last executing test programs:

6.967912923s ago: executing program 3 (id=478):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0xffff0f00, 0x0, 0x0, 0x2}}, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r1, 0xa48e97c0dc6f2fc9, 0x23, 0x0, {{}, {@void, @void}}}, 0x14}}, 0x0)

6.891056204s ago: executing program 0 (id=483):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfd', @ANYRESHEX=r4])

6.890221474s ago: executing program 0 (id=484):
r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000001900)={{0x12, 0x1, 0x200, 0x2, 0xcd, 0x77, 0x10, 0x403, 0xb8d8, 0x30bb, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xde, 0x0, 0x0, 0x8, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xd0, 0x76, 0xd8, 0xe}}]}}]}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="17000000000000000084000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1, <r2=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
r3 = accept4$inet(0xffffffffffffffff, &(0x7f0000000dc0)={0x2, 0x0, @loopback}, &(0x7f0000000e00)=0x10, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000f80)=@raw={'raw\x00', 0x9, 0x3, 0x208, 0x0, 0xffffffff, 0xffffffff, 0xe0, 0xffffffff, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3, &(0x7f0000000e40), {[{{@ip={@local, @empty, 0xff, 0xff000000, 'veth1_to_bridge\x00', 'veth0_to_bond\x00', {0xff}, {}, 0x62, 0x0, 0x14}, 0x0, 0xc0, 0xe0, 0x0, {}, [@common=@ttl={{0x28}, {0x3, 0x9}}, @inet=@rpfilter={{0x28}, {0x2}}]}, @unspec=@TRACE={0x20}}, {{@ip={@remote, @multicast1, 0xffffffff, 0xff, 'caif0\x00', 'lo\x00', {0xff}, {}, 0x21, 0x3, 0x3}, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x268)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000012c0)={[{@resgid={'resgid', 0x3d, 0xee00}}, {@grpquota}, {@noblock_validity}, {@stripe={'stripe', 0x3d, 0x7}}, {@stripe={'stripe', 0x3d, 0x2e}}, {@resgid}, {@sysvgroups}, {@norecovery}, {@usrquota}]}, 0x1, 0x4dc, &(0x7f0000001380)="$eJzs3dFrHFsZAPBvJtmbtM01uerD9YK3xVbSot1NGtsGH2oF0aeCtb7XmGxCyCYbspu2CUVSfFcQUcEnn3wR/AME6Z8gQkHfpYoi2uqDD+rKzs7aNt1teul2p01+P5jOOXOy832nITNzZg47ARxZpyLiakSMRMS5iJjMt6f50m67er3zc48f3V1sL0m0Wjf+lkSSb+vuK8nXJyJiLyLGI+IbX4v4dvJ83MbO7tpCrVbdyuuV5vpmpbGze351fWGlulLdmJubvTR/ef7i/MxA+jkVEVe+8qcfff/nX73y68/f/sPNv5z9Tjutibz96X4MUqfrpez/oms0IvJ+j7+OmMM0kq9Lfdq/NzLEZAAAOFD7Gv/jEfGZ7Pp/Mkayq1MAAADgMGl9aSL+nUS0AAAAgEMrzebAJmk5nwswEWlaLnfm8H4yjqe1eqP5ueX69sZSZ67sVJTS5dVadSafKzwVpaRdn83n2HbrF/bV5yLivYj44eSxrF5erNeWir75AQAAAEfEiX3j/39OZuP/saLzAgAAAAZsqugEAAAAgNfO+B8AAAAOP+N/AAAAONS+fu1ae2l133+9dGtne61+6/xStbFWXt9eLC/WtzbLK/X6SvadfesH7a9Wr29+ITa271Sa1Uaz0tjZvble395o3lx9+991DQAAAG+r907e/30SEXtfPJYtbe8UnRQwFMkB7dlLQh7mlT8OISFgaEYK+zBQtNGiEwAKUyo6AaBwB90H6Dt55zeDzwUAAHg9pj/V//m/ewNwuKVFJwAADJ3n/3B0lZ6dxHexuEyAonzsgPZXf/7fan2khAAAgIGbyJYkLefPAiciTcvliHez1wKUkuXVWnUmHx/8brI01q7PZp9MDpwzDAAAAAAAAAAAAAAAAAAAAAAAAAB0tFpJtAAAAIBDLSL9c5J9m3/E9OSZif33B95J/jWZrSPi9k9v/PjOQrO5Ndve/vf/b2/+JN9+oYg7GAAAAMB+3XF6dxwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIP0+NHdxe4yzLh//XJETPWMf3I8W41HKSKO/yOJ0ac+l0TEyADi792LiPd7xU/aacVUdLLoFf9YgfHTiDgxgPhwlN1vH3+u9vr7S+NUtu799zeaL6+q//Evje7xb6TP8efdl4zxwYNfVvrGvxfxwWjv4083ftIn/umXjP+tb+7u9mtr/Sxiuuf5J3kmVqW5vllp7OyeX11fWKmuVDfm5mYvzV+evzg/U1lerVXzf3vG+MGnf/XfF/X/eJ/4Uwf0/0yvHY4/v+k/D+48+kSnWOoV/+zp3uff9/vET/Nz32fzcrt9ulve65Sf9uEvfvvhi/q/9KT/Y9Hr99/jRNuOebbfTvc5d/27D1/yRwGAIWjs7K4t1GrVrbexkMYbkYbCQApjb0YaCp1C0UcmAABg0J5c9BedCQAAAAAAAAAAAAAAAAAAABxdw/g6sf0x94rpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAC/0vAAD//8HG2Dg=")
rt_tgsigqueueinfo(0x0, 0x0, 0x20, &(0x7f0000000480)={0x9, 0x0, 0x9})
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000580)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000500), &(0x7f0000000540)='%pB    \x00'}, 0x20)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000680)={[{@subsystem='blkio'}]})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000e80)='kfree\x00', r6}, 0x18)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000003440)={0x14, 0x0, &(0x7f0000003400)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000004000)={0x14, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="000304000000040347"], 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, &(0x7f0000004ac0)={0x2c, 0x0, &(0x7f0000004840)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000010000000000000000000000950000000000000046682d562c31aa909594c57a164463536e83a7f6ac12a8b52f0d70aa97a91fa46cdcefe7534fda04cace652409e818c0b1da96d9c9fa8e9523840100cbac3c07c3db6bc11fa42d9ca632c33ca9a00987000000002cd50db1486b80ee61ff6ddaa4bf0609a8ef7fd07f4c556489cf61cf8e63e826fff67d3299ca9f9b85cdcd75b85bb1775f4ff03b75aa7b6aa1a7e9a2b91d103d541bce370d9e6810dec2fe8300dc5edf3f6aa43810579aedb7e19fbacb5bd5e5337b507559ca6acc6471ecad2746ab01526ace07000000c1ea01c13a2406007d0efb7e91a9dbde2353f035347270d076c93f1b1a810c"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1b00000000000000000000000004000000000000", @ANYRES32=r5, @ANYBLOB="7f000000002ab0d254f5206bf6c9000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="02000000020000000300"/28], 0x50)
r9 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000900)=0xffffffffffffffff, 0x4)
r10 = openat$incfs(0xffffffffffffffff, &(0x7f0000000c40)='.pending_reads\x00', 0x688a01, 0x12)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x18, 0x1c, &(0x7f00000007c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x635a17c4}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@ldst={0x1, 0x2, 0x4, 0x3, 0x0, 0x40, 0x4}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}}, @alu={0x4, 0x0, 0x5, 0xb, 0x2, 0x50, 0xffffffffffffffff}, @initr0={0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000008c0)='syzkaller\x00', 0x8, 0xfb, &(0x7f0000000b00)=""/251, 0x40f00, 0x61, '\x00', 0x0, 0x0, r9, 0x8, &(0x7f0000000a00)={0x5, 0x5}, 0x8, 0x10, &(0x7f0000000c00)={0x3, 0xe, 0x5, 0x1}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000c80)=[r1, r4, r2, r5, r5, r2, r10, r4, r7, r7], &(0x7f0000000cc0)=[{0x3, 0x5, 0x9, 0x5}, {0x2, 0x1, 0x10, 0x7}, {0x4, 0x4, 0x2, 0x2}, {0x0, 0x3, 0xd, 0x9}], 0x10, 0x7, @void, @value}, 0x94)
r11 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r11, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
sendmsg(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)=',', 0xff80}], 0x1, 0x0, 0x0, 0x2c}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000940)=ANY=[@ANYBLOB="050000000000000071116a00000000008510000002000000850000000000000095000000004000009500a50500000000a7664ace88f3284baf71dcbb2b4b93597f6140cc51c69be1716632ceda93db3759730d8e75e39d0f2a4a632779f37ed3533b810aaac5bc2342fdad4195d0b33262e612a44586bb43760f4c160300fd2f7b56aeccce810dd780f165418b21064d5fb25009b49ab193b379af3a629249cf112993c3938e0ef5a93fee6fe1a3cab7c320"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)

6.829661454s ago: executing program 3 (id=486):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000080)={&(0x7f0000000000), 0x0, 0x0, 0x0, 0x5, r3}, 0x38)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='attr/current\x00')
preadv(r2, &(0x7f00000003c0)=[{&(0x7f0000000380)=""/44, 0x2c}], 0x1, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_RINGS_SET(r4, 0x0, 0x0)
writev(r4, &(0x7f00000003c0), 0x100000000000022d)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="00173325d61559f74400000000000037000000f100", @ANYRES32=0x0, @ANYBLOB], 0x48)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(0xffffffffffffffff, 0xc0406619, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
socket$inet6(0xa, 0x3, 0x8000000003c)
syz_open_procfs(0x0, &(0x7f00000021c0)='maps\x00')
preadv(r2, &(0x7f0000001340), 0x0, 0xae2, 0x9)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)

5.967936458s ago: executing program 3 (id=489):
openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x480, &(0x7f0000000180)={[{@nobarrier}, {@grpjquota}]}, 0x1, 0x765, &(0x7f0000000800)="$eJzs3c1rHOUfAPDvbJKmv7Q/E0HQegoIGijdmBpbBQ8VDyJYKOjZdtlsQ80mW7Kb0oSAFhG8CCoeBL307Eu9efXlqv+FB2mpmhYrHiQyu7PpNtltN22SRffzgWmf55nZPPPdZ2aeZ/cZdgLoW+PpP7mIQxHxQRIxmpUnETFUTw1GnGhsd2tttZguSayvv/ZbUt/m5tpqMVpekzqQZR6LiO/fjTic21pvdXllrlAulxaz/GRt/vxkdXnlyLn5wmxptrRwbGp6+ujxZ48f27lY//hp5eC1D19+6qsTf73z6JX3f0jiRBzM1rXGsVPGYzx7T4bSt/AOL+10ZT2W9HoHuC/pqTnQOMvjUIzGQD0FAPyXvRUR6wBAn0n0/wDQZ5rfA9xcWy02l95+I7G3rr8YEfsb8TfnNxtrBrM5u/31edCRm0k2M9KYzEwiYmwH6h+PiM++eeOLdIldmocEaOftSxFxZmx86/U/2XLPwnY93cU245vyrn+wd75Nxz/PtRv/5TbGP3HH+KdhuM25ez/uff7nru5ANR2l478XWu5tu9USf2ZsIMv9vz7mG0rOniuX0mvbQxExEUPDaX7qLnVM3Pj7Rqd1reO/3z968/O0/vT/21vkrg4O3/mamUKt8CAxt7p+KeLxwXbxJxvtn7Rp/7TsVJd1vPL8e592WpfGn8bbXLbGv7vWL0c82bb9b9/Rltz1/sTJ+uEw2Two2vj6509G2pUf2dT+6ZLW3/wssBfS9h+5e/xjSev9mtXt1/Hj5dHvOq27d/ztj/99yev19L6s7GKhVlucitiXvLq1/Ojt1zbzze3T+CeeaH/+bz7+11v2If1MeKbL+Aev/frl/ce/u9L4Z7bV/ttPXLk1N9Cp/u7af7qemshKurn+dbuDD/LeAQAAAAAAAAAAAAAAAAAAAAAAAEC3chFxMJJcfiOdy+XzjWd4PxIjuXKlWjt8trK0MBP1Z2WPxVCu+VOXoy2/hzqV/R5+M390U/6ZiHg4Ij4e/l89ny9WyjO9Dh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMgc6PP8/9ctwr/cOANg1+3u9AwDAntP/A0D/0f8DQP/R/wNA/9H/A0D/0f8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwy06dPJku63+urRbT/MyF5aW5yoUjM6XqXH5+qZgvVhbP52crldlyKV+szN/r75UrlfPTsbB0cbJWqtYmq8srp+crSwu10+fmC7Ol06WhPYkKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALanurwyVyiXS4sSEhISG4leX5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/h3+CQAA///Q6StZ")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
getpid()
preadv(0xffffffffffffffff, 0x0, 0x0, 0xfffffe00, 0xfd48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000480)=@raw={'raw\x00', 0x3c1, 0x3, 0x300, 0x0, 0x111, 0x4b4, 0x0, 0xd4feffff, 0x278, 0x20a, 0x278, 0x278, 0x278, 0x3, 0x0, {[{{@ipv6={@empty, @empty, [], [], 'ipvlan0\x00', 'team_slave_0\x00', {}, {}, 0x6}, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@ipv6={@loopback, @private1, [], [], 'veth1_to_hsr\x00', 'pim6reg1\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x360)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe(&(0x7f0000000300))
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000015"], 0xb8}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)

4.937270824s ago: executing program 3 (id=493):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[], &(0x7f0000000040)=""/247, 0x1a, 0xf7, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$IP_SET_OP_GET_BYINDEX(r0, 0x1, 0x53, &(0x7f0000001b80)={0x7, 0x7, 0x4}, &(0x7f0000001bc0)=0x28)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x1, 0x0, 0x1}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$inet6(r1, &(0x7f0000001b40)={&(0x7f0000000180)={0xa, 0x4e20, 0x0, @local}, 0x1c, &(0x7f00000017c0)=[{&(0x7f00000001c0)="0f", 0x1}, {&(0x7f0000000340)="60a1f557ddaae0636a1b8b3952163708b95edf9c622a79875bc708246fadbce6ad09e6c83215fe51aa384d4b111b9d23bf3d734dbbebbbfc006d72946e142da4ea0866b7534c2e4228482dfe5e790d88130874df6cc7300f03df510d6e0e874e52c383d13119e3d771667a553485bac7e49ff8594f24e1b892e33a268a09a58408dc079054735329beaa88e717aa2fd3936ff76bf269b6a0ee3cd397ceb154ad8d85c7e16c42a6cd2fac918688ef63b7a83140cf3f33fd36f01048", 0xbb}, {&(0x7f0000000400)="3ee7a3e9b15df67a2749296cb414b89a12a6abbed311d0554821230c5db52daea687eaec4c33dc146d8f6bcaf2d9f2942426e6c5f6680860f1e9b1eb5fa3e3ad617aa58671f71fb07304a8d1173bf0944e9969e586623b0b9130e108e9b164a5ef08abf5c815f244a0d1115aa26fa5d6b097efc664126ba22d5683d50b7c6e7f3a22ef2866689513e277f5dd33002120feb5f969902bf27d6cdc402b59953d6474cfe9c7d7df", 0xa6}, {&(0x7f00000004c0)="bdc5711382011748f9525801967c247ba9a4d8ff7fedbcad8e8a9ddce1d711dc95cd96337f1fbeea6510a6e1bb0a9e8557f35f0330e1ddc9493b92b559977b935c3dac18aa12584aaec30d6d0a4703729f4087aa3ec73ce1945822c7224ab6b2dd4b58bbf3863a2f75c4277b53e8d3e04ee06180c0f7a2eab6f8c059498fd5bde437a6c3558afe7115a25f690a9bd26c4844cb3fe4895c3b03a6019726691d835dcec9ea818617fe770a1e", 0xab}, {&(0x7f0000000580)="b16cdfbac228fb013d56b0f833e33ef21770f99d9b503578a8529cc9baee80ceb34d19930fc9b824b4f0a23a4de96277761239dab82884528949afb44b17ac6d30dc6de07adf4352badb5f56efc16ed6d3e1d7f7cc64abab746d2d2ec863390a7d3f0684ce958330befef503392134ac7a7625e2f124119a8adf6cccfdea97cd930ddc03", 0x84}, {&(0x7f0000000640)="944c62d56d775d340839e0aea0205d61a9ee66dc52af722220c78b973b8fb987b99aa69d7246de9e242bdae406badddfc38103c534517c16462c6e45c0867e45fd2bbe3851cbb8cfc73cfd9ef96948976b27767d25f02b4bb34575ab210a3d9107dfabfe9a6940d64d429f9bf4d652c8d3ec13e334e6d1d65a6653746e17750927c5ffa261bc7b44ccabfa954b6ed6e09514e4026fcc44b3943a389405fa517de41f303d8816eeca943c43b8e485e9bb4d49dad66831b5f2c3695fc4243a5c0b31b304ee362642365de134853ef8b5cfd7a1534444dc51fc796703c2e0e07ec9509b7c1923f7de567eaa4f5160273e3b59e055edbb674b8dd6d9d0f9fbed6d9291d5adce95326680abaf0b03ba36404cc293025c3ffea350b2751520d9f9b69bc61dbe50a4298f77dacb8451084f12bb9f0193f9f573dd5ac3a0d47ebc0639ca9b71108e621133532722c23cdcf4069d04e891cfde3387c26d4d93f1fdfd992a753471b110db49c3c747a2b3573ab550ea528d6f0b077487d9bfe2df239f141a04b4816c06fb091b8d0d449fcc290afb44573ac3c9dc106417acfadbf7cb2fce8380caddc2c815d488511f703ac850db7b5534d29cf2208a9c0184888423697317894c81d8ff581f0f46c62d8d0fbbe323302b0e0d8378c7e8cac0ee4766f3b70d2e514c78271b4413ea61a05e3016f672a33746d31277ad0acbc3e26029e062f04a83903ba4cac203e912aab22371c01cda85611aacdfd4b1881deb7e997992069ef2584b006c7923934c0ded3ea4610f334bed18076399f41ad1091f9ed342799df6973216a889d439c5b670e118d4557bdedc8c4da801e735ffc57c07969aea66bdfe473c688ffb4efb34125b5e4218db11c46182fd698a52dede4310c16eeb91ef00b5eaa699b3b3a3e89a007ed89c087ab6bd82124f48fc5204254a6f0727038f8c8f82acd8a0154af44440639af5f9fdf0cdee14c919fefc417a785a57bb2753cf3cdcc86ecd3b9d785ed7eb3d602b6d8068a9d6b28662bb34440319e3a822d38ccb89c74472e25f0c5c1e4789cbf131c018bddbaf7e4c7f669bafaefa16a2e0bf5dc2dc0ce94e84a76849e52dabcb21ecc1f1978d2b63ae37e40e2fa37320c9bb885de33cb5e50d5be3336951345ae336349dfce6e127562dee6b08f5fd8c4c6fe4f75de243446b32305dda2c23ce8ab2ff7ea47f62a533c0a4de74a9a9024a730ef2ce53b0f239bafcbc54592decc3fcfceb8c1a04116fd52dc8f62560d72cb5eef1f9d7350fa3e72d55cb60707f8ae57492446a39873260efd4cb1a49ad96ddc7f1d63a720b382ef82ce874efb8d36dc016441a25340648f1dd6ad8cf67ab0dcb16b1db10bbb1547b30c945aa49975fd7b164a12daf1bc11772f2f0f2e197737c71c563bfca02885e4efe5d3ae2e69d69dceddff06dbe57d88cecca0996cef3892e9164019ebcba2feb8b2a4f4a757db27e4c790d6ed609cbd2bcfcb6f84df9ec1910a6d4f2903c46a0f252d39e2fd73f0024cb0676d355c2d7ea768085a65b5e50e110d142c7b45d04627a9934d320815ca468ad0726cc5c11c0cb77a75ec657c940a868754fe5e4159e90842f646420eec77fdccdddb754764f5bf71f440ffc6965b0ae511e5c14d2290658abc545bd528aeef20718c385019845fd6616bdfb1c1c19a4ff3ea24107a821962889222b70f2bd6f72d0b4368fc6d2dbacb71aa928a64068216818a4502083b4e12b0c90c9803c2eee9af5653d9fb4d699494c497e4a1755d198b5c2964b8ef86c9855f68ec10e5f12ce28d3ce562560c96f761f16b48ef43b6102973b26e2c406869ce29df8ab62fedf37328a434651a31ab15a7aec19b4abe634e0b70f1c282378b5a3c3cc96098f27d53f60849a75a62bfb60074597ae668230730a60b667b146bf183aff605c50a963630cff781c79f430e25d688eb632af8e16413e6c96989320b7ee576c0b16ac34f413b912b14deaecc1042b7c65e929c1eabdc883b5db5679acf94f46d7047e0dc81cc82792a51aaa3c1b34ce325d394920602ebc138818153ba09b7ebfd7c0e281b5b05224e09c9815f9c3a3afa82ccc718be8f3bf9ea9b3053643aa51d8f696e09a75805be0971afd8aa0b54bd1d5c74a319e0f33607ebddf8ee8849f8731878a8db1953b8f4a5f47cdc834199841c754bb4246de34362f8c6330dac3fb8453e00113f6496f1452b29479086614525b67fccfed8fe802f263bf1c1ac9d06cfea7d2a701fec097f42769268c610b1786243dbdbf7c5c4395d74ee635046cbd5abc5fd4694c36a5d0eeaa9e01ff190ad94fef364ec391f7a6ae2fd676fc8c3b7b60d33ef564e492803ac8942b5e9c53f3d5e6668db1e02529ede6cf31f2393eec98d53348095c36b4c98e0a20899fb9dc112a96615b65c69b06e183e2d55929955ae12ba563724f6fdf7c4804f30ebda4f71f4635818845bc86dc799f718d608143c0e6e01203ada61d6be6f2fc70340a680aa1ce2c2025546c887993bc64945bc9e2769c754a1e7ad9fba88d84dd2a738f32af47bdc5b175cf398a38a6e94d78561a8e1ef2954ee05732a399fb2b1328a40184c8d8757ba51b32d1a8f70009b89906b0a587d9354c70add671eb61862e95f261a06e96158e82e977869f2f34eb557a631e88ecd263ab8bdcdb71666f5595e3419870d3d2886ee65500ffde503d64923588f2de4352219a498b21e3c01b3270ef6618dd9a3643065f9ebb867192545a80db33dcdb8531327d7e987569b1f6f98b9bfa501c4fefc9ee667132021ce810a3b3db5095a9f96f6f391484e73fd7994ec23ef793065e36e8531ba043b2b8b132f7836c7506c0b159de899a4e4a3e0b449bbb697d599f6cb1bef77b7dfd273131337447ca6170a056acf0f5adb5bcf79f8a258e605a1a757a676444bfac294085d327595dc76f93dc3ae0d3b6be033f0d4dbc9c4954169bddf571f1c1f4c31a81dfa86f8f7930bce71c7acdc854e93715e406059615da593276f91de910bc46879d2fb8f65c5b4b1d901fe0f788a698c04153bf1b5ec6dc669fd7f5ba5056a9da8b078526851ce7efbc15523ab8393380c571f5d0a6113db5125c8ee268eeda71ee26b0d2c19f6a92c0aad30c96d01219fd387772b2d3186881ea56cf2611cb63d8d29f200af98dcaed807b0b510b1e5f6645d2f644d8d0e66cc54f004812158eb2a6d177cdcff26247ef6e9419991e3ee3d8a89662ed90e34c17c887e62071534df8f21d47e8a98d3a5db0578f28be928d983ae3d143f3822c051a8b0897e79d02fd74fe3fd663796d7622e9b7cb6f75075b6c16e4a4e8334dc74054fa7fe9202051694266bffd8dda66a6fc2aff64e8ae00cec4fc02a94fa4810e29923760d38b2f257f701083e6b653239178436b8d4563e12dc596e583c47a6c594ea334b6b3d6a2a073916a7561cbeb1d5e51db71b201832a41b7ee90e6bd1f0ad3beead9079fa6414054e7afa174e2bc775b507adf853c3e55aa17f132f0debe61103330a2ea0ada1d3eb0f4d9e85aac650a5363d3aca5278ef14e8ecaccd1b970e441a65245892418de225b074f866b32b8027ba7904007bad42e911dce6100e8731afa72c0b32dc7956a0e7cc1817a7de0ac0d4d9d14410c10d610fe6d60cd40a0cb726ddd2ee3dc41b22c97b1ed5962a1e5a9dbf9907a5c75bfb7940ebad4a268fe67f874d173d696fdc7bde8158b9205c385db89cec3e1d371bb8455e4a3235b30975df6cb30349c5855409a2fc4e589d6ebf81a8f7f9ae68aea4bfb13cfbbb8c83eb49ec1a89c5972206497312b5c8db082724f1ff6b60e6f60e6528ddfe078d3bb1a2290fd5afe9f0b0ab38573f40bd4cfe00c35bc1c9a875ea8bf5df279bde3eeaa977b9999a0c8a81012e76765fad17584620569a1f9a450cbcfa2aa020ee4de6b59d22a4476e00ba31c0789f3a364071847152f36569434b79631ef5a0c2af1a1576201a72566ee3bf1daf7d0fa8d1832ea326601e0fdecf9d391a88b484384dfedbe1f3b9adbc4917a79b2d95e0032b740d472bcac271ef2e6b1356c782f9850ac715e494fd707a702a3d36ec1a6e13fa10a3360677a4ade856ffcac0458117dcda716ab8b60ac1835ac73cbe2eebe3097d99c73281f845a5a25375ccc26d8e86d19ce56fd5ff8606ee5ca9b2a2ed09a21b5a54d858cc0e7a5eb2baa46add1d3dc9186b6b39c49c68c4fb7de456181bbe9e78dff044e438c19dc17aa54de60fe058ca6cc9f803db1cc50d636e44a28518cc5412f7f238c237d6b350a99b0854c260278fb0c6f061bb6ed00fbde7f97dfef8414e23206c7c8c226db48de7d6ca6bf8956831e0535a99a52a84aab870a76de96b8acbe1699de1aaf3c08042b2f023dc550a5b2d4d7d4537ff6b2deac163084154c108a28a5916233e9961a0552774065ec51de082f6e7852e3ee6ff3d62990b42c3278e1f5d508038b4688bc18a1f2cfd2c9cb75f60c60ffeddc5811a6af910fb427829c5e197902ec1396545c9b5e7bb6dd2654b63648b388d9427602d279e7764416b4f3071a438833999227446b948b3c4a4c49a8fd317e306dcb895ba29f7359286f219eaa3073130fdcbe7787191c2a58598eddbbddc2a18040d77a8d85278c578acc39c49b0b8eff23fec71335619ba29f882354a8c8c3bb1c22d56b1db9876a6c5558a896ce78ce9a9ab970eddf13823d107b4e361ae61cad5d79dc7ba5f00a7caef4068ccb652d9932a1f2772f58756627abc6811436da79af9107a666494a029fa677fe820497bd187003af5ac2f195ccc199eb278dfb221e9a8c709b43e512c0c59f68acf01960952e8b925b5199661ce6b000d385d3a0ef02d359d0b2c6b76fc99d088b351fddf1946db14b4e02472dd9922bdb4b14c90c9c70d137630444479de77e200009dac6ae43d731c51c1e5bf6aaeeb149da7ad1c84f9ff5f2b6952bcf17f9dd83897f495702b84bfeb9d487564b1efb5501cd0d5651238d4449ddb4e803f33a8ec7592844945cdb25ec50eb3a1f8f3736bdcfbe207cb982e62762862d0f80520e718defff66f1d36d24b433e2a7607513da505683a0feede361c5ca295865e06fc57cab630683484571482d7a45dcc2b0b056ebbf6634a6af7c0189a417fc8caee75fc5d59480a172b9501d569377f960842e9d08f417918cc9b95d8fe87433050a67c8dd23e3f4b9481abc5a1848b2577823d773c4433f196732453796ed08d8b103a22cc823fe83879e8cc24893ba6ae2360d76a9bac2d577a8d98f0d7bc1f65166404d025d22156b34b2c0efcb6d8ff4df0456626f09a9a711f464f935353905f21cc4972268c068aca18bce05d63595302eda66b6dfce9b18ed0058383292aa5e696cd20701b3990013fc9c8ccc7c05c92ba22c0aa0f1dae058067da7c2d1c8e41429b408f5cd33710a835e8eb1c0dafbe8929fda4bfcdc4653de121a7384f098c8dd9dbc28463defa385071a0761af9df739e82d10a0cf3d82f216516bc1d4af1dfef4c8cf484e0425de4ce0c047ca093431f24d080cdf0ea9c6ed61f0c8fa1ee70ef5d32a13cad934abc5035a50b267e1a558c9d3ff35f60fc2e7e4aedff1abc4c9eaf49cb47f8ede0bb8aa24e2526095a9d32e6d4985274503c1ca985127faa61125037db36a436a727b3408bd186f01cdbd9ea008282cf952289cbb86ef890e8fe9bdc1a310c3f8a464cdbb09d9f4f5ef1d68d52f78d7763e935a3af51386c49c8cb105e216c8f1802c3483465bb6fbda3d096a06f7e09efb7bbc8cd557cb786f", 0x1000}, {&(0x7f0000001640)="bc1036d602f42ef19c4c9aac63c8aafbac625e41227d3b113a402352ea4aead904d0649c9efc0e707552fdef19012a017223f1d8a77941a9cfbad8e28b95c353fcf0ba77a2824d88299192cf9ab776aff7abd531355e9fef31d4ba099b23c6ba2cc112f150266275ca1851a2880ce3b68cd994028c11a5721fcd5ecae728a00f44486371559fa9945e35dd6a2bfd91a318b60933f50745590b421836292a75a12699a27dd97bbb2b1c80c5039a29b690466dc8d252e6af391325e14c24b0b258e923e586119bdaf434a9c6fdd3d328d6", 0xd0}, {&(0x7f0000000200)="fa8e926da66d0c7c21bd131ceb5ccd059abfd24ec41d2c20fc6d564e877c8aef57fefced2ad5ac9c04fd37601fd63aaaa08ec6e84c80b55b22dbdf830877ce049ad0382968f68f685e4485316b645803e90f275371", 0x55}, {&(0x7f0000001740)="feb8a12ab9741cbe65f5d62ea01ad3bc69c12002dd9a7337ee743345beae99e67b0e9536b52ddc49c1f549441f500da5bb84a2ad44e269b65990c30f60c92cbd4da8766ec2977214f0046b99e76563e02e3f453429f47c7c1a0aa6180622bcc598b2143840de82cb5687a60b6b68", 0x6e}], 0x9, &(0x7f0000001880)=[@dontfrag={{0x14, 0x29, 0x3e, 0x9}}, @rthdr={{0x48, 0x29, 0x39, {0x3a, 0x6, 0x0, 0x2, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @local, @mcast1]}}}, @dstopts_2292={{0xc8, 0x29, 0x4, {0x62, 0x15, '\x00', [@jumbo={0xc2, 0x4, 0x5}, @jumbo={0xc2, 0x4, 0x3}, @hao={0xc9, 0x10, @private0}, @enc_lim={0x4, 0x1, 0x93}, @ra={0x5, 0x2, 0x8}, @generic={0x62, 0x83, "13085b896aa0ec18d3322171d402f2bff561d33205ab4345ad6ac19bd868480234fdc82b826e3b0ac3eb0b98a026183bc7a9ff9ef43241eb85587bad5a60e43bcf427d6a6249842d2f0b8a6aa60ccf3c0e3f91295a74fcd1ce97a7cb8b08d57a11336a31c01b167a1156f56d66f3c564b34cb5233ae16bebba09842e9e59a640aad8d6"}, @ra={0x5, 0x2, 0x8840}]}}}, @rthdrdstopts={{0x130, 0x29, 0x37, {0x29, 0x22, '\x00', [@enc_lim={0x4, 0x1, 0xff}, @jumbo={0xc2, 0x4, 0x4}, @generic={0x9, 0x76, "68343199fa6dd8d52e34fdfadced93d5a3c485c74f10451fc5f962de1e136eef325f439326938fcdb0369c77ddf0e0dc25e0a2ef222e853dc860cd4b45edaf45fdc9f9f1518747178aa8f0c349998d796b89935feaa968f992c2931104ca50698da7fe1401ec8417b58720b11b6e5bd8021a6fba9248"}, @generic={0x5, 0x91, "d21b74f3c18b2d884598a31fb617020796bf346fc9fc6e35553b6d44623fbe0c436b9899b72ee9d68e15cc2e8076a52a9d62d8f12297bf940c3b7e542f2198d5ccce07ea6143801aa0f9527d40d0719dec357875ddc2c9ff8484df8b3171d349ff8fb59a02b2aa2ab9002a3d7bb50fea3748c24cc48f526004891bb3f6e3f6cc141b3247e01985d4c957d90afd81a776ad"}]}}}, @rthdr_2292={{0x68, 0x29, 0x39, {0x3c, 0xa, 0x2, 0x5, 0x0, [@private2, @mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @rand_addr=' \x01\x00', @remote]}}}], 0x2c0}, 0x40)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r2, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)

4.825449314s ago: executing program 3 (id=494):
r0 = socket$netlink(0x10, 0x3, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de00000000000000001801000020a0702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='ext4_writepages\x00', r3}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10e, &(0x7f0000000240)={[{@errors_remount}, {@noinit_itable}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2a}}, {@errors_remount}, {@nodelalloc}, {@grpjquota}]}, 0x3, 0x45b, &(0x7f00000010c0)="$eJzs281rHOUfAPDvTJL217dfYq0vfVGjVQy+JE1atQcvioIHBcFLPcYkLbXbRpoIthStIvUoBcGjeBT8CzzpRdST4FXvUijSi9XTyuzOdF+6u0nTTabNfj4w2eeZeWbn+c4zz+4z82QDGFjj2Z8kYmdE/B4Ro/Vsa4Hx+sv1axfm/rl2YS6JavWtv5Jaub+vXZgrihb77cgzE2lE+mkS+zscd+nc+VOzlcrC2Tw/tXz6vamlc+efPXl69sTCiYUzM0ePHjk8/cLzM8/1Jc57srru+3DxwN7X3r78xtyxy+/8/G1SxN8WR5+M99r4RLXa58OVa1dTOhlexQ5D61gZVi1rhqy5Rmr9fzSGotF4o/HqJ6VWDlhX1VyXzRerwCaWRNk1AMpRfNFn97/FsnGjj/Jdfal+A5TFfT1f6luGI83LjLTd3/bTeEQcu/jvV9kS6/McAgCgxffZ+OeZTuO/NO5vKvf/2FqbGxrL51J2R8S9EbEnIu6LqJV9ICIe7HSQHhMC7ZMkN49/0itrj25l2fjvxXxuq3X8V4z+Ymwoz+2qxT+SHD9ZWThUOycREzGyNctP9zjGD6/89nm3bc3jv2zJjl+MBfN6XBne2rrP/Ozy7O3E3OzqxxH7hjvFn9yYCUgiYm9E7FvjMU4+9c2BbttWjr+H1cwzraD6dcST9fa/GG3xF5Le85NT/4vKwqGp4qq42S+/Xnqz2/FvK/4+yNp/e8fr/0b8Y0nzfO3Srbx7vXdf+uOzrvc0k2u6/hsrtuSvH8wuL5+djtiSvF6vdPP6mca+Rb4on8U/cbBz/98djTOxPyKyi/ihiHg4Ih7Jo3s0Ih6LiIM9zsJPLz/+bq8zVHb7z7e1/1hrkbb2byS2RPuazomhUz9+1/qOjeTqPv+O1FIT+Zra59+XveNaTb1u9WoGAACAu1UaETsjSSdvpNN0crL+P/x7YntaWVxafvr44vtn5uu/ERiLkbR40jXa9Dx0Or+tL/IzbfnD+XPjL4a21fKTc4uV+bKDhwG3o0v/z/zpNxqw+fVhHg24S+n/MLj0fxhc+j8Mrg79f1sZ9QA2Xqfv/49KqAew8dr6v2k/GCDu/2Fw6f8wuJr7f1JiPYANtbQtVv6R/GZIVKvV6h1Qjc2TiPSOqEZ/Esk694KdZQd464myP5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6478AAAD//+Jk61o=")
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYRES64=r3, @ANYRESHEX=r0, @ANYRESHEX=r1])
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000e1ffffff00"/24], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x6, 0x3, &(0x7f00000007c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x57, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = dup(r7)
ioctl$KVM_SET_CPUID2(r8, 0x4008ae90, &(0x7f00000007c0)=ANY=[@ANYBLOB="010000000000000001000080"])
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="3b00000000000000400101c0"])
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r10}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00', r11}, 0x10)
r12 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x319c, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r12, 0x0, 0x0)
syz_usb_control_io$hid(r12, &(0x7f00000008c0)={0x24, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x22, 0x7, {[@main=@item_012={0x1, 0x0, 0xa, '\t'}, @local=@item_4={0x3, 0x2, 0x2, "8cad64d1"}]}}, 0x0}, 0x0)
r13 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f00000000c0)={'vlan1\x00', <r14=>0x0})
sendmsg$nl_route(r9, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000340)=ANY=[@ANYBLOB="b000000010000d0400"/20, @ANYRES32=r14, @ANYBLOB="00000000000000009000128009000100766c616e00000000800002807c0003800c"], 0xb0}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r15 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000002c0)={0x0, 0x6, 0x8}, 0xc)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x10, &(0x7f0000000140)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @ldst={0x0, 0x2, 0x4, 0x8, 0x3, 0xfffffffffffffffc, 0xffffffffffffffff}, @printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}, @alu={0x4, 0x0, 0x3, 0x4, 0xa, 0xfffffffffffffffe, 0xfffffffffffffff0}, @tail_call={{0x18, 0x2, 0x1, 0x0, r4}}], &(0x7f0000000000)='GPL\x00', 0xfffffff8, 0x82, &(0x7f00000001c0)=""/130, 0x40f00, 0xf3, '\x00', r14, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000080)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000280)={0x1, 0x4, 0x3, 0x10000}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000300)=[r4, r15, r4, r4, r4, r4, r4, r4, r4], &(0x7f0000000340)=[{0x2, 0x3, 0x3}], 0x10, 0x3fc, @void, @value}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))

4.716459245s ago: executing program 1 (id=496):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno', @ANYRESHEX=r4])

4.685884765s ago: executing program 1 (id=497):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00'})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x0)

4.629754435s ago: executing program 1 (id=498):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_hsr\x00', <r1=>0x0})
ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000140)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x49, r1})

4.629466065s ago: executing program 1 (id=499):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000080)={&(0x7f0000000000), 0x0, 0x0, 0x0, 0x5, r3}, 0x38)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='attr/current\x00')
preadv(r2, &(0x7f00000003c0)=[{&(0x7f0000000380)=""/44, 0x2c}], 0x1, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_RINGS_SET(r4, 0x0, 0x0)
writev(r4, &(0x7f00000003c0), 0x100000000000022d)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="00173325d61559f74400000000000037000000f100", @ANYRES32=0x0, @ANYBLOB], 0x48)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(0xffffffffffffffff, 0xc0406619, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
socket$inet6(0xa, 0x3, 0x8000000003c)
syz_open_procfs(0x0, &(0x7f00000021c0)='maps\x00')
preadv(r2, &(0x7f0000001340), 0x0, 0xae2, 0x9)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)

3.77961302s ago: executing program 1 (id=503):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000005c0)={{0x12, 0x1, 0x150, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x60, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x1}, {0xd}, {0x6, 0x24, 0x1a, 0x0, 0x8}}, {{0x9, 0x5, 0x81, 0x3, 0x40}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0x0, 0x0, 0x20}}}}}}}]}}, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r2=>0x0})
setsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000740)={{{@in=@loopback, @in=@multicast2, 0x0, 0x0, 0x8000, 0xffff, 0x0, 0x0, 0x0, 0x0, r2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000}, {0x4}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2}, {{@in=@local, 0x4d4, 0x7f}, 0x0, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x2}}, 0xe8)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000001c0)={0x44, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x20, 0x80, 0x1c, {0x0, 0x0, 0x1000, 0x2, 0x1, 0x0, 0x0, 0x10000, 0x81, 0x1, 0x100}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_int(r3, 0x29, 0x1000000000021, &(0x7f0000000180)=0xffffffbd, 0x4)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
signalfd(r4, &(0x7f00000000c0)={[0x5]}, 0x8)
sendmmsg(r3, &(0x7f0000005280)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @rand_addr=' \x01\x00', 0x40000000}, 0x80, 0x0}, 0x5b4}], 0x1, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000540)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x20, 0x87, 0x2, 0x100}, 0x0})
r5 = syz_usb_connect(0x0, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0)
syz_usb_control_io(r5, 0x0, &(0x7f0000000f80)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0x40, 0x13, 0x6, @random="0000000200"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r5, 0x0, &(0x7f0000001740)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={0x40, 0x19, 0x2, "b3f0"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r5, 0x0, &(0x7f0000000bc0)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)={0x40, 0x9, 0x1, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
r6 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f0000000180)={r7, 0x0, {0x2a00, 0x80010000, 0x0, 0x20, 0x200, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab00000000000000070000e60080b8785d96000100000000000000000000000000001d000000000000000000000000000000000000003700", "2809e8dbe10859ff000000d54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d71639df7992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
ioctl$LOOP_CHANGE_FD(r6, 0x4c07, 0xffffffffffffffff)
ioctl$sock_SIOCOUTQ(r1, 0x5411, &(0x7f0000000140))
syz_usb_control_io$printer(r5, 0x0, 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io$uac1(r5, 0x0, 0x0)

3.605957111s ago: executing program 0 (id=504):
openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x480, &(0x7f0000000180)={[{@nobarrier}, {@grpjquota}]}, 0x1, 0x765, &(0x7f0000000800)="$eJzs3c1rHOUfAPDvbJKmv7Q/E0HQegoIGijdmBpbBQ8VDyJYKOjZdtlsQ80mW7Kb0oSAFhG8CCoeBL307Eu9efXlqv+FB2mpmhYrHiQyu7PpNtltN22SRffzgWmf55nZPPPdZ2aeZ/cZdgLoW+PpP7mIQxHxQRIxmpUnETFUTw1GnGhsd2tttZguSayvv/ZbUt/m5tpqMVpekzqQZR6LiO/fjTic21pvdXllrlAulxaz/GRt/vxkdXnlyLn5wmxptrRwbGp6+ujxZ48f27lY//hp5eC1D19+6qsTf73z6JX3f0jiRBzM1rXGsVPGYzx7T4bSt/AOL+10ZT2W9HoHuC/pqTnQOMvjUIzGQD0FAPyXvRUR6wBAn0n0/wDQZ5rfA9xcWy02l95+I7G3rr8YEfsb8TfnNxtrBrM5u/31edCRm0k2M9KYzEwiYmwH6h+PiM++eeOLdIldmocEaOftSxFxZmx86/U/2XLPwnY93cU245vyrn+wd75Nxz/PtRv/5TbGP3HH+KdhuM25ez/uff7nru5ANR2l478XWu5tu9USf2ZsIMv9vz7mG0rOniuX0mvbQxExEUPDaX7qLnVM3Pj7Rqd1reO/3z968/O0/vT/21vkrg4O3/mamUKt8CAxt7p+KeLxwXbxJxvtn7Rp/7TsVJd1vPL8e592WpfGn8bbXLbGv7vWL0c82bb9b9/Rltz1/sTJ+uEw2Two2vj6509G2pUf2dT+6ZLW3/wssBfS9h+5e/xjSev9mtXt1/Hj5dHvOq27d/ztj/99yev19L6s7GKhVlucitiXvLq1/Ojt1zbzze3T+CeeaH/+bz7+11v2If1MeKbL+Aev/frl/ce/u9L4Z7bV/ttPXLk1N9Cp/u7af7qemshKurn+dbuDD/LeAQAAAAAAAAAAAAAAAAAAAAAAAEC3chFxMJJcfiOdy+XzjWd4PxIjuXKlWjt8trK0MBP1Z2WPxVCu+VOXoy2/hzqV/R5+M390U/6ZiHg4Ij4e/l89ny9WyjO9Dh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMgc6PP8/9ctwr/cOANg1+3u9AwDAntP/A0D/0f8DQP/R/wNA/9H/A0D/0f8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwy06dPJku63+urRbT/MyF5aW5yoUjM6XqXH5+qZgvVhbP52crldlyKV+szN/r75UrlfPTsbB0cbJWqtYmq8srp+crSwu10+fmC7Ol06WhPYkKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALanurwyVyiXS4sSEhISG4leX5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/h3+CQAA///Q6StZ")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
getpid()
preadv(0xffffffffffffffff, 0x0, 0x0, 0xfffffe00, 0xfd48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000480)=@raw={'raw\x00', 0x3c1, 0x3, 0x300, 0x0, 0x111, 0x4b4, 0x0, 0xd4feffff, 0x278, 0x20a, 0x278, 0x278, 0x278, 0x3, 0x0, {[{{@ipv6={@empty, @empty, [], [], 'ipvlan0\x00', 'team_slave_0\x00', {}, {}, 0x6}, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@ipv6={@loopback, @private1, [], [], 'veth1_to_hsr\x00', 'pim6reg1\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x360)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe(&(0x7f0000000300))
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000015"], 0xb8}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)

3.605205121s ago: executing program 2 (id=505):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r4 = dup(r3)
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) (fail_nth: 31)

3.532772531s ago: executing program 4 (id=506):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) (async)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) (async)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
rmdir(0x0) (async)
socket$inet_tcp(0x2, 0x1, 0x0)
chdir(&(0x7f0000000080)='./control/file0\x00') (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x2, 0x7, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x2e)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
close(0x3) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x6, 0x4, 0x7f, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5) (async)
ptrace$setopts(0x4200, r5, 0x0, 0x300050) (async)
ptrace$ARCH_MAP_VDSO_32(0x1e, r5, 0xf37, 0x2002)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x15, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000100850000000100000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000002c0)='kfree\x00', r6}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cpuset.effective_mems\x00', 0x275a, 0x0) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r9=>0x0})
r10 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000700)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r12, @ANYBLOB="1c002c80080000006c09"], 0x38}}, 0x0) (async)
sendmsg$NL80211_CMD_SET_INTERFACE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0)

2.684085916s ago: executing program 4 (id=507):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000300)=@generic={&(0x7f0000000040)='./file0\x00', 0x0, 0x18}, 0x18)
r3 = socket(0x2, 0x3, 0x100000001)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}}, {{@in, 0x0, 0x6c}, 0x0, @in6=@dev}}, 0xe8)
syz_emit_ethernet(0x3e, &(0x7f0000000500)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @multicast1}}}}}}, 0x0)

2.642389915s ago: executing program 2 (id=508):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno', @ANYRESHEX=r4])

2.638573346s ago: executing program 4 (id=509):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00'})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x40}, 0x0)

2.607667856s ago: executing program 4 (id=510):
sendmsg$TIPC_CMD_DISABLE_BEARER(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x12b084226d2dad07, 0x70bd25, 0x0, {{}, {}, {0x10, 0x13, @udp='udp:syz1\x00'}}}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x4081)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000180)={@multicast2, @loopback}, 0xc)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000440)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x8000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000f0ff0000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xdc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10)
socket$inet(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'\x00', 0x8411})
ioctl$TUNSETOFFLOAD(r2, 0x400454c9, 0x9)
ioctl$TUNSETSTEERINGEBPF(r2, 0x400454ce, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000040)={'lo\x00'})

2.602324466s ago: executing program 2 (id=511):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x1808014, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461002018bbdecde39739fcd1df176dde746ec834120600000000003b048000000000000072462abc30ef5b65c70f73ecea54b5e5bec5aca9836c319f653557e79a002208ceae6dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e36868736000000f6a55493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1174e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc369c71e57fafab52f325ca91e684160191acf5ae7469c82ab4145b595b987d75912afdcc1c061835294cc0c618aba204f8adaa20c80108d356cd887ba217c8f569e6d0caf75052a77056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6ac0d90ea79b8027cf75964dd86c2ed2b5e75779677a28c76b848dd03dab190b5f02ec52830f3ff01eaae1c3df076000000000000000000000000000083a48a6b926c668b9ba42490175018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac011170182f99766e86fb125cc6799c43aa4dc708dc4a00a6decad26f0378072a571da000000aec3dfbae348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0f1415e90fd0400bad5f796374bb196e60e537b8ffca80a5ec3c5c063aab2c87a7824c4fbfab7264185e1b2e59012acbf3732abe75b848de8ec4aaba2e3c8cd14dd9bf9499952815b9fb34057a585a9c18a11f3d496825b3fcb0c8aa89e079fd78997da864b302139b2b10597100846b55f7d0b050b7b0ef7e9c897c50b53404acdd701425323201b33465fddec69c37cb13fd441a830af5ea73f4ac82d7926eb0db1141003d148473077a76c3bee7e37dc799abb47bd67cde7958c50fb2d15c9cc196e4bff1d00"/716], 0x5, 0x558b, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx64auumCJWPBPEEisWPIbWMASdogFiB1SkWcmULdJC63jQPs80vjMHL8+874jK9KZiRzAU2sp/e2XJI7FoYhYiIijSeT7SblF3I44X4x9LiKOR0Tlri0p838m9kfE4Yg4Nile1EzKtz47OT5x9uc3f/362wP7jnz+1Xd7unBgTz0fEf31Yv9mv4hZJw93Fsp8Y9zNY//MuIzrUzX6WZG/2V7LK9xsbI1r5PF0pxifrd8YTuLVXqM5iZ3u1Ty/PihOOBx3tupMPpBea2zkx632Wh67wyyPnVvFeTdvFX/bbg1HRZ1WWe+jvHyMRluxyLc328V61q/nsTkYlfmibtZqb07iuIzl6aKZ9Vr5PNYe9Sr/+73VHdzYTMftjWE3G6Rna/UXavVz1fpG1mqP2meqjX7r3Jl0udObDKuO2o3++U6WdXrtWjPrr6TLnWazWq+nyxfaa93GIK3Xa6drp6pnV8q9k+lrl99Le610eRJf6Q5ujLq9YXo120iLT6ykq7XTL66kJ+rpO5eupFfevnjx0pV3P7jw/uWXL73xajnovmmly6unVler9VPV1frKU7T+j8tJ/4P1J9unf/j+8S4bFHb4ggGws/v6/7i3/w/9PzBzD+j/49pD+v/+9fJ4d/r/2Lb/r0z3/zHL/n/SUun/H97/Vvag/10M/f8urh8ey6P1//tnPg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAObux8UvXs93lorjI2X+f2XqmfI4iYhKRNzZxkLsn6q5UNZZ3GH84j1z+CaJvMLkHAfK7XBEnC+33/+/21cBAAAAnlxf3j7+adGtFy9Lez0h5qm4aVM5+uGM6iURsbj004yqVSYvz86oWP793hebM6qW38A6OKNixS23fbOq9rcsTIWDd4WkCJW5TgcAAJiL6U5gvl0IAAAA8/TJA999aW7zYM6S2HqUufUsOP/P+78eCB6aeg8AAAD4D0r2egIAAADArsv7f7//BwAAAE+24vf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YOd+ctMGojgAPxsM/auiqvtepTs4Ro/QZZeFA/QSHIGeoFIvwBmolEWOkIQIe4LkBKRIjHGCvk+ynRlHP88AmzeWBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu/a9Wsz+/vv4+Mebv7fY0maYDAAAAHLCpVrP6j0nTfp/6P6auz6ldREQZEYdq90GMWpmDlFMd+f/q0Rj+RdQJu/5xOt5FxLd03Hzq+lMAAACAy7VeLKdNtd6c0hLAVb+j4kyaRZvyw/dMeUVEVJPrTGnl7vQlU1j9+x7Gz0xp9QLWm0xhzZLb8PC9Ua6HtA1al4eZzOsvsW6V3TwXAADoU7sSOFKFAAAAcAF+9D0AzuFpaV/sT/v3jOPmkl4Ivm21AAAAgFeo6HsAAAAAQOfq+v8l7f9X2P8PAAAAsmv2/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBLm2o1Wy+W02P358/MudueJt+MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB79ucdBUIgDMJg7/rOZO5/WGnQ0NikCoSPvzEYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYn5cUCIEgiII5438nff/DSoKeQYQIaHhUUYsGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYt2PfNqowAOCffbbbFBAhoEgEUJE6wEJTt7R0RQgUMfAnIEWpUwIuhTYDrSJKFjaUuQuCESEkUNjyP3RupC5l65AhSEwMQXe+S8+JoVFp79zm95Oe3+fz9b3vna0qn98ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKCw9W682szjJH2YHMTFsdvbKwtpv7mnT22s3ZlJWxo3Ks77CfBa+cnx6foSAQAA4PBIivo+Iu621+fSvjmZ1f/t4py05v/huUFc1PN76/7N7ZWj+UszRf3/+2/3XtqdaDLJ5kkHXVzq907tT6X1mJY49p5/4Bmt7Mpn370k2RvS/HD1xa12dj0b39269X4nC49UkS0A8DBOFn0eFH8PpX23zsQAODRapcK7qP+TyXpzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjC1mo8U8SNiJhp3Y9Tm9srC6P6b9buzGzk7dzNm2vlMdMh2hGxuNTvnapwLeOruJrXP5vv93tXrl6rOjgeESNeunGwf57k6f/rOZ2IGDpy4uUR43x8gLn2jLMvyD+eUe01nEjX98CTG0NHGvsu+Hs7A3V8AKoKmvn7My75PMqg+Ow9+pEr/u8IAICnXjtvaSV6t70+lx5rTEXs/Dhc/79RimOo7t+5MTgyeL5Rqv/vfXLudnmucv3frWh9T4LZ5UtfzF69dv2tpUvzF3sXe5+/fbr7TvfM+bNnz89m35XMLkbTNyYAAAD8D528lev/5tT+/f9jpTj+Y/+/XP9/+X336/Jcifp/pPubfnVnAgAAcBh1dqMXXv/rz8aIMxqdTnw1v7x8pTt43H1+evBYaboP6UjeyvV/MlV3VgAAAEAVtlYbQ/v/F0pxHHD//9mfXvmlPGYSERMRlyOid3Lhcv9CdcsZa1X8UDmbqFP3SgEAAKjLRN7K+//t7P7/5u4tD82IePNExN/5b/jjgPV/8sG3P5fnKt//f6bSVY6f5vTgemT9dERruu6MAAAAeJodzVta7P/RXp/79NdjH3Xc/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQtX8CAAD//4ztMoY=")
syslog(0x2, &(0x7f0000001940)=""/94, 0x5e)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYBLOB="5d4796a88854e56d64ef4572eab2465306cd2d7ef0320901ec7a86589377a0ce86ef6da47f2aaf4f1acf2c9d8837ac6c15d29f98559d212f12099f94204f271049ee14ce25497933fa67b3414bc4d0a020d671089779357924c289f013edc64f2cfa60dff702549c50010ea5cbe01081dfb8aa9d64acd53fcdc436", @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x18)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40000000, &(0x7f0000004700))
timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
readv(0xffffffffffffffff, &(0x7f00000005c0)=[{0x0}, {&(0x7f00000000c0)=""/188, 0xbc}], 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x80010, 0xffffffffffffffff, 0xb22fb000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
timer_create(0x4, &(0x7f0000000680)={0x0, 0x10000021, 0x2, @thr={&(0x7f00000003c0)="2616e12e8358dfce4a876e460b442515334db276c4a20d9bd7f55723b2e1b060d3379d943a6cfe78b3422f35db5122f4a8a0185f81380694cb45ce21b2a0b2894758c5c9e84d", &(0x7f0000000440)="ecb1c47e361a8f2d9880fadaf39ee2dd746d44c5b3452ba9d5dde375c084d13d3e7d5b701eeaa7eb96a1cad00bb1f3a0495375913d4495cd2123726fbdf608b00b61a7e83ab8e64cfe7a500dff15e559e90a275d1e10"}}, &(0x7f0000000380))
timer_settime(0x0, 0x0, 0x0, 0x0)
timer_gettime(0x0, 0x0)
setrlimit(0xf, &(0x7f0000000000)={0x100000000, 0x3})
mremap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
unshare(0x40000000)

2.542771526s ago: executing program 0 (id=513):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) (fail_nth: 6)

2.152296788s ago: executing program 0 (id=514):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000080)={&(0x7f0000000000), 0x0, 0x0, 0x0, 0x5, r3}, 0x38)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='attr/current\x00')
preadv(r2, &(0x7f00000003c0)=[{&(0x7f0000000380)=""/44, 0x2c}], 0x1, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_RINGS_SET(r4, 0x0, 0x0)
writev(r4, &(0x7f00000003c0), 0x100000000000022d)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="00173325d61559f74400000000000037000000f100", @ANYBLOB], 0x48)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(0xffffffffffffffff, 0xc0406619, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
socket$inet6(0xa, 0x3, 0x8000000003c)
syz_open_procfs(0x0, &(0x7f00000021c0)='maps\x00')
preadv(r2, &(0x7f0000001340), 0x0, 0xae2, 0x9)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)

2.081288059s ago: executing program 3 (id=515):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./bus\x00', 0x2000480, &(0x7f0000000000)={[{@jqfmt_vfsv0}, {@errors_remount}]}, 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==")
creat(&(0x7f00000000c0)='./bus\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f00000001c0)='./bus\x00', &(0x7f0000000280)='system.posix_acl_access\x00', &(0x7f0000000580)={{}, {0x1, 0x5}, [], {0x4, 0x2}, [{0x8, 0x1}], {0x10, 0x2}, {0x20, 0x2}}, 0x2c, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYRES64=r2], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x256c, 0x6d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, &(0x7f0000001440)={0x24, 0x0, 0x0, &(0x7f00000013c0)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0x0, "741cb976"}]}}, 0x0}, 0x0)
syz_usb_control_io(r4, &(0x7f00000009c0)={0x2c, 0x0, &(0x7f0000000680)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x80a}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r4, &(0x7f0000001840)={0x24, 0x0, &(0x7f0000000180)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r4, &(0x7f0000000440)={0x24, 0x0, &(0x7f0000000640)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0)

1.75830374s ago: executing program 2 (id=516):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000004c0)=[{{&(0x7f0000000340)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000680)=""/123, 0x7b}, {&(0x7f0000000700)=""/97, 0x61}, {&(0x7f0000000780)=""/168, 0xa8}, {&(0x7f0000000840)=""/240, 0xf0}, {&(0x7f00000003c0)=""/42, 0x2a}, {&(0x7f0000000940)=""/143, 0x8f}, {&(0x7f0000000a00)=""/98, 0x62}, {&(0x7f0000000a80)=""/114, 0x72}], 0x8}, 0x81}], 0x1, 0x1, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
tgkill(r2, r2, 0x1a)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x10000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000e7c2d0ce3d715aabffffffff00000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r6}, 0x10)
ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000000600)={[{0x0, 0x4, 0x9, 0xfa, 0xc, 0x3, 0x8, 0x80, 0x4, 0x4, 0x8, 0xc3, 0xd}, {0xfffffffe, 0xcd, 0x7, 0x3, 0x1, 0x3, 0x8, 0x2e, 0x48, 0x2, 0x7, 0x7, 0x201}, {0x400, 0x7, 0x48, 0x6, 0x26, 0x0, 0x3, 0x7, 0x4, 0x2, 0x7, 0xd, 0x5}], 0x1})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000180)=[{&(0x7f0000000280)=""/182, 0xb6}, {&(0x7f0000000540)=""/147, 0x93}, {&(0x7f0000000400)=""/188, 0xbc}, {&(0x7f00000000c0)=""/110, 0x6e}], 0x4}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)

1.710475761s ago: executing program 4 (id=517):
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xe)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r3 = openat$incfs(r2, &(0x7f0000000080)='.log\x00', 0x0, 0x0)
preadv(r3, &(0x7f0000000340)=[{0x0}, {&(0x7f0000000200)=""/54, 0x36}], 0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000005700)=ANY=[@ANYBLOB="6e6f657874656e745f63616368652c6a71666d743d7666736f6c642c6e6f71756f74612c6e6f71756f74612c66617374626f6f742c6e6f696e6c696e655f64656e7472792c6a71666d743d76667376312c6673796e635f6d6f64653d7374726963742c6772706a71756f74613d278c006c6c6f635f6d6f64653d64656661756c742c696e6c696e655f78617474722c00a2b4db502b6ba8210424f7f797a6d9d50d26e73f7291615e17b58a4e3ec9b2e54b87aafbaf0036421993a261bd97b95beab3b8db73ad782b6009737439da6f1d157405f23efa22e2b774ebcf1fbf96b0f516775ed21aecaa6ba0f6d45e71292e1e3a8c4610a5fa5132e3"], 0x1, 0x5517, &(0x7f0000005840)="$eJzs3M9rI+UbAPAn7XZ/f/dbxIO3HViEFjZh0x+L3qru4g/sUlY9eNI0SUN2k0xp0rT25MGjePA/EQVPHv0bPHj2Jh4Ub0IlM1PdqgtC08RtPx+YPPO+efPM84Zl4ZkpCeDcmk9+/bkUN+JKRMxGxPWI7LxUHJm1PLwQETcjYuaJo1TM/zFxMSKuRsSNUfI8Z6l46/Pbw1urP731yzffXbpw7Yuvv5/eroFpezEiutv5+V43j2krj4+K+dqwncXuyrCI+Rvdx8U4zeNeczPLsFc7WlfL4nIrX59u7/ZHcatTq49iq72VzW/38gv2h62jPNkHHtV2snGjuZnFdj/NYusgr2v/IP+/7aA/yPM0inwfZeljMDiK+Xxzv5nvZ/txFuu9QTGf500bzf1RHBaxuFzU004jq2PzJN/0f9vb7d7ufjJs7vTbaS9ZrVRfqlTvlqs7aaM5aK6Ua93G3ZVkodUZLSsPmrXuWitNW51mpZ52F5OFVr1erlaThXvNzXatl1SrleXKnfLqYnF2O3n9wXtJp5EsjOKr7d7uoN3pJ1vpTpJ/YjFZqiy/vJjcqibvrG8kGw/v31/feDfuvf/glfU3XysW/a2sZGHpztJSuXqnvFRdPIP7/+Ap+/+kKHqM+4cTKU27AIBnj/4fmIbT6/93HsbhYTZ/mv1/6P/HYlz97+Ek+t/z3v+fwv7hRPT/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn1g9zX76Rnczn42vF/P+KqeeKcSkiZiLi8B/MxsVjOWeLPHNPWT/3lxq+LUWWYXSNS8VxNSLWiuO3/5/2twAAAABn11cf3/ws79bzl/lpF8Qk5TdtZq5/OKZ8pYiYm/9xTNlmRi/PjylZ9u/7QuyPKVt2A+vymJLlt9wujCvbvzJ7LFx+IpTyMDPRcgAAgIk43glMtgsBAABgkj6ddgFMRymOHmUePQvO/vL+zweCV46NAAAAgGdQadoFAAAAAKcu6//9/h8AAACcbfnv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/M7O3eSoDcNxAP0nIQX6oaKq+16FHRyjR+iyy4oD9BIcgV6hF+AMdNcjVFARZ9AwYkYzikNmRu9JYByFn21EFrYlAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCnP/Vm+evHl59dc/aHbvKMBgAAALhkV2+WzYdZqr9rr39oL31q60VElBFxae5exZuzzKrNqe+5v77Th98RTcKxjXH7ehsR8ypiHhH/Pvb9KwAAAMDrtV2tF2m2nt5mQ3eIjqZPuTkt2pTvv2ZqvIiIevY3U1p5zPucKaz5f4/ie6a0ZgFrkiksLbmNcqU9SvO4n1btJreKIhXlw9/PNnYAAOCKqrPiurMQAAAArunb0B1gGEXcbGWetgLHqWi396ZnNQAAAOAFKobuAAAAANC7Zv7/rM//C+f/AQAAQFfp/D8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6tKs3y+1qveiasz90k2c0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH/25x0FQiAMwmDv+s5k7n9YadDU1KQKhI+/MRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNiflxQIgSCIgjnjfyd9/8NKgp5BhAhoeFRRiwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNi5f9dIqjgA4G9mdjbeqbhG2SIiChbaeLm9887rxEIJFv4JQsjtnfFWxTOFdxxCGjtJfY1oKSIosbv/4eoE0sQuxRYRLKxWZnYmmfwA118zm+znA2/ed4dh3vfNQsh33ksAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKw7cP4yQ7dMZxXJzb2n+wkvXbx/rMo42dhaxlcVRn0mfDi9UPUbe5RAAAAJgdSVnfhxB2082lrI87ef2fltdkNf+3T4/jsp4/XveXfVn7Z+2Xn/eePxioMx4nu+mt1UH/8slUWv/fLKfbM395RSt/8vm7lyT/QuL31p8bpvnzjL5+/Piddh7O1ZEtAPBPXCr7Iih/H8r6XpOJATAzWpXCu6z/k06zOQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUYbgenizjKISw0DqMM9v7D1ZO6x9t7CyU7frDhxvVe2a3SEMIt1YH/cs1zmXafX7v/p3lwaB/t/7gpRBCU6O/VUz/zgcTXBzCfzh6KzT2wGc1iIsve1ryORtBgz+UAAA4l9KiZXX9brq5lJ2L5kMYfXe0/n+1EocJ6/+9D69vVceq1v+92mbYoLnJLltc+2M0Gt27//rqx8u3+7f7n7xxpfdm7+qNa9duLObvSha9MQEAAODfaRetWv/H8yfX/y9W4jBh/f/ZN70vq2Mls1b/T+hw0a/pTAAAAGbbsy///lt0yvmo3Q5fLK+t3e2Njwefr4yPDaT6t80VrVr/J/NNZwUAAADUYbgeHVn/v1mJw4Tr/099/8KP1XsmIYQLxfr/pZVPBzfrm85Uq+PPiZueIwAAAM26ULTq+n+a7/+PD7Y8xCGE114Zx8W/AZyo/k/e/eqH6ljV/f9X65viVIq74+eR990QWt2mMwIAAOA8e6JoWbH/a7q59NFPF99v2/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAULc/AwAA//8JBUHY")
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r4, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r5}, 0x10)
r6 = gettid()
process_vm_writev(r6, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

1.375382902s ago: executing program 4 (id=518):
setxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0x835, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000107d1e502d0000ecff000109022400010000300009040000010300020009210700b90122070009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000380)={0x2c, &(0x7f0000000140)={0x0, 0x0, 0x7, {0x7, 0xc, "4047bcd11c"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x84, &(0x7f0000000280)=ANY=[@ANYBLOB="000010"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000300)={[{@grpquota}, {@data_ordered}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@noblock_validity}, {@usrquota}, {@data_err_abort}, {@data_err_abort}, {@mblk_io_submit}, {}]}, 0x0, 0x5ec, &(0x7f0000000780)="$eJzs3c1vFVUbAPBnbj9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFkQKNLRGiyaUBDcmxo0xJq5ciP+FEtmy0pULN64MCVHDyph4zdzOlN52bksvbacwv19y6cycO5xnevv0nHt6ztwAKmsw/acWsTcippOI/mR+sawzssLBhefd+/Oj0+kjiXr9td+TSLJj+fOT7GtfdnJPRPz4QxJ7OlbWOzN35fz41NTk5Wx/ePbC9PDM3JWD5y6Mn508O3lx9IXRY0ePHD02cqit67pacOzk9Xff7/9k7M1vvvo7Gfn2l7EkjsfL2ROXXsdGGYzBxvckWVnUd2yjKytJR/ZzsvQlTjpLDIh1yV+/roh4IvqjI+6/eP3x8SulBgdsqnoSUQcqKpH/UFF5PyB/b7/8fXCtlF4JsBXunlgYAFiZ/50LY4PR0xgb2HkviaXDOklEtDcy12xXRNy+NXb9zK2x67FJ43BAsflrEfFkUf4njfwfiJ4YaOR/rSn/037BqexrevzVNutfPlQs/2HrLOR/z6r5Hy3y/60l+f92m/UP3t98p7cp/3vbvSQAAAAAAACorJsnIuL5or//1xbn/0TB/J++iDi+AfUPLttf+ff/2p0NqAYocPdExEuF839r+ezfgY5s6z+N+QBdyZlzU5OHIuK/EXEgunak+yOr1HHw0z1ftiobzOb/5Y+0/tvZXMAsjjudO5rPmRifHX/Y6wYi7l6LeKpw/m+y2P4nBe1/+vtg+gHr2PPsjVOtytbOf2Cz1L+O2F/Y/t+/a0Wy+v05hhv9geG8V7DS0x9+9l2r+tvNf7eYgIeXtv87V8//gWTp/Xpm1l/H4bnOequydvv/3cnrjVvOdGfHPhifnb08EtGdnOxIjzYdH11/zPA4yvMhz5c0/w88s/r4X1H/vzci5pf938kfzWuKc///p+/XVvHo/0N50vyfWFf7v/6N0RsD37eq/8Ha/yONtv5AdmRh/K9n874p8Ij4Ik/T7ubjBenYWVS01fECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOOgFhG7IqkNLW7XakNDEX0R8b/YWZu6NDP73JlL712cSMsan/9fyz/pt39hP8k//39gyf7osv3DEbE7Ij7v6G3sD52+NDVR9sUDAAAAAAAAAAAAAAAAAADANtHXYv1/6reOsqMDNl1n2QEApSnI/59WefpfmxkLsLW0/1Bd8h+qq+38H9jYOICtp/2H6pL/UF3yH6pL/kN1yX8AAAAAAHis7N538+ckIuZf7G08Ut1ZWVepkQGbrVZ2AEBp3OIHqsvUH6gu7/GBZI3ynpYnrXXmaqZPP8TJAAAAAAAAAAAAAFA5+/da/w9VZf0/VJf1/1Bd+fr/fSXHAWw97/GBWGMlf+H6/zXPAgAAAAAAAAAAAAA20szclfPjU1OTl228sT3C2MqNer1+Nf0p2C7xPOIb+VT47RLPso18rd+DnVXe7yQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDZvwEAAP//oYsl1g==")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./bus\x00', &(0x7f0000000180), 0x0, 0x0)
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x100000, &(0x7f0000000200)=ANY=[], 0x1, 0x0, 0x0)
unlink(&(0x7f00000000c0)='./file1\x00')
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
lseek(r1, 0x0, 0x3)
ioctl$HIDIOCSUSAGE(r1, 0x4018480c, &(0x7f00000001c0)={0x3, 0x200, 0x1, 0x5, 0x4c6620ac, 0x1000})

1.329836003s ago: executing program 0 (id=519):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1b96, 0xa, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
syz_usb_control_io(r0, &(0x7f0000000d40)={0x2c, &(0x7f0000000780)=ANY=[@ANYBLOB='\x00\x00\a'], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000300)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x0})
r3 = syz_usb_connect(0x0, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000f80)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0x40, 0x13, 0x6, @random="ac07fcffffff"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r3, 0x0, &(0x7f0000001740)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={0x40, 0x19, 0x2, "e700"}, 0x0, 0x0, 0x0, 0x0})
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0x2000085c, &(0x7f0000000440)=ANY=[], 0x81, 0x1505, &(0x7f0000003d00)="$eJzs3Au4jtW2OPAx5pwvi6QvyX2OOV6+5DJJklwSEkmSJEluCUmSJCGxyC0JScg9yT0kt1jJ/X7LPUm2JElCQpL5f7Q7x9mnfU77/Pc+23n2Gr/nmc+aY73fmN+Ya6zn+973Xc/6vu04uGr9apXrMjP8XfDPX1IBIAUA+gHANQAQAUCpbKWyAS6fnklj6t/3JOIf66FpV7oCcSVJ/9M36X/6Jv1P36T/6Zv0P32T/qdv0v/0TfovRHq2dXrua2Wk3/HPu/8PIPf//6+R9/9/IYeLjflyfbHrO/0PUqT/6Zv0P32T/qdv0v/0Tfqfvkn//8VFAJX+m8PS/39Nf+ttFum/EOnZlb7//E8YKQBwpWv4Pzuu9O+fEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQoj04Vy4zADAv82vdF1CCCGEEEIIIYT4xwkZr3QFQgghhBBCCCGE+N+HoECDgQgyQEZIgUyQGa6CLHA1ZIVrIAHXQja4DrLD9ZADckIuyA15IC/kAwsEDhhiyA8FIAk3QEG4EQpBYSgCRcFDMSgON0EJuBlKwi1QCm6F0nAblIGyUA7Kw+1QAe6AilAJKsOdUAXugqpQDe6G6nAP1IB7oSbcB7XgfqgND0AdeBDqwkNQDx6G+vAINIBHoSE0gsbQBJr+f+W/CF3hJegG3SEVekBPeBl6QW/oA32hH7wC/eFVGACvwUAYBIPhdRgCb8BQeBOGwXAYAW/BSBgFo2EMjIVxMB7ehgnwDkyEd2ESTIYpMBWmwXSYAe/BTJgFs+F9mAMfwFyYB/NhASyED2ERLIY0+AiWwMewFJbBclgBK2EVrIY1sBbWwXrYABthE2yGLbAVPoFtsB12wE7YBbthD3wKe+Ez2Aefw3744n+Yf/Y/5XdCQECFCg0azIAZMAVTMDNmxiyYBbNiVkxgArNhNsyO2TEH5sBcmAvzYB7Mh/mQkJCRMT/mxyQmsSAWxEJYCItgEfTosTgWxxJ4M5bEklgKS2FpLI1lsCyWxfJYHitgBayIFbEyVsYqWAWrYlW8G+/Ge7AG1sCaWBNrYS2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBtjY2yKTbEZNsPm2BxbYktsha2wNbbGNtgG22JbbIftsD22xw7YATtiR+yEnbEzvogv4kv4EnbHKqoH9sSe2At7YR/si33xFeyPr+Kr+BoOxEE4GF/H1/ENHIpncBgOxxE4AiuoUTgaxyCrcTgex+MEnIATcSJOwsk4GafiNJyOM3AGzsRZOAvfxzn4AX6A83AeLsCFuBAX4WJMwzRcgmdxKS7D5bgCV+IqXIlrcC2uwfW4AdfjJtyEW3ALfoKf4HbcjjtxJ+7G3fgpfoqf4Wc4EPfjfjyAB/AgHsRDeAgP42E8gkfwKB7FY3gMj+NxPIEn8RSexNN4Gs/gWTyH5/A8nscL+Hyer+vtLrxuIKhLjDIqg8qgUlSKyqwyqywqi8qqsqqESqhsKpvKrrKrHCqHyqVyqTwqj8qn8ilSpFjFKr/Kr5IqqQqqgqqQKqSKqCLKK6+Kq+KqhCqhSqqSqpS6VZVWt6kyqqxq4cur8qqCaukrqkqqsqqsqqi7VFVVTVVT1VV1VUPVUDVVTVVL1VK11QOqjuqBffAhdakz9dUgbKAGY0PVSDVWTdQb+JhqpoZic9VCtVRPqOE4DFurZr6Nelq1VaOxnXpWjcHnVAc1DjuqF1Qn1Vl1US+qrqq575bht5dANRV7qd6qj+qrZuJd6lLHqqrX1EA1SA1Wr6sF+IYaqt5Uw9RwNUK9pUaqUWq0GqPGqnFqvHpbTVDvqInqXTVJTVZT1FQ1TU1XM9R7aqaapWar99Uc9YGaq+ap+WqBWqg+VIvUYpWmPlJL1MdqqVqmlqsVaqVapVarNWqtWqfWqw1qo9qkNqstaqv6RG1T29UOtVPtUrvVHvWp2qs+U/vU52q/+kIdUH9SB9WX6pD6Sh1WX6sj6ht1VH2rjqnv1HH1vTqhTqpT6gd1Wv2ozqiz6pz6SZ1XP6sL6hd1UQUFGrXSWhsd6Qw6o07RmXRmfZXOoq/WWfU1OqGv1dn0dTq7vl7n0Dl1Lp1b59F5dT5tNWmnWcc6vy6gk/oGXVDfqAvpwrqILqq9LqaL65t0CX2zLqlv0aX0rbq0vk2X0WV1OV1e364r6Dt0RV1JV9Z36ir6Ll1VV9N36+r6Hl1D36tr6vt0LX2/rq0f0HX0g7qufkjX0w/r+voR3UA/qhvqRrqxbqKb6sd0M/24bq5b6Jb6Cd1KP6lb66d0G/20bquf0e30s7q9fk530M/rjvoF3Ul31l30L/qiDrqb7q5TdQ/dU7+se+neuo/uq/vpV3R//aoeoF/TA/UgPVi/rofoN/RQ/aYepofrEfotPVKP0qP1GD1Wj9Pj9dt6gn5HT9Tv6kl6sp6ip+pperru89tKs/+G/Hf+Sv6AX599i96qP9Hb9Ha9Q+/Uu/RuvUfv0Xv1Xr1P79P79X59QB/QB/VBfUgf0of1YX1EH9FH9VF9TB/Tx/VxfUKf1D/pH/Rp/aM+o8/qs/onfV6f1xd++xmAQaOMNsZEJoPJaFJMJpPZXGWymKtNVnONSZhrTTZznclurjc5TE6Ty+Q2eUxek89YQ8YZNrHJbwqYpLnBFDQ3mkKmsCliihpvipni5qa/O/+P6mtqmppmpplpbpqblqalaWVamdamtWlj2pi2pq1pZ9qZ9qa96WA6mI6mo+lkOpkupovparqabqabSTWppqd52fQyvU0f09f0M6+Y/qa/GWAGmIFmoBlsBpshZogZaoaaYWaYGWFGmJFmpBltRpuxZqwZb8abCWaCmWgmmklmkplipphpZpqZYWaYmWammW1mmzlmjplr5pr5Zr5ZaBaaRWaRSTNpZolZYpaaZWaZWWFWmFVmlVlj1ph1Zp3ZYDaYTWaTWWq2mq1mm9lmdpgdZpfZZfaYPWav2Wv2mX1mv9lvDpgD5qA5aA6ZQ+awOWyOmCPmqDlqjplj5rg5bk6YE+aUOWVOm9PmjDljzplz5rw5by6YC+aiuXjptC9SkYpMZKIMUYYoJUqJMkeZoyxRlihrlDVKRIkoW5Qtyh5dH+WIcka5otxRnihvlC+yEUUu4iiO8kcFomR0Q1QwujEqFBWOikRFIx8Vi4pHN0UlopujktEtUano1qh0dFtUJioblYvKR7dHFaI7oopRpahydGdUJborqhpVi+6Oqkf3RDWie6Oa0X1Rrej+qHb0QFQnejCqGz0U1YsejupHj0QNokejhlGjqHHUJGr6D10/hDM5H/fdbHebanvYnvZl28v2tn1sX9vPvmL721ftAPuaHWgH2cH2dTvEvmGH2jftMDvcjrBv2ZF2lB1tx9ixdpwdb9+2E+w7dqJ9106yk+0UO9VOs9PtDPuenWln2dn2fTvHfmDn2nl2vl1gF9oP7SK72KbZj+wS+7FdapfZ5XaFXWlX2dV2jV1r19n1doPdaDfZzXaL3Wo/sdvsdrvD7rS77G67x35q99rP7D77ud1vv7AH7J/sQfulPWS/soft1/aI/cYetd/aY/Y7e9x+b0/Yk/aU/cGetj/aM/asPWd/suftz/aC/cVetOHSyf2lt3cyZCgDZaAUSqHMlJmyUBbKSlkpQQnKRtkoO2WnHJSDclEuykN5KB/lo0uYmPJTfkpSkgpSQSpEhagIFSFPnopTcSpBJagklaRSVIpKU2kqQ2WoHJWj2+l2uoPuoEpUie6kO+kuuouqUTWqTtWpBtWgmlSTalEtqk21qQ7VobpUl+pRPapP9akBNaCG1JAaU2NqSk2pGTWj5tScWlJLakWtqDW1pjbUhtpSW2pH7ag9tacO1IE6UkfqRJ2oC3WhrtSVulE3SqVU6kk9qRf1oj7Uh/pRP+pP/WkADaCBNJAG02AaQkNoKA2lYTScRtBbNJJG0WgaQ2NpHI2n8TSBJtBEmkiTaBJNoSk0jabRDJpBM2kmzabZNIfm0FyaS/NpPi2khbSIFlEapdESWkJLaSktp+W0klbSalpNa2ktraf1tJE20mbaTFtpK22jbbSDdtAu2kV7aA/tpb20j/bRftpPB+gAHaSDdIgO0WE6TEfoCB2lo3SMjtFxOk4n6ASdolN0mk7TGTpD5+gcnaef6QL9QhcpUIpTkNld5bK4q11Wd41LcZncpTgCgEtxLpfb5XF5XT5nXQ6X8y9ics4VcoVdEVfUeVfMFXc3/S4u48q6cq68u91VcHe4ir+Lq7t7XA13r6vp7nPV3N1/Eddy97va7hFXxz3q6rpGrp5r4uq7R1wD96hr6Bq5xq6Ja+WedK3dU66Ne9q1dc/8Ll7kFru1bp1b7za4ve4zd8795I66b91597Pr5rq7fu4V19+96ga419xAN+h38Qj3lhvpRrnRbowb68b9Lp7iprppbrqb4d5zM92s38UL3Ydujktzc908N98t+DW+VFOa+8gtcR+7pW6ZW+5WuJVulVvt1vx7rSvcJrfZbXF73Kdum9vudridbpfb/Wt8aR/73Oduv/vCHXHfuIPuS3fIHXOH3de/xpf2d8x95467790Jd9Kdcj+40+5Hd8ad/XX/l/b+g/vFXXTBASMr1mw44gyckVM4E2fmqzgLX81Z+RpO8LWcja/j7Hw95+CcnItzcx7Oy/nYMrFj5pjzcwFO8g1ckG/kQlyYi3BR9lyMi/NNXIJv5pJ8C5fiW7k038ZluCyX4/J8O1fgO7giV+LKfCdXCYGrcjW+m6vzPVyD7+WafB/X4vu5Nj/AdfhBrssPcT1+mOvzI9yAH+WG3IgbcxNuyo9xM36cm3MLbslPcCt+klvzU9yGn+a2/Ay342e5PT/HHfh57sgvcCfuzF34Re7KL3E37s6p3IN78svci3tzH+7L/fgV7s+v8gB+jQfyIB7Mr/MQfoOH8ps8jIfzCH6LR/IoHs1jeCyP4/H8Nk/gd3giv8uTeDJP4ak8jafzDH6PZ/Isns3v8xz+gOfyPJ7PC3ghf8iLeDGn8Ue8hD/mpbyMl/MKXsmreDWv4bW8jtfzBt7Im3gzb+Gt/Alv4+28g3fyLt7Ne/hT3suf8T7+nPfzF3yA/8QH+Us+xF/xYf6aj/A3fJS/5WP8HR/n7/kEn+RT/AOf5h/5DJ/lc/wTn+ef+QL/whc5MMQYq1jHJo7iDHHGOCXOFGeOr4qzxFfHWeNr4kR8bZwtvi7OHl8f54hzxrni3HGeOG+cL7YxxS7mOI7zxwXiZHxDXDC+MS4UF46LxEVjHxeLi8c3xSXim+OS8S1xqfjWuHR8W1wmLhs/cl/5+Pa4QnxHXDGuFFeO74yrxHfFVeNq8d1x9fieuEZ8b1wzvi8uGd8f144fiOvED8Z144fievHDcf34kbhB/GjcMG4UN46bxE3jx+Jm8eNx87hF3DJ+Im4VPxm3jp+K28RPx23jZ/7weGrcI+4Zvxy/HIdwr56fXJBcmPwwuSi5OJmW/Ci5JPlxcmlyWXJ5ckVyZXJVcnVyTXJtcl1yfXJDcmNyU3JzcksyhGoZwaNXXnvjI5/BZ/QpPpPP7K/yWfzVPqu/xif8tT6bv85n99f7HD6nz+Vz+zw+r8/nrSfvPPvY5/cFfNLf4Av6G30hX9gX8UW998V8cd/EN/VNfTP/uG/uW/iW/gn/hH/SP+mf8k/5p31b/4xv55/17f1zvoN/3j/vX/CdfGffxb/ou/qXfDff3af6VN/T9/S9fC/fx/fx/Xw/39/39wP8AD/QD/SD/WA/xA/xQ/1QP8wP8yP8CD/Sj/Sj/Wg/1o/14/14P8FP8BP9RD/JT/JT/BQ/zU/zM/wMP9PP9LP9bD+n0Bw/18/18/18v9Av9Iv8Ip/m0/wSv8Qv9Uv9cr/cr/Qr/Wq/2q/1a/16v95v9Bv9Zr/Zb/Vb/Ta/ze/wO/wuv8vv8Xv8Xr/X7/P7/H6/3x/wB/xBf9Af8l/5w/5rf8R/44/6b/0x/50/7r/3J/xJf8r/4E/7H/0Zf9af8z/58/5nf8H/4i/64Mcn3k5MSLyTmJh4NzEpMTkxJTE1MS0xPTEj8V5iZmJWYnbi/cScxAeJuYl5ifmJBYmFiQ8TixKLE2mJjxJLEh8nliaWJZYnViRWJlYlQsi7LQ75Q4GQDDeEguHGUCgUDkVC0eBDsVA83BRKhJtDyXBLKBVuDaXDbaFMKBvKhUdDw9AoNA5NQtPwWGgWHg/NQ4vQMjwRWoUnQ+vwVGgTng5twzOhXXg2tA/PhQ7h+dAxvBA6hc6hS3gxdA0vhW6he0gNPULP8HLoFXqHPqFv6BdeCf3Dq2FAeC0MDIPC4PB6GBLeCEPDm2FYGB5GhLfCyDAqjA5jwtgwLowPb4cJ4Z0wMbwbJoXJYUqYGqaF6WFGeC/MDLPC7PB+mBM+CHPDvDA/LAgLw4dhUVgc0sJHYUn4OCwNy8LysCKsDKvC6rAmrA3rwvqwIWwMm8LmsCVsDZ+EbWF72BF2hl1hd9gTPg17w2dhX/g87A9fhAPhT+Fg+DIcCl+Fw+HrcCR8E46Gb8Ox8F04Hr4PJ8LJcCr8EE6HH8OZcDacCz+F8+HncCH8Ei7K/6wJIYQQQvxN9B8c7/FXvqd+G5f0BICrt+c+/J/X3Jjjz/PeKk+rBAA83b3jQ/82qlRJTU397bFLNUQF5gFA4nL+r3+W+y1eBi3hSWgDLaDEX62vt+p8nv9g/eStAJn/Q04KXI4vr3/zf7H+Y0+MWFQ6Ppftv1l/HkChApdzMsHl+PL6Jf+L9XM2+4P6M305HqD5f8jJApfjy+sXh8fhGWjzF48UQgghhBBCCCH+rLcq1/6Prp8vXZ/nMZdzMsLl+I+uz4UQQgghhBBCCHHlPde5y1OPtWnTor1MZCITmfz75Eq/MgkhhBBCCCH+0S6f9F/pSoQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiPTrn/FxYld6j0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIcSV9v8CAAD//4H6O6c=")
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000007c0)='./file0\x00', 0x488844, 0x119)
getdents(r4, 0x0, 0x58)
mount$9p_tcp(&(0x7f0000000040), &(0x7f0000000540)='./file0\x00', &(0x7f0000000580), 0x0, &(0x7f0000000000))
socket$nl_route(0x10, 0x3, 0x0)
epoll_create1(0x80000)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x5)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), r5)
sendmsg$NL802154_CMD_NEW_INTERFACE(r5, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000001440)={0x14, r6, 0x111, 0x0, 0xfffffffe}, 0x14}}, 0x20040084)
socket$inet_tcp(0x2, 0x1, 0x0)

809.475166ms ago: executing program 2 (id=520):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="02b1003bb02a33790cec00000400000008000000013053555c3e01f078f7dc8664042bac645f79a8f376dba60dbf54ef5419ab6e5c79fc7032d1d6e475aa9a99faf05802f83479fc42b619226e7ec8e4fb88d07c82d52e3204b8d4eff6b71c49286b91b24e440e6b3b0f1ae4fd30090000000d53552ce39073d262db05c8813f56d96b0d8243e098fd7deff5dd9868314eef2ea1463c05629efd0b799bcf7479026cef5f39d50b0e1a8a96cc5aa1ff9879ca4ceb8e14792521814193df9e20a3e66fbb40ffee1a4be682fc420ab06da9d9cf6650198fbf25013a297b9403897b0e9169bd8333e7b9ae0189d5004e61", @ANYRES32=0x1, @ANYBLOB="00000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="05000000040000000500"/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000800)={{}, &(0x7f0000000640), &(0x7f00000007c0)}, 0x20)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x3, &(0x7f0000000840)=ANY=[@ANYBLOB="180000976781000000000005000000000000009500000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = memfd_create(&(0x7f00000000c0)='v\xa6\xf5lj6,r\xaf\xe8\x10/\xecg\xed\xe3h\x80\xb8!y6w\xda\xdd\xb9\nR\xe8@\x99\xb9\x8a\x0fZ\t\x90\x8bp\x10\x84\x86t\x8a\xba\xc6\xfb\xd2\f\xef&\xad\xa8M\xe8\b\xb0#\xac)\x81\x1e\x8a\f\x11D\x90\xf5\xbb\x1c\xac\xc7\xad\xdc\\\x11\x95\xf8\xe6\xa7\xc3\xbc\x18+\x92\x92N\a\xa7\x7fN\x9bL\xf8\xebQs\x02\xf9\xadi\x8f\x0f\xff\x02n\x9d\x85\xea\x1a*\x1bC\xd8\x1c\xe8\x9bYS', 0x0)
write(r1, &(0x7f0000002140)='i', 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x3000003, 0x4010, r0, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x8, &(0x7f00000006c0)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c6e6f666c7573685f6d657267652c64697361626c655f726f6c6c5f666f72776172642c696e6c696e655f646174612c6e6f61636c2c686561702c6e6f696e6c696e655f646174612c6e6f657874656e745f63616368652c6d6f64653d61656170746976652c6a71666d743d7666736f59642c004236590a822214fa0b4d77aaa6efc42be0cab73967814822c1680fbc06e95f1ef96a96a4e42f8ab30311b7d226c939919f"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000000a80)=ANY=[], 0x6, 0x378, &(0x7f0000000f00)="$eJzs3c9rI2UYwPEnk2Q2ybJNDqIoSF/ci16GbvQsBkmhEHDpbsRdQZjdTjRkTEomdI0stj15Fe+eBA/L3lzwsKD7D/TiTS8ieOtBwYN7UEfmVzNJJk2aNoZtvx8oefO+7zOZd9435Zm0kzl874uPWw3HaJg90XJKUiIiT0VKokkkFT5qflmXuD157fKfP71841Y9F1So9crN18tKqZXV7+/dz4fdHl+Sg9IHh3+Ufzt4/uDFw39vftR0VNNR7U5PmepO55eeece21FbTaRlKXbct07FUs+1Y3aD923A7dmd7u6/M9taVwnbXchxltvuqZfVVr6N63b4yPzSbbWUYhrpSEExTf7C5aVbmCv1d7p757mAhut2KmRaR/FhL/cFSdggAACzVaP6veSl9Qv6fmpb/35aVWq26qbyOQf6vy737D1950rv87qOVMP9/rCfl/2/8HGxrKP/3TicG+X8nOD9oTM//v5IT5P/jGdHFMnf+X1rAzmA+q/pYVWromZf/F8L3r2///YdrfoH8HwAAAAAAAAAAAAAAAAAAAACAZ8FT1y26rluMHqOfwSUE4XOcS5Pm/5KI5LzZd5n/8+zGrduS8y/c8+bY/nynvlMPHsMOT0TEFusfd5S3NqIrj5SnJD/Yu2H87k497bdUGtL04uWaFKXkr6dYvOuua4NNhPFHlykV4vFlKcpz8fjv/NW5vlGrllVg+PV1efVqLN6Qovx4Vzpiy5YfGb7+Rq362TWl3n6nNhKf9/uJyK//64QAAAAAALAAhjqSeP5uGJPag28ZqTT8j4ksWZOi/J1wfr9Rq64lnp9nii9llj16AAAAAAAuBqf/acsUzer6BdtOKuRlpCa81YccGzVrITNUkxWRxM76SE32uC2nYyOcdX90CYZ1yuGYX0dH9SRR0T9SpONHNTrM8+1PNH6/JpWZf5pSe+IvgL14kyYzhGdGd37Vq1CJna9O3M5+OJCjmuhjI33CcZbr49vRjlkJ2bEaNzXfAnjhy2/+Ou36GRTefBSugE+md963LXdXZpmUhPfyeFN2ob90AAAAACzFIOmPat6KN8dvJBK/WQ5/uQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4AydyReVTSmMvai+lKECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAS/dfAAAA//8gg+61")
creat(0x0, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eeb1948bf42bc7fc2cb274849c9524154fa24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a8684853abf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000400000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f500000010000000000944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a808000000000000000562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844892f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b57"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='mm_page_alloc\x00', r3}, 0x10)
r4 = io_uring_setup(0x7c91, &(0x7f0000000180)={0x0, 0x2000, 0x2, 0x0, 0xfffffffd})
io_uring_setup(0x75e5, &(0x7f00000000c0)={0x0, 0x0, 0x22, 0x0, 0x0, 0x0, r4})
pwritev2(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='y', 0x1}], 0x1, 0x0, 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x105042, 0x0)
read(r5, &(0x7f0000000000), 0x2000)
clock_gettime(0x0, &(0x7f0000000a00)={<r6=>0x0, <r7=>0x0})
rt_sigtimedwait(&(0x7f0000000940)={[0xfffffffffffffe36]}, &(0x7f0000000980), &(0x7f0000000a40)={r6, r7+60000000}, 0x8)
r8 = getpid()
r9 = gettid()
rt_tgsigqueueinfo(r8, r9, 0xa, &(0x7f0000000080)={0x3fe, 0x0, 0x3})
rt_sigprocmask(0x2, &(0x7f0000000580)={[0xff]}, &(0x7f0000000680), 0x8)
syz_read_part_table(0x5c0, &(0x7f0000000000)="$eJzs27+KJFUUB+BfVXdXdYNLa2KoDZsYuYHxsKOyOywYLIKZoKmJiGAgKFONookamRj4AptMIBgZD6IvIMIwBoJmIgZq4Fyp/jc1YySNqPB9QXHuufeccxuqwwr/b2U+SkbXkuO6rrbx/I9k+dLTSbtYrSebfH/ghQd37t5b3K+aXa5KfuqSetOnfzTJY7vGWWyiL8b58MHR+x99/FaTLt35cZJPky4p7fZqq9p80vzl0r9V2+b8u564tq52j16XhzNdRbeyectGq3TaPmre23v+ycHp8nYflPXQWXM5Pcnh1dN1jm+uo0l+vsikXuy2Nm/T7fX1rmqTUspk0Gb7L5gMpj315XfHWTbrndGgtnc2S147e/7JatADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/nrKxWhzmkWlSJeN+9dkzVbc+NF5nnm3G6/Xvw6L9nByczt959/U6bx688s2rb39/9OP0lySj3Dp6qLTt7tzLaQdV46S+SPLobN/5Zdv2jReH6UWW+ermt4/Xo5Qyv8xPqv75edLluctaAAAAAAAAAAAAAAAAAAAA2NOdu/cW9+vZ9uv6epsvmSbVtQ/cy6+llMOU5kp2luTr81RJfkiphltNMr+RpP2gyWajS0q5Mf3nfhF/x58BAAD//++eW/s=")

6.28404ms ago: executing program 1 (id=521):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000300)=@generic={&(0x7f0000000040)='./file0\x00', 0x0, 0x18}, 0x18)
r3 = socket(0x2, 0x3, 0x100000001)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}}, {{@in, 0x0, 0x6c}, 0x0, @in6=@dev}}, 0xe8)
syz_emit_ethernet(0x3e, &(0x7f0000000500)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @multicast1}}}}}}, 0x0)

0s ago: executing program 2 (id=522):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno', @ANYRESHEX=r4])

kernel console output (not intermixed with test programs):

d end of device
[   44.362117][  T981] loop3: rw=524288, want=221976, limit=16
[   44.373545][  T981] attempt to access beyond end of device
[   44.373545][  T981] loop3: rw=524288, want=14425508776, limit=16
[   44.385270][  T981] attempt to access beyond end of device
[   44.385270][  T981] loop3: rw=524288, want=15353996144, limit=16
[   44.397688][  T981] attempt to access beyond end of device
[   44.397688][  T981] loop3: rw=524288, want=13612835608, limit=16
[   44.409425][  T981] attempt to access beyond end of device
[   44.409425][  T981] loop3: rw=524288, want=14552337264, limit=16
[   44.785559][ T1029] netlink: 4 bytes leftover after parsing attributes in process `syz.3.240'.
[   44.897558][ T1043] loop4: detected capacity change from 0 to 512
[   44.926245][ T1051] loop3: detected capacity change from 0 to 1024
[   44.990208][ T1043] EXT4-fs (loop4): Ignoring removed oldalloc option
[   44.996936][ T1051] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   44.999092][ T1043] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[   45.031682][ T1058] loop9: detected capacity change from 0 to 7
[   45.041404][ T1051] EXT4-fs (loop3): mounted filesystem without journal. Opts: lazytime,dioread_nolock,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,resgid=0x0000000000000000,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[   45.069930][ T1043] EXT4-fs (loop4): failed to open journal device unknown-block(0,0) -6
[   45.192332][ T1047] loop1: detected capacity change from 0 to 40427
[   45.214852][ T1066] loop9: detected capacity change from 0 to 7
[   45.263768][ T1047] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   45.275969][ T1047] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   45.300950][ T1047] F2FS-fs (loop1): invalid crc value
[   45.370666][ T1047] F2FS-fs (loop1): Found nat_bits in checkpoint
[   45.379687][ T1084] loop2: detected capacity change from 0 to 256
[   45.765113][ T1047] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   45.774408][ T1047] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   45.889630][  T289] handle_bad_sector: 8 callbacks suppressed
[   45.889645][  T289] attempt to access beyond end of device
[   45.889645][  T289] loop1: rw=2051, want=45224, limit=40427
[   45.903145][ T1095] netlink: 8 bytes leftover after parsing attributes in process `syz.2.268'.
[   45.914033][  T289] F2FS-fs (loop1): Issue discard(5649, 5649, 4) failed, ret: -5
[   46.023041][ T1033] loop0: detected capacity change from 0 to 131072
[   46.066684][ T1033] F2FS-fs (loop0): Found nat_bits in checkpoint
[   46.115804][ T1033] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   47.366959][ T1126] loop4: detected capacity change from 0 to 8192
[   47.395546][ T1135] loop2: detected capacity change from 0 to 256
[   47.437327][   T30] kauditd_printk_skb: 9 callbacks suppressed
[   47.437356][   T30] audit: type=1400 audit(1732559765.581:426): avc:  denied  { setopt } for  pid=1142 comm="syz.3.286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   47.480746][ T1135] exfat: Deprecated parameter 'utf8'
[   47.485939][ T1135] exfat: Deprecated parameter 'namecase'
[   47.491544][ T1135] exfat: Deprecated parameter 'utf8'
[   47.498981][ T1135] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[   47.518773][ T1126] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   47.540430][ T1135] exFAT-fs (loop2): error, found bogus dentry(12) beyond unused empty group(11) (start_clu : 6, cur_clu : 6)
[   48.353239][   T30] audit: type=1400 audit(1732559766.501:427): avc:  denied  { create } for  pid=1163 comm="syz.3.294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   48.363848][ T1157] loop0: detected capacity change from 0 to 40427
[   48.391788][ T1157] F2FS-fs (loop0): fault_injection options not supported
[   48.395901][ T1169] loop3: detected capacity change from 0 to 512
[   48.413856][ T1157] F2FS-fs (loop0): invalid crc value
[   48.419070][   T30] audit: type=1400 audit(1732559766.501:428): avc:  denied  { getopt } for  pid=1163 comm="syz.3.294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   48.429382][ T1173] loop1: detected capacity change from 0 to 256
[   48.438831][   T30] audit: type=1400 audit(1732559766.531:429): avc:  denied  { ioctl } for  pid=1167 comm="syz.4.291" path="socket:[17863]" dev="sockfs" ino=17863 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   48.445238][ T1157] F2FS-fs (loop0): Found nat_bits in checkpoint
[   48.471553][   T30] audit: type=1400 audit(1732559766.531:430): avc:  denied  { read } for  pid=1167 comm="syz.4.291" path="socket:[17863]" dev="sockfs" ino=17863 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   48.479137][ T1169] EXT4-fs (loop3): Unrecognized mount option "=" or missing value
[   48.559153][ T1180] loop2: detected capacity change from 0 to 512
[   48.561168][ T1157] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   48.582334][   T30] audit: type=1326 audit(1732559766.731:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1181 comm="syz.4.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddf5c4b819 code=0x7ffc0000
[   48.628261][  T291] attempt to access beyond end of device
[   48.628261][  T291] loop0: rw=2049, want=45128, limit=40427
[   48.629946][   T30] audit: type=1326 audit(1732559766.751:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1181 comm="syz.4.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddf5c4b819 code=0x7ffc0000
[   48.662298][   T30] audit: type=1326 audit(1732559766.751:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1181 comm="syz.4.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fddf5c4b819 code=0x7ffc0000
[   48.685306][   T30] audit: type=1326 audit(1732559766.751:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1181 comm="syz.4.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddf5c4b819 code=0x7ffc0000
[   48.708754][ T1180] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[   48.723610][   T30] audit: type=1326 audit(1732559766.751:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1181 comm="syz.4.300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddf5c4b819 code=0x7ffc0000
[   48.729957][ T1180] ext4 filesystem being mounted at /65/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.804945][ T1182] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=1182 comm=syz.4.300
[   48.817106][ T1182] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=1182 comm=syz.4.300
[   48.831456][ T1182] loop4: detected capacity change from 0 to 256
[   48.869267][ T1192] loop1: detected capacity change from 0 to 2048
[   48.870399][ T1182] FAT-fs (loop4): Unrecognized mount option "shor�name=win95" or missing value
[   49.200964][ T1192] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobarrier,grpjquota=,,errors=continue. Quota mode: none.
[   49.263079][ T1201] loop4: detected capacity change from 0 to 128
[   49.293229][ T1203] loop0: detected capacity change from 0 to 2048
[   49.294736][ T1201] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[   49.310617][ T1201] EXT4-fs (loop4): mounted filesystem without journal. Opts: noinit_itable,nobarrier,,errors=continue. Quota mode: none.
[   49.323250][ T1201] ext2 filesystem being mounted at /58/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   49.375352][ T1203] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro,. Quota mode: none.
[   49.420745][ T1203] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   49.467331][ T1203] EXT4-fs (loop0): Remounting filesystem read-only
[   49.855898][ T1212] loop2: detected capacity change from 0 to 2048
[   49.941456][ T1212] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobarrier,grpjquota=,,errors=continue. Quota mode: none.
[   49.945704][ T1216] loop3: detected capacity change from 0 to 2048
[   49.970773][   T58] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   50.297912][ T1225] xt_NFQUEUE: number of total queues is 0
[   50.313602][ T1228] syz.4.311[1228] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.313677][ T1228] syz.4.311[1228] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.330012][   T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   50.366592][   T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   50.389174][   T58] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   50.414178][   T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   50.425634][   T58] usb 1-1: config 0 descriptor??
[   50.577129][ T1228] loop4: detected capacity change from 0 to 40427
[   50.583449][  T852] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   50.639488][ T1246] loop2: detected capacity change from 0 to 256
[   50.646823][ T1228] F2FS-fs (loop4): invalid crc value
[   50.654983][ T1228] F2FS-fs (loop4): Found nat_bits in checkpoint
[   50.655400][ T1246] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[   50.701758][ T1228] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1
[   50.710125][ T1228] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   50.721911][ T1228] attempt to access beyond end of device
[   50.721911][ T1228] loop4: rw=0, want=45072, limit=40427
[   50.856473][ T1252] netlink: 68 bytes leftover after parsing attributes in process `syz.2.316'.
[   50.934327][ T1254] loop4: detected capacity change from 0 to 512
[   50.994803][ T1254] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   51.007714][ T1254] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   51.020869][ T1254] [EXT4 FS bs=4096, gc=1, bpg=3008, ipg=32, mo=8003e119, mo2=0000]
[   51.031423][ T1254] EXT4-fs (loop4): 1 truncate cleaned up
[   51.036853][ T1254] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_dev=0x0000000000000009,noblock_validity,nombcache,norecovery,barrier=0x000000000000000c,resgid=0x000000000000ee01,nodiscard,noauto_da_alloc,resgid=0x00000000000000002,errors=continue. Quota mode: writeback.
[   51.063151][  T404] EXT4-fs error (device loop4): ext4_release_dquot:6211: comm kworker/u4:4: Failed to release dquot type 1
[   51.072016][ T1254] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1054: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   51.089958][ T1254] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3876: comm syz.4.317: Allocating blocks 43-58 which overlap fs metadata
[   51.104803][ T1254] netlink: 4 bytes leftover after parsing attributes in process `syz.4.317'.
[   51.114409][ T1254] netlink: 4 bytes leftover after parsing attributes in process `syz.4.317'.
[   51.120046][  T852] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   51.141315][  T852] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   51.151140][  T852] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   51.164022][  T852] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   51.172886][  T852] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   51.181650][  T852] usb 4-1: config 0 descriptor??
[   51.232158][ T1244] syz.1.315 (1244) used greatest stack depth: 20560 bytes left
[   51.300708][ T1263] tipc: Started in network mode
[   51.305490][ T1263] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[   51.319356][ T1263] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[   51.340019][ T1263] loop1: detected capacity change from 0 to 256
[   51.359281][ T1260] kvm: emulating exchange as write
[   51.395984][ T1263] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x4f8593fa, utbl_chksum : 0xe619d30d)
[   51.446043][ T1270] loop3: detected capacity change from 0 to 2048
[   51.491831][ T1270]  loop3: p1 < > p4
[   51.506925][ T1270] loop3: p4 size 8388608 extends beyond EOD, truncated
[   51.512206][ T1272] loop1: detected capacity change from 0 to 2048
[   51.520755][  T852] usbhid 4-1:0.0: can't add hid device: -71
[   51.526518][  T852] usbhid: probe of 4-1:0.0 failed with error -71
[   51.536806][  T852] usb 4-1: USB disconnect, device number 3
[   51.599934][   T58] uclogic 0003:256C:006D.0002: interface is invalid, ignoring
[   51.615773][ T1283] syz.2.327[1283] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.615835][ T1283] syz.2.327[1283] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.634743][ T1285] loop4: detected capacity change from 0 to 256
[   51.693445][ T1285] FAT-fs (loop4): Directory bread(block 64) failed
[   51.699837][ T1285] FAT-fs (loop4): Directory bread(block 65) failed
[   51.706158][ T1285] FAT-fs (loop4): Directory bread(block 66) failed
[   51.716232][ T1285] FAT-fs (loop4): Directory bread(block 67) failed
[   51.740091][ T1285] FAT-fs (loop4): Directory bread(block 68) failed
[   51.755581][ T1285] FAT-fs (loop4): Directory bread(block 69) failed
[   51.769899][ T1285] FAT-fs (loop4): Directory bread(block 70) failed
[   51.780415][ T1285] FAT-fs (loop4): Directory bread(block 71) failed
[   51.796884][ T1285] FAT-fs (loop4): Directory bread(block 72) failed
[   51.804072][   T58] usb 1-1: USB disconnect, device number 4
[   51.806966][ T1285] FAT-fs (loop4): Directory bread(block 73) failed
[   51.873002][ T1283] loop2: detected capacity change from 0 to 40427
[   51.915410][ T1283] F2FS-fs (loop2): invalid crc value
[   51.928073][ T1283] F2FS-fs (loop2): Found nat_bits in checkpoint
[   51.968887][ T1283] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1
[   51.984462][ T1283] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   52.012303][ T1283] attempt to access beyond end of device
[   52.012303][ T1283] loop2: rw=0, want=45072, limit=40427
[   52.023153][  T852] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[   52.393446][ T1315] loop2: detected capacity change from 0 to 2048
[   52.481822][ T1315] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobarrier,grpjquota=,,errors=continue. Quota mode: none.
[   52.543729][ T1321] loop3: detected capacity change from 0 to 2048
[   52.557501][ T1322] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=24341 sclass=netlink_xfrm_socket pid=1322 comm=syz.2.335
[   52.609935][  T852] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   52.620847][  T852] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   52.636551][  T852] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   52.649294][  T852] usb 2-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[   52.658200][  T852] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   52.659357][ T1321] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobarrier,grpjquota=,,errors=continue. Quota mode: none.
[   52.666900][  T852] usb 2-1: config 0 descriptor??
[   52.678322][  T367] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   52.757270][ T1325] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=24341 sclass=netlink_xfrm_socket pid=1325 comm=syz.3.336
[   52.828529][   T30] kauditd_printk_skb: 112 callbacks suppressed
[   52.828544][   T30] audit: type=1326 audit(1732559770.971:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1326 comm="syz.4.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddf5c4b819 code=0x7ffc0000
[   52.861572][   T30] audit: type=1326 audit(1732559770.971:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1326 comm="syz.4.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddf5c4b819 code=0x7ffc0000
[   52.885452][   T30] audit: type=1326 audit(1732559770.971:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1326 comm="syz.4.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fddf5c4b819 code=0x7ffc0000
[   52.908682][   T30] audit: type=1326 audit(1732559770.971:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1326 comm="syz.4.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddf5c4b819 code=0x7ffc0000
[   52.936173][   T30] audit: type=1326 audit(1732559770.971:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1326 comm="syz.4.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddf5c4b819 code=0x7ffc0000
[   52.959840][   T30] audit: type=1326 audit(1732559770.971:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1326 comm="syz.4.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fddf5c4b819 code=0x7ffc0000
[   52.984662][   T30] audit: type=1326 audit(1732559770.971:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1326 comm="syz.4.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddf5c4b819 code=0x7ffc0000
[   53.009895][  T367] usb 1-1: Using ep0 maxpacket: 8
[   53.009956][   T30] audit: type=1326 audit(1732559770.971:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1326 comm="syz.4.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddf5c4b819 code=0x7ffc0000
[   53.040838][   T30] audit: type=1326 audit(1732559770.971:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1326 comm="syz.4.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fddf5c4b819 code=0x7ffc0000
[   53.064938][   T30] audit: type=1326 audit(1732559770.981:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1326 comm="syz.4.337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddf5c4b819 code=0x7ffc0000
[   53.120652][ T1329] loop4: detected capacity change from 0 to 1024
[   53.152392][ T1329] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   53.163274][  T367] usb 1-1: New USB device found, idVendor=0403, idProduct=f0c8, bcdDevice= 2.56
[   53.174534][ T1329] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[   53.178677][  T367] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   53.185388][  T852] ntrig 0003:1B96:000A.0003: unknown main item tag 0x0
[   53.193259][ T1329] EXT4-fs (loop4): barriers disabled
[   53.200134][  T852] ntrig 0003:1B96:000A.0003: unknown main item tag 0x0
[   53.210603][  T852] ntrig 0003:1B96:000A.0003: unknown main item tag 0x0
[   53.211063][  T367] usb 1-1: config 0 descriptor??
[   53.219865][  T852] ntrig 0003:1B96:000A.0003: unknown main item tag 0x0
[   53.229043][  T852] ntrig 0003:1B96:000A.0003: unknown main item tag 0x0
[   53.229298][ T1329] JBD2: no valid journal superblock found
[   53.237123][  T852] ntrig 0003:1B96:000A.0003: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.1-1/input0
[   53.242869][ T1329] EXT4-fs (loop4): error loading journal
[   53.270236][  T367] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[   53.317321][ T1331] loop2: detected capacity change from 0 to 512
[   53.361609][ T1336] loop4: detected capacity change from 0 to 2048
[   53.370700][ T1331] EXT4-fs (loop2): 1 orphan inode deleted
[   53.376258][ T1331] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   53.387509][ T1331] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.393175][ T1295] UDC core: couldn't find an available UDC or it's busy: -16
[   53.408044][ T1295] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   53.433931][ T1295] loop1: detected capacity change from 0 to 256
[   53.460397][ T1295] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   53.476610][ T1311] incfs: Can't find or create .index dir in ./file0
[   53.483857][ T1295] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d)
[   53.498523][ T1311] incfs: mount failed -14
[   53.508955][ T1343] syz.3.342[1343] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   53.509032][ T1343] syz.3.342[1343] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   53.520616][  T367] usb 1-1: Detected FT8U232AM
[   53.546486][ T1345] FAULT_INJECTION: forcing a failure.
[   53.546486][ T1345] name failslab, interval 1, probability 0, space 0, times 1
[   53.553702][  T367] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   53.569327][ T1345] CPU: 0 PID: 1345 Comm: syz.2.343 Not tainted 5.15.168-syzkaller-00719-g101e665d55a8 #0
[   53.578953][ T1345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   53.588863][ T1345] Call Trace:
[   53.591973][ T1345]  <TASK>
[   53.594751][ T1345]  dump_stack_lvl+0x151/0x1c0
[   53.599265][ T1345]  ? io_uring_drop_tctx_refs+0x190/0x190
[   53.604735][ T1345]  dump_stack+0x15/0x20
[   53.608720][ T1345]  should_fail+0x3c6/0x510
[   53.612974][ T1345]  __should_failslab+0xa4/0xe0
[   53.617573][ T1345]  ? p9_client_prepare_req+0xb8/0xbf0
[   53.622779][ T1345]  should_failslab+0x9/0x20
[   53.627120][ T1345]  slab_pre_alloc_hook+0x37/0xd0
[   53.631895][ T1345]  ? p9_client_prepare_req+0xb8/0xbf0
[   53.637104][ T1345]  kmem_cache_alloc+0x44/0x200
[   53.641700][ T1345]  ? legacy_get_tree+0xf1/0x190
[   53.646387][ T1345]  p9_client_prepare_req+0xb8/0xbf0
[   53.651422][ T1345]  ? _raw_spin_lock_irqsave+0xf9/0x210
[   53.656720][ T1345]  ? _raw_spin_lock+0x1b0/0x1b0
[   53.661408][ T1345]  p9_client_rpc+0x159/0x13a0
[   53.665920][ T1345]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   53.671557][ T1345]  ? add_wait_queue+0x189/0x1c0
[   53.676248][ T1345]  ? p9_fid_create+0x280/0x280
[   53.680861][ T1345]  ? pipe_poll+0x368/0x4d0
[   53.685096][ T1345]  ? pipe_write+0x1930/0x1930
[   53.689611][ T1345]  ? __kasan_check_write+0x14/0x20
[   53.694560][ T1345]  ? p9_conn_create+0x4d0/0x560
[   53.699246][ T1345]  ? p9_fd_create+0x3d5/0x510
[   53.703757][ T1345]  ? p9_fd_create_unix+0x430/0x430
[   53.708705][ T1345]  ? p9_client_create+0x737/0x1130
[   53.713652][ T1345]  ? kfree+0xc8/0x220
[   53.717471][ T1345]  p9_client_create+0x9be/0x1130
[   53.722248][ T1345]  ? p9_parse_header+0x6c0/0x6c0
[   53.727021][ T1345]  ? __kasan_kmalloc+0x9/0x10
[   53.731531][ T1345]  ? kstrdup+0x4f/0x70
[   53.735436][ T1345]  ? memset+0x35/0x40
[   53.739256][ T1345]  v9fs_session_init+0x1fa/0x19b0
[   53.744123][ T1345]  ? v9fs_show_options+0x570/0x570
[   53.749064][ T1345]  ? __kasan_kmalloc+0x9/0x10
[   53.753579][ T1345]  ? v9fs_mount+0x5f/0x7f0
[   53.757828][ T1345]  v9fs_mount+0x75/0x7f0
[   53.761928][ T1345]  legacy_get_tree+0xf1/0x190
[   53.766420][ T1345]  ? incfs_get_verity_signature+0x420/0x420
[   53.772151][ T1345]  vfs_get_tree+0x88/0x290
[   53.776404][ T1345]  do_new_mount+0x2ba/0xb30
[   53.780758][ T1345]  ? do_move_mount_old+0x160/0x160
[   53.785691][ T1345]  ? security_capable+0x87/0xb0
[   53.790380][ T1345]  ? ns_capable+0x89/0xe0
[   53.794546][ T1345]  path_mount+0x671/0x1070
[   53.798806][ T1345]  __se_sys_mount+0x2c4/0x3b0
[   53.803308][ T1345]  ? __x64_sys_mount+0xd0/0xd0
[   53.807910][ T1345]  ? debug_smp_processor_id+0x17/0x20
[   53.813120][ T1345]  __x64_sys_mount+0xbf/0xd0
[   53.817547][ T1345]  x64_sys_call+0x49d/0x9a0
[   53.821883][ T1345]  do_syscall_64+0x3b/0xb0
[   53.826137][ T1345]  ? clear_bhb_loop+0x35/0x90
[   53.830652][ T1345]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   53.836377][ T1345] RIP: 0033:0x7f17498ad819
[   53.840634][ T1345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.860333][ T1345] RSP: 002b:00007f1747f26038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   53.868577][ T1345] RAX: ffffffffffffffda RBX: 00007f1749a64fa0 RCX: 00007f17498ad819
[   53.876388][ T1345] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[   53.884199][ T1345] RBP: 00007f1747f26090 R08: 0000000020000400 R09: 0000000000000000
[   53.892008][ T1345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   53.899822][ T1345] R13: 0000000000000000 R14: 00007f1749a64fa0 R15: 00007ffc9a421de8
[   53.907637][ T1345]  </TASK>
[   53.915264][  T367] usb 1-1: USB disconnect, device number 5
[   53.923316][  T367] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   53.932730][  T367] ftdi_sio 1-1:0.0: device disconnected
[   53.997672][ T1352] loop2: detected capacity change from 0 to 512
[   54.042087][ T1352] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.345: casefold flag without casefold feature
[   54.054685][ T1352] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.345: couldn't read orphan inode 15 (err -117)
[   54.066553][ T1352] EXT4-fs (loop2): mounted filesystem without journal. Opts: noinit_itable,nombcache,,errors=continue. Quota mode: none.
[   54.111141][ T1347] loop3: detected capacity change from 0 to 40427
[   54.165537][ T1347] F2FS-fs (loop3): invalid crc value
[   54.201446][ T1347] F2FS-fs (loop3): Found nat_bits in checkpoint
[   54.269538][ T1347] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1
[   54.274866][ T1369] loop2: detected capacity change from 0 to 2048
[   54.289982][ T1347] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   54.318302][ T1343] attempt to access beyond end of device
[   54.318302][ T1343] loop3: rw=0, want=45072, limit=40427
[   54.379465][ T1369] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobarrier,grpjquota=,,errors=continue. Quota mode: none.
[   54.751473][ T1379] loop0: detected capacity change from 0 to 16
[   54.751919][ T1381] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=24341 sclass=netlink_xfrm_socket pid=1381 comm=syz.2.349
[   54.775978][ T1383] 9pnet: Insufficient options for proto=fd
[   54.795314][ T1379] erofs: (device loop0): mounted with root inode @ nid 36.
[   54.803936][ T1379] syz.0.352[1379] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.804063][ T1379] syz.0.352[1379] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.899117][ T1389] FAULT_INJECTION: forcing a failure.
[   54.899117][ T1389] name failslab, interval 1, probability 0, space 0, times 0
[   54.914744][ T1295] 9pnet: p9_fd_create_tcp (1295): problem connecting socket to 127.0.0.1
[   54.922760][ T1389] CPU: 0 PID: 1389 Comm: syz.4.355 Not tainted 5.15.168-syzkaller-00719-g101e665d55a8 #0
[   54.940435][ T1389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   54.950326][ T1389] Call Trace:
[   54.953453][ T1389]  <TASK>
[   54.956227][ T1389]  dump_stack_lvl+0x151/0x1c0
[   54.960742][ T1389]  ? io_uring_drop_tctx_refs+0x190/0x190
[   54.966212][ T1389]  dump_stack+0x15/0x20
[   54.970203][ T1389]  should_fail+0x3c6/0x510
[   54.974458][ T1389]  __should_failslab+0xa4/0xe0
[   54.979056][ T1389]  ? p9_client_prepare_req+0xb8/0xbf0
[   54.984263][ T1389]  should_failslab+0x9/0x20
[   54.988603][ T1389]  slab_pre_alloc_hook+0x37/0xd0
[   54.993377][ T1389]  ? p9_client_prepare_req+0xb8/0xbf0
[   54.998580][ T1389]  kmem_cache_alloc+0x44/0x200
[   55.003181][ T1389]  ? legacy_get_tree+0xf1/0x190
[   55.007874][ T1389]  p9_client_prepare_req+0xb8/0xbf0
[   55.012906][ T1389]  ? _raw_spin_lock_irqsave+0xf9/0x210
[   55.018199][ T1389]  ? _raw_spin_lock+0x1b0/0x1b0
[   55.022892][ T1389]  p9_client_rpc+0x159/0x13a0
[   55.027398][ T1389]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   55.033038][ T1389]  ? add_wait_queue+0x189/0x1c0
[   55.037729][ T1389]  ? p9_fid_create+0x280/0x280
[   55.042325][ T1389]  ? pipe_poll+0x368/0x4d0
[   55.046580][ T1389]  ? pipe_write+0x1930/0x1930
[   55.051091][ T1389]  ? __kasan_check_write+0x14/0x20
[   55.056040][ T1389]  ? p9_conn_create+0x4d0/0x560
[   55.060745][ T1389]  ? p9_fd_create+0x3d5/0x510
[   55.065238][ T1389]  ? p9_fd_create_unix+0x430/0x430
[   55.070189][ T1389]  ? p9_client_create+0x737/0x1130
[   55.075134][ T1389]  ? kfree+0xc8/0x220
[   55.078955][ T1389]  p9_client_create+0x9be/0x1130
[   55.083727][ T1389]  ? p9_parse_header+0x6c0/0x6c0
[   55.088501][ T1389]  ? __kasan_kmalloc+0x9/0x10
[   55.093012][ T1389]  ? kstrdup+0x4f/0x70
[   55.096918][ T1389]  ? memset+0x35/0x40
[   55.100737][ T1389]  v9fs_session_init+0x1fa/0x19b0
[   55.105602][ T1389]  ? v9fs_show_options+0x570/0x570
[   55.110547][ T1389]  ? __kasan_kmalloc+0x9/0x10
[   55.115056][ T1389]  ? v9fs_mount+0x5f/0x7f0
[   55.119312][ T1389]  v9fs_mount+0x75/0x7f0
[   55.123391][ T1389]  legacy_get_tree+0xf1/0x190
[   55.127902][ T1389]  ? incfs_get_verity_signature+0x420/0x420
[   55.133633][ T1389]  vfs_get_tree+0x88/0x290
[   55.137884][ T1389]  do_new_mount+0x2ba/0xb30
[   55.142223][ T1389]  ? do_move_mount_old+0x160/0x160
[   55.147171][ T1389]  ? security_capable+0x87/0xb0
[   55.151859][ T1389]  ? ns_capable+0x89/0xe0
[   55.156023][ T1389]  path_mount+0x671/0x1070
[   55.160281][ T1389]  __se_sys_mount+0x2c4/0x3b0
[   55.164794][ T1389]  ? __x64_sys_mount+0xd0/0xd0
[   55.169390][ T1389]  ? sched_clock_cpu+0x18/0x3b0
[   55.174082][ T1389]  __x64_sys_mount+0xbf/0xd0
[   55.178509][ T1389]  x64_sys_call+0x49d/0x9a0
[   55.182842][ T1389]  do_syscall_64+0x3b/0xb0
[   55.187095][ T1389]  ? clear_bhb_loop+0x35/0x90
[   55.191608][ T1389]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   55.197336][ T1389] RIP: 0033:0x7fddf5c4b819
[   55.201592][ T1389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.221037][ T1389] RSP: 002b:00007fddf42c4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   55.229286][ T1389] RAX: ffffffffffffffda RBX: 00007fddf5e02fa0 RCX: 00007fddf5c4b819
[   55.237088][ T1389] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[   55.244900][ T1389] RBP: 00007fddf42c4090 R08: 0000000020000400 R09: 0000000000000000
[   55.252712][ T1389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   55.260524][ T1389] R13: 0000000000000000 R14: 00007fddf5e02fa0 R15: 00007ffcbb2aad58
[   55.268337][ T1389]  </TASK>
[   55.279109][  T316] usb 2-1: USB disconnect, device number 3
[   55.378070][ T1395] loop0: detected capacity change from 0 to 512
[   55.389566][ T1398] Invalid ELF header magic: != ELF
[   55.389865][  T367] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   55.395223][ T1397] loop4: detected capacity change from 0 to 512
[   55.404419][ T1399] Invalid ELF header magic: != ELF
[   55.415316][ T1396] sch_tbf: burst 0 is lower than device veth0_to_bridge mtu (1514) !
[   55.427127][ T1398] sch_tbf: burst 0 is lower than device veth0_to_bridge mtu (1514) !
[   55.428271][ T1395] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[   55.447387][ T1395] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.490246][ T1397] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[   55.510783][ T1398] kvm: pic: non byte write
[   55.515141][ T1397] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.753923][ T1414] loop1: detected capacity change from 0 to 1024
[   56.764570][ T1406] tun0: tun_chr_ioctl cmd 1074025678
[   56.769707][ T1406] tun0: group set to 0
[   56.820121][  T367] usb 4-1: Using ep0 maxpacket: 32
[   56.947194][ T1418] tun0: tun_chr_ioctl cmd 1074025678
[   56.952521][ T1418] tun0: group set to 0
[   56.985794][ T1414] EXT4-fs error (device loop1): ext4_map_blocks:739: inode #3: block 2: comm syz.1.361: lblock 2 mapped to illegal pblock 2 (length 1)
[   56.999985][ T1414] EXT4-fs error (device loop1): ext4_acquire_dquot:6188: comm syz.1.361: Failed to acquire dquot type 0
[   57.017973][ T1414] EXT4-fs error (device loop1): ext4_map_blocks:629: inode #3: block 2: comm syz.1.361: lblock 2 mapped to illegal pblock 2 (length 1)
[   57.019323][ T1420] input: syz0 as /devices/virtual/input/input7
[   57.038810][ T1414] EXT4-fs error (device loop1): ext4_acquire_dquot:6188: comm syz.1.361: Failed to acquire dquot type 0
[   57.050168][ T1414] EXT4-fs error (device loop1): ext4_free_blocks:6223: comm syz.1.361: Freeing blocks not in datazone - block = 0, count = 4096
[   57.063477][ T1414] EXT4-fs error (device loop1): ext4_map_blocks:629: inode #3: block 2: comm syz.1.361: lblock 2 mapped to illegal pblock 2 (length 1)
[   57.077742][ T1414] EXT4-fs error (device loop1): ext4_acquire_dquot:6188: comm syz.1.361: Failed to acquire dquot type 0
[   57.099299][ T1414] EXT4-fs (loop1): 1 orphan inode deleted
[   57.104915][ T1414] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   57.139301][ T1425] syz.0.362[1425] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   57.139377][ T1425] syz.0.362[1425] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   57.187581][  T367] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   57.210313][  T367] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[   57.223038][  T367] usb 4-1: New USB device found, idVendor=0421, idProduct=00a0, bcdDevice=c8.e1
[   57.271863][  T367] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   57.280574][  T367] usb 4-1: config 0 descriptor??
[   57.290159][ T1431] 9pnet: Insufficient options for proto=fd
[   57.313758][ T1433] FAULT_INJECTION: forcing a failure.
[   57.313758][ T1433] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   57.330230][  T367] usb 4-1: bad CDC descriptors
[   57.347268][ T1433] CPU: 1 PID: 1433 Comm: syz.2.367 Not tainted 5.15.168-syzkaller-00719-g101e665d55a8 #0
[   57.356884][ T1433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   57.366779][ T1433] Call Trace:
[   57.369902][ T1433]  <TASK>
[   57.372680][ T1433]  dump_stack_lvl+0x151/0x1c0
[   57.377201][ T1433]  ? io_uring_drop_tctx_refs+0x190/0x190
[   57.382662][ T1433]  ? copy_to_user_nofault+0x90/0x140
[   57.387783][ T1433]  dump_stack+0x15/0x20
[   57.391776][ T1433]  should_fail+0x3c6/0x510
[   57.396027][ T1433]  should_fail_alloc_page+0x5a/0x80
[   57.401064][ T1433]  prepare_alloc_pages+0x15c/0x700
[   57.406012][ T1433]  ? __alloc_pages_bulk+0xe40/0xe40
[   57.411048][ T1433]  __alloc_pages+0x18c/0x8f0
[   57.415471][ T1433]  ? prep_new_page+0x110/0x110
[   57.420074][ T1433]  kmalloc_order+0x4a/0x160
[   57.424419][ T1433]  kmalloc_order_trace+0x1a/0xb0
[   57.429183][ T1433]  __kmalloc+0x19c/0x270
[   57.433263][ T1433]  ? kmem_cache_alloc+0xf5/0x200
[   57.438037][ T1433]  p9_client_prepare_req+0x398/0xbf0
[   57.443158][ T1433]  p9_client_rpc+0x159/0x13a0
[   57.447668][ T1433]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   57.453316][ T1433]  ? add_wait_queue+0x189/0x1c0
[   57.458001][ T1433]  ? p9_fid_create+0x280/0x280
[   57.462596][ T1433]  ? pipe_poll+0x368/0x4d0
[   57.466853][ T1433]  ? pipe_write+0x1930/0x1930
[   57.471366][ T1433]  ? __kasan_check_write+0x14/0x20
[   57.476310][ T1433]  ? p9_conn_create+0x4d0/0x560
[   57.480997][ T1433]  ? p9_fd_create+0x3d5/0x510
[   57.485514][ T1433]  ? p9_fd_create_unix+0x430/0x430
[   57.490459][ T1433]  ? p9_client_create+0x737/0x1130
[   57.495406][ T1433]  ? kfree+0xc8/0x220
[   57.499226][ T1433]  p9_client_create+0x9be/0x1130
[   57.504005][ T1433]  ? p9_parse_header+0x6c0/0x6c0
[   57.508774][ T1433]  ? __kasan_kmalloc+0x9/0x10
[   57.513283][ T1433]  ? kstrdup+0x4f/0x70
[   57.517189][ T1433]  ? memset+0x35/0x40
[   57.521011][ T1433]  v9fs_session_init+0x1fa/0x19b0
[   57.525873][ T1433]  ? v9fs_show_options+0x570/0x570
[   57.530818][ T1433]  ? __kasan_kmalloc+0x9/0x10
[   57.535333][ T1433]  ? v9fs_mount+0x5f/0x7f0
[   57.539584][ T1433]  v9fs_mount+0x75/0x7f0
[   57.543663][ T1433]  legacy_get_tree+0xf1/0x190
[   57.548175][ T1433]  ? incfs_get_verity_signature+0x420/0x420
[   57.553909][ T1433]  vfs_get_tree+0x88/0x290
[   57.558164][ T1433]  do_new_mount+0x2ba/0xb30
[   57.562498][ T1433]  ? do_move_mount_old+0x160/0x160
[   57.567445][ T1433]  ? security_capable+0x87/0xb0
[   57.572129][ T1433]  ? ns_capable+0x89/0xe0
[   57.576298][ T1433]  path_mount+0x671/0x1070
[   57.580572][ T1433]  __se_sys_mount+0x2c4/0x3b0
[   57.585062][ T1433]  ? __x64_sys_mount+0xd0/0xd0
[   57.589664][ T1433]  ? debug_smp_processor_id+0x17/0x20
[   57.594874][ T1433]  __x64_sys_mount+0xbf/0xd0
[   57.599304][ T1433]  x64_sys_call+0x49d/0x9a0
[   57.603637][ T1433]  do_syscall_64+0x3b/0xb0
[   57.607887][ T1433]  ? clear_bhb_loop+0x35/0x90
[   57.612403][ T1433]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   57.618128][ T1433] RIP: 0033:0x7f17498ad819
[   57.622386][ T1433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.641823][ T1433] RSP: 002b:00007f1747f26038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   57.650072][ T1433] RAX: ffffffffffffffda RBX: 00007f1749a64fa0 RCX: 00007f17498ad819
[   57.657883][ T1433] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[   57.665692][ T1433] RBP: 00007f1747f26090 R08: 0000000020000400 R09: 0000000000000000
[   57.673502][ T1433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   57.681315][ T1433] R13: 0000000000000000 R14: 00007f1749a64fa0 R15: 00007ffc9a421de8
[   57.689134][ T1433]  </TASK>
[   57.700656][ T1437] UDC core: couldn't find an available UDC or it's busy: -16
[   57.729888][ T1437] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   57.751549][  T367] usb 4-1: USB disconnect, device number 4
[   57.762208][ T1436] loop1: detected capacity change from 0 to 512
[   57.871016][ T1425] loop0: detected capacity change from 0 to 40427
[   57.902098][ T1436] EXT4-fs (loop1): orphan cleanup on readonly fs
[   57.909417][ T1436] EXT4-fs (loop1): 1 orphan inode deleted
[   57.915605][ T1436] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   57.961306][ T1425] F2FS-fs (loop0): invalid crc value
[   57.968122][ T1425] F2FS-fs (loop0): Found nat_bits in checkpoint
[   58.017113][ T1425] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1
[   58.024038][ T1425] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   58.039865][  T434] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   58.154881][ T1450] loop1: detected capacity change from 0 to 40427
[   58.164960][ T1456] loop0: detected capacity change from 0 to 2048
[   58.191987][ T1450] F2FS-fs (loop1): fault_injection options not supported
[   58.201186][ T1450] F2FS-fs (loop1): invalid crc value
[   58.204347][ T1456] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,grpjquota=,,errors=continue. Quota mode: none.
[   58.207659][ T1450] F2FS-fs (loop1): Found nat_bits in checkpoint
[   58.262876][ T1450] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   58.282711][ T1463] netlink: 104 bytes leftover after parsing attributes in process `syz.0.370'.
[   58.290000][ T1462] loop3: detected capacity change from 0 to 2048
[   58.306453][  T289] attempt to access beyond end of device
[   58.306453][  T289] loop1: rw=2049, want=45104, limit=40427
[   58.389848][  T367] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   58.450119][  T434] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   58.465739][ T1468] loop1: detected capacity change from 0 to 512
[   58.471870][  T434] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   58.489782][  T434] usb 3-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00
[   58.500079][  T434] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   58.511379][  T434] usb 3-1: config 0 descriptor??
[   58.565598][ T1468] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[   58.578029][ T1468] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.608567][ T1477] loop3: detected capacity change from 0 to 512
[   58.689950][  T367] usb 5-1: Using ep0 maxpacket: 32
[   58.793282][ T1481] 9pnet: Insufficient options for proto=fd
[   58.810095][  T367] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   58.875620][  T367] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[   58.886957][  T367] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   58.911681][  T367] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   58.927975][ T1477] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[   58.946027][ T1477] ext4 filesystem being mounted at /78/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   58.948737][  T367] usb 5-1: config 0 descriptor??
[   58.980630][ T1454] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   59.000831][  T367] hub 5-1:0.0: USB hub found
[   59.008914][   T30] kauditd_printk_skb: 31 callbacks suppressed
[   59.008925][   T30] audit: type=1400 audit(1732559777.151:583): avc:  denied  { mounton } for  pid=1484 comm="syz.0.378" path="/44/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[   59.076110][ T1491] syz.0.380[1491] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.076156][ T1491] syz.0.380[1491] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   59.113315][ T1441] loop2: detected capacity change from 0 to 512
[   59.188807][ T1441] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   59.201969][ T1441] EXT4-fs (loop2): orphan cleanup on readonly fs
[   59.219870][  T852] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   59.231331][ T1441] EXT4-fs warning (device loop2): ext4_enable_quotas:6423: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   59.253262][ T1491] loop0: detected capacity change from 0 to 40427
[   59.260285][ T1441] EXT4-fs (loop2): Cannot turn on quotas: error -22
[   59.266931][ T1441] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #16: comm syz.2.368: casefold flag without casefold feature
[   59.279910][  T367] hub 5-1:0.0: 1 port detected
[   59.279945][ T1441] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.368: couldn't read orphan inode 16 (err -117)
[   59.297204][ T1441] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   59.312891][   T30] audit: type=1400 audit(1732559777.461:584): avc:  denied  { read } for  pid=1440 comm="syz.2.368" dev="nsfs" ino=4026532467 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   59.334690][ T1441] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   59.339986][ T1491] F2FS-fs (loop0): invalid crc value
[   59.347669][   T30] audit: type=1400 audit(1732559777.481:585): avc:  denied  { open } for  pid=1440 comm="syz.2.368" path="net:[4026532467]" dev="nsfs" ino=4026532467 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   59.372061][ T1491] F2FS-fs (loop0): Found nat_bits in checkpoint
[   59.381277][  T434] hid-multitouch 0003:0EEF:72D0.0004: item fetching failed at offset 3/5
[   59.399859][  T434] hid-multitouch: probe of 0003:0EEF:72D0.0004 failed with error -22
[   59.422609][ T1491] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1
[   59.429216][ T1491] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   59.459848][  T852] usb 4-1: Using ep0 maxpacket: 8
[   59.549876][  T367] hub 5-1:0.0: hub_hub_status failed (err = -71)
[   59.556032][  T367] hub 5-1:0.0: config failed, can't get hub status (err -71)
[   59.579889][  T852] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[   59.588827][  T852] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   59.596832][  T584] usb 3-1: USB disconnect, device number 2
[   59.599205][  T852] usb 4-1: config 0 descriptor??
[   59.669887][  T367] usbhid 5-1:0.0: can't add hid device: -71
[   59.675671][  T367] usbhid: probe of 5-1:0.0 failed with error -71
[   59.710231][  T367] usb 5-1: USB disconnect, device number 6
[   59.819913][  T434] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[   60.003111][ T1519] loop1: detected capacity change from 0 to 2048
[   60.052249][ T1522] 9pnet: Insufficient options for proto=fd
[   60.072989][ T1524] loop4: detected capacity change from 0 to 2048
[   60.121085][ T1524] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobarrier,grpjquota=,,errors=continue. Quota mode: none.
[   60.141575][ T1528] 9pnet: Insufficient options for proto=fd
[   60.162244][ T1530] loop2: detected capacity change from 0 to 512
[   60.194005][ T1530] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[   60.207046][ T1530] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.217374][  T434] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   60.233282][ T1537] netlink: 104 bytes leftover after parsing attributes in process `syz.4.387'.
[   60.242141][  T434] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   60.293586][  T434] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   60.302669][  T434] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   60.314977][  T434] usb 1-1: config 0 descriptor??
[   60.577910][ T1539] tun0: tun_chr_ioctl cmd 1074025678
[   60.583134][ T1539] tun0: group set to 0
[   60.710106][  T316] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   60.849106][ T1542] syz.4.392[1542] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.849188][ T1542] syz.4.392[1542] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.949865][  T316] usb 2-1: Using ep0 maxpacket: 16
[   60.967717][ T1542] loop4: detected capacity change from 0 to 40427
[   60.994591][ T1517] loop0: detected capacity change from 0 to 512
[   61.051841][ T1517] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   61.062756][ T1517] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.083674][ T1542] F2FS-fs (loop4): invalid crc value
[   61.090128][  T316] usb 2-1: config 0 has an invalid interface number: 41 but max is 0
[   61.090735][  T434] keytouch 0003:0926:3333.0005: fixing up Keytouch IEC report descriptor
[   61.098193][  T316] usb 2-1: config 0 has no interface number 0
[   61.112458][  T316] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[   61.121501][ T1542] F2FS-fs (loop4): Found nat_bits in checkpoint
[   61.122107][  T316] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[   61.137932][  T316] usb 2-1: config 0 interface 41 has no altsetting 0
[   61.141992][  T434] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0005/input/input8
[   61.177073][ T1542] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1
[   61.184100][ T1542] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   61.234218][  T434] keytouch 0003:0926:3333.0005: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[   61.293563][   T58] usb 1-1: USB disconnect, device number 6
[   61.299997][  T316] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[   61.308844][  T316] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   61.320729][  T316] usb 2-1: Product: syz
[   61.324828][  T316] usb 2-1: Manufacturer: syz
[   61.329322][  T316] usb 2-1: SerialNumber: syz
[   61.334547][  T316] usb 2-1: config 0 descriptor??
[   61.345779][ T1553] mmap: syz.4.394 (1553): VmData 17408000 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[   61.357926][ T1536] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   61.357953][ T1536] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   61.439957][   T20] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   61.590910][ T1536] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   61.597813][ T1536] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   61.799902][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   61.810766][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   61.820387][   T20] usb 3-1: New USB device found, idVendor=172f, idProduct=0500, bcdDevice= 0.00
[   61.829215][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   61.837550][   T20] usb 3-1: config 0 descriptor??
[   61.898026][ T1560] loop0: detected capacity change from 0 to 256
[   61.940049][ T1560] exfat: Deprecated parameter 'utf8'
[   61.945217][ T1560] exfat: Deprecated parameter 'namecase'
[   61.950662][ T1560] exfat: Deprecated parameter 'utf8'
[   61.972262][ T1560] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[   62.031068][ T1562] 9pnet: Insufficient options for proto=fd
[   62.049942][  T316] CoreChips: probe of 2-1:0.41 failed with error -71
[   62.063427][  T316] usb 2-1: USB disconnect, device number 4
[   62.075406][ T1567] 9pnet: Insufficient options for proto=fd
[   62.099971][  T852] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[   62.112681][  T852] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9
[   62.123917][  T852] asix: probe of 4-1:0.0 failed with error -71
[   62.132579][  T852] usb 4-1: USB disconnect, device number 5
[   62.136269][ T1572] loop0: detected capacity change from 0 to 2048
[   62.378777][ T1576] loop0: detected capacity change from 0 to 512
[   62.567421][ T1578] loop4: detected capacity change from 0 to 512
[   62.594514][   T20] usbhid 3-1:0.0: can't add hid device: -71
[   62.600300][   T20] usbhid: probe of 3-1:0.0 failed with error -71
[   62.601373][ T1576] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[   62.607099][   T20] usb 3-1: USB disconnect, device number 3
[   62.625099][ T1576] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.647122][ T1578] EXT4-fs (loop4): mounted filesystem without journal. Opts: nolazytime,bsddf,,errors=continue. Quota mode: writeback.
[   62.659572][ T1578] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.764903][ T1587] loop3: detected capacity change from 0 to 2048
[   62.826698][ T1588] tun0: tun_chr_ioctl cmd 1074025678
[   62.831848][ T1588] tun0: group set to 0
[   63.122126][ T1587] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro,. Quota mode: none.
[   63.153226][ T1587] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   63.170086][ T1587] EXT4-fs (loop3): Remounting filesystem read-only
[   63.177605][ T1597] 9pnet: Insufficient options for proto=fd
[   63.269861][  T316] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   63.283024][ T1603] 9pnet: Insufficient options for proto=fd
[   63.439903][  T852] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[   63.629937][  T316] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   63.641110][  T316] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   63.650934][   T20] usb 1-1: new full-speed USB device number 7 using dummy_hcd
[   63.658538][  T316] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   63.667859][  T316] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   63.677065][  T316] usb 2-1: config 0 descriptor??
[   63.809905][  T852] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   63.820904][  T852] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   63.831018][  T852] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   63.840132][  T852] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   63.852295][  T852] usb 4-1: config 0 descriptor??
[   64.009897][   T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   64.020743][   T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   64.030476][   T20] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   64.043287][   T20] usb 1-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[   64.052315][   T20] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   64.064171][   T20] usb 1-1: config 0 descriptor??
[   64.140798][ T1585] netlink: 12 bytes leftover after parsing attributes in process `syz.1.404'.
[   64.190250][ T1618] loop2: detected capacity change from 0 to 2048
[   64.221272][ T1618] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   64.239458][   T30] audit: type=1400 audit(1732559782.381:586): avc:  denied  { rename } for  pid=1617 comm="syz.2.416" name="file0" dev="loop2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   64.264097][ T1621] loop4: detected capacity change from 0 to 256
[   64.264543][ T1618] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   64.276131][ T1621] exfat: Unknown parameter 'dmas¦\s\Ð5ûX‚Sj·k'
[   64.285701][ T1618] EXT4-fs (loop2): Delayed block allocation failed for inode 13 at logical offset 16 with max blocks 18 with error 28
[   64.303344][ T1618] EXT4-fs (loop2): This should not happen!! Data will be lost
[   64.303344][ T1618] 
[   64.312924][ T1618] EXT4-fs (loop2): Total free blocks count 0
[   64.318901][ T1618] EXT4-fs (loop2): Free/Dirty block details
[   64.324677][ T1618] EXT4-fs (loop2): free_blocks=2415919104
[   64.330328][ T1618] EXT4-fs (loop2): dirty_blocks=32
[   64.335183][ T1618] EXT4-fs (loop2): Block reservation details
[   64.341195][ T1618] EXT4-fs (loop2): i_reserved_data_blocks=2
[   64.371015][ T1627] 9pnet: Insufficient options for proto=fd
[   64.399994][  T316] usb 2-1: language id specifier not provided by device, defaulting to English
[   64.408910][ T1633] loop4: detected capacity change from 0 to 128
[   64.432144][ T1633] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[   64.442242][ T1633] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000002,discard,,errors=continue. Quota mode: none.
[   64.456904][ T1633] ext2 filesystem being mounted at /90/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   64.541271][   T20] ntrig 0003:1B96:000A.0008: unknown main item tag 0x0
[   64.548250][   T20] ntrig 0003:1B96:000A.0008: unknown main item tag 0x0
[   64.555922][   T20] ntrig 0003:1B96:000A.0008: unknown main item tag 0x0
[   64.563265][   T20] ntrig 0003:1B96:000A.0008: unknown main item tag 0x0
[   64.570094][   T20] ntrig 0003:1B96:000A.0008: unknown main item tag 0x0
[   64.578759][ T1641] 9pnet: Insufficient options for proto=fd
[   64.581811][   T20] ntrig 0003:1B96:000A.0008: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.0-1/input0
[   64.600783][ T1643] loop4: detected capacity change from 0 to 512
[   64.621412][ T1643] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[   64.633721][ T1643] ext4 filesystem being mounted at /91/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.740241][ T1612] UDC core: couldn't find an available UDC or it's busy: -16
[   64.747552][ T1612] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   64.760113][ T1612] loop0: detected capacity change from 0 to 256
[   64.833616][ T1652] tun0: tun_chr_ioctl cmd 1074025678
[   64.838763][ T1652] tun0: group set to 0
[   64.853055][ T1612] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   64.917292][ T1612] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d)
[   65.149914][  T852] uclogic 0003:256C:006D.0007: interface is invalid, ignoring
[   65.352832][  T852] usb 4-1: USB disconnect, device number 6
[   65.535783][ T1662] loop2: detected capacity change from 0 to 2048
[   65.729082][ T1664] loop2: detected capacity change from 0 to 2048
[   65.769867][  T367] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   65.904102][ T1668] FAULT_INJECTION: forcing a failure.
[   65.904102][ T1668] name failslab, interval 1, probability 0, space 0, times 0
[   65.916586][ T1668] CPU: 0 PID: 1668 Comm: syz.3.432 Not tainted 5.15.168-syzkaller-00719-g101e665d55a8 #0
[   65.926134][ T1668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   65.936052][ T1668] Call Trace:
[   65.939156][ T1668]  <TASK>
[   65.941934][ T1668]  dump_stack_lvl+0x151/0x1c0
[   65.946445][ T1668]  ? io_uring_drop_tctx_refs+0x190/0x190
[   65.951917][ T1668]  ? vfs_write+0x94d/0x1110
[   65.956254][ T1668]  ? putname+0xfa/0x150
[   65.960244][ T1668]  dump_stack+0x15/0x20
[   65.964239][ T1668]  should_fail+0x3c6/0x510
[   65.968489][ T1668]  __should_failslab+0xa4/0xe0
[   65.973090][ T1668]  should_failslab+0x9/0x20
[   65.977435][ T1668]  slab_pre_alloc_hook+0x37/0xd0
[   65.982205][ T1668]  ? __se_sys_mount+0x9b/0x3b0
[   65.986815][ T1668]  __kmalloc_track_caller+0x6c/0x260
[   65.991923][ T1668]  ? __se_sys_mount+0x9b/0x3b0
[   65.996524][ T1668]  strndup_user+0x76/0x150
[   66.000778][ T1668]  __se_sys_mount+0x9b/0x3b0
[   66.005203][ T1668]  ? __x64_sys_mount+0xd0/0xd0
[   66.009808][ T1668]  ? debug_smp_processor_id+0x17/0x20
[   66.015021][ T1668]  __x64_sys_mount+0xbf/0xd0
[   66.019452][ T1668]  x64_sys_call+0x49d/0x9a0
[   66.023776][ T1668]  do_syscall_64+0x3b/0xb0
[   66.028028][ T1668]  ? clear_bhb_loop+0x35/0x90
[   66.032543][ T1668]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   66.038270][ T1668] RIP: 0033:0x7f6389582819
[   66.042522][ T1668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.061966][ T1668] RSP: 002b:00007f6387bfb038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   66.069939][  T367] usb 5-1: Using ep0 maxpacket: 16
[   66.070209][ T1668] RAX: ffffffffffffffda RBX: 00007f6389739fa0 RCX: 00007f6389582819
[   66.070225][ T1668] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[   66.090780][ T1668] RBP: 00007f6387bfb090 R08: 0000000020000400 R09: 0000000000000000
[   66.098590][ T1668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.106402][ T1668] R13: 0000000000000000 R14: 00007f6389739fa0 R15: 00007ffcebfbccd8
[   66.114221][ T1668]  </TASK>
[   66.149911][  T316] uclogic 0003:256C:006D.0006: failed retrieving Huion firmware version: -71
[   66.161852][  T316] uclogic 0003:256C:006D.0006: failed probing parameters: -71
[   66.171483][  T316] uclogic: probe of 0003:256C:006D.0006 failed with error -71
[   66.180456][ T1676] 9pnet: Insufficient options for proto=fd
[   66.189224][ T1677] loop1: detected capacity change from 0 to 2048
[   66.198129][ T1679] loop2: detected capacity change from 0 to 512
[   66.210904][  T316] usb 2-1: USB disconnect, device number 5
[   66.230133][  T367] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   66.240845][  T367] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[   66.252218][  T367] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[   66.261884][ T1679] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[   66.265024][  T367] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   66.277849][ T1679] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.299529][  T367] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   66.376932][ T1612] 9pnet: p9_fd_create_tcp (1612): problem connecting socket to 127.0.0.1
[   66.396480][  T852] usb 1-1: USB disconnect, device number 7
[   66.409933][ T1658] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   66.410474][ T1677] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,norecovery,data_err=abort,noblock_validity,,errors=continue. Quota mode: writeback.
[   66.438537][  T367] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[   66.494597][ T1690] tun0: tun_chr_ioctl cmd 1074025678
[   66.499781][ T1690] tun0: group set to 0
[   66.706280][ T1677] EXT4-fs error (device loop1): ext4_find_extent:929: inode #2: comm syz.1.434: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   66.746362][ T1692] loop0: detected capacity change from 0 to 2048
[   66.760263][  T367] cdc_acm 5-1:1.0: ttyACM0: USB ACM device
[   66.767931][  T367] usb 5-1: USB disconnect, device number 7
[   66.832512][ T1692] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,grpjquota=,,errors=continue. Quota mode: none.
[   66.911056][ T1699] netlink: 104 bytes leftover after parsing attributes in process `syz.0.438'.
[   66.964922][ T1701] loop1: detected capacity change from 0 to 2048
[   67.088451][ T1703] loop3: detected capacity change from 0 to 512
[   67.112463][ T1701] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro,. Quota mode: none.
[   67.130794][ T1701] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   67.136668][ T1703] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   67.157290][ T1701] EXT4-fs (loop1): Remounting filesystem read-only
[   67.170098][ T1703] EXT4-fs (loop3): orphan cleanup on readonly fs
[   67.176639][ T1703] EXT4-fs warning (device loop3): ext4_enable_quotas:6423: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   67.191790][ T1703] EXT4-fs (loop3): Cannot turn on quotas: error -22
[   67.198797][ T1703] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.441: bg 0: block 40: padding at end of block bitmap is not set
[   67.213665][ T1703] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6183: Corrupt filesystem
[   67.227063][ T1703] EXT4-fs (loop3): 1 truncate cleaned up
[   67.232960][ T1703] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   67.260595][ T1711] FAULT_INJECTION: forcing a failure.
[   67.260595][ T1711] name failslab, interval 1, probability 0, space 0, times 0
[   67.309877][ T1711] CPU: 0 PID: 1711 Comm: syz.2.443 Not tainted 5.15.168-syzkaller-00719-g101e665d55a8 #0
[   67.319506][ T1711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   67.329398][ T1711] Call Trace:
[   67.332524][ T1711]  <TASK>
[   67.335298][ T1711]  dump_stack_lvl+0x151/0x1c0
[   67.339815][ T1711]  ? io_uring_drop_tctx_refs+0x190/0x190
[   67.345279][ T1711]  ? get_random_u64+0x381/0x5c0
[   67.349968][ T1711]  ? _get_random_bytes+0x2b0/0x2b0
[   67.354927][ T1711]  dump_stack+0x15/0x20
[   67.358910][ T1711]  should_fail+0x3c6/0x510
[   67.363162][ T1711]  __should_failslab+0xa4/0xe0
[   67.367761][ T1711]  ? __kmem_cache_create+0x1a1/0x680
[   67.372882][ T1711]  should_failslab+0x9/0x20
[   67.377221][ T1711]  slab_pre_alloc_hook+0x37/0xd0
[   67.381998][ T1711]  ? __kmem_cache_create+0x1a1/0x680
[   67.387113][ T1711]  kmem_cache_alloc+0x44/0x200
[   67.391715][ T1711]  __kmem_cache_create+0x1a1/0x680
[   67.396663][ T1711]  kmem_cache_create_usercopy+0x150/0x2a0
[   67.402304][ T1711]  p9_client_create+0xc57/0x1130
[   67.407078][ T1711]  ? p9_parse_header+0x6c0/0x6c0
[   67.411857][ T1711]  ? __kasan_kmalloc+0x9/0x10
[   67.416363][ T1711]  ? kstrdup+0x4f/0x70
[   67.420269][ T1711]  ? memset+0x35/0x40
[   67.424093][ T1711]  v9fs_session_init+0x1fa/0x19b0
[   67.428955][ T1711]  ? v9fs_show_options+0x570/0x570
[   67.433909][ T1711]  ? __kasan_kmalloc+0x9/0x10
[   67.438410][ T1711]  ? v9fs_mount+0x5f/0x7f0
[   67.442663][ T1711]  v9fs_mount+0x75/0x7f0
[   67.446744][ T1711]  legacy_get_tree+0xf1/0x190
[   67.451253][ T1711]  ? incfs_get_verity_signature+0x420/0x420
[   67.456983][ T1711]  vfs_get_tree+0x88/0x290
[   67.461237][ T1711]  do_new_mount+0x2ba/0xb30
[   67.465576][ T1711]  ? do_move_mount_old+0x160/0x160
[   67.470522][ T1711]  ? security_capable+0x87/0xb0
[   67.475209][ T1711]  ? ns_capable+0x89/0xe0
[   67.479372][ T1711]  path_mount+0x671/0x1070
[   67.483626][ T1711]  __se_sys_mount+0x2c4/0x3b0
[   67.488142][ T1711]  ? __x64_sys_mount+0xd0/0xd0
[   67.492738][ T1711]  ? debug_smp_processor_id+0x17/0x20
[   67.497952][ T1711]  __x64_sys_mount+0xbf/0xd0
[   67.502375][ T1711]  x64_sys_call+0x49d/0x9a0
[   67.506714][ T1711]  do_syscall_64+0x3b/0xb0
[   67.510965][ T1711]  ? clear_bhb_loop+0x35/0x90
[   67.515477][ T1711]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.521208][ T1711] RIP: 0033:0x7f17498ad819
[   67.525461][ T1711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.544901][ T1711] RSP: 002b:00007f1747f26038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   67.553147][ T1711] RAX: ffffffffffffffda RBX: 00007f1749a64fa0 RCX: 00007f17498ad819
[   67.560957][ T1711] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[   67.568767][ T1711] RBP: 00007f1747f26090 R08: 0000000020000400 R09: 0000000000000000
[   67.576578][ T1711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   67.584393][ T1711] R13: 0000000000000000 R14: 00007f1749a64fa0 R15: 00007ffc9a421de8
[   67.592205][ T1711]  </TASK>
[   67.611713][ T1711] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -22
[   67.619457][ T1711] CPU: 1 PID: 1711 Comm: syz.2.443 Not tainted 5.15.168-syzkaller-00719-g101e665d55a8 #0
[   67.629064][ T1711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   67.638946][ T1711] Call Trace:
[   67.642068][ T1711]  <TASK>
[   67.644847][ T1711]  dump_stack_lvl+0x151/0x1c0
[   67.649361][ T1711]  ? io_uring_drop_tctx_refs+0x190/0x190
[   67.654829][ T1711]  ? kmem_cache_free+0x116/0x2e0
[   67.659606][ T1711]  dump_stack+0x15/0x20
[   67.663596][ T1711]  kmem_cache_create_usercopy+0x22c/0x2a0
[   67.669148][ T1711]  p9_client_create+0xc57/0x1130
[   67.673926][ T1711]  ? p9_parse_header+0x6c0/0x6c0
[   67.678700][ T1711]  ? __kasan_kmalloc+0x9/0x10
[   67.683224][ T1711]  ? kstrdup+0x4f/0x70
[   67.687118][ T1711]  ? memset+0x35/0x40
[   67.690932][ T1711]  v9fs_session_init+0x1fa/0x19b0
[   67.695798][ T1711]  ? v9fs_show_options+0x570/0x570
[   67.700741][ T1711]  ? __kasan_kmalloc+0x9/0x10
[   67.705252][ T1711]  ? v9fs_mount+0x5f/0x7f0
[   67.709507][ T1711]  v9fs_mount+0x75/0x7f0
[   67.713587][ T1711]  legacy_get_tree+0xf1/0x190
[   67.718099][ T1711]  ? incfs_get_verity_signature+0x420/0x420
[   67.723831][ T1711]  vfs_get_tree+0x88/0x290
[   67.728079][ T1711]  do_new_mount+0x2ba/0xb30
[   67.732421][ T1711]  ? do_move_mount_old+0x160/0x160
[   67.737365][ T1711]  ? security_capable+0x87/0xb0
[   67.742055][ T1711]  ? ns_capable+0x89/0xe0
[   67.746222][ T1711]  path_mount+0x671/0x1070
[   67.750475][ T1711]  __se_sys_mount+0x2c4/0x3b0
[   67.755002][ T1711]  ? __x64_sys_mount+0xd0/0xd0
[   67.759587][ T1711]  ? debug_smp_processor_id+0x17/0x20
[   67.764794][ T1711]  __x64_sys_mount+0xbf/0xd0
[   67.769221][ T1711]  x64_sys_call+0x49d/0x9a0
[   67.773560][ T1711]  do_syscall_64+0x3b/0xb0
[   67.777812][ T1711]  ? clear_bhb_loop+0x35/0x90
[   67.782323][ T1711]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.788056][ T1711] RIP: 0033:0x7f17498ad819
[   67.792308][ T1711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.811747][ T1711] RSP: 002b:00007f1747f26038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   67.819992][ T1711] RAX: ffffffffffffffda RBX: 00007f1749a64fa0 RCX: 00007f17498ad819
[   67.827801][ T1711] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[   67.835615][ T1711] RBP: 00007f1747f26090 R08: 0000000020000400 R09: 0000000000000000
[   67.843431][ T1711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   67.851258][ T1711] R13: 0000000000000000 R14: 00007f1749a64fa0 R15: 00007ffc9a421de8
[   67.859054][ T1711]  </TASK>
[   67.861979][  T852] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   67.872228][ T1721] 9pnet: Insufficient options for proto=fd
[   67.913914][ T1725] netlink: 8 bytes leftover after parsing attributes in process `syz.2.448'.
[   67.947882][ T1725] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   67.959862][   T30] audit: type=1400 audit(1732559786.111:587): avc:  denied  { mount } for  pid=1730 comm="syz.4.450" name="/" dev="ramfs" ino=20117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   67.985390][   T30] audit: type=1400 audit(1732559786.131:588): avc:  denied  { mounton } for  pid=1730 comm="syz.4.450" path="/96/file0" dev="ramfs" ino=20117 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[   68.011675][ T1725] loop2: detected capacity change from 0 to 128
[   68.016606][   T30] audit: type=1400 audit(1732559786.161:589): avc:  denied  { unmount } for  pid=290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   68.061118][ T1742] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=28014 sclass=netlink_xfrm_socket pid=1742 comm=syz.0.453
[   68.065384][ T1741] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=28014 sclass=netlink_xfrm_socket pid=1741 comm=syz.0.453
[   68.078695][ T1746] loop3: detected capacity change from 0 to 256
[   68.105472][ T1725] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none.
[   68.119336][ T1725] ext4 filesystem being mounted at /108/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   68.163388][ T1746] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[   68.212036][ T1755] loop0: detected capacity change from 0 to 2048
[   68.246513][ T1757] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[   68.265645][  T852] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   68.277382][  T852] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   68.301158][  T852] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   68.305822][ T1755] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,grpjquota=,,errors=continue. Quota mode: none.
[   68.310351][  T852] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   68.346638][  T852] usb 2-1: config 0 descriptor??
[   68.354396][ T1762] Â: renamed from pim6reg1
[   68.392416][ T1763] netlink: 104 bytes leftover after parsing attributes in process `syz.0.456'.
[   68.629950][  T316] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   68.647873][ T1765] 9pnet: Insufficient options for proto=fd
[   68.679454][ T1769] 9pnet: Insufficient options for proto=fd
[   68.698272][ T1771] FAULT_INJECTION: forcing a failure.
[   68.698272][ T1771] name failslab, interval 1, probability 0, space 0, times 0
[   68.711231][ T1771] CPU: 0 PID: 1771 Comm: syz.0.461 Not tainted 5.15.168-syzkaller-00719-g101e665d55a8 #0
[   68.720833][ T1771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   68.730726][ T1771] Call Trace:
[   68.733862][ T1771]  <TASK>
[   68.736634][ T1771]  dump_stack_lvl+0x151/0x1c0
[   68.741141][ T1771]  ? io_uring_drop_tctx_refs+0x190/0x190
[   68.746608][ T1771]  ? idr_alloc+0x2f0/0x2f0
[   68.750862][ T1771]  dump_stack+0x15/0x20
[   68.754986][ T1771]  should_fail+0x3c6/0x510
[   68.759238][ T1771]  __should_failslab+0xa4/0xe0
[   68.763836][ T1771]  ? __kernfs_new_node+0xdb/0x700
[   68.768694][ T1771]  should_failslab+0x9/0x20
[   68.773037][ T1771]  slab_pre_alloc_hook+0x37/0xd0
[   68.777812][ T1771]  ? __kernfs_new_node+0xdb/0x700
[   68.782671][ T1771]  kmem_cache_alloc+0x44/0x200
[   68.787270][ T1771]  __kernfs_new_node+0xdb/0x700
[   68.791971][ T1771]  ? kernfs_new_node+0x230/0x230
[   68.796728][ T1771]  ? kernfs_add_one+0x524/0x650
[   68.801418][ T1771]  ? kernfs_create_dir_ns+0x110/0x130
[   68.806711][ T1771]  kernfs_new_node+0x130/0x230
[   68.811317][ T1771]  __kernfs_create_file+0x4a/0x270
[   68.816347][ T1771]  sysfs_add_file_mode_ns+0x273/0x320
[   68.821900][ T1771]  internal_create_group+0x573/0xf00
[   68.827016][ T1771]  ? sysfs_create_group+0x30/0x30
[   68.831875][ T1771]  ? kernfs_remove_by_name_ns+0x127/0x160
[   68.837432][ T1771]  sysfs_create_group+0x1f/0x30
[   68.842141][ T1771]  sysfs_slab_add+0x185/0x2b0
[   68.846631][ T1771]  __kmem_cache_create+0x46b/0x680
[   68.851701][ T1771]  kmem_cache_create_usercopy+0x150/0x2a0
[   68.857255][ T1771]  p9_client_create+0xc57/0x1130
[   68.862028][ T1771]  ? p9_parse_header+0x6c0/0x6c0
[   68.866802][ T1771]  ? __kasan_kmalloc+0x9/0x10
[   68.871308][ T1771]  ? kstrdup+0x4f/0x70
[   68.875215][ T1771]  ? memset+0x35/0x40
[   68.879040][ T1771]  v9fs_session_init+0x1fa/0x19b0
[   68.883910][ T1771]  ? v9fs_show_options+0x570/0x570
[   68.888846][ T1771]  ? __kasan_kmalloc+0x9/0x10
[   68.893359][ T1771]  ? v9fs_mount+0x5f/0x7f0
[   68.897612][ T1771]  v9fs_mount+0x75/0x7f0
[   68.901695][ T1771]  legacy_get_tree+0xf1/0x190
[   68.906203][ T1771]  ? incfs_get_verity_signature+0x420/0x420
[   68.911934][ T1771]  vfs_get_tree+0x88/0x290
[   68.916186][ T1771]  do_new_mount+0x2ba/0xb30
[   68.920526][ T1771]  ? user_path_at_empty+0x14e/0x1a0
[   68.925561][ T1771]  ? do_move_mount_old+0x160/0x160
[   68.930504][ T1771]  ? security_capable+0x87/0xb0
[   68.935190][ T1771]  ? ns_capable+0x89/0xe0
[   68.939360][ T1771]  path_mount+0x671/0x1070
[   68.943612][ T1771]  __se_sys_mount+0x2c4/0x3b0
[   68.948127][ T1771]  ? __x64_sys_mount+0xd0/0xd0
[   68.952726][ T1771]  ? debug_smp_processor_id+0x17/0x20
[   68.957930][ T1771]  __x64_sys_mount+0xbf/0xd0
[   68.962360][ T1771]  x64_sys_call+0x49d/0x9a0
[   68.966696][ T1771]  do_syscall_64+0x3b/0xb0
[   68.970950][ T1771]  ? clear_bhb_loop+0x35/0x90
[   68.975463][ T1771]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   68.981189][ T1771] RIP: 0033:0x7f18a0fb6819
[   68.985444][ T1771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.004889][ T1771] RSP: 002b:00007f189f62f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   69.013130][ T1771] RAX: ffffffffffffffda RBX: 00007f18a116dfa0 RCX: 00007f18a0fb6819
[   69.020945][ T1771] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[   69.028756][ T1771] RBP: 00007f189f62f090 R08: 0000000020000400 R09: 0000000000000000
[   69.036565][ T1771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   69.044381][ T1771] R13: 0000000000000000 R14: 00007f18a116dfa0 R15: 00007fff97f84fc8
[   69.052194][ T1771]  </TASK>
[   69.057469][ T1771] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12
[   69.066208][ T1771] CPU: 1 PID: 1771 Comm: syz.0.461 Not tainted 5.15.168-syzkaller-00719-g101e665d55a8 #0
[   69.075820][ T1771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   69.085715][ T1771] Call Trace:
[   69.088838][ T1771]  <TASK>
[   69.091617][ T1771]  dump_stack_lvl+0x151/0x1c0
[   69.096128][ T1771]  ? io_uring_drop_tctx_refs+0x190/0x190
[   69.101602][ T1771]  ? kmem_cache_free+0x2c3/0x2e0
[   69.106373][ T1771]  dump_stack+0x15/0x20
[   69.110378][ T1771]  kmem_cache_create_usercopy+0x22c/0x2a0
[   69.115922][ T1771]  p9_client_create+0xc57/0x1130
[   69.120692][ T1771]  ? p9_parse_header+0x6c0/0x6c0
[   69.125462][ T1771]  ? __kasan_kmalloc+0x9/0x10
[   69.129973][ T1771]  ? kstrdup+0x4f/0x70
[   69.133885][ T1771]  ? memset+0x35/0x40
[   69.137700][ T1771]  v9fs_session_init+0x1fa/0x19b0
[   69.142564][ T1771]  ? v9fs_show_options+0x570/0x570
[   69.147508][ T1771]  ? __kasan_kmalloc+0x9/0x10
[   69.152024][ T1771]  ? v9fs_mount+0x5f/0x7f0
[   69.156277][ T1771]  v9fs_mount+0x75/0x7f0
[   69.160353][ T1771]  legacy_get_tree+0xf1/0x190
[   69.164870][ T1771]  ? incfs_get_verity_signature+0x420/0x420
[   69.169849][  T316] usb 3-1: Using ep0 maxpacket: 16
[   69.170600][ T1771]  vfs_get_tree+0x88/0x290
[   69.179795][ T1771]  do_new_mount+0x2ba/0xb30
[   69.184137][ T1771]  ? user_path_at_empty+0x14e/0x1a0
[   69.189167][ T1771]  ? do_move_mount_old+0x160/0x160
[   69.194117][ T1771]  ? security_capable+0x87/0xb0
[   69.198802][ T1771]  ? ns_capable+0x89/0xe0
[   69.202966][ T1771]  path_mount+0x671/0x1070
[   69.207221][ T1771]  __se_sys_mount+0x2c4/0x3b0
[   69.211737][ T1771]  ? __x64_sys_mount+0xd0/0xd0
[   69.216332][ T1771]  ? debug_smp_processor_id+0x17/0x20
[   69.221542][ T1771]  __x64_sys_mount+0xbf/0xd0
[   69.225968][ T1771]  x64_sys_call+0x49d/0x9a0
[   69.230307][ T1771]  do_syscall_64+0x3b/0xb0
[   69.234562][ T1771]  ? clear_bhb_loop+0x35/0x90
[   69.239076][ T1771]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   69.244802][ T1771] RIP: 0033:0x7f18a0fb6819
[   69.249054][ T1771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.268497][ T1771] RSP: 002b:00007f189f62f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   69.276741][ T1771] RAX: ffffffffffffffda RBX: 00007f18a116dfa0 RCX: 00007f18a0fb6819
[   69.284556][ T1771] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[   69.290017][  T316] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   69.292372][ T1771] RBP: 00007f189f62f090 R08: 0000000020000400 R09: 0000000000000000
[   69.292395][ T1771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   69.303391][  T316] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   69.310856][ T1771] R13: 0000000000000000 R14: 00007f18a116dfa0 R15: 00007fff97f84fc8
[   69.310882][ T1771]  </TASK>
[   69.339492][  T316] usb 3-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[   69.348926][  T316] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   69.359399][  T316] usb 3-1: config 0 descriptor??
[   69.400757][   T20] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   69.487077][ T1784] loop0: detected capacity change from 0 to 40427
[   69.497849][ T1789] loop3: detected capacity change from 0 to 1024
[   69.504634][ T1784] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   69.512251][ T1784] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   69.522425][ T1784] F2FS-fs (loop0): Found nat_bits in checkpoint
[   69.549693][ T1789] EXT4-fs (loop3): dax option not supported
[   69.558985][ T1784] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   69.565864][ T1784] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   69.580659][ T1784] netlink: 4 bytes leftover after parsing attributes in process `syz.0.464'.
[   69.590952][   T30] audit: type=1326 audit(1732559787.741:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1783 comm="syz.0.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a0fb6819 code=0x7ffc0000
[   69.614149][   T30] audit: type=1326 audit(1732559787.741:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1783 comm="syz.0.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a0fb6819 code=0x7ffc0000
[   69.637244][   T30] audit: type=1326 audit(1732559787.741:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1783 comm="syz.0.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f18a0fb6819 code=0x7ffc0000
[   69.661750][   T30] audit: type=1326 audit(1732559787.741:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1783 comm="syz.0.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a0fb6819 code=0x7ffc0000
[   69.686702][   T30] audit: type=1326 audit(1732559787.741:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1783 comm="syz.0.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f18a0fb6819 code=0x7ffc0000
[   69.710038][   T30] audit: type=1326 audit(1732559787.741:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1783 comm="syz.0.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a0fb6819 code=0x7ffc0000
[   69.736607][   T30] audit: type=1326 audit(1732559787.741:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1783 comm="syz.0.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f18a0fb6819 code=0x7ffc0000
[   69.760760][   T30] audit: type=1326 audit(1732559787.741:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1783 comm="syz.0.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a0fb6819 code=0x7ffc0000
[   69.785297][   T30] audit: type=1326 audit(1732559787.741:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1783 comm="syz.0.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f18a0fb6819 code=0x7ffc0000
[   69.820031][  T852] uclogic 0003:256C:006D.0009: interface is invalid, ignoring
[   69.827466][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   69.840261][  T316] input: HID 05ac:8241 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:05AC:8241.000A/input/input9
[   69.857560][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   69.867220][   T20] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   69.876117][   T30] audit: type=1326 audit(1732559787.741:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1783 comm="syz.0.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18a0fb6819 code=0x7ffc0000
[   69.876214][   T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   69.908626][   T20] usb 5-1: config 0 descriptor??
[   69.934794][  T316] appleir 0003:05AC:8241.000A: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0
[   70.021542][ T1800] loop3: detected capacity change from 0 to 2048
[   70.023013][  T367] usb 2-1: USB disconnect, device number 6
[   70.058917][ T1800] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobarrier,grpjquota=,,errors=continue. Quota mode: none.
[   70.073449][ T1807] 9pnet: Insufficient options for proto=fd
[   70.156632][ T1811] netlink: 104 bytes leftover after parsing attributes in process `syz.3.469'.
[   70.196501][ T1816] loop4: detected capacity change from 0 to 512
[   70.249873][   T20] usbhid 5-1:0.0: can't add hid device: -71
[   70.256132][   T20] usbhid: probe of 5-1:0.0 failed with error -71
[   70.263765][   T20] usb 5-1: USB disconnect, device number 8
[   70.266222][ T1816] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[   70.285299][ T1816] ext4 filesystem being mounted at /101/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   70.687164][ T1822] tun0: tun_chr_ioctl cmd 1074025678
[   70.692332][ T1822] tun0: group set to 0
[   70.733661][ T1826] FAULT_INJECTION: forcing a failure.
[   70.733661][ T1826] name failslab, interval 1, probability 0, space 0, times 0
[   70.746282][ T1826] CPU: 0 PID: 1826 Comm: syz.1.475 Not tainted 5.15.168-syzkaller-00719-g101e665d55a8 #0
[   70.755887][ T1826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   70.765784][ T1826] Call Trace:
[   70.768916][ T1826]  <TASK>
[   70.771685][ T1826]  dump_stack_lvl+0x151/0x1c0
[   70.776198][ T1826]  ? io_uring_drop_tctx_refs+0x190/0x190
[   70.781665][ T1826]  ? sysvec_call_function_single+0x61/0xc0
[   70.787306][ T1826]  ? asm_sysvec_call_function_single+0x1b/0x20
[   70.793301][ T1826]  dump_stack+0x15/0x20
[   70.797287][ T1826]  should_fail+0x3c6/0x510
[   70.801541][ T1826]  __should_failslab+0xa4/0xe0
[   70.806139][ T1826]  ? __kernfs_new_node+0xdb/0x700
[   70.811006][ T1826]  should_failslab+0x9/0x20
[   70.815365][ T1826]  slab_pre_alloc_hook+0x37/0xd0
[   70.820116][ T1826]  ? __kernfs_new_node+0xdb/0x700
[   70.824984][ T1826]  kmem_cache_alloc+0x44/0x200
[   70.829577][ T1826]  __kernfs_new_node+0xdb/0x700
[   70.834267][ T1826]  ? kernfs_new_node+0x230/0x230
[   70.839036][ T1826]  ? kernfs_add_one+0x524/0x650
[   70.843723][ T1826]  ? kernfs_create_dir_ns+0x110/0x130
[   70.848934][ T1826]  kernfs_new_node+0x130/0x230
[   70.853532][ T1826]  __kernfs_create_file+0x4a/0x270
[   70.858478][ T1826]  sysfs_add_file_mode_ns+0x273/0x320
[   70.863684][ T1826]  internal_create_group+0x573/0xf00
[   70.868815][ T1826]  ? sysfs_create_group+0x30/0x30
[   70.873665][ T1826]  ? kernfs_remove_by_name_ns+0x127/0x160
[   70.879227][ T1826]  sysfs_create_group+0x1f/0x30
[   70.883910][ T1826]  sysfs_slab_add+0x185/0x2b0
[   70.888421][ T1826]  __kmem_cache_create+0x46b/0x680
[   70.893369][ T1826]  kmem_cache_create_usercopy+0x150/0x2a0
[   70.898925][ T1826]  p9_client_create+0xc57/0x1130
[   70.903698][ T1826]  ? p9_parse_header+0x6c0/0x6c0
[   70.908473][ T1826]  ? __kasan_kmalloc+0x9/0x10
[   70.912980][ T1826]  ? kstrdup+0x4f/0x70
[   70.916888][ T1826]  ? memset+0x35/0x40
[   70.920708][ T1826]  v9fs_session_init+0x1fa/0x19b0
[   70.925572][ T1826]  ? v9fs_show_options+0x570/0x570
[   70.930519][ T1826]  ? __kasan_kmalloc+0x9/0x10
[   70.935038][ T1826]  ? v9fs_mount+0x5f/0x7f0
[   70.939296][ T1826]  v9fs_mount+0x75/0x7f0
[   70.943359][ T1826]  legacy_get_tree+0xf1/0x190
[   70.947876][ T1826]  ? incfs_get_verity_signature+0x420/0x420
[   70.953602][ T1826]  vfs_get_tree+0x88/0x290
[   70.957859][ T1826]  do_new_mount+0x2ba/0xb30
[   70.962197][ T1826]  ? do_move_mount_old+0x160/0x160
[   70.967139][ T1826]  ? security_capable+0x87/0xb0
[   70.971826][ T1826]  ? ns_capable+0x89/0xe0
[   70.975994][ T1826]  path_mount+0x671/0x1070
[   70.980251][ T1826]  __se_sys_mount+0x2c4/0x3b0
[   70.984763][ T1826]  ? __x64_sys_mount+0xd0/0xd0
[   70.989359][ T1826]  ? debug_smp_processor_id+0x17/0x20
[   70.994571][ T1826]  __x64_sys_mount+0xbf/0xd0
[   70.998996][ T1826]  x64_sys_call+0x49d/0x9a0
[   71.003339][ T1826]  do_syscall_64+0x3b/0xb0
[   71.007703][ T1826]  ? clear_bhb_loop+0x35/0x90
[   71.012223][ T1826]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   71.017940][ T1826] RIP: 0033:0x7f8fd4454819
[   71.022200][ T1826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.041757][ T1826] RSP: 002b:00007f8fd2acd038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   71.050019][ T1826] RAX: ffffffffffffffda RBX: 00007f8fd460bfa0 RCX: 00007f8fd4454819
[   71.057993][ T1826] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[   71.065803][ T1826] RBP: 00007f8fd2acd090 R08: 0000000020000400 R09: 0000000000000000
[   71.073613][ T1826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   71.081429][ T1826] R13: 0000000000000000 R14: 00007f8fd460bfa0 R15: 00007ffc69c9d138
[   71.089252][ T1826]  </TASK>
[   71.095548][ T1826] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12
[   71.104025][ T1826] CPU: 1 PID: 1826 Comm: syz.1.475 Not tainted 5.15.168-syzkaller-00719-g101e665d55a8 #0
[   71.113642][ T1826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   71.123540][ T1826] Call Trace:
[   71.126672][ T1826]  <TASK>
[   71.129440][ T1826]  dump_stack_lvl+0x151/0x1c0
[   71.133955][ T1826]  ? io_uring_drop_tctx_refs+0x190/0x190
[   71.139420][ T1826]  ? kmem_cache_free+0x2c3/0x2e0
[   71.144199][ T1826]  dump_stack+0x15/0x20
[   71.148184][ T1826]  kmem_cache_create_usercopy+0x22c/0x2a0
[   71.153743][ T1826]  p9_client_create+0xc57/0x1130
[   71.158519][ T1826]  ? p9_parse_header+0x6c0/0x6c0
[   71.163290][ T1826]  ? __kasan_kmalloc+0x9/0x10
[   71.167799][ T1826]  ? kstrdup+0x4f/0x70
[   71.171708][ T1826]  ? memset+0x35/0x40
[   71.175527][ T1826]  v9fs_session_init+0x1fa/0x19b0
[   71.180389][ T1826]  ? v9fs_show_options+0x570/0x570
[   71.185337][ T1826]  ? __kasan_kmalloc+0x9/0x10
[   71.189847][ T1826]  ? v9fs_mount+0x5f/0x7f0
[   71.194101][ T1826]  v9fs_mount+0x75/0x7f0
[   71.198181][ T1826]  legacy_get_tree+0xf1/0x190
[   71.202693][ T1826]  ? incfs_get_verity_signature+0x420/0x420
[   71.208419][ T1826]  vfs_get_tree+0x88/0x290
[   71.212675][ T1826]  do_new_mount+0x2ba/0xb30
[   71.217011][ T1826]  ? do_move_mount_old+0x160/0x160
[   71.221957][ T1826]  ? security_capable+0x87/0xb0
[   71.226646][ T1826]  ? ns_capable+0x89/0xe0
[   71.230814][ T1826]  path_mount+0x671/0x1070
[   71.235067][ T1826]  __se_sys_mount+0x2c4/0x3b0
[   71.239580][ T1826]  ? __x64_sys_mount+0xd0/0xd0
[   71.244182][ T1826]  ? debug_smp_processor_id+0x17/0x20
[   71.249386][ T1826]  __x64_sys_mount+0xbf/0xd0
[   71.253827][ T1826]  x64_sys_call+0x49d/0x9a0
[   71.258163][ T1826]  do_syscall_64+0x3b/0xb0
[   71.262405][ T1826]  ? clear_bhb_loop+0x35/0x90
[   71.266917][ T1826]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   71.272646][ T1826] RIP: 0033:0x7f8fd4454819
[   71.276899][ T1826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.296338][ T1826] RSP: 002b:00007f8fd2acd038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   71.304587][ T1826] RAX: ffffffffffffffda RBX: 00007f8fd460bfa0 RCX: 00007f8fd4454819
[   71.312396][ T1826] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[   71.320207][ T1826] RBP: 00007f8fd2acd090 R08: 0000000020000400 R09: 0000000000000000
[   71.328020][ T1826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   71.335828][ T1826] R13: 0000000000000000 R14: 00007f8fd460bfa0 R15: 00007ffc69c9d138
[   71.343645][ T1826]  </TASK>
[   71.465352][ T1847] 9pnet: Insufficient options for proto=fd
[   71.759894][   T58] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   71.760182][  T434] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[   71.779880][  T852] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[   71.886602][ T1867] FAULT_INJECTION: forcing a failure.
[   71.886602][ T1867] name failslab, interval 1, probability 0, space 0, times 0
[   71.899131][ T1867] CPU: 1 PID: 1867 Comm: syz.2.488 Not tainted 5.15.168-syzkaller-00719-g101e665d55a8 #0
[   71.908709][ T1867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   71.918607][ T1867] Call Trace:
[   71.921726][ T1867]  <TASK>
[   71.924508][ T1867]  dump_stack_lvl+0x151/0x1c0
[   71.929029][ T1867]  ? io_uring_drop_tctx_refs+0x190/0x190
[   71.934488][ T1867]  ? selinux_kernfs_init_security+0x14a/0x720
[   71.940389][ T1867]  dump_stack+0x15/0x20
[   71.944383][ T1867]  should_fail+0x3c6/0x510
[   71.948638][ T1867]  __should_failslab+0xa4/0xe0
[   71.953251][ T1867]  ? __kernfs_new_node+0xdb/0x700
[   71.958097][ T1867]  should_failslab+0x9/0x20
[   71.962434][ T1867]  slab_pre_alloc_hook+0x37/0xd0
[   71.967218][ T1867]  ? __kernfs_new_node+0xdb/0x700
[   71.972066][ T1867]  kmem_cache_alloc+0x44/0x200
[   71.976668][ T1867]  __kernfs_new_node+0xdb/0x700
[   71.981354][ T1867]  ? rwsem_write_trylock+0x153/0x340
[   71.986475][ T1867]  ? rwsem_mark_wake+0x770/0x770
[   71.991247][ T1867]  ? kernfs_new_node+0x230/0x230
[   71.996021][ T1867]  ? rwsem_write_trylock+0x153/0x340
[   71.999841][   T58] usb 2-1: Using ep0 maxpacket: 16
[   72.001145][ T1867]  ? up_write+0x7d/0x290
[   72.001164][ T1867]  ? kernfs_activate+0x359/0x370
[   72.001184][ T1867]  kernfs_new_node+0x130/0x230
[   72.019545][ T1867]  __kernfs_create_file+0x4a/0x270
[   72.024493][ T1867]  sysfs_add_file_mode_ns+0x273/0x320
[   72.029697][ T1867]  internal_create_group+0x573/0xf00
[   72.034824][ T1867]  ? sysfs_create_group+0x30/0x30
[   72.039679][ T1867]  ? kernfs_remove_by_name_ns+0x127/0x160
[   72.045234][ T1867]  sysfs_create_group+0x1f/0x30
[   72.049924][ T1867]  sysfs_slab_add+0x185/0x2b0
[   72.054435][ T1867]  __kmem_cache_create+0x46b/0x680
[   72.059386][ T1867]  kmem_cache_create_usercopy+0x150/0x2a0
[   72.064939][ T1867]  p9_client_create+0xc57/0x1130
[   72.069710][ T1867]  ? p9_parse_header+0x6c0/0x6c0
[   72.074490][ T1867]  ? __kasan_kmalloc+0x9/0x10
[   72.078995][ T1867]  ? kstrdup+0x4f/0x70
[   72.082903][ T1867]  ? memset+0x35/0x40
[   72.086719][ T1867]  v9fs_session_init+0x1fa/0x19b0
[   72.091596][ T1867]  ? v9fs_show_options+0x570/0x570
[   72.096529][ T1867]  ? __kasan_kmalloc+0x9/0x10
[   72.101040][ T1867]  ? v9fs_mount+0x5f/0x7f0
[   72.105296][ T1867]  v9fs_mount+0x75/0x7f0
[   72.109372][ T1867]  legacy_get_tree+0xf1/0x190
[   72.113887][ T1867]  ? incfs_get_verity_signature+0x420/0x420
[   72.119620][ T1867]  vfs_get_tree+0x88/0x290
[   72.119954][   T58] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[   72.123872][ T1867]  do_new_mount+0x2ba/0xb30
[   72.123899][ T1867]  ? do_move_mount_old+0x160/0x160
[   72.131963][   T58] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   72.136196][ T1867]  ? security_capable+0x87/0xb0
[   72.136220][ T1867]  ? ns_capable+0x89/0xe0
[   72.141649][  T852] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   72.151035][ T1867]  path_mount+0x671/0x1070
[   72.151059][ T1867]  __se_sys_mount+0x2c4/0x3b0
[   72.151078][ T1867]  ? __x64_sys_mount+0xd0/0xd0
[   72.151094][ T1867]  ? debug_smp_processor_id+0x17/0x20
[   72.151113][ T1867]  __x64_sys_mount+0xbf/0xd0
[   72.157201][  T852] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   72.159887][ T1867]  x64_sys_call+0x49d/0x9a0
[   72.159907][ T1867]  do_syscall_64+0x3b/0xb0
[   72.159924][ T1867]  ? clear_bhb_loop+0x35/0x90
[   72.171363][   T58] usb 2-1: config 0 has no interface number 0
[   72.174905][ T1867]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   72.174930][ T1867] RIP: 0033:0x7f17498ad819
[   72.179489][  T852] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   72.184016][ T1867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.184035][ T1867] RSP: 002b:00007f1747f26038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   72.184057][ T1867] RAX: ffffffffffffffda RBX: 00007f1749a64fa0 RCX: 00007f17498ad819
[   72.184072][ T1867] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[   72.184085][ T1867] RBP: 00007f1747f26090 R08: 0000000020000400 R09: 0000000000000000
[   72.190021][  T852] usb 5-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[   72.193649][ T1867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   72.193663][ T1867] R13: 0000000000000000 R14: 00007f1749a64fa0 R15: 00007ffc9a421de8
[   72.193681][ T1867]  </TASK>
[   72.203544][  T852] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   72.208223][  T584] usb 3-1: USB disconnect, device number 4
[   72.219942][ T1867] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12
[   72.344603][ T1867] CPU: 1 PID: 1867 Comm: syz.2.488 Not tainted 5.15.168-syzkaller-00719-g101e665d55a8 #0
[   72.348581][  T852] usb 5-1: config 0 descriptor??
[   72.354165][ T1867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   72.354178][ T1867] Call Trace:
[   72.354185][ T1867]  <TASK>
[   72.354192][ T1867]  dump_stack_lvl+0x151/0x1c0
[   72.354224][ T1867]  ? io_uring_drop_tctx_refs+0x190/0x190
[   72.384721][ T1867]  ? kmem_cache_free+0x116/0x2e0
[   72.385243][ T1870] loop3: detected capacity change from 0 to 2048
[   72.389487][ T1867]  dump_stack+0x15/0x20
[   72.399644][ T1867]  kmem_cache_create_usercopy+0x22c/0x2a0
[   72.405204][ T1867]  p9_client_create+0xc57/0x1130
[   72.409978][ T1867]  ? p9_parse_header+0x6c0/0x6c0
[   72.414748][ T1867]  ? __kasan_kmalloc+0x9/0x10
[   72.419254][ T1867]  ? kstrdup+0x4f/0x70
[   72.423159][ T1867]  ? memset+0x35/0x40
[   72.426978][ T1867]  v9fs_session_init+0x1fa/0x19b0
[   72.431844][ T1867]  ? v9fs_show_options+0x570/0x570
[   72.436787][ T1867]  ? __kasan_kmalloc+0x9/0x10
[   72.441298][ T1867]  ? v9fs_mount+0x5f/0x7f0
[   72.445552][ T1867]  v9fs_mount+0x75/0x7f0
[   72.449631][ T1867]  legacy_get_tree+0xf1/0x190
[   72.454148][ T1867]  ? incfs_get_verity_signature+0x420/0x420
[   72.459874][ T1867]  vfs_get_tree+0x88/0x290
[   72.464129][ T1867]  do_new_mount+0x2ba/0xb30
[   72.468670][ T1867]  ? do_move_mount_old+0x160/0x160
[   72.473615][ T1867]  ? security_capable+0x87/0xb0
[   72.478306][ T1867]  ? ns_capable+0x89/0xe0
[   72.482467][ T1867]  path_mount+0x671/0x1070
[   72.486721][ T1867]  __se_sys_mount+0x2c4/0x3b0
[   72.491237][ T1867]  ? __x64_sys_mount+0xd0/0xd0
[   72.495834][ T1867]  ? debug_smp_processor_id+0x17/0x20
[   72.501043][ T1867]  __x64_sys_mount+0xbf/0xd0
[   72.505469][ T1867]  x64_sys_call+0x49d/0x9a0
[   72.509810][ T1867]  do_syscall_64+0x3b/0xb0
[   72.514062][ T1867]  ? clear_bhb_loop+0x35/0x90
[   72.518574][ T1867]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   72.524305][ T1867] RIP: 0033:0x7f17498ad819
[   72.528557][ T1867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.547995][ T1867] RSP: 002b:00007f1747f26038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   72.556241][ T1867] RAX: ffffffffffffffda RBX: 00007f1749a64fa0 RCX: 00007f17498ad819
[   72.564056][ T1867] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[   72.571865][ T1867] RBP: 00007f1747f26090 R08: 0000000020000400 R09: 0000000000000000
[   72.579790][ T1867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   72.587600][ T1867] R13: 0000000000000000 R14: 00007f1749a64fa0 R15: 00007ffc9a421de8
[   72.595422][ T1867]  </TASK>
[   72.598594][  T434] usb 1-1: Using ep0 maxpacket: 16
[   72.598711][   T58] usb 2-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[   72.622754][   T58] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   72.631384][   T58] usb 2-1: Product: syz
[   72.638149][   T58] usb 2-1: Manufacturer: syz
[   72.643806][   T58] usb 2-1: SerialNumber: syz
[   72.660218][   T58] usb 2-1: config 0 descriptor??
[   72.666393][ T1870] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobarrier,grpjquota=,,errors=continue. Quota mode: none.
[   72.700815][   T58] usb 2-1: Found UVC 0.00 device syz (046d:08f3)
[   72.707011][   T58] usb 2-1: No valid video chain found.
[   72.747669][ T1879] netlink: 104 bytes leftover after parsing attributes in process `syz.3.489'.
[   72.760160][ T1877] syz.2.491[1877] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   72.760225][ T1877] syz.2.491[1877] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   72.854516][  T852] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0
[   72.866410][ T1882] loop2: detected capacity change from 0 to 512
[   72.872657][  T852] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0
[   72.885541][  T852] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0
[   72.893189][  T852] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0
[   72.908536][  T852] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0
[   72.911349][  T584] usb 2-1: USB disconnect, device number 7
[   72.915906][  T852] ntrig 0003:1B96:000A.000B: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.4-1/input0
[   72.921540][  T434] usb 1-1: New USB device found, idVendor=0403, idProduct=b8d8, bcdDevice=30.bb
[   72.944769][  T434] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   72.954215][ T1882] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[   72.955350][  T434] usb 1-1: Product: syz
[   72.966679][ T1882] ext4 filesystem being mounted at /113/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.970330][  T434] usb 1-1: Manufacturer: syz
[   73.027349][  T434] usb 1-1: SerialNumber: syz
[   73.050715][ T1862] UDC core: couldn't find an available UDC or it's busy: -16
[   73.057945][ T1862] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   73.069287][ T1862] loop4: detected capacity change from 0 to 256
[   73.339439][ T1862] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   73.350399][ T1885] tun0: tun_chr_ioctl cmd 1074025678
[   73.355538][ T1885] tun0: group set to 0
[   73.357345][ T1862] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d)
[   73.362210][ T1856] loop0: detected capacity change from 0 to 512
[   73.436390][ T1856] EXT4-fs (loop0): 1 orphan inode deleted
[   73.442012][ T1856] EXT4-fs (loop0): mounted filesystem without journal. Opts: resgid=0x000000000000ee00,grpquota,noblock_validity,stripe=0x0000000000000007,stripe=0x000000000000002e,resgid=0x0000000000000000,sysvgroups,norecovery,usrquota,,errors=continue. Quota mode: writeback.
[   73.467003][ T1856] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.507918][ T1894] loop3: detected capacity change from 0 to 512
[   73.580312][ T1894] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   73.591797][ T1894] EXT4-fs (loop3): 1 orphan inode deleted
[   73.597319][ T1894] EXT4-fs (loop3): 1 truncate cleaned up
[   73.602866][ T1894] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,noinit_itable,debug_want_extra_isize=0x000000000000002a,errors=remount-ro,nodelalloc,grpjquota=,. Quota mode: none.
[   73.622607][ T1894] 9pnet: Insufficient options for proto=fd
[   73.670895][ T1900] 9pnet: Insufficient options for proto=fd
[   73.796421][ T1909] loop2: detected capacity change from 0 to 2048
[   73.909856][  T584] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[   74.008964][ T1912] FAULT_INJECTION: forcing a failure.
[   74.008964][ T1912] name failslab, interval 1, probability 0, space 0, times 0
[   74.021406][ T1912] CPU: 0 PID: 1912 Comm: syz.2.501 Not tainted 5.15.168-syzkaller-00719-g101e665d55a8 #0
[   74.030985][ T1912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   74.040883][ T1912] Call Trace:
[   74.044013][ T1912]  <TASK>
[   74.046782][ T1912]  dump_stack_lvl+0x151/0x1c0
[   74.051297][ T1912]  ? io_uring_drop_tctx_refs+0x190/0x190
[   74.056765][ T1912]  dump_stack+0x15/0x20
[   74.060845][ T1912]  should_fail+0x3c6/0x510
[   74.065103][ T1912]  __should_failslab+0xa4/0xe0
[   74.069714][ T1912]  ? getname_flags+0xba/0x520
[   74.074213][ T1912]  should_failslab+0x9/0x20
[   74.078548][ T1912]  slab_pre_alloc_hook+0x37/0xd0
[   74.083323][ T1912]  ? getname_flags+0xba/0x520
[   74.087834][ T1912]  kmem_cache_alloc+0x44/0x200
[   74.092438][ T1912]  getname_flags+0xba/0x520
[   74.096775][ T1912]  user_path_at_empty+0x2d/0x1a0
[   74.101551][ T1912]  __se_sys_mount+0x285/0x3b0
[   74.106063][ T1912]  ? __x64_sys_mount+0xd0/0xd0
[   74.110664][ T1912]  ? debug_smp_processor_id+0x17/0x20
[   74.115871][ T1912]  __x64_sys_mount+0xbf/0xd0
[   74.120386][ T1912]  x64_sys_call+0x49d/0x9a0
[   74.124726][ T1912]  do_syscall_64+0x3b/0xb0
[   74.128977][ T1912]  ? clear_bhb_loop+0x35/0x90
[   74.133488][ T1912]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   74.139215][ T1912] RIP: 0033:0x7f17498ad819
[   74.143470][ T1912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.162914][ T1912] RSP: 002b:00007f1747f26038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   74.171157][ T1912] RAX: ffffffffffffffda RBX: 00007f1749a64fa0 RCX: 00007f17498ad819
[   74.178971][ T1912] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[   74.186779][ T1912] RBP: 00007f1747f26090 R08: 0000000020000400 R09: 0000000000000000
[   74.194596][ T1912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.202402][ T1912] R13: 0000000000000000 R14: 00007f1749a64fa0 R15: 00007ffc9a421de8
[   74.210219][ T1912]  </TASK>
[   74.239953][  T434] snd-usb-audio: probe of 1-1:222.0 failed with error -71
[   74.248730][  T434] usb 1-1: USB disconnect, device number 8
[   74.389902][  T584] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   74.400769][  T584] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   74.410370][  T584] usb 4-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[   74.419196][  T584] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.427571][  T584] usb 4-1: config 0 descriptor??
[   74.510706][ T1862] 9pnet: p9_fd_create_tcp (1862): problem connecting socket to 127.0.0.1
[   74.540133][  T852] usb 5-1: USB disconnect, device number 9
[   74.557340][ T1916] loop2: detected capacity change from 0 to 2048
[   74.581799][ T1918] loop4: detected capacity change from 0 to 2048
[   74.768955][   T30] kauditd_printk_skb: 160 callbacks suppressed
[   74.768977][   T30] audit: type=1400 audit(1866777520.910:760): avc:  denied  { read } for  pid=1921 comm="syz.0.504" name="rtc0" dev="devtmpfs" ino=255 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   74.797802][ T1922] loop0: detected capacity change from 0 to 2048
[   74.798484][   T30] audit: type=1400 audit(1866777520.910:761): avc:  denied  { open } for  pid=1921 comm="syz.0.504" path="/dev/rtc0" dev="devtmpfs" ino=255 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   74.838299][ T1924] FAULT_INJECTION: forcing a failure.
[   74.838299][ T1924] name failslab, interval 1, probability 0, space 0, times 0
[   74.850780][ T1924] CPU: 0 PID: 1924 Comm: syz.2.505 Not tainted 5.15.168-syzkaller-00719-g101e665d55a8 #0
[   74.852355][ T1922] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,grpjquota=,,errors=continue. Quota mode: none.
[   74.860334][ T1924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   74.860347][ T1924] Call Trace:
[   74.860352][ T1924]  <TASK>
[   74.860358][ T1924]  dump_stack_lvl+0x151/0x1c0
[   74.860385][ T1924]  ? io_uring_drop_tctx_refs+0x190/0x190
[   74.898275][ T1924]  ? selinux_kernfs_init_security+0x14a/0x720
[   74.904170][ T1924]  dump_stack+0x15/0x20
[   74.908157][ T1924]  should_fail+0x3c6/0x510
[   74.912412][ T1924]  __should_failslab+0xa4/0xe0
[   74.917011][ T1924]  ? __kernfs_new_node+0xdb/0x700
[   74.921868][ T1924]  should_failslab+0x9/0x20
[   74.926209][ T1924]  slab_pre_alloc_hook+0x37/0xd0
[   74.930983][ T1924]  ? __kernfs_new_node+0xdb/0x700
[   74.935843][ T1924]  kmem_cache_alloc+0x44/0x200
[   74.940446][ T1924]  __kernfs_new_node+0xdb/0x700
[   74.945130][ T1924]  ? rwsem_write_trylock+0x153/0x340
[   74.950257][ T1924]  ? rwsem_mark_wake+0x770/0x770
[   74.955036][ T1924]  ? kernfs_new_node+0x230/0x230
[   74.959799][ T1924]  ? rwsem_write_trylock+0x153/0x340
[   74.964923][ T1924]  ? up_write+0x7d/0x290
[   74.968998][ T1924]  ? kernfs_activate+0x359/0x370
[   74.973771][ T1924]  kernfs_new_node+0x130/0x230
[   74.978376][ T1924]  __kernfs_create_file+0x4a/0x270
[   74.983317][ T1924]  sysfs_add_file_mode_ns+0x273/0x320
[   74.988528][ T1924]  internal_create_group+0x573/0xf00
[   74.993649][ T1924]  ? sysfs_create_group+0x30/0x30
[   74.998509][ T1924]  ? kernfs_remove_by_name_ns+0x127/0x160
[   75.004064][ T1924]  sysfs_create_group+0x1f/0x30
[   75.008751][ T1924]  sysfs_slab_add+0x185/0x2b0
[   75.013260][ T1924]  __kmem_cache_create+0x46b/0x680
[   75.018212][ T1924]  kmem_cache_create_usercopy+0x150/0x2a0
[   75.023763][ T1924]  p9_client_create+0xc57/0x1130
[   75.028540][ T1924]  ? p9_parse_header+0x6c0/0x6c0
[   75.033317][ T1924]  ? __kasan_kmalloc+0x9/0x10
[   75.037831][ T1924]  ? kstrdup+0x4f/0x70
[   75.041731][ T1924]  ? memset+0x35/0x40
[   75.045550][ T1924]  v9fs_session_init+0x1fa/0x19b0
[   75.050416][ T1924]  ? v9fs_show_options+0x570/0x570
[   75.055359][ T1924]  ? __kasan_kmalloc+0x9/0x10
[   75.059873][ T1924]  ? v9fs_mount+0x5f/0x7f0
[   75.064128][ T1924]  v9fs_mount+0x75/0x7f0
[   75.068201][ T1924]  legacy_get_tree+0xf1/0x190
[   75.072713][ T1924]  ? incfs_get_verity_signature+0x420/0x420
[   75.078447][ T1924]  vfs_get_tree+0x88/0x290
[   75.082694][ T1924]  do_new_mount+0x2ba/0xb30
[   75.087040][ T1924]  ? do_move_mount_old+0x160/0x160
[   75.091985][ T1924]  ? security_capable+0x87/0xb0
[   75.096676][ T1924]  ? ns_capable+0x89/0xe0
[   75.101357][ T1924]  path_mount+0x671/0x1070
[   75.105610][ T1924]  __se_sys_mount+0x2c4/0x3b0
[   75.110123][ T1924]  ? __x64_sys_mount+0xd0/0xd0
[   75.114724][ T1924]  ? debug_smp_processor_id+0x17/0x20
[   75.119931][ T1924]  __x64_sys_mount+0xbf/0xd0
[   75.124358][ T1924]  x64_sys_call+0x49d/0x9a0
[   75.128696][ T1924]  do_syscall_64+0x3b/0xb0
[   75.132952][ T1924]  ? clear_bhb_loop+0x35/0x90
[   75.137460][ T1924]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   75.143194][ T1924] RIP: 0033:0x7f17498ad819
[   75.147445][ T1924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.166893][ T1924] RSP: 002b:00007f1747f26038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   75.175127][ T1924] RAX: ffffffffffffffda RBX: 00007f1749a64fa0 RCX: 00007f17498ad819
[   75.182941][ T1924] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[   75.190751][ T1924] RBP: 00007f1747f26090 R08: 0000000020000400 R09: 0000000000000000
[   75.198563][ T1924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   75.206373][ T1924] R13: 0000000000000000 R14: 00007f1749a64fa0 R15: 00007ffc9a421de8
[   75.214192][ T1924]  </TASK>
[   75.219168][  T316] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[   75.221832][ T1924] kmem_cache_create_usercopy(9p-fcall-cache) failed with error -12
[   75.235311][  T584] isku 0003:1E7D:319C.000C: ignoring exceeding usage max
[   75.258244][   T30] audit: type=1400 audit(1866777521.400:762): avc:  denied  { create } for  pid=1928 comm="syz.4.506" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   75.277351][ T1924] CPU: 0 PID: 1924 Comm: syz.2.505 Not tainted 5.15.168-syzkaller-00719-g101e665d55a8 #0
[   75.280928][  T584] isku 0003:1E7D:319C.000C: unbalanced collection at end of report description
[   75.286961][ T1924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   75.296033][  T584] isku 0003:1E7D:319C.000C: parse failed
[   75.305622][ T1924] Call Trace:
[   75.305629][ T1924]  <TASK>
[   75.305636][ T1924]  dump_stack_lvl+0x151/0x1c0
[   75.311570][  T584] isku: probe of 0003:1E7D:319C.000C failed with error -22
[   75.314333][ T1924]  ? io_uring_drop_tctx_refs+0x190/0x190
[   75.322006][   T30] audit: type=1400 audit(1866777521.470:763): avc:  denied  { setopt } for  pid=1928 comm="syz.4.506" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   75.328653][ T1924]  ? kmem_cache_free+0x116/0x2e0
[   75.328677][ T1924]  dump_stack+0x15/0x20
[   75.328696][ T1924]  kmem_cache_create_usercopy+0x22c/0x2a0
[   75.328715][ T1924]  p9_client_create+0xc57/0x1130
[   75.372231][ T1924]  ? p9_parse_header+0x6c0/0x6c0
[   75.376998][ T1924]  ? __kasan_kmalloc+0x9/0x10
[   75.381510][ T1924]  ? kstrdup+0x4f/0x70
[   75.385416][ T1924]  ? memset+0x35/0x40
[   75.389234][ T1924]  v9fs_session_init+0x1fa/0x19b0
[   75.394103][ T1924]  ? v9fs_show_options+0x570/0x570
[   75.399042][ T1924]  ? __kasan_kmalloc+0x9/0x10
[   75.403554][ T1924]  ? v9fs_mount+0x5f/0x7f0
[   75.407808][ T1924]  v9fs_mount+0x75/0x7f0
[   75.411975][ T1924]  legacy_get_tree+0xf1/0x190
[   75.416486][ T1924]  ? incfs_get_verity_signature+0x420/0x420
[   75.422215][ T1924]  vfs_get_tree+0x88/0x290
[   75.426477][ T1924]  do_new_mount+0x2ba/0xb30
[   75.430810][ T1924]  ? do_move_mount_old+0x160/0x160
[   75.435754][ T1924]  ? security_capable+0x87/0xb0
[   75.440440][ T1924]  ? ns_capable+0x89/0xe0
[   75.444608][ T1924]  path_mount+0x671/0x1070
[   75.448861][ T1924]  __se_sys_mount+0x2c4/0x3b0
[   75.453372][ T1924]  ? __x64_sys_mount+0xd0/0xd0
[   75.457974][ T1924]  ? debug_smp_processor_id+0x17/0x20
[   75.463182][ T1924]  __x64_sys_mount+0xbf/0xd0
[   75.467606][ T1924]  x64_sys_call+0x49d/0x9a0
[   75.471946][ T1924]  do_syscall_64+0x3b/0xb0
[   75.476199][ T1924]  ? clear_bhb_loop+0x35/0x90
[   75.480711][ T1924]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   75.486440][ T1924] RIP: 0033:0x7f17498ad819
[   75.490693][ T1924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.510134][ T1924] RSP: 002b:00007f1747f26038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   75.518378][ T1924] RAX: ffffffffffffffda RBX: 00007f1749a64fa0 RCX: 00007f17498ad819
[   75.526189][ T1924] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[   75.534005][ T1924] RBP: 00007f1747f26090 R08: 0000000020000400 R09: 0000000000000000
[   75.541813][ T1924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   75.549627][ T1924] R13: 0000000000000000 R14: 00007f1749a64fa0 R15: 00007ffc9a421de8
[   75.557438][ T1924]  </TASK>
[   75.563425][   T30] audit: type=1400 audit(1866777521.710:764): avc:  denied  { write } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   75.585180][   T30] audit: type=1400 audit(1866777521.710:765): avc:  denied  { remove_name } for  pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   75.600912][ T1894] netlink: 108 bytes leftover after parsing attributes in process `syz.3.494'.
[   75.608072][   T30] audit: type=1400 audit(1866777521.710:766): avc:  denied  { rename } for  pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   75.639301][   T30] audit: type=1400 audit(1866777521.710:767): avc:  denied  { add_name } for  pid=83 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   75.661479][   T30] audit: type=1400 audit(1866777521.710:768): avc:  denied  { unlink } for  pid=83 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   75.683563][   T30] audit: type=1400 audit(1866777521.710:769): avc:  denied  { create } for  pid=83 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   75.709400][  T852] usb 4-1: USB disconnect, device number 7
[   75.719858][  T316] usb 2-1: Using ep0 maxpacket: 8
[   75.735902][ T1922] netlink: 104 bytes leftover after parsing attributes in process `syz.0.504'.
[   75.746148][ T1939] 9pnet: Insufficient options for proto=fd
[   75.784678][ T1945] loop4: detected capacity change from 0 to 512
[   75.840005][  T316] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   75.863212][ T1947] FAULT_INJECTION: forcing a failure.
[   75.863212][ T1947] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   75.876468][ T1947] CPU: 1 PID: 1947 Comm: syz.0.513 Not tainted 5.15.168-syzkaller-00719-g101e665d55a8 #0
[   75.886082][ T1947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   75.895976][ T1947] Call Trace:
[   75.899097][ T1947]  <TASK>
[   75.901877][ T1947]  dump_stack_lvl+0x151/0x1c0
[   75.906389][ T1947]  ? io_uring_drop_tctx_refs+0x190/0x190
[   75.911860][ T1947]  dump_stack+0x15/0x20
[   75.915848][ T1947]  should_fail+0x3c6/0x510
[   75.920107][ T1947]  should_fail_usercopy+0x1a/0x20
[   75.924967][ T1947]  strncpy_from_user+0x24/0x2d0
[   75.929653][ T1947]  ? kmem_cache_alloc+0xf5/0x200
[   75.934427][ T1947]  getname_flags+0xf2/0x520
[   75.938765][ T1947]  user_path_at_empty+0x2d/0x1a0
[   75.943537][ T1947]  __se_sys_mount+0x285/0x3b0
[   75.945157][ T1944] loop2: detected capacity change from 0 to 40427
[   75.948049][ T1947]  ? __x64_sys_mount+0xd0/0xd0
[   75.958905][ T1947]  ? debug_smp_processor_id+0x17/0x20
[   75.964109][ T1947]  __x64_sys_mount+0xbf/0xd0
[   75.968534][ T1947]  x64_sys_call+0x49d/0x9a0
[   75.970515][ T1944] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   75.972870][ T1947]  do_syscall_64+0x3b/0xb0
[   75.983998][ T1944] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   75.984681][ T1947]  ? clear_bhb_loop+0x35/0x90
[   75.994303][ T1944] F2FS-fs (loop2): invalid crc value
[   75.997176][ T1947]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   76.004563][ T1945] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[   76.008025][ T1947] RIP: 0033:0x7f18a0fb6819
[   76.020365][  T316] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   76.024343][ T1947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.033401][  T316] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   76.052723][ T1947] RSP: 002b:00007f189f62f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   76.052748][ T1947] RAX: ffffffffffffffda RBX: 00007f18a116dfa0 RCX: 00007f18a0fb6819
[   76.052761][ T1947] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[   76.052773][ T1947] RBP: 00007f189f62f090 R08: 0000000020000400 R09: 0000000000000000
[   76.052784][ T1947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.052795][ T1947] R13: 0000000000000000 R14: 00007f18a116dfa0 R15: 00007fff97f84fc8
[   76.061265][ T1945] ext4 filesystem being mounted at /108/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.068781][ T1947]  </TASK>
[   76.070302][ T1944] F2FS-fs (loop2): Found nat_bits in checkpoint
[   76.084390][  T316] usb 2-1: Product: syz
[   76.084409][  T316] usb 2-1: Manufacturer: syz
[   76.084424][  T316] usb 2-1: SerialNumber: syz
[   76.200979][ T1944] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   76.207879][ T1944] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   76.298795][ T1958] tun0: tun_chr_ioctl cmd 1074025678
[   76.303983][ T1958] tun0: group set to 0
[   76.484691][ T1963] loop3: detected capacity change from 0 to 2048
[   76.541373][ T1963] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro,. Quota mode: none.
[   76.558764][ T1963] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   76.574144][ T1963] EXT4-fs (loop3): Remounting filesystem read-only
[   76.698213][ T1970] syz.4.517[1970] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.698263][ T1970] syz.4.517[1970] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.815743][ T1970] loop4: detected capacity change from 0 to 40427
[   76.849877][  T852] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[   76.911554][ T1970] F2FS-fs (loop4): invalid crc value
[   76.918318][ T1970] F2FS-fs (loop4): Found nat_bits in checkpoint
[   76.946778][ T1970] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1
[   76.954183][ T1970] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   76.967452][ T1970] attempt to access beyond end of device
[   76.967452][ T1970] loop4: rw=0, want=45072, limit=40427
[   77.209895][  T852] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   77.220694][  T852] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   77.230235][  T316] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[   77.236476][  T852] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   77.245448][  T316] cdc_ncm 2-1:1.0: setting tx_max = 16384
[   77.251117][  T852] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   77.259417][  T852] usb 4-1: config 0 descriptor??
[   77.309857][   T58] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[   77.339859][   T20] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[   77.579840][   T20] usb 5-1: Using ep0 maxpacket: 16
[   77.615238][ T1983] loop2: detected capacity change from 0 to 40427
[   77.650181][ T1920] UDC core: couldn't find an available UDC or it's busy: -16
[   77.657487][ T1920] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   77.669920][   T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   77.680835][   T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   77.691185][   T58] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   77.704088][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   77.714915][   T58] usb 1-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[   77.724186][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   77.734123][   T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   77.759968][   T58] usb 1-1: config 0 descriptor??
[   77.859906][   T20] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[   77.868765][   T20] usb 5-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0
[   77.876952][   T20] usb 5-1: Product: syz
[   77.881132][   T20] usb 5-1: Manufacturer: syz
[   77.886143][   T20] usb 5-1: config 0 descriptor??
[   78.240756][   T58] ntrig 0003:1B96:000A.000E: unknown main item tag 0x0
[   78.247441][   T58] ntrig 0003:1B96:000A.000E: unknown main item tag 0x0
[   78.256622][  T316] cdc_ncm 2-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM, 42:42:42:42:42:42
[   78.291224][   T58] ntrig 0003:1B96:000A.000E: unknown main item tag 0x0
[   78.298053][  T316] usb 2-1: USB disconnect, device number 8
[   78.310471][  T316] cdc_ncm 2-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM
[   78.318780][   T58] ntrig 0003:1B96:000A.000E: unknown main item tag 0x0
[   78.325558][   T58] ntrig 0003:1B96:000A.000E: unknown main item tag 0x0
[   78.343696][   T58] ntrig 0003:1B96:000A.000E: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.0-1/input0
[   78.370630][   T20] kovaplus 0003:1E7D:2D50.000F: unknown main item tag 0xd
[   78.387328][   T20] kovaplus 0003:1E7D:2D50.000F: hidraw1: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.4-1/input0
[   78.398227][  T583] ==================================================================
[   78.406090][  T583] BUG: KASAN: use-after-free in __list_del_entry_valid+0xa6/0x120
[   78.413729][  T583] Read of size 8 at addr ffff88810d054c70 by task kworker/0:4/583
[   78.421365][  T583] 
[   78.423540][  T583] CPU: 0 PID: 583 Comm: kworker/0:4 Not tainted 5.15.168-syzkaller-00719-g101e665d55a8 #0
[   78.433259][  T583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   78.443152][  T583] Workqueue: rcu_gp process_srcu
[   78.447925][  T583] Call Trace:
[   78.451055][  T583]  <TASK>
[   78.453831][  T583]  dump_stack_lvl+0x151/0x1c0
[   78.458343][  T583]  ? io_uring_drop_tctx_refs+0x190/0x190
[   78.463834][  T583]  ? panic+0x760/0x760
[   78.467717][  T583]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   78.473357][  T583]  print_address_description+0x87/0x3b0
[   78.478744][  T583]  kasan_report+0x179/0x1c0
[   78.483081][  T583]  ? __kasan_check_write+0x14/0x20
[   78.488024][  T583]  ? __list_del_entry_valid+0xa6/0x120
[   78.493317][  T583]  ? __list_del_entry_valid+0xa6/0x120
[   78.498616][  T583]  __asan_report_load8_noabort+0x14/0x20
[   78.504086][  T583]  __list_del_entry_valid+0xa6/0x120
[   78.509203][  T583]  process_one_work+0x458/0xc10
[   78.513894][  T583]  worker_thread+0xad5/0x12a0
[   78.518404][  T583]  ? _raw_spin_lock+0x1b0/0x1b0
[   78.523090][  T583]  kthread+0x421/0x510
[   78.526990][  T583]  ? worker_clr_flags+0x180/0x180
[   78.531852][  T583]  ? kthread_blkcg+0xd0/0xd0
[   78.536278][  T583]  ret_from_fork+0x1f/0x30
[   78.540534][  T583]  </TASK>
[   78.543396][  T583] 
[   78.545699][  T583] Allocated by task 316:
[   78.549775][  T583]  ____kasan_kmalloc+0xdb/0x110
[   78.554465][  T583]  __kasan_kmalloc+0x9/0x10
[   78.558802][  T583]  __kmalloc+0x13a/0x270
[   78.562880][  T583]  kvmalloc_node+0x1f0/0x4d0
[   78.567307][  T583]  alloc_netdev_mqs+0x8c/0xc90
[   78.571907][  T583]  alloc_etherdev_mqs+0x33/0x40
[   78.576593][  T583]  usbnet_probe+0x1fc/0x2840
[   78.581020][  T583]  usb_probe_interface+0x5b6/0xa90
[   78.585968][  T583]  really_probe+0x28d/0x970
[   78.590312][  T583]  __driver_probe_device+0x1a0/0x310
[   78.595426][  T583]  driver_probe_device+0x54/0x3d0
[   78.600289][  T583]  __device_attach_driver+0x2c5/0x470
[   78.605497][  T583]  bus_for_each_drv+0x183/0x200
[   78.610273][  T583]  __device_attach+0x312/0x510
[   78.614872][  T583]  device_initial_probe+0x1a/0x20
[   78.619729][  T583]  bus_probe_device+0xbe/0x1e0
[   78.624333][  T583]  device_add+0xb60/0xf10
[   78.628495][  T583]  usb_set_configuration+0x190f/0x1e80
[   78.633813][  T583]  usb_generic_driver_probe+0x8b/0x150
[   78.639086][  T583]  usb_probe_device+0x144/0x260
[   78.643772][  T583]  really_probe+0x28d/0x970
[   78.648109][  T583]  __driver_probe_device+0x1a0/0x310
[   78.653232][  T583]  driver_probe_device+0x54/0x3d0
[   78.658095][  T583]  __device_attach_driver+0x2c5/0x470
[   78.663310][  T583]  bus_for_each_drv+0x183/0x200
[   78.667988][  T583]  __device_attach+0x312/0x510
[   78.672587][  T583]  device_initial_probe+0x1a/0x20
[   78.677453][  T583]  bus_probe_device+0xbe/0x1e0
[   78.682051][  T583]  device_add+0xb60/0xf10
[   78.686212][  T583]  usb_new_device+0x1038/0x1c00
[   78.690900][  T583]  hub_event+0x2def/0x4770
[   78.695151][  T583]  process_one_work+0x6bb/0xc10
[   78.699840][  T583]  worker_thread+0xad5/0x12a0
[   78.704359][  T583]  kthread+0x421/0x510
[   78.708258][  T583]  ret_from_fork+0x1f/0x30
[   78.712512][  T583] 
[   78.714683][  T583] Freed by task 316:
[   78.718413][  T583]  kasan_set_track+0x4b/0x70
[   78.722840][  T583]  kasan_set_free_info+0x23/0x40
[   78.727612][  T583]  ____kasan_slab_free+0x126/0x160
[   78.732570][  T583]  __kasan_slab_free+0x11/0x20
[   78.737162][  T583]  slab_free_freelist_hook+0xbd/0x190
[   78.742377][  T583]  kfree+0xc8/0x220
[   78.746036][  T583]  kvfree+0x35/0x40
[   78.749682][  T583]  netdev_freemem+0x3f/0x60
[   78.754004][  T583]  netdev_release+0x7f/0xb0
[   78.758343][  T583]  device_release+0x95/0x1c0
[   78.762762][  T583]  kobject_put+0x178/0x260
[   78.767015][  T583]  put_device+0x1f/0x30
[   78.771010][  T583]  free_netdev+0x34f/0x440
[   78.775261][  T583]  usbnet_disconnect+0x25f/0x3b0
[   78.780034][  T583]  usb_unbind_interface+0x1fa/0x8c0
[   78.785070][  T583]  device_release_driver_internal+0x50b/0x7d0
[   78.790970][  T583]  device_release_driver+0x19/0x20
[   78.795919][  T583]  bus_remove_device+0x2f8/0x360
[   78.800694][  T583]  device_del+0x663/0xe90
[   78.804866][  T583]  usb_disable_device+0x380/0x720
[   78.809716][  T583]  usb_disconnect+0x32a/0x890
[   78.814232][  T583]  hub_event+0x1d42/0x4770
[   78.818483][  T583]  process_one_work+0x6bb/0xc10
[   78.823170][  T583]  worker_thread+0xe02/0x12a0
[   78.827684][  T583]  kthread+0x421/0x510
[   78.831588][  T583]  ret_from_fork+0x1f/0x30
[   78.835841][  T583] 
[   78.838012][  T583] Last potentially related work creation:
[   78.843569][  T583]  kasan_save_stack+0x3b/0x60
[   78.848080][  T583]  __kasan_record_aux_stack+0xd3/0xf0
[   78.853288][  T583]  kasan_record_aux_stack_noalloc+0xb/0x10
[   78.858934][  T583]  insert_work+0x56/0x320
[   78.863095][  T583]  __queue_work+0x92a/0xcd0
[   78.867433][  T583]  queue_work_on+0x105/0x170
[   78.871861][  T583]  usbnet_link_change+0x182/0x1a0
[   78.876721][  T583]  usbnet_probe+0x1dcb/0x2840
[   78.881234][  T583]  usb_probe_interface+0x5b6/0xa90
[   78.886183][  T583]  really_probe+0x28d/0x970
[   78.890521][  T583]  __driver_probe_device+0x1a0/0x310
[   78.895646][  T583]  driver_probe_device+0x54/0x3d0
[   78.900504][  T583]  __device_attach_driver+0x2c5/0x470
[   78.905715][  T583]  bus_for_each_drv+0x183/0x200
[   78.910399][  T583]  __device_attach+0x312/0x510
[   78.915007][  T583]  device_initial_probe+0x1a/0x20
[   78.919858][  T583]  bus_probe_device+0xbe/0x1e0
[   78.924459][  T583]  device_add+0xb60/0xf10
[   78.928623][  T583]  usb_set_configuration+0x190f/0x1e80
[   78.933922][  T583]  usb_generic_driver_probe+0x8b/0x150
[   78.939224][  T583]  usb_probe_device+0x144/0x260
[   78.943901][  T583]  really_probe+0x28d/0x970
[   78.948238][  T583]  __driver_probe_device+0x1a0/0x310
[   78.953359][  T583]  driver_probe_device+0x54/0x3d0
[   78.958220][  T583]  __device_attach_driver+0x2c5/0x470
[   78.963427][  T583]  bus_for_each_drv+0x183/0x200
[   78.968113][  T583]  __device_attach+0x312/0x510
[   78.972714][  T583]  device_initial_probe+0x1a/0x20
[   78.977576][  T583]  bus_probe_device+0xbe/0x1e0
[   78.982174][  T583]  device_add+0xb60/0xf10
[   78.986341][  T583]  usb_new_device+0x1038/0x1c00
[   78.991043][  T583]  hub_event+0x2def/0x4770
[   78.995280][  T583]  process_one_work+0x6bb/0xc10
[   78.999967][  T583]  worker_thread+0xad5/0x12a0
[   79.004484][  T583]  kthread+0x421/0x510
[   79.008388][  T583]  ret_from_fork+0x1f/0x30
[   79.012643][  T583] 
[   79.014810][  T583] The buggy address belongs to the object at ffff88810d054000
[   79.014810][  T583]  which belongs to the cache kmalloc-4k of size 4096
[   79.028697][  T583] The buggy address is located 3184 bytes inside of
[   79.028697][  T583]  4096-byte region [ffff88810d054000, ffff88810d055000)
[   79.041976][  T583] The buggy address belongs to the page:
[   79.047454][  T583] page:ffffea0004341400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10d050
[   79.057514][  T583] head:ffffea0004341400 order:3 compound_mapcount:0 compound_pincount:0
[   79.065669][  T583] flags: 0x4000000000010200(slab|head|zone=1)
[   79.071598][  T583] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100043380
[   79.079995][  T583] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[   79.088411][  T583] page dumped because: kasan: bad access detected
[   79.094666][  T583] page_owner tracks the page as allocated
[   79.100211][  T583] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 290, ts 22062116338, free_ts 22061166928
[   79.119049][  T583]  post_alloc_hook+0x1a3/0x1b0
[   79.123646][  T583]  prep_new_page+0x1b/0x110
[   79.127986][  T583]  get_page_from_freelist+0x3550/0x35d0
[   79.133365][  T583]  __alloc_pages+0x27e/0x8f0
[   79.137795][  T583]  new_slab+0x9a/0x4e0
[   79.141701][  T583]  ___slab_alloc+0x39e/0x830
[   79.146125][  T583]  __slab_alloc+0x4a/0x90
[   79.150290][  T583]  kmem_cache_alloc_trace+0x142/0x210
[   79.155497][  T583]  kobject_uevent_env+0x269/0x700
[   79.160358][  T583]  kobject_uevent+0x1f/0x30
[   79.164700][  T583]  net_rx_queue_update_kobjects+0x213/0x490
[   79.170426][  T583]  netdev_register_kobject+0x231/0x320
[   79.175720][  T583]  register_netdevice+0xde9/0x1390
[   79.180667][  T583]  veth_newlink+0x94f/0xe20
[   79.185007][  T583]  rtnl_newlink+0x14c7/0x2050
[   79.189520][  T583]  rtnetlink_rcv_msg+0x951/0xc40
[   79.194297][  T583] page last free stack trace:
[   79.198808][  T583]  free_unref_page_prepare+0x7c8/0x7d0
[   79.204104][  T583]  free_unref_page+0xe8/0x750
[   79.208615][  T583]  __free_pages+0x61/0xf0
[   79.212780][  T583]  __free_slab+0xec/0x1d0
[   79.216947][  T583]  __unfreeze_partials+0x165/0x1a0
[   79.221895][  T583]  put_cpu_partial+0xc4/0x120
[   79.226408][  T583]  __slab_free+0x1c8/0x290
[   79.230659][  T583]  ___cache_free+0x109/0x120
[   79.235086][  T583]  qlink_free+0x4d/0x90
[   79.239079][  T583]  qlist_free_all+0x44/0xb0
[   79.243419][  T583]  kasan_quarantine_reduce+0x15a/0x180
[   79.248715][  T583]  __kasan_slab_alloc+0x2f/0xe0
[   79.253401][  T583]  slab_post_alloc_hook+0x53/0x2c0
[   79.258349][  T583]  kmem_cache_alloc_trace+0xf9/0x210
[   79.263469][  T583]  inetdev_init+0x83/0x4b0
[   79.267720][  T583]  inetdev_event+0x205/0x10a0
[   79.272236][  T583] 
[   79.274407][  T583] Memory state around the buggy address:
[   79.279875][  T583]  ffff88810d054b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   79.287773][  T583]  ffff88810d054b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   79.295673][  T583] >ffff88810d054c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   79.303568][  T583]                                                              ^
[   79.311119][  T583]  ffff88810d054c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   79.319034][  T583]  ffff88810d054d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   79.326916][  T583] ==================================================================
[   79.334816][  T583] Disabling lock debugging due to kernel taint
[   79.342109][ T1979] UDC core: couldn't find an available UDC or it's busy: -16
[   79.349301][ T1979] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   79.359139][ T2021] 9pnet: Insufficient options for proto=fd
[   79.368102][ T1979] loop0: detected capacity change from 0 to 256
[   79.410678][ T1979] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   79.422803][ T1979] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d)
[   79.489960][  T852] uclogic 0003:256C:006D.000D: failed retrieving string descriptor #100: -71
[   79.498626][  T852] uclogic 0003:256C:006D.000D: failed retrieving pen parameters: -71
[   79.506640][  T852] uclogic 0003:256C:006D.000D: failed probing pen v1 parameters: -71
[   79.514997][  T852] uclogic 0003:256C:006D.000D: failed probing parameters: -71
[   79.522448][  T852] uclogic: probe of 0003:256C:006D.000D failed with error -71
[   79.532574][  T852] usb 4-1: USB disconnect, device number 8
[   80.033037][ T1981] loop4: detected capacity change from 0 to 1024
[   80.110270][ T1981] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[   80.118708][ T1981] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,data=ordered,resuid=0x0000000000000000,max_batch_time=0x0000000000000007,noblock_validity,usrquota,data_err=abort,data_err=abort,mblk_io_submit,bsddf,,errors=continue. Quota mode: writeback.
[   80.148676][   T30] kauditd_printk_skb: 27 callbacks suppressed
[   80.148689][   T30] audit: type=1400 audit(1866777526.290:797): avc:  denied  { create } for  pid=1980 comm="syz.4.518" name=".index" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   80.161331][ T1981] incfs: ino conflict with backing FS 2
[   80.185094][   T30] audit: type=1400 audit(1866777526.330:798): avc:  denied  { read } for  pid=1980 comm="syz.4.518" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   80.206885][   T20] kovaplus 0003:1E7D:2D50.000F: couldn't init struct kovaplus_device
[   80.206971][   T30] audit: type=1400 audit(1866777526.330:799): avc:  denied  { write } for  pid=1980 comm="syz.4.518" name="/" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   80.215417][   T20] kovaplus 0003:1E7D:2D50.000F: couldn't install mouse
[   80.237067][   T30] audit: type=1400 audit(1866777526.330:800): avc:  denied  { remove_name } for  pid=1980 comm="syz.4.518" name="file1" dev="incremental-fs" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   80.244146][   T20] kovaplus: probe of 0003:1E7D:2D50.000F failed with error -71
[   80.266931][   T30] audit: type=1400 audit(1866777526.330:801): avc:  denied  { unlink } for  pid=1980 comm="syz.4.518" name="file1" dev="incremental-fs" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   80.276160][   T20] usb 5-1: USB disconnect, device number 10
[   80.498329][ T1979] 9pnet: p9_fd_create_tcp (1979): problem connecting socket to 127.0.0.1
[   80.511061][  T852] usb 1-1: USB disconnect, device number 9
[   80.733122][   T30] audit: type=1400 audit(1866777526.880:802): avc:  denied  { remove_name } for  pid=290 comm="syz-executor" name=".index" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   80.755764][   T30] audit: type=1400 audit(1866777526.880:803): avc:  denied  { rmdir } for  pid=290 comm="syz-executor" name=".index" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1