f2fs_map_blocks+0x1622/0x3ab0 [ 1024.557538][T18269] ? __stack_depot_save+0x34/0x470 [ 1024.562489][T18269] ? f2fs_do_map_lock+0x70/0x70 [ 1024.567256][T18269] ? debug_smp_processor_id+0x17/0x20 [ 1024.572465][T18269] ? try_charge_memcg+0x213/0x1550 [ 1024.577412][T18269] f2fs_mpage_readpages+0xc9a/0x21a0 [ 1024.582539][T18269] ? dquot_release_reservation_block+0xa0/0xa0 [ 1024.588525][T18269] ? workingset_activation+0x3f0/0x3f0 [ 1024.593910][T18269] f2fs_readahead+0xfd/0x250 [ 1024.598328][T18269] ? blk_start_plug+0x5a/0x170 [ 1024.602929][T18269] read_pages+0x15e/0xb00 [ 1024.607108][T18269] ? lru_cache_add+0x279/0x540 [ 1024.611869][T18269] ? page_cache_ra_unbounded+0x920/0x920 [ 1024.617337][T18269] ? add_to_page_cache_lru+0x225/0x2c0 [ 1024.622634][T18269] ? add_to_page_cache_locked+0x40/0x40 [ 1024.628014][T18269] ? __stack_depot_save+0x34/0x470 [ 1024.632959][T18269] page_cache_ra_unbounded+0x6cb/0x920 [ 1024.638272][T18269] ? read_cache_pages_invalidate_pages+0x1c0/0x1c0 [ 1024.644946][T18269] ? _raw_spin_unlock+0x4d/0x70 [ 1024.649625][T18269] ondemand_readahead+0x9c8/0xfa0 [ 1024.654486][T18269] ? do_wp_page+0x979/0xb60 [ 1024.658826][T18269] ? page_cache_sync_ra+0x4d0/0x4d0 [ 1024.663859][T18269] ? debug_smp_processor_id+0x17/0x20 [ 1024.669081][T18269] ? selinux_inode_getattr+0x11f/0x3f0 [ 1024.674361][T18269] ? fault_around_bytes_set+0xc0/0xc0 [ 1024.679567][T18269] page_cache_sync_ra+0x2e9/0x4d0 [ 1024.684427][T18269] ? force_page_cache_ra+0x420/0x420 [ 1024.689551][T18269] ? do_handle_mm_fault+0x1807/0x2400 [ 1024.694757][T18269] f2fs_readdir+0x52d/0xba0 [ 1024.699099][T18269] ? f2fs_fill_dentries+0xd60/0xd60 [ 1024.704132][T18269] ? avc_policy_seqno+0x1b/0x70 [ 1024.708818][T18269] ? __kasan_check_read+0x11/0x20 [ 1024.713866][T18269] ? security_file_permission+0x86/0xb0 [ 1024.719246][T18269] iterate_dir+0x265/0x610 [ 1024.723499][T18269] ? f2fs_fill_dentries+0xd60/0xd60 [ 1024.728534][T18269] __se_sys_getdents64+0x1c1/0x460 [ 1024.733482][T18269] ? __x64_sys_getdents64+0x90/0x90 [ 1024.738515][T18269] ? filldir+0x680/0x680 [ 1024.742596][T18269] __x64_sys_getdents64+0x7b/0x90 [ 1024.747470][T18269] x64_sys_call+0x5ae/0x9a0 [ 1024.751794][T18269] do_syscall_64+0x3b/0xb0 [ 1024.756048][T18269] ? clear_bhb_loop+0x35/0x90 [ 1024.760562][T18269] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1024.766289][T18269] RIP: 0033:0x7f65bda96053 [ 1024.770554][T18269] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8 [ 1024.789981][T18269] RSP: 002b:00007ffde3a74aa8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 1024.798227][T18269] RAX: ffffffffffffffda RBX: 00005555567e84e0 RCX: 00007f65bda96053 [ 1024.806037][T18269] RDX: 0000000000008000 RSI: 00005555567e84e0 RDI: 0000000000000005 [ 1024.813851][T18269] RBP: 00005555567e84b4 R08: 0000000000000000 R09: 0000000000000000 [ 1024.821662][T18269] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8 [ 1024.829474][T18269] R13: 0000000000000010 R14: 00005555567e84b0 R15: 00007ffde3a76d50 [ 1024.837289][T18269] [ 1024.860033][T18269] F2FS-fs (loop4): Inconsistent error blkaddr:5633, sit bitmap:0 [ 1024.867650][T18269] CPU: 1 PID: 18269 Comm: syz-executor Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1024.877569][T18269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1024.887460][T18269] Call Trace: [ 1024.890580][T18269] [ 1024.893358][T18269] dump_stack_lvl+0x151/0x1c0 [ 1024.897870][T18269] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1024.903342][T18269] dump_stack+0x15/0x20 [ 1024.907332][T18269] f2fs_is_valid_blkaddr+0xc87/0x12d0 [ 1024.909956][ T6112] usbhid 2-1:0.0: can't add hid device: -71 [ 1024.912544][T18269] f2fs_get_read_data_page+0x50f/0x850 [ 1024.912574][T18269] ? f2fs_get_block+0x1b0/0x1b0 [ 1024.918413][ T6112] usbhid: probe of 2-1:0.0 failed with error -71 [ 1024.923568][T18269] ? force_page_cache_ra+0x420/0x420 [ 1024.939540][T18269] f2fs_find_data_page+0x19c/0x420 [ 1024.944488][T18269] f2fs_readdir+0x53a/0xba0 [ 1024.948824][T18269] ? f2fs_fill_dentries+0xd60/0xd60 [ 1024.953858][T18269] ? avc_policy_seqno+0x1b/0x70 [ 1024.958542][T18269] ? __kasan_check_read+0x11/0x20 [ 1024.963405][T18269] ? security_file_permission+0x86/0xb0 [ 1024.968788][T18269] iterate_dir+0x265/0x610 [ 1024.973035][T18269] ? f2fs_fill_dentries+0xd60/0xd60 [ 1024.978072][T18269] __se_sys_getdents64+0x1c1/0x460 [ 1024.983022][T18269] ? __x64_sys_getdents64+0x90/0x90 [ 1024.984187][ T6112] usb 2-1: USB disconnect, device number 68 [ 1024.988051][T18269] ? filldir+0x680/0x680 [ 1024.997862][T18269] __x64_sys_getdents64+0x7b/0x90 [ 1025.002721][T18269] x64_sys_call+0x5ae/0x9a0 [ 1025.007056][T18269] do_syscall_64+0x3b/0xb0 [ 1025.011316][T18269] ? clear_bhb_loop+0x35/0x90 [ 1025.015824][T18269] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1025.021560][T18269] RIP: 0033:0x7f65bda96053 [ 1025.025809][T18269] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8 [ 1025.045251][T18269] RSP: 002b:00007ffde3a74aa8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 1025.053492][T18269] RAX: ffffffffffffffda RBX: 00005555567e84e0 RCX: 00007f65bda96053 [ 1025.061301][T18269] RDX: 0000000000008000 RSI: 00005555567e84e0 RDI: 0000000000000005 [ 1025.069131][T18269] RBP: 00005555567e84b4 R08: 0000000000000000 R09: 0000000000000000 [ 1025.076926][T18269] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8 [ 1025.084736][T18269] R13: 0000000000000010 R14: 00005555567e84b0 R15: 00007ffde3a76d50 [ 1025.092554][T18269] [ 1025.121102][ T10] attempt to access beyond end of device [ 1025.121102][ T10] loop4: rw=2049, want=41000, limit=40427 [ 1025.142954][T18503] bridge0: port 1(bridge_slave_0) entered blocking state [ 1025.150237][T18503] bridge0: port 1(bridge_slave_0) entered disabled state [ 1025.158397][T18503] device bridge_slave_0 entered promiscuous mode [ 1025.168143][ T60] usb 4-1: new high-speed USB device number 61 using dummy_hcd [ 1025.175734][T18503] bridge0: port 2(bridge_slave_1) entered blocking state [ 1025.183127][T18503] bridge0: port 2(bridge_slave_1) entered disabled state [ 1025.190541][T18503] device bridge_slave_1 entered promiscuous mode [ 1025.198279][ T30] kauditd_printk_skb: 92 callbacks suppressed [ 1025.198293][ T30] audit: type=1326 audit(1725426960.006:1272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18500 comm="syz.3.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f94c3eedabb code=0x7ffc0000 [ 1025.279568][T18514] loop1: detected capacity change from 0 to 40427 [ 1025.288985][ T30] audit: type=1326 audit(1725426960.026:1273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18500 comm="syz.3.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f94c3eedabb code=0x7ffc0000 [ 1025.336311][T18514] F2FS-fs (loop1): Found nat_bits in checkpoint [ 1025.372565][T18503] bridge0: port 2(bridge_slave_1) entered blocking state [ 1025.379470][T18503] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1025.386560][T18503] bridge0: port 1(bridge_slave_0) entered blocking state [ 1025.393345][T18503] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1025.407319][T18514] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1025.433843][T18522] FAULT_INJECTION: forcing a failure. [ 1025.433843][T18522] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1025.448230][ T60] usb 4-1: Using ep0 maxpacket: 8 [ 1025.448999][T18522] CPU: 0 PID: 18522 Comm: syz.0.5050 Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1025.462884][T18522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1025.472864][T18522] Call Trace: [ 1025.475986][T18522] [ 1025.478766][T18522] dump_stack_lvl+0x151/0x1c0 [ 1025.483276][T18522] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1025.488745][T18522] ? __stack_depot_save+0x34/0x470 [ 1025.493690][T18522] dump_stack+0x15/0x20 [ 1025.497682][T18522] should_fail+0x3c6/0x510 [ 1025.501935][T18522] should_fail_usercopy+0x1a/0x20 [ 1025.506997][T18522] _copy_from_user+0x20/0xd0 [ 1025.511425][T18522] iovec_from_user+0xc7/0x330 [ 1025.515940][T18522] __import_iovec+0x6d/0x420 [ 1025.520364][T18522] ? __ia32_sys_shutdown+0x70/0x70 [ 1025.525312][T18522] import_iovec+0xe5/0x120 [ 1025.529564][T18522] ___sys_sendmsg+0x215/0x2e0 [ 1025.534079][T18522] ? __sys_sendmsg+0x260/0x260 [ 1025.538685][T18522] ? __fdget+0x1bc/0x240 [ 1025.542755][T18522] __se_sys_sendmsg+0x19a/0x260 [ 1025.547447][T18522] ? __x64_sys_sendmsg+0x90/0x90 [ 1025.552218][T18522] ? ksys_write+0x260/0x2c0 [ 1025.556557][T18522] ? debug_smp_processor_id+0x17/0x20 [ 1025.561764][T18522] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1025.567667][T18522] __x64_sys_sendmsg+0x7b/0x90 [ 1025.572266][T18522] x64_sys_call+0x16a/0x9a0 [ 1025.576607][T18522] do_syscall_64+0x3b/0xb0 [ 1025.580859][T18522] ? clear_bhb_loop+0x35/0x90 [ 1025.585372][T18522] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1025.591101][T18522] RIP: 0033:0x7fcc1205ceb9 [ 1025.595355][T18522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1025.614797][T18522] RSP: 002b:00007fcc10cd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1025.623040][T18522] RAX: ffffffffffffffda RBX: 00007fcc12215f80 RCX: 00007fcc1205ceb9 [ 1025.630851][T18522] RDX: 0000000000000000 RSI: 00000000200015c0 RDI: 0000000000000003 [ 1025.638663][T18522] RBP: 00007fcc10cd7090 R08: 0000000000000000 R09: 0000000000000000 [ 1025.646475][T18522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1025.654284][T18522] R13: 0000000000000000 R14: 00007fcc12215f80 R15: 00007ffe27dff758 [ 1025.662103][T18522] [ 1025.666000][ T30] audit: type=1326 audit(1725426960.466:1274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18500 comm="syz.3.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f94c3eedabb code=0x7ffc0000 [ 1025.718981][ T6112] bridge0: port 1(bridge_slave_0) entered disabled state [ 1025.726618][ T6112] bridge0: port 2(bridge_slave_1) entered disabled state [ 1025.735095][ T6112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1025.742516][ T6112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1025.764521][ T30] audit: type=1326 audit(1725426960.506:1275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18500 comm="syz.3.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f94c3eedabb code=0x7ffc0000 [ 1025.788446][ T30] audit: type=1326 audit(1725426960.566:1276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18500 comm="syz.3.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f94c3eedabb code=0x7ffc0000 [ 1025.812201][ T30] audit: type=1326 audit(1725426960.586:1277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18500 comm="syz.3.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f94c3eedabb code=0x7ffc0000 [ 1025.835799][ T60] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1025.838288][ T30] audit: type=1326 audit(1725426960.616:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18500 comm="syz.3.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f94c3eedabb code=0x7ffc0000 [ 1025.924689][T18528] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1025.933515][T18528] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 1025.945369][T18528] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1026.216844][ T6112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1026.225292][ T6112] bridge0: port 1(bridge_slave_0) entered blocking state [ 1026.232250][ T6112] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1026.249268][ T30] audit: type=1326 audit(1725426960.636:1279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18500 comm="syz.3.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f94c3eedabb code=0x7ffc0000 [ 1026.273253][ T6112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1026.282070][ T6112] bridge0: port 2(bridge_slave_1) entered blocking state [ 1026.288941][ T6112] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1026.296077][ T30] audit: type=1326 audit(1725426960.786:1280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18500 comm="syz.3.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f94c3eedabb code=0x7ffc0000 [ 1026.321055][ T30] audit: type=1326 audit(1725426961.056:1281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18500 comm="syz.3.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f94c3eedabb code=0x7ffc0000 [ 1026.331550][T17929] attempt to access beyond end of device [ 1026.331550][T17929] loop1: rw=2049, want=45128, limit=40427 [ 1026.356243][ T60] usb 4-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 1026.365135][ T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 1026.373928][ T60] usb 4-1: SerialNumber: syz [ 1026.411308][ T60] usb 4-1: config 0 descriptor?? [ 1026.424108][T18536] FAULT_INJECTION: forcing a failure. [ 1026.424108][T18536] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1026.437060][T18536] CPU: 1 PID: 18536 Comm: syz.0.5054 Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1026.446766][T18536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1026.456666][T18536] Call Trace: [ 1026.459873][T18536] [ 1026.462651][T18536] dump_stack_lvl+0x151/0x1c0 [ 1026.467174][T18536] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1026.472633][T18536] dump_stack+0x15/0x20 [ 1026.476624][T18536] should_fail+0x3c6/0x510 [ 1026.480878][T18536] should_fail_usercopy+0x1a/0x20 [ 1026.485736][T18536] strncpy_from_user+0x24/0x2d0 [ 1026.490422][T18536] ? kmem_cache_alloc+0xf5/0x200 [ 1026.495196][T18536] getname_flags+0xf2/0x520 [ 1026.499536][T18536] getname+0x19/0x20 [ 1026.503270][T18536] do_sys_openat2+0xd7/0x830 [ 1026.507696][T18536] ? do_sys_open+0x220/0x220 [ 1026.512123][T18536] ? __schedule+0xcd4/0x1590 [ 1026.516553][T18536] __x64_sys_openat+0x243/0x290 [ 1026.521240][T18536] ? __ia32_sys_open+0x270/0x270 [ 1026.524416][T10378] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1026.526007][T18536] ? __kasan_check_read+0x11/0x20 [ 1026.533945][T10378] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1026.538417][T18536] ? exit_to_user_mode_prepare+0x7e/0xa0 [ 1026.538439][T18536] x64_sys_call+0x6bf/0x9a0 [ 1026.554718][T18503] device veth0_vlan entered promiscuous mode [ 1026.555775][T18536] do_syscall_64+0x3b/0xb0 [ 1026.565935][T18536] ? clear_bhb_loop+0x35/0x90 [ 1026.568858][T18503] device veth1_macvtap entered promiscuous mode [ 1026.570468][T18536] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1026.582280][T18536] RIP: 0033:0x7fcc1205ceb9 [ 1026.586503][T18536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1026.606031][T18536] RSP: 002b:00007fcc10c95038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1026.614279][T18536] RAX: ffffffffffffffda RBX: 00007fcc12216130 RCX: 00007fcc1205ceb9 [ 1026.622086][T18536] RDX: 0000000000000001 RSI: 00000000200001c0 RDI: ffffffffffffff9c [ 1026.629903][T18536] RBP: 00007fcc10c95090 R08: 0000000000000000 R09: 0000000000000000 [ 1026.637708][T18536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1026.645520][T18536] R13: 0000000000000001 R14: 00007fcc12216130 R15: 00007ffe27dff758 [ 1026.653333][T18536] [ 1026.658036][ T60] usb 4-1: Found UVC 0.00 device (05ac:8501) [ 1026.664844][ T60] uvcvideo 4-1:0.0: Entity type for entity Output 255 was not initialized! [ 1026.672306][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1026.673340][ T60] usb 4-1: Failed to create links for entity 255 [ 1026.682117][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1026.695245][ T60] usb 4-1: Failed to register entities (-22). [ 1026.695774][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1026.711586][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1026.719629][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1026.727617][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1026.735857][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1026.743427][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1026.751654][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1026.759993][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1026.768174][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1026.794536][T10378] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1026.802972][T10378] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1026.848848][T18540] FAULT_INJECTION: forcing a failure. [ 1026.848848][T18540] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1026.862562][T18540] CPU: 1 PID: 18540 Comm: syz.2.5045 Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1026.872459][T18540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1026.882341][T18540] Call Trace: [ 1026.885466][T18540] [ 1026.888244][T18540] dump_stack_lvl+0x151/0x1c0 [ 1026.892769][T18540] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1026.893026][ T743] usb 4-1: USB disconnect, device number 61 [ 1026.898230][T18540] ? __alloc_pages+0x27e/0x8f0 [ 1026.898265][T18540] dump_stack+0x15/0x20 [ 1026.898282][T18540] should_fail+0x3c6/0x510 [ 1026.898301][T18540] should_fail_usercopy+0x1a/0x20 [ 1026.921668][T18540] copy_page_from_iter+0x2eb/0x640 [ 1026.926620][T18540] tun_get_user+0x76e/0x3aa0 [ 1026.931033][T18540] ? __x64_sys_openat+0x240/0x290 [ 1026.935895][T18540] ? tun_do_read+0x2010/0x2010 [ 1026.940490][T18540] ? kstrtouint_from_user+0x20a/0x2a0 [ 1026.945792][T18540] ? kstrtol_from_user+0x310/0x310 [ 1026.950735][T18540] ? htab_percpu_map_lookup_elem+0x1cf/0x310 [ 1026.956549][T18540] ? avc_policy_seqno+0x1b/0x70 [ 1026.961234][T18540] ? selinux_file_permission+0x2c4/0x570 [ 1026.966703][T18540] tun_chr_write_iter+0x1e1/0x2e0 [ 1026.971565][T18540] vfs_write+0xd5d/0x1110 [ 1026.975733][T18540] ? file_end_write+0x1c0/0x1c0 [ 1026.980420][T18540] ? __fdget_pos+0x209/0x3a0 [ 1026.984841][T18540] ? ksys_write+0x77/0x2c0 [ 1026.989097][T18540] ksys_write+0x199/0x2c0 [ 1026.993264][T18540] ? __kasan_check_write+0x14/0x20 [ 1026.998208][T18540] ? __ia32_sys_read+0x90/0x90 [ 1027.002809][T18540] ? debug_smp_processor_id+0x17/0x20 [ 1027.008023][T18540] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1027.013925][T18540] __x64_sys_write+0x7b/0x90 [ 1027.018351][T18540] x64_sys_call+0x2f/0x9a0 [ 1027.022610][T18540] do_syscall_64+0x3b/0xb0 [ 1027.026849][T18540] ? clear_bhb_loop+0x35/0x90 [ 1027.031365][T18540] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1027.037109][T18540] RIP: 0033:0x7f0ee957799f [ 1027.041347][T18540] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 [ 1027.060806][T18540] RSP: 002b:00007f0ee81f3000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 1027.069030][T18540] RAX: ffffffffffffffda RBX: 00007f0ee9731f80 RCX: 00007f0ee957799f [ 1027.076843][T18540] RDX: 0000000000000086 RSI: 00000000200000c0 RDI: 00000000000000c8 [ 1027.084741][T18540] RBP: 00007f0ee81f3090 R08: 0000000000000000 R09: 0000000000000000 [ 1027.092724][T18540] R10: 0000000000000086 R11: 0000000000000293 R12: 0000000000000001 [ 1027.100538][T18540] R13: 0000000000000000 R14: 00007f0ee9731f80 R15: 00007fffe6f46298 [ 1027.108356][T18540] [ 1027.158336][T12961] device bridge_slave_1 left promiscuous mode [ 1027.162213][T18546] loop1: detected capacity change from 0 to 256 [ 1027.164295][T12961] bridge0: port 2(bridge_slave_1) entered disabled state [ 1027.179522][T12961] device bridge_slave_0 left promiscuous mode [ 1027.185577][T12961] bridge0: port 1(bridge_slave_0) entered disabled state [ 1027.193894][T12961] device veth1_macvtap left promiscuous mode [ 1027.199872][T12961] device veth0_vlan left promiscuous mode [ 1027.325461][T18525] bridge0: port 1(bridge_slave_0) entered blocking state [ 1027.332863][T18525] bridge0: port 1(bridge_slave_0) entered disabled state [ 1027.340249][T18525] device bridge_slave_0 entered promiscuous mode [ 1027.347029][T18525] bridge0: port 2(bridge_slave_1) entered blocking state [ 1027.355096][T18525] bridge0: port 2(bridge_slave_1) entered disabled state [ 1027.364571][T18525] device bridge_slave_1 entered promiscuous mode [ 1027.417159][T18554] FAULT_INJECTION: forcing a failure. [ 1027.417159][T18554] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1027.430104][T18554] CPU: 1 PID: 18554 Comm: syz.1.5057 Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1027.439826][T18554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1027.449818][T18554] Call Trace: [ 1027.452932][T18554] [ 1027.455710][T18554] dump_stack_lvl+0x151/0x1c0 [ 1027.460226][T18554] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1027.465693][T18554] dump_stack+0x15/0x20 [ 1027.469684][T18554] should_fail+0x3c6/0x510 [ 1027.473937][T18554] should_fail_usercopy+0x1a/0x20 [ 1027.478796][T18554] strncpy_from_user+0x24/0x2d0 [ 1027.483482][T18554] ? kmem_cache_alloc+0xf5/0x200 [ 1027.488260][T18554] getname_flags+0xf2/0x520 [ 1027.492683][T18554] getname+0x19/0x20 [ 1027.496417][T18554] do_sys_openat2+0xd7/0x830 [ 1027.500844][T18554] ? do_sys_open+0x220/0x220 [ 1027.505268][T18554] ? bpf_probe_read_compat+0x131/0x180 [ 1027.510563][T18554] ? __kasan_check_read+0x11/0x20 [ 1027.515421][T18554] ? preempt_schedule_notrace+0x11b/0x140 [ 1027.520980][T18554] __x64_sys_openat+0x243/0x290 [ 1027.525663][T18554] ? __ia32_sys_open+0x270/0x270 [ 1027.530439][T18554] ? preempt_schedule_notrace_thunk+0x16/0x18 [ 1027.536339][T18554] ? bpf_probe_read_compat+0x127/0x180 [ 1027.541633][T18554] x64_sys_call+0x6bf/0x9a0 [ 1027.545978][T18554] do_syscall_64+0x3b/0xb0 [ 1027.550226][T18554] ? clear_bhb_loop+0x35/0x90 [ 1027.554739][T18554] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1027.560472][T18554] RIP: 0033:0x7f0155c4aeb9 [ 1027.564720][T18554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1027.585898][T18554] RSP: 002b:00007f0154883038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1027.594140][T18554] RAX: ffffffffffffffda RBX: 00007f0155e04130 RCX: 00007f0155c4aeb9 [ 1027.601952][T18554] RDX: 00000000000026e1 RSI: 0000000020000240 RDI: ffffffffffffff9c [ 1027.609794][T18554] RBP: 00007f0154883090 R08: 0000000000000000 R09: 0000000000000000 [ 1027.617585][T18554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1027.625389][T18554] R13: 0000000000000000 R14: 00007f0155e04130 R15: 00007ffdde780e78 [ 1027.633212][T18554] [ 1027.700978][T16665] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1027.708724][T16665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1027.723896][T16665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1027.732062][T16665] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1027.740469][T16665] bridge0: port 1(bridge_slave_0) entered blocking state [ 1027.747311][T16665] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1027.754742][T16665] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1027.762940][T16665] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1027.771013][T16665] bridge0: port 2(bridge_slave_1) entered blocking state [ 1027.777942][T16665] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1027.785146][ T60] usb 3-1: new high-speed USB device number 72 using dummy_hcd [ 1027.792675][T16665] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1027.800545][T16665] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1027.808579][T16665] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1027.824754][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1027.835853][T18525] device veth0_vlan entered promiscuous mode [ 1027.843482][T16665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1027.852022][T16665] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1027.859913][T16665] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1027.875149][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1027.885713][T18525] device veth1_macvtap entered promiscuous mode [ 1027.897584][ T690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1027.911912][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1027.926738][T18557] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=18557 comm=syz.3.5059 [ 1028.689280][ T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1028.689347][ T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1028.909195][ T60] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 1029.013335][ T1234] usb 2-1: new high-speed USB device number 69 using dummy_hcd [ 1029.031952][ T60] usb 3-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 1029.040131][ T60] usb 3-1: Product: syz [ 1029.062731][T18582] loop4: detected capacity change from 0 to 256 [ 1029.069889][ T60] usb 3-1: config 0 descriptor?? [ 1029.167305][T18593] loop3: detected capacity change from 0 to 512 [ 1029.213645][T18593] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 1029.230601][T18593] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 1029.328235][ T1234] usb 2-1: Using ep0 maxpacket: 16 [ 1029.493500][T18593] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz.3.5069: corrupted in-inode xattr [ 1029.509475][T18593] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.5069: couldn't read orphan inode 15 (err -117) [ 1029.534846][T18593] EXT4-fs (loop3): mounted filesystem without journal. Opts: noload,mblk_io_submit,user_xattr,auto_da_alloc,block_validity,quota,,errors=continue. Quota mode: writeback. [ 1029.568432][ T1234] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1029.582422][T12961] device bridge_slave_1 left promiscuous mode [ 1029.590981][T12961] bridge0: port 2(bridge_slave_1) entered disabled state [ 1029.600447][ T1234] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1029.610610][T12961] device bridge_slave_0 left promiscuous mode [ 1029.614159][ T1234] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1029.621580][T12961] bridge0: port 1(bridge_slave_0) entered disabled state [ 1029.629604][ T1234] usb 2-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00 [ 1029.644913][ T1234] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1029.653212][T12961] device veth1_macvtap left promiscuous mode [ 1029.660865][T12961] device veth0_vlan left promiscuous mode [ 1029.708213][ T1234] usb 2-1: config 0 descriptor?? [ 1029.827625][T18602] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5069'. [ 1030.722468][ T1234] ryos 0003:1E7D:31CE.0073: ignoring exceeding usage max [ 1030.744273][T18613] loop3: detected capacity change from 0 to 256 [ 1030.751516][ T1234] ryos 0003:1E7D:31CE.0073: ignoring exceeding usage max [ 1030.759386][ T1234] ryos 0003:1E7D:31CE.0073: usage index exceeded [ 1030.765538][ T1234] ryos 0003:1E7D:31CE.0073: item 0 0 2 2 parsing failed [ 1030.841463][T18615] FAULT_INJECTION: forcing a failure. [ 1030.841463][T18615] name failslab, interval 1, probability 0, space 0, times 0 [ 1030.853957][T18615] CPU: 1 PID: 18615 Comm: syz.0.5071 Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1030.863694][T18615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1030.873675][T18615] Call Trace: [ 1030.876885][T18615] [ 1030.879667][T18615] dump_stack_lvl+0x151/0x1c0 [ 1030.884177][T18615] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1030.889644][T18615] ? __kasan_check_read+0x11/0x20 [ 1030.894502][T18615] ? preempt_schedule_irq+0xe7/0x140 [ 1030.899634][T18615] ? __cond_resched+0x20/0x20 [ 1030.904138][T18615] ? kernel_clone+0x21e/0x9e0 [ 1030.908651][T18615] dump_stack+0x15/0x20 [ 1030.912646][T18615] should_fail+0x3c6/0x510 [ 1030.916898][T18615] __should_failslab+0xa4/0xe0 [ 1030.921497][T18615] should_failslab+0x9/0x20 [ 1030.925859][T18615] slab_pre_alloc_hook+0x37/0xd0 [ 1030.930618][T18615] kmem_cache_alloc_trace+0x48/0x210 [ 1030.935732][T18615] ? __get_vm_area_node+0x117/0x360 [ 1030.940769][T18615] __get_vm_area_node+0x117/0x360 [ 1030.945627][T18615] __vmalloc_node_range+0xe2/0x8d0 [ 1030.950574][T18615] ? copy_process+0x5c4/0x3290 [ 1030.955269][T18615] ? slab_post_alloc_hook+0x72/0x2c0 [ 1030.960386][T18615] ? dup_task_struct+0x53/0xc60 [ 1030.965075][T18615] dup_task_struct+0x416/0xc60 [ 1030.969669][T18615] ? copy_process+0x5c4/0x3290 [ 1030.974357][T18615] copy_process+0x5c4/0x3290 [ 1030.978782][T18615] ? __kasan_check_write+0x14/0x20 [ 1030.983727][T18615] ? push_rt_task+0x46e/0x5c0 [ 1030.988242][T18615] ? _raw_spin_unlock+0x4d/0x70 [ 1030.993015][T18615] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1030.997965][T18615] ? __schedule+0xcd4/0x1590 [ 1031.002391][T18615] kernel_clone+0x21e/0x9e0 [ 1031.006728][T18615] ? release_firmware_map_entry+0x190/0x190 [ 1031.012456][T18615] ? __kasan_check_write+0x14/0x20 [ 1031.016892][T18606] loop4: detected capacity change from 0 to 40427 [ 1031.017401][T18615] ? create_io_thread+0x1e0/0x1e0 [ 1031.028607][T18615] ? __kasan_check_read+0x11/0x20 [ 1031.033456][T18615] ? preempt_schedule_irq+0xe7/0x140 [ 1031.038578][T18615] __x64_sys_clone+0x23f/0x290 [ 1031.043182][T18615] ? __do_sys_vfork+0x130/0x130 [ 1031.047865][T18615] ? irqentry_exit_cond_resched+0x2a/0x30 [ 1031.053425][T18615] x64_sys_call+0x1b0/0x9a0 [ 1031.057760][T18615] do_syscall_64+0x3b/0xb0 [ 1031.062012][T18615] ? clear_bhb_loop+0x35/0x90 [ 1031.066527][T18615] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1031.072254][T18615] RIP: 0033:0x7fcc1205ceb9 [ 1031.076508][T18615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1031.096121][T18615] RSP: 002b:00007fcc10c94fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1031.104359][T18615] RAX: ffffffffffffffda RBX: 00007fcc12216130 RCX: 00007fcc1205ceb9 [ 1031.112169][T18615] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000630c0600 [ 1031.119979][T18615] RBP: 00007fcc10c95090 R08: 0000000000000000 R09: 0000000000000000 [ 1031.127791][T18615] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 1031.135614][T18615] R13: 0000000000000000 R14: 00007fcc12216130 R15: 00007ffe27dff758 [ 1031.143419][T18615] [ 1031.146527][T18615] syz.0.5071: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0 [ 1031.149292][ T1234] ryos 0003:1E7D:31CE.0073: parse failed [ 1031.161396][T18615] CPU: 0 PID: 18615 Comm: syz.0.5071 Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1031.167077][ T1234] ryos: probe of 0003:1E7D:31CE.0073 failed with error -22 [ 1031.176588][T18615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1031.176604][T18615] Call Trace: [ 1031.176610][T18615] [ 1031.176619][T18615] dump_stack_lvl+0x151/0x1c0 [ 1031.176643][T18615] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1031.209394][T18615] ? pr_cont_kernfs_name+0xf0/0x100 [ 1031.214426][T18615] dump_stack+0x15/0x20 [ 1031.218418][T18615] warn_alloc+0x21a/0x390 [ 1031.222583][T18615] ? should_failslab+0x9/0x20 [ 1031.227099][T18615] ? zone_watermark_ok_safe+0x270/0x270 [ 1031.232483][T18615] ? __get_vm_area_node+0x347/0x360 [ 1031.237514][T18615] __vmalloc_node_range+0x2c1/0x8d0 [ 1031.242547][T18615] ? slab_post_alloc_hook+0x72/0x2c0 [ 1031.247668][T18615] ? dup_task_struct+0x53/0xc60 [ 1031.252355][T18615] dup_task_struct+0x416/0xc60 [ 1031.256956][T18615] ? copy_process+0x5c4/0x3290 [ 1031.261556][T18615] copy_process+0x5c4/0x3290 [ 1031.265983][T18615] ? __kasan_check_write+0x14/0x20 [ 1031.270934][T18615] ? push_rt_task+0x46e/0x5c0 [ 1031.275442][T18615] ? _raw_spin_unlock+0x4d/0x70 [ 1031.280130][T18615] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1031.285077][T18615] ? __schedule+0xcd4/0x1590 [ 1031.289504][T18615] kernel_clone+0x21e/0x9e0 [ 1031.293841][T18615] ? release_firmware_map_entry+0x190/0x190 [ 1031.299576][T18615] ? __kasan_check_write+0x14/0x20 [ 1031.304532][T18615] ? create_io_thread+0x1e0/0x1e0 [ 1031.309380][T18615] ? __kasan_check_read+0x11/0x20 [ 1031.314238][T18615] ? preempt_schedule_irq+0xe7/0x140 [ 1031.319360][T18615] __x64_sys_clone+0x23f/0x290 [ 1031.323958][T18615] ? __do_sys_vfork+0x130/0x130 [ 1031.328647][T18615] ? irqentry_exit_cond_resched+0x2a/0x30 [ 1031.334205][T18615] x64_sys_call+0x1b0/0x9a0 [ 1031.338576][T18615] do_syscall_64+0x3b/0xb0 [ 1031.342791][T18615] ? clear_bhb_loop+0x35/0x90 [ 1031.347308][T18615] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1031.353035][T18615] RIP: 0033:0x7fcc1205ceb9 [ 1031.357290][T18615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1031.376734][T18615] RSP: 002b:00007fcc10c94fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1031.385407][T18615] RAX: ffffffffffffffda RBX: 00007fcc12216130 RCX: 00007fcc1205ceb9 [ 1031.393220][T18615] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000630c0600 [ 1031.401122][T18615] RBP: 00007fcc10c95090 R08: 0000000000000000 R09: 0000000000000000 [ 1031.408932][T18615] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 1031.416827][T18615] R13: 0000000000000000 R14: 00007fcc12216130 R15: 00007ffe27dff758 [ 1031.424645][T18615] [ 1031.427698][T18615] Mem-Info: [ 1031.430784][T18615] active_anon:99 inactive_anon:14128 isolated_anon:0 [ 1031.430784][T18615] active_file:23716 inactive_file:5150 isolated_file:0 [ 1031.430784][T18615] unevictable:0 dirty:418 writeback:0 [ 1031.430784][T18615] slab_reclaimable:9056 slab_unreclaimable:73455 [ 1031.430784][T18615] mapped:28001 shmem:10982 pagetables:568 bounce:0 [ 1031.430784][T18615] kernel_misc_reclaimable:0 [ 1031.430784][T18615] free:1540877 free_pcp:17474 free_cma:0 [ 1031.472433][T18615] Node 0 active_anon:396kB inactive_anon:56512kB active_file:94864kB inactive_file:20600kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:112004kB dirty:1672kB writeback:0kB shmem:43928kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:4864kB pagetables:2272kB all_unreclaimable? no [ 1031.472557][ T1234] usb 2-1: USB disconnect, device number 69 [ 1031.503078][T18615] DMA32 free:2974676kB min:62568kB low:78208kB high:93848kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2978988kB mlocked:0kB bounce:0kB free_pcp:4312kB local_pcp:4312kB free_cma:0kB [ 1031.503127][T18615] lowmem_reserve[]: 0 3941 3941 [ 1031.503146][T18615] Normal free:3188832kB min:84884kB low:106104kB high:127324kB reserved_highatomic:0KB active_anon:396kB inactive_anon:56512kB active_file:94864kB inactive_file:20600kB unevictable:0kB writepending:1672kB present:5242880kB managed:4035584kB mlocked:0kB bounce:0kB free_pcp:65580kB local_pcp:32380kB free_cma:0kB [ 1031.503188][T18615] lowmem_reserve[]: 0 0 0 [ 1031.503204][T18615] DMA32: 3*4kB (M) 1*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (UM) 3*2048kB (UM) 723*4096kB (M) = 2974676kB [ 1031.589184][T18615] Normal: 316*4kB (UME) 100*8kB (UME) 1511*16kB (UME) 1139*32kB (UME) 208*64kB (UME) 149*128kB (UME) 125*256kB (UME) 56*512kB (UME) 28*1024kB (UME) 9*2048kB (UME) 729*4096kB (UM) = 3188832kB [ 1031.607799][T18615] 39843 total pagecache pages [ 1031.608864][T18613] FAT-fs (loop3): Unrecognized mount option "errors=re-ro" or missing value [ 1031.612415][T18615] 0 pages in swap cache [ 1031.623340][T18606] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1031.624776][T18615] Swap cache stats: add 1427, delete 1427, find 515/515 [ 1031.624791][T18615] Free swap = 124192kB [ 1031.643268][T18615] Total swap = 124996kB [ 1031.647262][T18615] 2097051 pages RAM [ 1031.650957][T18615] 0 pages HighMem/MovableOnly [ 1031.655418][T18615] 343408 pages reserved [ 1031.655947][T18606] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1031.659436][T18615] 0 pages cma reserved [ 1031.677611][T18606] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1031.731578][T18606] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1031.738553][T18606] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1031.748247][ T60] usbhid 3-1:0.0: can't add hid device: -71 [ 1031.754021][ T60] usbhid: probe of 3-1:0.0 failed with error -71 [ 1031.797277][ T60] usb 3-1: USB disconnect, device number 72 [ 1031.844746][T18613] loop3: detected capacity change from 0 to 1024 [ 1031.851528][ T30] kauditd_printk_skb: 11 callbacks suppressed [ 1031.851543][ T30] audit: type=1400 audit(1725426966.666:1293): avc: denied { accept } for pid=18629 comm="syz.0.5075" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 1031.987402][T18636] loop2: detected capacity change from 0 to 16 [ 1031.997273][T18613] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1032.007777][T18613] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038 (0x7fffffff) [ 1032.073747][T18638] FAULT_INJECTION: forcing a failure. [ 1032.073747][T18638] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1032.086737][T18638] CPU: 1 PID: 18638 Comm: syz.0.5076 Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1032.096599][T18638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1032.106515][T18638] Call Trace: [ 1032.109634][T18638] [ 1032.112411][T18638] dump_stack_lvl+0x151/0x1c0 [ 1032.116923][T18638] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1032.122396][T18638] dump_stack+0x15/0x20 [ 1032.126384][T18638] should_fail+0x3c6/0x510 [ 1032.130638][T18638] should_fail_usercopy+0x1a/0x20 [ 1032.135497][T18638] _copy_from_user+0x20/0xd0 [ 1032.139927][T18638] __se_sys_memfd_create+0x131/0x3e0 [ 1032.145049][T18638] __x64_sys_memfd_create+0x5b/0x70 [ 1032.150079][T18638] x64_sys_call+0x871/0x9a0 [ 1032.154419][T18638] do_syscall_64+0x3b/0xb0 [ 1032.158672][T18638] ? clear_bhb_loop+0x35/0x90 [ 1032.163182][T18638] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1032.168909][T18638] RIP: 0033:0x7fcc1205ceb9 [ 1032.173163][T18638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1032.192607][T18638] RSP: 002b:00007fcc10c94e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 1032.200854][T18638] RAX: ffffffffffffffda RBX: 00000000000001f6 RCX: 00007fcc1205ceb9 [ 1032.208661][T18638] RDX: 00007fcc10c94ef0 RSI: 0000000000000000 RDI: 00007fcc120cf7b1 [ 1032.216477][T18638] RBP: 0000000020000600 R08: 00007fcc10c94bb7 R09: 00007fcc10c94e40 [ 1032.224284][T18638] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000140 [ 1032.232095][T18638] R13: 00007fcc10c94ef0 R14: 00007fcc10c94eb0 R15: 0000000020000840 [ 1032.239915][T18638] [ 1032.246476][ T743] usb 5-1: new high-speed USB device number 62 using dummy_hcd [ 1032.268745][T18636] erofs: (device loop2): mounted with root inode @ nid 36. [ 1032.336173][T18642] FAULT_INJECTION: forcing a failure. [ 1032.336173][T18642] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1032.349298][T18642] CPU: 0 PID: 18642 Comm: syz.3.5077 Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1032.359092][T18642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1032.368986][T18642] Call Trace: [ 1032.372111][T18642] [ 1032.374889][T18642] dump_stack_lvl+0x151/0x1c0 [ 1032.379401][T18642] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1032.384869][T18642] dump_stack+0x15/0x20 [ 1032.388863][T18642] should_fail+0x3c6/0x510 [ 1032.393227][T18642] should_fail_usercopy+0x1a/0x20 [ 1032.398080][T18642] _copy_from_user+0x20/0xd0 [ 1032.402515][T18642] strndup_user+0xb3/0x150 [ 1032.406766][T18642] __se_sys_mount+0x9b/0x3b0 [ 1032.411188][T18642] ? __x64_sys_mount+0xd0/0xd0 [ 1032.415786][T18642] ? debug_smp_processor_id+0x17/0x20 [ 1032.420996][T18642] __x64_sys_mount+0xbf/0xd0 [ 1032.425422][T18642] x64_sys_call+0x49d/0x9a0 [ 1032.429763][T18642] do_syscall_64+0x3b/0xb0 [ 1032.434027][T18642] ? clear_bhb_loop+0x35/0x90 [ 1032.438531][T18642] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1032.444258][T18642] RIP: 0033:0x7f94c3eedeb9 [ 1032.448509][T18642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1032.467951][T18642] RSP: 002b:00007f94c2b68038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1032.476195][T18642] RAX: ffffffffffffffda RBX: 00007f94c40a6f80 RCX: 00007f94c3eedeb9 [ 1032.484005][T18642] RDX: 0000000020000240 RSI: 0000000020000040 RDI: 0000000000000000 [ 1032.491818][T18642] RBP: 00007f94c2b68090 R08: 0000000020000580 R09: 0000000000000000 [ 1032.499630][T18642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1032.507445][T18642] R13: 0000000000000000 R14: 00007f94c40a6f80 R15: 00007fff14bcb898 [ 1032.515259][T18642] [ 1033.313549][ T743] usb 5-1: device descriptor read/64, error -71 [ 1033.477371][ T30] audit: type=1326 audit(1725426968.266:1294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18659 comm="syz.4.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92ee79feb9 code=0x7ffc0000 [ 1033.521560][ T30] audit: type=1326 audit(1725426968.266:1295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18659 comm="syz.4.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92ee79feb9 code=0x7ffc0000 [ 1033.546110][ T30] audit: type=1326 audit(1725426968.266:1296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18659 comm="syz.4.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92ee79feb9 code=0x7ffc0000 [ 1033.624991][ T30] audit: type=1326 audit(1725426968.266:1297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18659 comm="syz.4.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92ee79feb9 code=0x7ffc0000 [ 1033.649303][ T30] audit: type=1326 audit(1725426968.266:1298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18659 comm="syz.4.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92ee79feb9 code=0x7ffc0000 [ 1033.672849][ T30] audit: type=1326 audit(1725426968.266:1299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18659 comm="syz.4.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92ee79feb9 code=0x7ffc0000 [ 1033.678097][T18206] usb 2-1: new high-speed USB device number 70 using dummy_hcd [ 1033.696690][ T30] audit: type=1326 audit(1725426968.266:1300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18659 comm="syz.4.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92ee79feb9 code=0x7ffc0000 [ 1033.727881][ T30] audit: type=1326 audit(1725426968.266:1301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18659 comm="syz.4.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92ee79feb9 code=0x7ffc0000 [ 1033.753245][ T30] audit: type=1326 audit(1725426968.266:1302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18659 comm="syz.4.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92ee79feb9 code=0x7ffc0000 [ 1033.938086][ T743] usb 5-1: device descriptor read/64, error -71 [ 1034.018068][T18206] usb 2-1: Using ep0 maxpacket: 16 [ 1034.098078][ T26] usb 3-1: new high-speed USB device number 73 using dummy_hcd [ 1034.138292][T18206] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1034.149304][T18206] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1034.208162][ T743] usb 5-1: new high-speed USB device number 63 using dummy_hcd [ 1034.215606][ T6112] usb 1-1: new high-speed USB device number 87 using dummy_hcd [ 1034.308101][T18206] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 1034.317011][T18206] usb 2-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0 [ 1034.325141][T18206] usb 2-1: Product: syz [ 1034.329134][T18206] usb 2-1: Manufacturer: syz [ 1034.334171][T18206] usb 2-1: config 0 descriptor?? [ 1034.458083][ T743] usb 5-1: Using ep0 maxpacket: 32 [ 1034.458112][ T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1034.473883][ T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1034.558146][ T26] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 1034.567036][ T26] usb 3-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 1034.574998][ T26] usb 3-1: Product: syz [ 1034.581807][ T26] usb 3-1: config 0 descriptor?? [ 1034.588136][ T6112] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1034.599308][ T743] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1034.610170][ T6112] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1034.619746][ T743] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1034.629322][ T6112] usb 1-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 1034.638151][ T743] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1034.647190][ T743] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1034.655066][ T6112] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1034.663432][ T6112] usb 1-1: config 0 descriptor?? [ 1034.668763][ T743] usb 5-1: config 0 descriptor?? [ 1034.818991][T18206] kovaplus 0003:1E7D:2D50.0074: unknown main item tag 0xd [ 1034.826648][T18206] kovaplus 0003:1E7D:2D50.0074: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.1-1/input0 [ 1034.910572][T18672] overlayfs: missing 'lowerdir' [ 1035.038090][ T6112] usbhid 1-1:0.0: can't add hid device: -71 [ 1035.043982][ T6112] usbhid: probe of 1-1:0.0 failed with error -71 [ 1035.052426][ T6112] usb 1-1: USB disconnect, device number 87 [ 1035.140322][ T743] savu 0003:1E7D:2D5A.0075: hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0 [ 1035.530794][ T1234] usb 5-1: USB disconnect, device number 63 [ 1035.778032][ T60] usb 1-1: new high-speed USB device number 88 using dummy_hcd [ 1035.812763][T18680] loop3: detected capacity change from 0 to 40427 [ 1035.898088][T18206] kovaplus 0003:1E7D:2D50.0074: couldn't init struct kovaplus_device [ 1035.906089][T18206] kovaplus 0003:1E7D:2D50.0074: couldn't install mouse [ 1035.919505][T18206] kovaplus: probe of 0003:1E7D:2D50.0074 failed with error -71 [ 1035.926329][T18680] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1035.938233][T18206] usb 2-1: USB disconnect, device number 70 [ 1035.959458][T18680] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1036.050138][ T60] usb 1-1: Using ep0 maxpacket: 32 [ 1036.228477][ T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1036.239727][ T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1036.251819][ T60] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1036.261082][ T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1036.277921][ T60] usb 1-1: config 0 descriptor?? [ 1036.318677][ T60] hub 1-1:0.0: USB hub found [ 1036.408034][ T743] usb 5-1: new high-speed USB device number 64 using dummy_hcd [ 1036.538057][ T60] hub 1-1:0.0: 1 port detected [ 1036.577593][T18474] F2FS-fs (loop3): Inconsistent error blkaddr:5633, sit bitmap:0 [ 1036.585262][T18474] CPU: 1 PID: 18474 Comm: syz-executor Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1036.595214][T18474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1036.605112][T18474] Call Trace: [ 1036.608232][T18474] [ 1036.611010][T18474] dump_stack_lvl+0x151/0x1c0 [ 1036.615524][T18474] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1036.620990][T18474] ? arch_stack_walk+0xf3/0x140 [ 1036.625677][T18474] dump_stack+0x15/0x20 [ 1036.629670][T18474] f2fs_is_valid_blkaddr+0xc87/0x12d0 [ 1036.634878][T18474] f2fs_map_blocks+0x1622/0x3ab0 [ 1036.639652][T18474] ? __stack_depot_save+0x34/0x470 [ 1036.644602][T18474] ? f2fs_do_map_lock+0x70/0x70 [ 1036.649301][T18474] ? debug_smp_processor_id+0x17/0x20 [ 1036.654491][T18474] ? try_charge_memcg+0x213/0x1550 [ 1036.659439][T18474] f2fs_mpage_readpages+0xc9a/0x21a0 [ 1036.664569][T18474] ? dquot_release_reservation_block+0xa0/0xa0 [ 1036.670635][T18474] ? workingset_activation+0x3f0/0x3f0 [ 1036.675939][T18474] f2fs_readahead+0xfd/0x250 [ 1036.680358][T18474] ? blk_start_plug+0x5a/0x170 [ 1036.684958][T18474] read_pages+0x15e/0xb00 [ 1036.689125][T18474] ? lru_cache_add+0x279/0x540 [ 1036.693724][T18474] ? page_cache_ra_unbounded+0x920/0x920 [ 1036.699190][T18474] ? add_to_page_cache_lru+0x225/0x2c0 [ 1036.704485][T18474] ? add_to_page_cache_locked+0x40/0x40 [ 1036.709865][T18474] ? __stack_depot_save+0x34/0x470 [ 1036.714817][T18474] page_cache_ra_unbounded+0x6cb/0x920 [ 1036.720199][T18474] ? read_cache_pages_invalidate_pages+0x1c0/0x1c0 [ 1036.726532][T18474] ? _raw_spin_unlock+0x4d/0x70 [ 1036.731219][T18474] ondemand_readahead+0x9c8/0xfa0 [ 1036.736076][T18474] ? do_wp_page+0x979/0xb60 [ 1036.738059][ T743] usb 5-1: Using ep0 maxpacket: 16 [ 1036.740420][T18474] ? page_cache_sync_ra+0x4d0/0x4d0 [ 1036.740442][T18474] ? debug_smp_processor_id+0x17/0x20 [ 1036.755609][T18474] ? kasan_quarantine_put+0x34/0x1a0 [ 1036.760728][T18474] ? selinux_inode_getattr+0x11f/0x3f0 [ 1036.766023][T18474] ? fault_around_bytes_set+0xc0/0xc0 [ 1036.771230][T18474] page_cache_sync_ra+0x2e9/0x4d0 [ 1036.776091][T18474] ? force_page_cache_ra+0x420/0x420 [ 1036.781213][T18474] ? do_handle_mm_fault+0x1807/0x2400 [ 1036.786419][T18474] f2fs_readdir+0x52d/0xba0 [ 1036.790761][T18474] ? f2fs_fill_dentries+0xd60/0xd60 [ 1036.795800][T18474] ? avc_policy_seqno+0x1b/0x70 [ 1036.800478][T18474] ? __kasan_check_read+0x11/0x20 [ 1036.805339][T18474] ? security_file_permission+0x86/0xb0 [ 1036.810746][T18474] iterate_dir+0x265/0x610 [ 1036.814974][T18474] ? f2fs_fill_dentries+0xd60/0xd60 [ 1036.820009][T18474] __se_sys_getdents64+0x1c1/0x460 [ 1036.824956][T18474] ? __x64_sys_getdents64+0x90/0x90 [ 1036.829990][T18474] ? filldir+0x680/0x680 [ 1036.834070][T18474] __x64_sys_getdents64+0x7b/0x90 [ 1036.838931][T18474] x64_sys_call+0x5ae/0x9a0 [ 1036.843267][T18474] do_syscall_64+0x3b/0xb0 [ 1036.847520][T18474] ? clear_bhb_loop+0x35/0x90 [ 1036.852041][T18474] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1036.857853][T18474] RIP: 0033:0x7f94c3f20053 [ 1036.862104][T18474] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8 [ 1036.881550][T18474] RSP: 002b:00007fff14bc9a08 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 1036.889799][T18474] RAX: ffffffffffffffda RBX: 00005555559a84e0 RCX: 00007f94c3f20053 [ 1036.897607][T18474] RDX: 0000000000008000 RSI: 00005555559a84e0 RDI: 0000000000000005 [ 1036.905426][T18474] RBP: 00005555559a84b4 R08: 0000000000000000 R09: 0000000000000000 [ 1036.913231][T18474] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8 [ 1036.921123][T18474] R13: 0000000000000010 R14: 00005555559a84b0 R15: 00007fff14bcbcb0 [ 1036.928936][T18474] [ 1036.951999][T18474] F2FS-fs (loop3): Inconsistent error blkaddr:5633, sit bitmap:0 [ 1036.960552][T18474] CPU: 1 PID: 18474 Comm: syz-executor Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1036.970523][T18474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1036.980504][T18474] Call Trace: [ 1036.983626][T18474] [ 1036.986408][T18474] dump_stack_lvl+0x151/0x1c0 [ 1036.990917][T18474] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1036.996387][T18474] dump_stack+0x15/0x20 [ 1037.000378][T18474] f2fs_is_valid_blkaddr+0xc87/0x12d0 [ 1037.005588][T18474] f2fs_get_read_data_page+0x50f/0x850 [ 1037.010882][T18474] ? f2fs_get_block+0x1b0/0x1b0 [ 1037.015568][T18474] ? force_page_cache_ra+0x420/0x420 [ 1037.020692][T18474] f2fs_find_data_page+0x19c/0x420 [ 1037.025635][T18474] f2fs_readdir+0x53a/0xba0 [ 1037.029977][T18474] ? f2fs_fill_dentries+0xd60/0xd60 [ 1037.035009][T18474] ? avc_policy_seqno+0x1b/0x70 [ 1037.039695][T18474] ? __kasan_check_read+0x11/0x20 [ 1037.044556][T18474] ? security_file_permission+0x86/0xb0 [ 1037.049939][T18474] iterate_dir+0x265/0x610 [ 1037.054192][T18474] ? f2fs_fill_dentries+0xd60/0xd60 [ 1037.059225][T18474] __se_sys_getdents64+0x1c1/0x460 [ 1037.064171][T18474] ? __x64_sys_getdents64+0x90/0x90 [ 1037.069203][T18474] ? filldir+0x680/0x680 [ 1037.073285][T18474] __x64_sys_getdents64+0x7b/0x90 [ 1037.078145][T18474] x64_sys_call+0x5ae/0x9a0 [ 1037.082483][T18474] do_syscall_64+0x3b/0xb0 [ 1037.086737][T18474] ? clear_bhb_loop+0x35/0x90 [ 1037.091251][T18474] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1037.096979][T18474] RIP: 0033:0x7f94c3f20053 [ 1037.101231][T18474] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8 [ 1037.120676][T18474] RSP: 002b:00007fff14bc9a08 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 1037.128918][T18474] RAX: ffffffffffffffda RBX: 00005555559a84e0 RCX: 00007f94c3f20053 [ 1037.136729][T18474] RDX: 0000000000008000 RSI: 00005555559a84e0 RDI: 0000000000000005 [ 1037.144541][T18474] RBP: 00005555559a84b4 R08: 0000000000000000 R09: 0000000000000000 [ 1037.152353][T18474] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8 [ 1037.160168][T18474] R13: 0000000000000010 R14: 00005555559a84b0 R15: 00007fff14bcbcb0 [ 1037.167978][T18474] [ 1037.188103][ T26] usbhid 3-1:0.0: can't add hid device: -71 [ 1037.193966][ T26] usbhid: probe of 3-1:0.0 failed with error -71 [ 1037.205846][ T8] attempt to access beyond end of device [ 1037.205846][ T8] loop3: rw=2049, want=41000, limit=40427 [ 1037.218598][ T26] usb 3-1: USB disconnect, device number 73 [ 1037.298092][ T743] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1037.307825][ T743] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1037.316237][ T743] usb 5-1: Product: syz [ 1037.320509][ T30] kauditd_printk_skb: 42 callbacks suppressed [ 1037.320523][ T30] audit: type=1326 audit(1725426972.126:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18699 comm="syz.1.5095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0155c4aeb9 code=0x7ffc0000 [ 1037.350333][ T743] usb 5-1: Manufacturer: syz [ 1037.355026][ T743] usb 5-1: SerialNumber: syz [ 1037.358416][ T30] audit: type=1326 audit(1725426972.126:1346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18699 comm="syz.1.5095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0155c4aeb9 code=0x7ffc0000 [ 1037.383237][ T743] r8152-cfgselector 5-1: config 0 descriptor?? [ 1037.389367][ T30] audit: type=1326 audit(1725426972.126:1347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18699 comm="syz.1.5095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0155c4aeb9 code=0x7ffc0000 [ 1037.413188][ T30] audit: type=1326 audit(1725426972.126:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18699 comm="syz.1.5095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0155c4aeb9 code=0x7ffc0000 [ 1037.437358][ T30] audit: type=1326 audit(1725426972.126:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18699 comm="syz.1.5095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0155c4aeb9 code=0x7ffc0000 [ 1037.461728][ T30] audit: type=1326 audit(1725426972.126:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18699 comm="syz.1.5095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0155c4aeb9 code=0x7ffc0000 [ 1037.485340][ T30] audit: type=1326 audit(1725426972.126:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18699 comm="syz.1.5095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0155c4aeb9 code=0x7ffc0000 [ 1037.508860][ T30] audit: type=1326 audit(1725426972.126:1352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18699 comm="syz.1.5095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0155c4aeb9 code=0x7ffc0000 [ 1037.532405][ T30] audit: type=1326 audit(1725426972.126:1353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18699 comm="syz.1.5095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0155c4aeb9 code=0x7ffc0000 [ 1037.555823][ T30] audit: type=1326 audit(1725426972.126:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18699 comm="syz.1.5095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0155c4aeb9 code=0x7ffc0000 [ 1037.588006][ T26] usb 3-1: new low-speed USB device number 74 using dummy_hcd [ 1037.596437][T18702] bridge0: port 1(bridge_slave_0) entered blocking state [ 1037.603428][T18702] bridge0: port 1(bridge_slave_0) entered disabled state [ 1037.610979][T18702] device bridge_slave_0 entered promiscuous mode [ 1037.617778][T18702] bridge0: port 2(bridge_slave_1) entered blocking state [ 1037.624839][ T1234] usb 2-1: new high-speed USB device number 71 using dummy_hcd [ 1037.628003][T18702] bridge0: port 2(bridge_slave_1) entered disabled state [ 1037.639620][T18702] device bridge_slave_1 entered promiscuous mode [ 1037.679121][T18686] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5090'. [ 1037.688354][T18686] FAULT_INJECTION: forcing a failure. [ 1037.688354][T18686] name failslab, interval 1, probability 0, space 0, times 0 [ 1037.700904][T18686] CPU: 1 PID: 18686 Comm: syz.4.5090 Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1037.710691][T18686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1037.720584][T18686] Call Trace: [ 1037.723708][T18686] [ 1037.726497][T18686] dump_stack_lvl+0x151/0x1c0 [ 1037.731015][T18686] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1037.736466][T18686] dump_stack+0x15/0x20 [ 1037.740457][T18686] should_fail+0x3c6/0x510 [ 1037.744713][T18686] __should_failslab+0xa4/0xe0 [ 1037.749310][T18686] ? dup_fd+0x72/0xb00 [ 1037.753228][T18686] should_failslab+0x9/0x20 [ 1037.757559][T18686] slab_pre_alloc_hook+0x37/0xd0 [ 1037.762332][T18686] ? dup_fd+0x72/0xb00 [ 1037.766236][T18686] kmem_cache_alloc+0x44/0x200 [ 1037.770843][T18686] dup_fd+0x72/0xb00 [ 1037.774569][T18686] ? lockref_get+0xb4/0x110 [ 1037.778908][T18686] ? _raw_spin_unlock+0x4d/0x70 [ 1037.783596][T18686] ksys_unshare+0x4a0/0xa00 [ 1037.787936][T18686] ? unshare_fd+0x240/0x240 [ 1037.792274][T18686] ? debug_smp_processor_id+0x17/0x20 [ 1037.797569][T18686] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1037.803471][T18686] __x64_sys_unshare+0x38/0x40 [ 1037.808069][T18686] x64_sys_call+0x728/0x9a0 [ 1037.812408][T18686] do_syscall_64+0x3b/0xb0 [ 1037.816660][T18686] ? clear_bhb_loop+0x35/0x90 [ 1037.821177][T18686] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1037.826903][T18686] RIP: 0033:0x7f92ee79feb9 [ 1037.831157][T18686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1037.850602][T18686] RSP: 002b:00007f92ed41a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1037.858848][T18686] RAX: ffffffffffffffda RBX: 00007f92ee958f80 RCX: 00007f92ee79feb9 [ 1037.866827][T18686] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044000680 [ 1037.874646][T18686] RBP: 00007f92ed41a090 R08: 0000000000000000 R09: 0000000000000000 [ 1037.882454][T18686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1037.890261][T18686] R13: 0000000000000000 R14: 00007f92ee958f80 R15: 00007ffce3364248 [ 1037.898084][T18686] [ 1037.908050][ T743] r8152-cfgselector 5-1: Unknown version 0x0000 [ 1037.929297][ T743] r8152-cfgselector 5-1: Unknown version 0x0000 [ 1037.935844][ T743] r8152-cfgselector 5-1: bad CDC descriptors [ 1037.938031][ T60] hub 1-1:0.0: hub_hub_status failed (err = -32) [ 1037.951692][ T60] hub 1-1:0.0: config failed, can't get hub status (err -32) [ 1037.968011][ T743] r8152-cfgselector 5-1: Unknown version 0x0000 [ 1037.979050][T18702] bridge0: port 2(bridge_slave_1) entered blocking state [ 1037.980556][ T743] r8152-cfgselector 5-1: USB disconnect, device number 64 [ 1037.985902][T18702] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1037.986019][T18702] bridge0: port 1(bridge_slave_0) entered blocking state [ 1038.006739][T18702] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1038.027286][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1038.035276][ T542] bridge0: port 1(bridge_slave_0) entered disabled state [ 1038.042383][ T26] usb 3-1: Invalid ep0 maxpacket: 32 [ 1038.048407][ T542] bridge0: port 2(bridge_slave_1) entered disabled state [ 1038.068125][ T60] usbhid 1-1:0.0: can't add hid device: -32 [ 1038.073884][ T60] usbhid: probe of 1-1:0.0 failed with error -32 [ 1038.085150][T18702] device veth0_vlan entered promiscuous mode [ 1038.093699][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1038.101711][ T1234] usb 2-1: Using ep0 maxpacket: 32 [ 1038.107555][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1038.115375][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1038.123370][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1038.130816][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1038.138999][ T542] bridge0: port 1(bridge_slave_0) entered blocking state [ 1038.145818][ T542] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1038.153075][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1038.161153][ T542] bridge0: port 2(bridge_slave_1) entered blocking state [ 1038.167993][ T542] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1038.175150][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1038.183307][ T542] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1038.198001][ T26] usb 3-1: new low-speed USB device number 75 using dummy_hcd [ 1038.205474][T16665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1038.213885][T18702] device veth1_macvtap entered promiscuous mode [ 1038.218113][ T1234] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1038.230710][ T1234] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1038.240918][ T1234] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1038.249861][ T1234] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1038.258587][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1038.266898][ T1234] usb 2-1: config 0 descriptor?? [ 1038.270352][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1038.308764][T12961] device bridge_slave_1 left promiscuous mode [ 1038.314965][T12961] bridge0: port 2(bridge_slave_1) entered disabled state [ 1038.322997][T12961] device bridge_slave_0 left promiscuous mode [ 1038.329051][T12961] bridge0: port 1(bridge_slave_0) entered disabled state [ 1038.336650][T12961] device veth1_macvtap left promiscuous mode [ 1038.342547][T12961] device veth0_vlan left promiscuous mode [ 1038.437984][ T26] usb 3-1: Invalid ep0 maxpacket: 32 [ 1038.443204][ T26] usb usb3-port1: attempt power cycle [ 1038.571335][T18711] loop4: detected capacity change from 0 to 40427 [ 1038.623558][T18711] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1038.638108][ T331] usb 4-1: new high-speed USB device number 62 using dummy_hcd [ 1038.654350][T16665] usb 1-1: USB disconnect, device number 88 [ 1038.698235][T18711] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1038.760234][ T1234] savu 0003:1E7D:2D5A.0076: hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 1038.858541][T18723] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1038.867095][T18723] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 1038.878499][T18723] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1038.898017][ T26] usb 3-1: new low-speed USB device number 76 using dummy_hcd [ 1038.917971][ T331] usb 4-1: Using ep0 maxpacket: 8 [ 1038.983946][T18206] usb 2-1: USB disconnect, device number 71 [ 1038.988044][ T26] usb 3-1: Invalid ep0 maxpacket: 32 [ 1039.048153][ T331] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 1039.057224][ T331] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1039.069909][ T331] usb 4-1: config 0 descriptor?? [ 1039.138018][ T26] usb 3-1: new low-speed USB device number 77 using dummy_hcd [ 1039.228080][ T26] usb 3-1: Invalid ep0 maxpacket: 32 [ 1039.233570][ T26] usb usb3-port1: unable to enumerate USB device [ 1039.325428][T18525] attempt to access beyond end of device [ 1039.325428][T18525] loop4: rw=2049, want=45128, limit=40427 [ 1039.520156][T18726] loop4: detected capacity change from 0 to 40427 [ 1039.601866][T18726] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1039.658505][T18726] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1039.928526][T18737] overlayfs: unrecognized mount option "appraise_type=imasig" or missing value [ 1040.277056][T18525] F2FS-fs (loop4): Inconsistent error blkaddr:5633, sit bitmap:0 [ 1040.284759][T18525] CPU: 1 PID: 18525 Comm: syz-executor Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1040.294728][T18525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1040.304621][T18525] Call Trace: [ 1040.307743][T18525] [ 1040.310528][T18525] dump_stack_lvl+0x151/0x1c0 [ 1040.315034][T18525] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1040.320503][T18525] ? arch_stack_walk+0xf3/0x140 [ 1040.325190][T18525] dump_stack+0x15/0x20 [ 1040.329180][T18525] f2fs_is_valid_blkaddr+0xc87/0x12d0 [ 1040.334391][T18525] f2fs_map_blocks+0x1622/0x3ab0 [ 1040.339164][T18525] ? __stack_depot_save+0x34/0x470 [ 1040.344118][T18525] ? f2fs_do_map_lock+0x70/0x70 [ 1040.348799][T18525] ? debug_smp_processor_id+0x17/0x20 [ 1040.354005][T18525] ? try_charge_memcg+0x213/0x1550 [ 1040.358953][T18525] f2fs_mpage_readpages+0xc9a/0x21a0 [ 1040.364080][T18525] ? dquot_release_reservation_block+0xa0/0xa0 [ 1040.370061][T18525] ? workingset_activation+0x3f0/0x3f0 [ 1040.375363][T18525] f2fs_readahead+0xfd/0x250 [ 1040.379783][T18525] ? blk_start_plug+0x5a/0x170 [ 1040.384382][T18525] read_pages+0x15e/0xb00 [ 1040.388547][T18525] ? lru_cache_add+0x279/0x540 [ 1040.393150][T18525] ? page_cache_ra_unbounded+0x920/0x920 [ 1040.398617][T18525] ? add_to_page_cache_lru+0x225/0x2c0 [ 1040.403913][T18525] ? add_to_page_cache_locked+0x40/0x40 [ 1040.409294][T18525] ? __kasan_check_write+0x14/0x20 [ 1040.414240][T18525] page_cache_ra_unbounded+0x6cb/0x920 [ 1040.419537][T18525] ? read_cache_pages_invalidate_pages+0x1c0/0x1c0 [ 1040.425870][T18525] ? _raw_spin_unlock+0x4d/0x70 [ 1040.430558][T18525] ondemand_readahead+0x9c8/0xfa0 [ 1040.435415][T18525] ? do_wp_page+0x979/0xb60 [ 1040.439848][T18525] ? page_cache_sync_ra+0x4d0/0x4d0 [ 1040.444875][T18525] ? debug_smp_processor_id+0x17/0x20 [ 1040.450085][T18525] ? kasan_quarantine_put+0x34/0x1a0 [ 1040.455205][T18525] ? selinux_inode_getattr+0x11f/0x3f0 [ 1040.460501][T18525] ? fault_around_bytes_set+0xc0/0xc0 [ 1040.465707][T18525] page_cache_sync_ra+0x2e9/0x4d0 [ 1040.470569][T18525] ? force_page_cache_ra+0x420/0x420 [ 1040.475690][T18525] ? do_handle_mm_fault+0x1807/0x2400 [ 1040.480897][T18525] f2fs_readdir+0x52d/0xba0 [ 1040.485239][T18525] ? f2fs_fill_dentries+0xd60/0xd60 [ 1040.490270][T18525] ? avc_policy_seqno+0x1b/0x70 [ 1040.494961][T18525] ? __kasan_check_read+0x11/0x20 [ 1040.499818][T18525] ? security_file_permission+0x86/0xb0 [ 1040.505201][T18525] iterate_dir+0x265/0x610 [ 1040.509452][T18525] ? f2fs_fill_dentries+0xd60/0xd60 [ 1040.514488][T18525] __se_sys_getdents64+0x1c1/0x460 [ 1040.519434][T18525] ? __x64_sys_getdents64+0x90/0x90 [ 1040.524466][T18525] ? filldir+0x680/0x680 [ 1040.528549][T18525] __x64_sys_getdents64+0x7b/0x90 [ 1040.533408][T18525] x64_sys_call+0x5ae/0x9a0 [ 1040.537745][T18525] do_syscall_64+0x3b/0xb0 [ 1040.541999][T18525] ? clear_bhb_loop+0x35/0x90 [ 1040.546513][T18525] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1040.552241][T18525] RIP: 0033:0x7f92ee7d2053 [ 1040.556497][T18525] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8 [ 1040.575935][T18525] RSP: 002b:00007ffce33623b8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 1040.584181][T18525] RAX: ffffffffffffffda RBX: 00005555569864e0 RCX: 00007f92ee7d2053 [ 1040.591992][T18525] RDX: 0000000000008000 RSI: 00005555569864e0 RDI: 0000000000000005 [ 1040.599803][T18525] RBP: 00005555569864b4 R08: 0000000000000000 R09: 0000000000000000 [ 1040.607615][T18525] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8 [ 1040.615425][T18525] R13: 0000000000000010 R14: 00005555569864b0 R15: 00007ffce3364660 [ 1040.623242][T18525] [ 1040.649393][T18525] F2FS-fs (loop4): Inconsistent error blkaddr:5633, sit bitmap:0 [ 1040.659206][T18742] loop1: detected capacity change from 0 to 128 [ 1040.665401][T18525] CPU: 1 PID: 18525 Comm: syz-executor Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1040.675361][T18525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1040.685259][T18525] Call Trace: [ 1040.688376][T18525] [ 1040.691157][T18525] dump_stack_lvl+0x151/0x1c0 [ 1040.695669][T18525] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1040.701137][T18525] dump_stack+0x15/0x20 [ 1040.705126][T18525] f2fs_is_valid_blkaddr+0xc87/0x12d0 [ 1040.710338][T18525] f2fs_get_read_data_page+0x50f/0x850 [ 1040.715629][T18525] ? f2fs_get_block+0x1b0/0x1b0 [ 1040.720318][T18525] ? force_page_cache_ra+0x420/0x420 [ 1040.725437][T18525] f2fs_find_data_page+0x19c/0x420 [ 1040.730389][T18525] f2fs_readdir+0x53a/0xba0 [ 1040.734726][T18525] ? f2fs_fill_dentries+0xd60/0xd60 [ 1040.739765][T18525] ? avc_policy_seqno+0x1b/0x70 [ 1040.744445][T18525] ? __kasan_check_read+0x11/0x20 [ 1040.749314][T18525] ? security_file_permission+0x86/0xb0 [ 1040.754687][T18525] iterate_dir+0x265/0x610 [ 1040.758941][T18525] ? f2fs_fill_dentries+0xd60/0xd60 [ 1040.763975][T18525] __se_sys_getdents64+0x1c1/0x460 [ 1040.768922][T18525] ? __x64_sys_getdents64+0x90/0x90 [ 1040.773956][T18525] ? filldir+0x680/0x680 [ 1040.778035][T18525] __x64_sys_getdents64+0x7b/0x90 [ 1040.782894][T18525] x64_sys_call+0x5ae/0x9a0 [ 1040.787234][T18525] do_syscall_64+0x3b/0xb0 [ 1040.791489][T18525] ? clear_bhb_loop+0x35/0x90 [ 1040.795999][T18525] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1040.801731][T18525] RIP: 0033:0x7f92ee7d2053 [ 1040.805985][T18525] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8 [ 1040.825421][T18525] RSP: 002b:00007ffce33623b8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 1040.833666][T18525] RAX: ffffffffffffffda RBX: 00005555569864e0 RCX: 00007f92ee7d2053 [ 1040.841490][T18525] RDX: 0000000000008000 RSI: 00005555569864e0 RDI: 0000000000000005 [ 1040.849290][T18525] RBP: 00005555569864b4 R08: 0000000000000000 R09: 0000000000000000 [ 1040.857101][T18525] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8 [ 1040.864914][T18525] R13: 0000000000000010 R14: 00005555569864b0 R15: 00007ffce3364660 [ 1040.872738][T18525] [ 1040.886981][T12961] attempt to access beyond end of device [ 1040.886981][T12961] loop4: rw=2049, want=45128, limit=40427 [ 1040.993261][ T26] usb 3-1: new high-speed USB device number 78 using dummy_hcd [ 1041.250608][T18748] bridge0: port 1(bridge_slave_0) entered blocking state [ 1041.254376][T18753] FAULT_INJECTION: forcing a failure. [ 1041.254376][T18753] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1041.258748][T18748] bridge0: port 1(bridge_slave_0) entered disabled state [ 1041.270698][T18753] CPU: 1 PID: 18753 Comm: syz.1.5108 Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1041.277888][T18748] device bridge_slave_0 entered promiscuous mode [ 1041.286952][T18753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1041.295280][T18748] bridge0: port 2(bridge_slave_1) entered blocking state [ 1041.303189][T18753] Call Trace: [ 1041.303197][T18753] [ 1041.303204][T18753] dump_stack_lvl+0x151/0x1c0 [ 1041.303227][T18753] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1041.303246][T18753] dump_stack+0x15/0x20 [ 1041.303261][T18753] should_fail+0x3c6/0x510 [ 1041.310756][T18748] bridge0: port 2(bridge_slave_1) entered disabled state [ 1041.313169][T18753] should_fail_usercopy+0x1a/0x20 [ 1041.313192][T18753] strncpy_from_user+0x24/0x2d0 [ 1041.316392][T18748] device bridge_slave_1 entered promiscuous mode [ 1041.320454][T18753] ? kmem_cache_alloc+0xf5/0x200 [ 1041.320480][T18753] getname_flags+0xf2/0x520 [ 1041.320497][T18753] user_path_at_empty+0x2d/0x1a0 [ 1041.320512][T18753] __se_sys_mount+0x285/0x3b0 [ 1041.320533][T18753] ? __x64_sys_mount+0xd0/0xd0 [ 1041.379826][T18753] ? debug_smp_processor_id+0x17/0x20 [ 1041.385032][T18753] __x64_sys_mount+0xbf/0xd0 [ 1041.389457][T18753] x64_sys_call+0x49d/0x9a0 [ 1041.393794][T18753] do_syscall_64+0x3b/0xb0 [ 1041.398046][T18753] ? clear_bhb_loop+0x35/0x90 [ 1041.402570][T18753] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1041.408290][T18753] RIP: 0033:0x7f0155c4aeb9 [ 1041.412544][T18753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1041.431987][T18753] RSP: 002b:00007f01548c5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1041.440233][T18753] RAX: ffffffffffffffda RBX: 00007f0155e03f80 RCX: 00007f0155c4aeb9 [ 1041.448042][T18753] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000000 [ 1041.455851][T18753] RBP: 00007f01548c5090 R08: 0000000000000000 R09: 0000000000000000 [ 1041.463665][T18753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1041.471474][T18753] R13: 0000000000000000 R14: 00007f0155e03f80 R15: 00007ffdde780e78 [ 1041.479291][T18753] [ 1041.482763][ T331] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 1041.500371][ T331] asix 4-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 1041.510993][ T331] asix: probe of 4-1:0.0 failed with error -71 [ 1041.517048][T18755] loop3: detected capacity change from 0 to 256 [ 1041.517657][ T331] usb 4-1: USB disconnect, device number 62 [ 1041.558006][ T26] usb 3-1: Using ep0 maxpacket: 32 [ 1041.658290][T18748] bridge0: port 2(bridge_slave_1) entered blocking state [ 1041.665175][T18748] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1041.672359][T18748] bridge0: port 1(bridge_slave_0) entered blocking state [ 1041.679231][T18748] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1041.689549][T12961] device bridge_slave_1 left promiscuous mode [ 1041.695485][T12961] bridge0: port 2(bridge_slave_1) entered disabled state [ 1041.713470][T12961] device bridge_slave_0 left promiscuous mode [ 1041.730166][T12961] bridge0: port 1(bridge_slave_0) entered disabled state [ 1041.751742][T12961] device veth1_macvtap left promiscuous mode [ 1041.771192][T12961] device veth0_vlan left promiscuous mode [ 1041.790393][ T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1041.801163][ T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1041.810773][ T26] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1041.819659][ T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1041.828337][ T26] usb 3-1: config 0 descriptor?? [ 1041.858011][ T743] usb 2-1: new high-speed USB device number 72 using dummy_hcd [ 1041.958183][T18206] bridge0: port 1(bridge_slave_0) entered disabled state [ 1041.967202][T18206] bridge0: port 2(bridge_slave_1) entered disabled state [ 1041.998872][T16665] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1042.006188][T16665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1042.038952][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1042.047530][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1042.068614][ T1234] bridge0: port 1(bridge_slave_0) entered blocking state [ 1042.075461][ T1234] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1042.098091][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1042.106315][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1042.107931][ T743] usb 2-1: Using ep0 maxpacket: 16 [ 1042.128191][ T1234] bridge0: port 2(bridge_slave_1) entered blocking state [ 1042.135033][ T1234] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1042.158031][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1042.166003][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1042.188459][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1042.196392][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1042.238087][ T743] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1042.238620][T16665] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1042.254045][ T743] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1042.257286][T16665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1042.277848][T18748] device veth0_vlan entered promiscuous mode [ 1042.282634][ T743] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1042.285846][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1042.306353][ T26] savu 0003:1E7D:2D5A.0077: hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0 [ 1042.316927][ T743] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1042.317659][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1042.335657][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1042.343440][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1042.346418][ T743] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1042.362217][T18748] device veth1_macvtap entered promiscuous mode [ 1042.377111][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1042.385682][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1042.399306][ T743] usb 2-1: config 0 descriptor?? [ 1042.399513][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1042.436019][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1042.444735][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1042.454010][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1042.465481][ T1234] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1042.490934][T18770] loop4: detected capacity change from 0 to 256 [ 1042.504379][ T30] kauditd_printk_skb: 97 callbacks suppressed [ 1042.504393][ T30] audit: type=1326 audit(1725426977.306:1452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18738 comm="syz.2.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ee9578eb9 code=0x7ffc0000 [ 1042.536132][T16665] usb 3-1: USB disconnect, device number 78 [ 1042.564364][ T30] audit: type=1326 audit(1725426977.306:1453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18738 comm="syz.2.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ee9578eb9 code=0x7ffc0000 [ 1042.601016][ T30] audit: type=1326 audit(1725426977.306:1454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18738 comm="syz.2.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ee9578eb9 code=0x7ffc0000 [ 1042.634716][ T30] audit: type=1326 audit(1725426977.306:1455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18738 comm="syz.2.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ee9578eb9 code=0x7ffc0000 [ 1042.658693][ T30] audit: type=1326 audit(1725426977.306:1456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18738 comm="syz.2.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ee9578eb9 code=0x7ffc0000 [ 1042.684155][ T30] audit: type=1326 audit(1725426977.306:1457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18738 comm="syz.2.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0ee9578eb9 code=0x7ffc0000 [ 1042.708614][T18771] FAULT_INJECTION: forcing a failure. [ 1042.708614][T18771] name failslab, interval 1, probability 0, space 0, times 0 [ 1042.721094][T18771] CPU: 1 PID: 18771 Comm: syz.4.5107 Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1042.730826][T18771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1042.740719][T18771] Call Trace: [ 1042.741305][ T30] audit: type=1326 audit(1725426977.306:1458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18738 comm="syz.2.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ee9578eb9 code=0x7ffc0000 [ 1042.743840][T18771] [ 1042.743849][T18771] dump_stack_lvl+0x151/0x1c0 [ 1042.774398][T18771] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1042.779863][T18771] ? __kasan_slab_alloc+0xc3/0xe0 [ 1042.784723][T18771] ? __kasan_slab_alloc+0xb1/0xe0 [ 1042.789584][T18771] ? slab_post_alloc_hook+0x53/0x2c0 [ 1042.794705][T18771] ? dup_task_struct+0x53/0xc60 [ 1042.794751][ T30] audit: type=1326 audit(1725426977.306:1459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18738 comm="syz.2.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ee9578eb9 code=0x7ffc0000 [ 1042.799387][T18771] ? copy_process+0x5c4/0x3290 [ 1042.799403][T18771] ? kernel_clone+0x21e/0x9e0 [ 1042.799420][T18771] dump_stack+0x15/0x20 [ 1042.799435][T18771] should_fail+0x3c6/0x510 [ 1042.799452][T18771] __should_failslab+0xa4/0xe0 [ 1042.799469][T18771] should_failslab+0x9/0x20 [ 1042.848953][T18771] slab_pre_alloc_hook+0x37/0xd0 [ 1042.852454][ T30] audit: type=1326 audit(1725426977.306:1460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18738 comm="syz.2.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7f0ee9578eb9 code=0x7ffc0000 [ 1042.853718][T18771] kmem_cache_alloc_trace+0x48/0x210 [ 1042.853738][T18771] ? __get_vm_area_node+0x117/0x360 [ 1042.853757][T18771] __get_vm_area_node+0x117/0x360 [ 1042.892298][T18771] __vmalloc_node_range+0xe2/0x8d0 [ 1042.897241][T18771] ? copy_process+0x5c4/0x3290 [ 1042.901841][T18771] ? slab_post_alloc_hook+0x72/0x2c0 [ 1042.903912][ T30] audit: type=1326 audit(1725426977.306:1461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18738 comm="syz.2.5103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ee9578eb9 code=0x7ffc0000 [ 1042.906956][T18771] ? dup_task_struct+0x53/0xc60 [ 1042.935088][T18771] dup_task_struct+0x416/0xc60 [ 1042.939686][T18771] ? copy_process+0x5c4/0x3290 [ 1042.944280][T18771] ? __kasan_check_write+0x14/0x20 [ 1042.949228][T18771] copy_process+0x5c4/0x3290 [ 1042.953651][T18771] ? __kasan_check_write+0x14/0x20 [ 1042.958600][T18771] ? selinux_file_permission+0x2c4/0x570 [ 1042.964066][T18771] ? proc_fail_nth_read+0x210/0x210 [ 1042.969102][T18771] ? fsnotify_perm+0x6a/0x5d0 [ 1042.973617][T18771] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1042.978561][T18771] ? vfs_write+0x9ec/0x1110 [ 1042.982902][T18771] kernel_clone+0x21e/0x9e0 [ 1042.987245][T18771] ? __kasan_check_write+0x14/0x20 [ 1042.992188][T18771] ? create_io_thread+0x1e0/0x1e0 [ 1042.997049][T18771] __x64_sys_clone+0x23f/0x290 [ 1043.001647][T18771] ? __do_sys_vfork+0x130/0x130 [ 1043.006340][T18771] ? debug_smp_processor_id+0x17/0x20 [ 1043.011540][T18771] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1043.017443][T18771] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1043.022913][T18771] x64_sys_call+0x1b0/0x9a0 [ 1043.027251][T18771] do_syscall_64+0x3b/0xb0 [ 1043.031504][T18771] ? clear_bhb_loop+0x35/0x90 [ 1043.036017][T18771] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1043.041745][T18771] RIP: 0033:0x7f4146e16eb9 [ 1043.046001][T18771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1043.065442][T18771] RSP: 002b:00007f4145a6ffe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1043.073685][T18771] RAX: ffffffffffffffda RBX: 00007f4146fd0058 RCX: 00007f4146e16eb9 [ 1043.081501][T18771] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000630c0600 [ 1043.089310][T18771] RBP: 00007f4145a70090 R08: 0000000000000000 R09: 0000000000000000 [ 1043.097119][T18771] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 1043.104934][T18771] R13: 0000000000000000 R14: 00007f4146fd0058 R15: 00007ffea014a278 [ 1043.112746][T18771] [ 1043.116075][T18771] syz.4.5107: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0 [ 1043.131197][T18771] CPU: 1 PID: 18771 Comm: syz.4.5107 Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1043.140991][T18771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1043.150885][T18771] Call Trace: [ 1043.154011][T18771] [ 1043.156786][T18771] dump_stack_lvl+0x151/0x1c0 [ 1043.161300][T18771] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1043.166767][T18771] ? pr_cont_kernfs_name+0xf0/0x100 [ 1043.171802][T18771] dump_stack+0x15/0x20 [ 1043.175793][T18771] warn_alloc+0x21a/0x390 [ 1043.179960][T18771] ? should_failslab+0x9/0x20 [ 1043.184481][T18771] ? zone_watermark_ok_safe+0x270/0x270 [ 1043.189855][T18771] ? __get_vm_area_node+0x347/0x360 [ 1043.194889][T18771] __vmalloc_node_range+0x2c1/0x8d0 [ 1043.199922][T18771] ? slab_post_alloc_hook+0x72/0x2c0 [ 1043.205043][T18771] ? dup_task_struct+0x53/0xc60 [ 1043.209731][T18771] dup_task_struct+0x416/0xc60 [ 1043.214329][T18771] ? copy_process+0x5c4/0x3290 [ 1043.218932][T18771] ? __kasan_check_write+0x14/0x20 [ 1043.223878][T18771] copy_process+0x5c4/0x3290 [ 1043.228304][T18771] ? __kasan_check_write+0x14/0x20 [ 1043.233250][T18771] ? selinux_file_permission+0x2c4/0x570 [ 1043.238718][T18771] ? proc_fail_nth_read+0x210/0x210 [ 1043.243752][T18771] ? fsnotify_perm+0x6a/0x5d0 [ 1043.248270][T18771] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1043.253213][T18771] ? vfs_write+0x9ec/0x1110 [ 1043.257556][T18771] kernel_clone+0x21e/0x9e0 [ 1043.261893][T18771] ? __kasan_check_write+0x14/0x20 [ 1043.266839][T18771] ? create_io_thread+0x1e0/0x1e0 [ 1043.271703][T18771] __x64_sys_clone+0x23f/0x290 [ 1043.276304][T18771] ? __do_sys_vfork+0x130/0x130 [ 1043.280989][T18771] ? debug_smp_processor_id+0x17/0x20 [ 1043.286194][T18771] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1043.292098][T18771] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1043.297567][T18771] x64_sys_call+0x1b0/0x9a0 [ 1043.301902][T18771] do_syscall_64+0x3b/0xb0 [ 1043.306156][T18771] ? clear_bhb_loop+0x35/0x90 [ 1043.310671][T18771] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1043.316400][T18771] RIP: 0033:0x7f4146e16eb9 [ 1043.320653][T18771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1043.340186][T18771] RSP: 002b:00007f4145a6ffe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1043.348432][T18771] RAX: ffffffffffffffda RBX: 00007f4146fd0058 RCX: 00007f4146e16eb9 [ 1043.356244][T18771] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000630c0600 [ 1043.364143][T18771] RBP: 00007f4145a70090 R08: 0000000000000000 R09: 0000000000000000 [ 1043.371952][T18771] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 1043.379764][T18771] R13: 0000000000000000 R14: 00007f4146fd0058 R15: 00007ffea014a278 [ 1043.387586][T18771] [ 1043.391096][T18771] Mem-Info: [ 1043.392020][ T743] microsoft 0003:045E:07DA.0078: unknown main item tag 0x0 [ 1043.394019][T18771] active_anon:129 inactive_anon:6303 isolated_anon:0 [ 1043.394019][T18771] active_file:23757 inactive_file:5139 isolated_file:0 [ 1043.394019][T18771] unevictable:0 dirty:622 writeback:0 [ 1043.394019][T18771] slab_reclaimable:8925 slab_unreclaimable:70936 [ 1043.394019][T18771] mapped:25230 shmem:3109 pagetables:546 bounce:0 [ 1043.394019][T18771] kernel_misc_reclaimable:0 [ 1043.394019][T18771] free:1548563 free_pcp:19862 free_cma:0 [ 1043.442296][T18771] Node 0 active_anon:516kB inactive_anon:25212kB active_file:95028kB inactive_file:20556kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:100920kB dirty:2488kB writeback:0kB shmem:12436kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:4792kB pagetables:2184kB all_unreclaimable? no [ 1043.445961][ T743] microsoft 0003:045E:07DA.0078: unknown main item tag 0x0 [ 1043.473146][T18771] DMA32 free:2974676kB min:62568kB low:78208kB high:93848kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2978988kB mlocked:0kB bounce:0kB free_pcp:4312kB local_pcp:0kB free_cma:0kB [ 1043.506788][T18771] lowmem_reserve[]: 0 3941 3941 [ 1043.508078][ T743] microsoft 0003:045E:07DA.0078: unknown main item tag 0x0 [ 1043.518548][T18771] Normal free:3219576kB min:84884kB low:106104kB high:127324kB reserved_highatomic:0KB active_anon:520kB inactive_anon:25208kB active_file:94984kB inactive_file:20548kB unevictable:0kB writepending:2484kB present:5242880kB managed:4035584kB mlocked:0kB bounce:0kB free_pcp:74512kB local_pcp:50204kB free_cma:0kB [ 1043.547941][T18771] lowmem_reserve[]: 0 0 0 [ 1043.552104][T18771] DMA32: 3*4kB (M) 1*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (UM) 3*2048kB (UM) 723*4096kB (M) = 2974676kB [ 1043.567549][T18771] Normal: 2958*4kB (UME) 2472*8kB (UME) 1294*16kB (UME) 1103*32kB (UME) 283*64kB (UME) 159*128kB (UME) 124*256kB (UME) 56*512kB (UME) 28*1024kB (UME) 9*2048kB (UME) 729*4096kB (UM) = 3219576kB [ 1043.586386][T18771] 34215 total pagecache pages [ 1043.590881][T18771] 0 pages in swap cache [ 1043.594844][T18771] Swap cache stats: add 1427, delete 1427, find 515/515 [ 1043.601645][T18771] Free swap = 124192kB [ 1043.605611][T18771] Total swap = 124996kB [ 1043.609635][T18771] 2097051 pages RAM [ 1043.612135][ T60] usb 4-1: new high-speed USB device number 63 using dummy_hcd [ 1043.613243][T18771] 0 pages HighMem/MovableOnly [ 1043.613252][T18771] 343408 pages reserved [ 1043.629233][T18771] 0 pages cma reserved [ 1043.652247][ T743] microsoft 0003:045E:07DA.0078: unknown main item tag 0x0 [ 1043.659648][ T743] microsoft 0003:045E:07DA.0078: unknown main item tag 0x0 [ 1043.722722][T18775] overlayfs: unrecognized mount option "appraise_type=imasig" or missing value [ 1043.827393][ T743] microsoft 0003:045E:07DA.0078: unknown main item tag 0x0 [ 1043.834480][ T743] microsoft 0003:045E:07DA.0078: unknown main item tag 0x0 [ 1043.841523][ T743] microsoft 0003:045E:07DA.0078: unknown main item tag 0x0 [ 1043.848562][ T743] microsoft 0003:045E:07DA.0078: unknown main item tag 0x0 [ 1043.855546][ T743] microsoft 0003:045E:07DA.0078: unknown main item tag 0x0 [ 1043.866916][ T743] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0078/input/input82 [ 1043.884208][ T743] microsoft 0003:045E:07DA.0078: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 1043.898828][ T743] usb 2-1: USB disconnect, device number 72 [ 1043.917917][ T60] usb 4-1: Using ep0 maxpacket: 16 [ 1043.992190][T18779] loop4: detected capacity change from 0 to 40427 [ 1044.038036][ T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1044.049374][T18779] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1044.059814][ T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1044.071931][ T60] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1044.146092][ T60] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1044.155751][ T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1044.166980][ T60] usb 4-1: config 0 descriptor?? [ 1044.233022][T18779] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1044.383611][T18796] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1044.392265][T18796] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 1044.403940][T18796] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1044.849807][T18748] attempt to access beyond end of device [ 1044.849807][T18748] loop4: rw=2049, want=45128, limit=40427 [ 1044.899209][ T60] microsoft 0003:045E:07DA.0079: unknown main item tag 0x0 [ 1044.906368][ T60] microsoft 0003:045E:07DA.0079: unknown main item tag 0x0 [ 1044.926298][T18804] loop2: detected capacity change from 0 to 512 [ 1044.938147][ T60] microsoft 0003:045E:07DA.0079: unknown main item tag 0x0 [ 1044.945207][ T60] microsoft 0003:045E:07DA.0079: unknown main item tag 0x0 [ 1044.970490][ T60] microsoft 0003:045E:07DA.0079: unknown main item tag 0x0 [ 1044.977712][ T60] microsoft 0003:045E:07DA.0079: unknown main item tag 0x0 [ 1045.017956][ T60] microsoft 0003:045E:07DA.0079: unknown main item tag 0x0 [ 1045.025171][ T60] microsoft 0003:045E:07DA.0079: unknown main item tag 0x0 [ 1045.025617][T18804] EXT4-fs (loop2): test_dummy_encryption requires encrypt feature [ 1045.043124][ T60] microsoft 0003:045E:07DA.0079: unknown main item tag 0x0 [ 1045.059649][ T60] microsoft 0003:045E:07DA.0079: unknown main item tag 0x0 [ 1045.098484][T18806] loop4: detected capacity change from 0 to 256 [ 1045.114558][ T60] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0079/input/input83 [ 1045.196770][ T60] microsoft 0003:045E:07DA.0079: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 1045.219515][ T60] usb 4-1: USB disconnect, device number 63 [ 1045.234099][T18811] FAULT_INJECTION: forcing a failure. [ 1045.234099][T18811] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1045.247196][T18811] CPU: 1 PID: 18811 Comm: syz.1.5122 Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1045.256993][T18811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1045.266890][T18811] Call Trace: [ 1045.270009][T18811] [ 1045.272787][T18811] dump_stack_lvl+0x151/0x1c0 [ 1045.277301][T18811] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1045.282770][T18811] ? kstrtouint_from_user+0x20a/0x2a0 [ 1045.287978][T18811] dump_stack+0x15/0x20 [ 1045.291968][T18811] should_fail+0x3c6/0x510 [ 1045.296222][T18811] should_fail_usercopy+0x1a/0x20 [ 1045.301088][T18811] _copy_to_user+0x20/0x90 [ 1045.305336][T18811] simple_read_from_buffer+0xc7/0x150 [ 1045.310545][T18811] proc_fail_nth_read+0x1a3/0x210 [ 1045.315413][T18811] ? proc_fault_inject_write+0x390/0x390 [ 1045.320892][T18811] ? fsnotify_perm+0x470/0x5d0 [ 1045.325475][T18811] ? security_file_permission+0x86/0xb0 [ 1045.330854][T18811] ? proc_fault_inject_write+0x390/0x390 [ 1045.336320][T18811] vfs_read+0x27d/0xd40 [ 1045.340314][T18811] ? kernel_read+0x1f0/0x1f0 [ 1045.344739][T18811] ? __kasan_check_read+0x11/0x20 [ 1045.349599][T18811] ? __fdget+0x179/0x240 [ 1045.353676][T18811] ? map_freeze+0xcd/0x370 [ 1045.357927][T18811] ? security_bpf+0x82/0xb0 [ 1045.362268][T18811] ? __kasan_check_read+0x11/0x20 [ 1045.367129][T18811] ? __fdget_pos+0x2ee/0x3a0 [ 1045.371557][T18811] ksys_read+0x199/0x2c0 [ 1045.375636][T18811] ? vfs_write+0x1110/0x1110 [ 1045.380063][T18811] ? debug_smp_processor_id+0x17/0x20 [ 1045.385268][T18811] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1045.391170][T18811] __x64_sys_read+0x7b/0x90 [ 1045.395510][T18811] x64_sys_call+0x28/0x9a0 [ 1045.399764][T18811] do_syscall_64+0x3b/0xb0 [ 1045.404015][T18811] ? clear_bhb_loop+0x35/0x90 [ 1045.408531][T18811] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1045.414257][T18811] RIP: 0033:0x7f0155c498fc [ 1045.418513][T18811] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 1045.437952][T18811] RSP: 002b:00007f01548c5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1045.446197][T18811] RAX: ffffffffffffffda RBX: 00007f0155e03f80 RCX: 00007f0155c498fc [ 1045.454008][T18811] RDX: 000000000000000f RSI: 00007f01548c50a0 RDI: 0000000000000004 [ 1045.461821][T18811] RBP: 00007f01548c5090 R08: 0000000000000000 R09: 0000000000000000 [ 1045.469630][T18811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1045.477442][T18811] R13: 0000000000000000 R14: 00007f0155e03f80 R15: 00007ffdde780e78 [ 1045.485260][T18811] [ 1045.489084][T18809] FAULT_INJECTION: forcing a failure. [ 1045.489084][T18809] name failslab, interval 1, probability 0, space 0, times 0 [ 1045.501538][T18809] CPU: 0 PID: 18809 Comm: syz.4.5119 Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1045.511294][T18809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1045.521182][T18809] Call Trace: [ 1045.524305][T18809] [ 1045.527081][T18809] dump_stack_lvl+0x151/0x1c0 [ 1045.531681][T18809] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1045.537147][T18809] ? __kasan_slab_alloc+0xc3/0xe0 [ 1045.542009][T18809] ? __kasan_slab_alloc+0xb1/0xe0 [ 1045.546877][T18809] ? slab_post_alloc_hook+0x53/0x2c0 [ 1045.551990][T18809] ? dup_task_struct+0x53/0xc60 [ 1045.556676][T18809] ? copy_process+0x5c4/0x3290 [ 1045.561276][T18809] ? kernel_clone+0x21e/0x9e0 [ 1045.565791][T18809] dump_stack+0x15/0x20 [ 1045.569783][T18809] should_fail+0x3c6/0x510 [ 1045.574040][T18809] __should_failslab+0xa4/0xe0 [ 1045.578636][T18809] should_failslab+0x9/0x20 [ 1045.582976][T18809] slab_pre_alloc_hook+0x37/0xd0 [ 1045.587750][T18809] kmem_cache_alloc_trace+0x48/0x210 [ 1045.592888][T18809] ? __get_vm_area_node+0x117/0x360 [ 1045.597909][T18809] __get_vm_area_node+0x117/0x360 [ 1045.602767][T18809] __vmalloc_node_range+0xe2/0x8d0 [ 1045.607710][T18809] ? copy_process+0x5c4/0x3290 [ 1045.612313][T18809] ? slab_post_alloc_hook+0x72/0x2c0 [ 1045.617432][T18809] ? dup_task_struct+0x53/0xc60 [ 1045.622118][T18809] ? dup_task_struct+0x53/0xc60 [ 1045.627164][T18809] dup_task_struct+0x416/0xc60 [ 1045.631762][T18809] ? copy_process+0x5c4/0x3290 [ 1045.636360][T18809] ? __kasan_check_write+0x14/0x20 [ 1045.641309][T18809] copy_process+0x5c4/0x3290 [ 1045.645738][T18809] ? __kasan_check_write+0x14/0x20 [ 1045.650683][T18809] ? selinux_file_permission+0x2c4/0x570 [ 1045.656151][T18809] ? proc_fail_nth_read+0x210/0x210 [ 1045.661183][T18809] ? fsnotify_perm+0x6a/0x5d0 [ 1045.665698][T18809] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 1045.670647][T18809] ? vfs_write+0x9ec/0x1110 [ 1045.674988][T18809] kernel_clone+0x21e/0x9e0 [ 1045.679323][T18809] ? __kasan_check_write+0x14/0x20 [ 1045.684270][T18809] ? create_io_thread+0x1e0/0x1e0 [ 1045.689132][T18809] __x64_sys_clone+0x23f/0x290 [ 1045.693731][T18809] ? __do_sys_vfork+0x130/0x130 [ 1045.698424][T18809] ? debug_smp_processor_id+0x17/0x20 [ 1045.703625][T18809] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1045.709529][T18809] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1045.715000][T18809] x64_sys_call+0x1b0/0x9a0 [ 1045.719334][T18809] do_syscall_64+0x3b/0xb0 [ 1045.723589][T18809] ? clear_bhb_loop+0x35/0x90 [ 1045.728102][T18809] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1045.733834][T18809] RIP: 0033:0x7f4146e16eb9 [ 1045.738090][T18809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1045.757614][T18809] RSP: 002b:00007f4145a6ffe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1045.765858][T18809] RAX: ffffffffffffffda RBX: 00007f4146fd0058 RCX: 00007f4146e16eb9 [ 1045.773670][T18809] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000630c0600 [ 1045.781653][T18809] RBP: 00007f4145a70090 R08: 0000000000000000 R09: 0000000000000000 [ 1045.789464][T18809] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 1045.797275][T18809] R13: 0000000000000000 R14: 00007f4146fd0058 R15: 00007ffea014a278 [ 1045.805095][T18809] [ 1045.877940][T15455] usb 1-1: new high-speed USB device number 89 using dummy_hcd [ 1045.969908][T18819] loop2: detected capacity change from 0 to 16 [ 1046.010387][T18819] erofs: (device loop2): mounted with root inode @ nid 36. [ 1046.239220][T16665] usb 2-1: new high-speed USB device number 73 using dummy_hcd [ 1046.246774][T15455] usb 1-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5 [ 1046.255816][T15455] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1046.264854][T15455] usb 1-1: config 0 descriptor?? [ 1047.053497][T16665] usb 2-1: Using ep0 maxpacket: 16 [ 1047.157913][ T743] usb 5-1: new high-speed USB device number 65 using dummy_hcd [ 1047.728171][T16665] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1047.739653][T16665] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1047.752310][T16665] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1047.766343][T16665] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1047.778320][T16665] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1047.778347][ T30] kauditd_printk_skb: 61 callbacks suppressed [ 1047.792601][ T30] audit: type=1326 audit(1725426982.586:1523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18820 comm="syz.4.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4146e16abb code=0x7ffc0000 [ 1047.801188][T18843] loop2: detected capacity change from 0 to 128 [ 1047.835918][T16665] usb 2-1: config 0 descriptor?? [ 1047.841233][ T30] audit: type=1326 audit(1725426982.606:1524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18820 comm="syz.4.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4146e16abb code=0x7ffc0000 [ 1048.097891][ T743] usb 5-1: Using ep0 maxpacket: 32 [ 1048.129922][ T30] audit: type=1326 audit(1725426982.926:1525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18820 comm="syz.4.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4146e16abb code=0x7ffc0000 [ 1048.160747][ T30] audit: type=1326 audit(1725426982.956:1526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18820 comm="syz.4.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4146e16abb code=0x7ffc0000 [ 1048.188150][ T30] audit: type=1326 audit(1725426982.986:1527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18820 comm="syz.4.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4146e16abb code=0x7ffc0000 [ 1048.213819][ T30] audit: type=1326 audit(1725426983.016:1528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18820 comm="syz.4.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4146e16abb code=0x7ffc0000 [ 1048.238160][ T30] audit: type=1326 audit(1725426983.036:1529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18820 comm="syz.4.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4146e16abb code=0x7ffc0000 [ 1048.261979][ T743] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1048.272978][ T30] audit: type=1326 audit(1725426983.066:1530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18820 comm="syz.4.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4146e16abb code=0x7ffc0000 [ 1048.296569][ T743] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1048.307021][ T743] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1048.316153][ T743] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1048.347430][ T743] usb 5-1: config 0 descriptor?? [ 1048.349749][T15455] asix 1-1:0.0 eth1: register 'asix' at usb-dummy_hcd.0-1, ASIX AX88178 USB 2.0 Ethernet, 76:87:c5:9d:aa:0f [ 1048.366723][T15455] usb 1-1: USB disconnect, device number 89 [ 1048.373498][T15455] asix 1-1:0.0 eth1: unregister 'asix' usb-dummy_hcd.0-1, ASIX AX88178 USB 2.0 Ethernet [ 1048.386291][T16665] microsoft 0003:045E:07DA.007A: unknown main item tag 0x0 [ 1048.398031][T16665] microsoft 0003:045E:07DA.007A: unknown main item tag 0x0 [ 1048.398700][ T30] audit: type=1326 audit(1725426983.206:1531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18820 comm="syz.4.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4146e16abb code=0x7ffc0000 [ 1048.405172][T16665] microsoft 0003:045E:07DA.007A: unknown main item tag 0x0 [ 1048.515414][T16665] microsoft 0003:045E:07DA.007A: unknown main item tag 0x0 [ 1048.522796][T16665] microsoft 0003:045E:07DA.007A: unknown main item tag 0x0 [ 1048.529891][T16665] microsoft 0003:045E:07DA.007A: unknown main item tag 0x0 [ 1048.536972][T16665] microsoft 0003:045E:07DA.007A: unknown main item tag 0x0 [ 1048.544251][T16665] microsoft 0003:045E:07DA.007A: unknown main item tag 0x0 [ 1048.551432][T16665] microsoft 0003:045E:07DA.007A: unknown main item tag 0x0 [ 1048.558509][T16665] microsoft 0003:045E:07DA.007A: unknown main item tag 0x0 [ 1048.571933][T16665] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.007A/input/input84 [ 1048.614373][ T1234] ================================================================== [ 1048.622250][ T1234] BUG: KASAN: use-after-free in __list_del_entry_valid+0xa6/0x120 [ 1048.629885][ T1234] Read of size 8 at addr ffff888120c9ac70 by task kworker/1:9/1234 [ 1048.637613][ T1234] [ 1048.639780][ T1234] CPU: 1 PID: 1234 Comm: kworker/1:9 Not tainted 5.15.157-syzkaller-00896-g38761ec9fc9e #0 [ 1048.649588][ T1234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1048.659489][ T1234] Workqueue: events linkwatch_event [ 1048.664535][ T1234] Call Trace: [ 1048.667646][ T1234] [ 1048.670422][ T1234] dump_stack_lvl+0x151/0x1c0 [ 1048.674938][ T1234] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1048.680403][ T1234] ? panic+0x760/0x760 [ 1048.684561][ T1234] print_address_description+0x87/0x3b0 [ 1048.689940][ T1234] kasan_report+0x179/0x1c0 [ 1048.694284][ T1234] ? __kasan_check_write+0x14/0x20 [ 1048.699235][ T1234] ? __list_del_entry_valid+0xa6/0x120 [ 1048.704520][ T1234] ? __list_del_entry_valid+0xa6/0x120 [ 1048.709814][ T1234] __asan_report_load8_noabort+0x14/0x20 [ 1048.715282][ T1234] __list_del_entry_valid+0xa6/0x120 [ 1048.720409][ T1234] process_one_work+0x458/0xc10 [ 1048.724088][ T30] audit: type=1326 audit(1725426983.206:1532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18820 comm="syz.4.5125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4146e16abb code=0x7ffc0000 [ 1048.725090][ T1234] worker_thread+0xad5/0x12a0 [ 1048.752787][ T1234] kthread+0x421/0x510 [ 1048.756685][ T1234] ? worker_clr_flags+0x180/0x180 [ 1048.761544][ T1234] ? kthread_blkcg+0xd0/0xd0 [ 1048.765969][ T1234] ret_from_fork+0x1f/0x30 [ 1048.770229][ T1234] [ 1048.773101][ T1234] [ 1048.775344][ T1234] Allocated by task 15455: [ 1048.779596][ T1234] ____kasan_kmalloc+0xdb/0x110 [ 1048.784291][ T1234] __kasan_kmalloc+0x9/0x10 [ 1048.788623][ T1234] __kmalloc+0x13a/0x270 [ 1048.792702][ T1234] kvmalloc_node+0x1f0/0x4d0 [ 1048.797126][ T1234] alloc_netdev_mqs+0x8c/0xc90 [ 1048.801727][ T1234] alloc_etherdev_mqs+0x33/0x40 [ 1048.806416][ T1234] usbnet_probe+0x1ff/0x2830 [ 1048.810840][ T1234] usb_probe_interface+0x5b6/0xa90 [ 1048.815788][ T1234] really_probe+0x28d/0x970 [ 1048.820126][ T1234] __driver_probe_device+0x1a0/0x310 [ 1048.825248][ T1234] driver_probe_device+0x54/0x3d0 [ 1048.830107][ T1234] __device_attach_driver+0x2c5/0x470 [ 1048.835314][ T1234] bus_for_each_drv+0x183/0x200 [ 1048.839998][ T1234] __device_attach+0x312/0x510 [ 1048.844600][ T1234] device_initial_probe+0x1a/0x20 [ 1048.849460][ T1234] bus_probe_device+0xbe/0x1e0 [ 1048.854067][ T1234] device_add+0xb60/0xf10 [ 1048.858231][ T1234] usb_set_configuration+0x190f/0x1e80 [ 1048.863521][ T1234] usb_generic_driver_probe+0x8b/0x150 [ 1048.868814][ T1234] usb_probe_device+0x144/0x260 [ 1048.873501][ T1234] really_probe+0x28d/0x970 [ 1048.877842][ T1234] __driver_probe_device+0x1a0/0x310 [ 1048.882963][ T1234] driver_probe_device+0x54/0x3d0 [ 1048.887823][ T1234] __device_attach_driver+0x2c5/0x470 [ 1048.893028][ T1234] bus_for_each_drv+0x183/0x200 [ 1048.897720][ T1234] __device_attach+0x312/0x510 [ 1048.902315][ T1234] device_initial_probe+0x1a/0x20 [ 1048.907176][ T1234] bus_probe_device+0xbe/0x1e0 [ 1048.911777][ T1234] device_add+0xb60/0xf10 [ 1048.915945][ T1234] usb_new_device+0x1038/0x1c00 [ 1048.920628][ T1234] hub_event+0x2def/0x4770 [ 1048.924885][ T1234] process_one_work+0x6bb/0xc10 [ 1048.929567][ T1234] worker_thread+0xad5/0x12a0 [ 1048.934087][ T1234] kthread+0x421/0x510 [ 1048.938338][ T1234] ret_from_fork+0x1f/0x30 [ 1048.942587][ T1234] [ 1048.944757][ T1234] Freed by task 15455: [ 1048.948668][ T1234] kasan_set_track+0x4b/0x70 [ 1048.953090][ T1234] kasan_set_free_info+0x23/0x40 [ 1048.957862][ T1234] ____kasan_slab_free+0x126/0x160 [ 1048.962966][ T1234] __kasan_slab_free+0x11/0x20 [ 1048.967561][ T1234] slab_free_freelist_hook+0xbd/0x190 [ 1048.972770][ T1234] kfree+0xc8/0x220 [ 1048.976419][ T1234] kvfree+0x35/0x40 [ 1048.980063][ T1234] netdev_freemem+0x3f/0x60 [ 1048.984486][ T1234] netdev_release+0x7f/0xb0 [ 1048.988877][ T1234] device_release+0x95/0x1c0 [ 1048.993259][ T1234] kobject_put+0x178/0x260 [ 1048.997502][ T1234] put_device+0x1f/0x30 [ 1049.001496][ T1234] free_netdev+0x34f/0x440 [ 1049.005749][ T1234] usbnet_disconnect+0x245/0x390 [ 1049.010528][ T1234] usb_unbind_interface+0x1fa/0x8c0 [ 1049.015559][ T1234] device_release_driver_internal+0x50b/0x7d0 [ 1049.021459][ T1234] device_release_driver+0x19/0x20 [ 1049.026408][ T1234] bus_remove_device+0x2f8/0x360 [ 1049.031183][ T1234] device_del+0x663/0xe90 [ 1049.035346][ T1234] usb_disable_device+0x380/0x720 [ 1049.040216][ T1234] usb_disconnect+0x32a/0x890 [ 1049.044721][ T1234] hub_event+0x1d42/0x4770 [ 1049.048978][ T1234] process_one_work+0x6bb/0xc10 [ 1049.053667][ T1234] worker_thread+0xe02/0x12a0 [ 1049.058174][ T1234] kthread+0x421/0x510 [ 1049.062078][ T1234] ret_from_fork+0x1f/0x30 [ 1049.066335][ T1234] [ 1049.068501][ T1234] Last potentially related work creation: [ 1049.074055][ T1234] kasan_save_stack+0x3b/0x60 [ 1049.078567][ T1234] __kasan_record_aux_stack+0xd3/0xf0 [ 1049.083775][ T1234] kasan_record_aux_stack_noalloc+0xb/0x10 [ 1049.089423][ T1234] insert_work+0x56/0x320 [ 1049.093584][ T1234] __queue_work+0x92a/0xcd0 [ 1049.097922][ T1234] queue_work_on+0x105/0x170 [ 1049.102366][ T1234] usbnet_link_change+0xeb/0x100 [ 1049.107122][ T1234] usbnet_probe+0x1dd3/0x2830 [ 1049.111640][ T1234] usb_probe_interface+0x5b6/0xa90 [ 1049.116585][ T1234] really_probe+0x28d/0x970 [ 1049.120924][ T1234] __driver_probe_device+0x1a0/0x310 [ 1049.126046][ T1234] driver_probe_device+0x54/0x3d0 [ 1049.130907][ T1234] __device_attach_driver+0x2c5/0x470 [ 1049.136113][ T1234] bus_for_each_drv+0x183/0x200 [ 1049.140807][ T1234] __device_attach+0x312/0x510 [ 1049.145402][ T1234] device_initial_probe+0x1a/0x20 [ 1049.150261][ T1234] bus_probe_device+0xbe/0x1e0 [ 1049.154867][ T1234] device_add+0xb60/0xf10 [ 1049.159027][ T1234] usb_set_configuration+0x190f/0x1e80 [ 1049.164323][ T1234] usb_generic_driver_probe+0x8b/0x150 [ 1049.169615][ T1234] usb_probe_device+0x144/0x260 [ 1049.174348][ T1234] really_probe+0x28d/0x970 [ 1049.178641][ T1234] __driver_probe_device+0x1a0/0x310 [ 1049.183762][ T1234] driver_probe_device+0x54/0x3d0 [ 1049.188624][ T1234] __device_attach_driver+0x2c5/0x470 [ 1049.193831][ T1234] bus_for_each_drv+0x183/0x200 [ 1049.198516][ T1234] __device_attach+0x312/0x510 [ 1049.203118][ T1234] device_initial_probe+0x1a/0x20 [ 1049.207978][ T1234] bus_probe_device+0xbe/0x1e0 [ 1049.212579][ T1234] device_add+0xb60/0xf10 [ 1049.216750][ T1234] usb_new_device+0x1038/0x1c00 [ 1049.221431][ T1234] hub_event+0x2def/0x4770 [ 1049.225686][ T1234] process_one_work+0x6bb/0xc10 [ 1049.230371][ T1234] worker_thread+0xad5/0x12a0 [ 1049.234882][ T1234] kthread+0x421/0x510 [ 1049.238878][ T1234] ret_from_fork+0x1f/0x30 [ 1049.243131][ T1234] [ 1049.245300][ T1234] The buggy address belongs to the object at ffff888120c9a000 [ 1049.245300][ T1234] which belongs to the cache kmalloc-4k of size 4096 [ 1049.259186][ T1234] The buggy address is located 3184 bytes inside of [ 1049.259186][ T1234] 4096-byte region [ffff888120c9a000, ffff888120c9b000) [ 1049.272465][ T1234] The buggy address belongs to the page: [ 1049.277947][ T1234] page:ffffea0004832600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x120c98 [ 1049.288004][ T1234] head:ffffea0004832600 order:3 compound_mapcount:0 compound_pincount:0 [ 1049.296161][ T1234] flags: 0x4000000000010200(slab|head|zone=1) [ 1049.302067][ T1234] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100043380 [ 1049.310485][ T1234] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000 [ 1049.318901][ T1234] page dumped because: kasan: bad access detected [ 1049.325163][ T1234] page_owner tracks the page as allocated [ 1049.330804][ T1234] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 16486, ts 875478835631, free_ts 875455856669 [ 1049.351458][ T1234] post_alloc_hook+0x1a3/0x1b0 [ 1049.356047][ T1234] prep_new_page+0x1b/0x110 [ 1049.360386][ T1234] get_page_from_freelist+0x3550/0x35d0 [ 1049.365784][ T1234] __alloc_pages+0x27e/0x8f0 [ 1049.370194][ T1234] new_slab+0x9a/0x4e0 [ 1049.374101][ T1234] ___slab_alloc+0x39e/0x830 [ 1049.378532][ T1234] __slab_alloc+0x4a/0x90 [ 1049.382692][ T1234] kmem_cache_alloc_trace+0x142/0x210 [ 1049.387899][ T1234] kobject_uevent_env+0x269/0x700 [ 1049.392760][ T1234] kobject_uevent+0x1f/0x30 [ 1049.397099][ T1234] net_rx_queue_update_kobjects+0x213/0x490 [ 1049.402837][ T1234] netdev_register_kobject+0x231/0x320 [ 1049.408123][ T1234] register_netdevice+0xde9/0x1390 [ 1049.413067][ T1234] register_netdev+0x3c/0x50 [ 1049.417500][ T1234] vti6_init_net+0x2b8/0x370 [ 1049.421920][ T1234] ops_init+0x1cf/0x4a0 [ 1049.425915][ T1234] page last free stack trace: [ 1049.430428][ T1234] free_unref_page_prepare+0x7c8/0x7d0 [ 1049.435725][ T1234] free_unref_page+0xe8/0x750 [ 1049.440234][ T1234] __free_pages+0x61/0xf0 [ 1049.444399][ T1234] __free_slab+0xec/0x1d0 [ 1049.448566][ T1234] __unfreeze_partials+0x165/0x1a0 [ 1049.453519][ T1234] put_cpu_partial+0xc4/0x120 [ 1049.458027][ T1234] __slab_free+0x1c8/0x290 [ 1049.462279][ T1234] ___cache_free+0x109/0x120 [ 1049.466707][ T1234] qlink_free+0x4d/0x90 [ 1049.470759][ T1234] qlist_free_all+0x44/0xb0 [ 1049.475039][ T1234] kasan_quarantine_reduce+0x15a/0x180 [ 1049.480332][ T1234] __kasan_slab_alloc+0x2f/0xe0 [ 1049.485024][ T1234] slab_post_alloc_hook+0x53/0x2c0 [ 1049.489966][ T1234] __kmalloc_track_caller+0x11d/0x260 [ 1049.495173][ T1234] kvasprintf+0xd6/0x180 [ 1049.499253][ T1234] kvasprintf_const+0x5e/0x190 [ 1049.503856][ T1234] [ 1049.506025][ T1234] Memory state around the buggy address: [ 1049.511496][ T1234] ffff888120c9ab00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1049.519393][ T1234] ffff888120c9ab80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1049.527292][ T1234] >ffff888120c9ac00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1049.535187][ T1234] ^ [ 1049.542743][ T1234] ffff888120c9ac80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1049.550640][ T1234] ffff888120c9ad00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1049.558539][ T1234] ================================================================== [ 1049.566434][ T1234] Disabling lock debugging due to kernel taint [ 1049.594771][T16665] microsoft 0003:045E:07DA.007A: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 1049.605066][ T743] savu 0003:1E7D:2D5A.007B: hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0 [ 1049.624992][T16665] usb 2-1: USB disconnect, device number 73 [ 1049.804582][T15455] usb 5-1: USB disconnect, device number 65