last executing test programs:

5.198162361s ago: executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fsopen(0x0, 0x0)
getcwd(0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x813014, 0x0)
setsockopt$inet_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000001c0), 0x4)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x1000, 0x0)
mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x45110, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/udp\x00')
read$FUSE(r3, &(0x7f00000061c0)={0x2020, 0x0, 0x0, <r4=>0x0, <r5=>0x0}, 0x2020)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000300)={[{@uid={'uid', 0x3d, r4}}, {@gid={'gid', 0x3d, r5}}]})
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
read$FUSE(r6, 0x0, 0x0)

4.897250838s ago: executing program 1:
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008000, &(0x7f0000000240)={[{@debug}, {@orlov}, {@nomblk_io_submit}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}, {@init_itable_val}, {@usrquota}, {@usrquota}]}, 0x1, 0x5ba, &(0x7f0000001bc0)="$eJzs3c1vVFUbAPDnTD8olPdtIUbFhTQxBhKlpQUMMS5gTxr8iBs3VloIUqChNVo0sSS4MTFujDFx5UL8L5TIlpWuXLhxZUiIGpYmjrkzc0tb7rS0THsr9/dLht57zlzOczt9eu6cnnMngMoayv6pReyLiJkUMZAWFuu6o1U51Hzevb8+OpM9UtTrr/+RIrXK8uen1tf+1sF9EfHTjyn2dj3Y7uz81QsT09NTV1r7I3MXZ0Zm568eOn9x4tzUualLYy+NHT929Njx0cMdO9dT1999f+DT8be+/frvNPrdr+MpTsTuVt3S8+iUoRhqfk92LC/Pvq/HO91YSbpa57P0JU7dJQbEuuSvX09EPBUD0RX3X7yB+OTVUoMDNlU9RdSBikryHyoqvw7I39uvfB9cK+WqBNgKd082BwAezP/u5thg9DXGBnbdS7F0WCdFRCdG5rI2bt8av3721vj12KRxOKDYwrWIeLoo/1MjNwcbo/hZ/teW5X92XXC69TUrf22D7Q+t2Jf/sHWa+d+3ofx/e0n+v7PB9uU/AAAAAAAAdM7NkxHxYtHf/2uL83+iYP5Pf0Sc6ED7a//9r3anA80ABe6ejHilcP5vLZ/9O9jV2vpfYz5ATzp7fnrqcET8PyIORs+ObH90lTYOfbb3q3Z1+fy//JG1f7s1F7AVx53uFetnJyfmJh71vIGIu9cinimc/5sW+/9U0P9nvw9mHrKNvc/fON2ubu38BzZL/ZuIA4X9f1p8Tlr9/hwjjeuBkfyq4EHPfvj59+3al/9Qnqz/37V6/g+mpffrmV1/G0fmu+vt6jZ6/d+b3mjccqa3VfbBxNzcldGI3nSqKytdVj62/pjhcZTnQ54vWf4ffG718b+i6/+dEbGw4v9Ofy5fU5x78p/+39rFo/+H8mT5P7mu/n/9G2M3Bn9o1/7D9f9HG339wVaJ8T9o+jJP097l5QXp2F1UtdXxAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDjoBYRuyPVhhe3a7Xh4Yj+iHgidtWmL8/OvXD28nuXJrO6xuf/1/JP+h1o7qf88/8Hl+yPrdg/EhF7IuKLrp2N/eEzl6cnyz55AAAAAAAAAAAAAAAAAAAA2Cb626z/z/zeVXZ0wKbrLjsAoDQF+f9zGXEAW0//D9Ul/6G65D9Ul/yH6pL/UF3yH6pL/kN1yX8AAAAAAHis7Nl/85cUEQsv72w8Mr2tup5SIwM2W63sAIDSuMUPVJepP1Bd3uMDaY36vrYHrXXkambOPMLBAAAAAAAAAAAAAFA5B/ZZ/w9VZf0/VJf1/1Bd+fr//SXHAWw97/GBWGMlf+H6/zWPAgAAAAAAAAAAAAA6aXb+6oWJ6empKzbe3B5hbOVGvV7/OPsp2C7x/Mc38qnw2yWeR9oo9/cSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw378BAAD//2QiJqY=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000a50000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000001280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

4.88339792s ago: executing program 1:
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fstat(0xffffffffffffffff, &(0x7f0000003140))
syz_socket_connect_nvme_tcp()

4.316598678s ago: executing program 3:
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x21c916, &(0x7f0000000400), 0x1b, 0x4c5, &(0x7f0000000ec0)="$eJzs3V9rW+cZAPDnHFtZ/jizw3aRBZaFJcMOWyQ7XhKzi2yDsV0FtmX3mWfLxli2jCUnsQmbwz7AYJS20Kte9abQD1Ao+QilEGjvS1taSpu0F71oo6J/qeNIsU1kKVi/HxzrPUdHfp5HQq/0nvOiE0DfOhMRFyPiUaVSOR8Rw43taWO5dywiNuv7PXxwZ6a6JFGpXP8iiaSxrbr/2Jb/2XhIHI6Iv/8l4l/J03FL6xuL04VCfrWxnisvreRK6xsXFpam5/Pz+eXJyYnLU1emLk2Nd6TOoYi4+qdPXv7fG3+++s5vbn1447OxfyeN7bGljk6rl56pPRdNgxGxuh/BemCgUU+m14kAALArze/5v4yI8zEcA7VvcwAAAMBBUvn9UHybRFQAAACAAyutzYFN0mxjHsBQpGk2W5/D+9M4mhaKpfKv54pry7P1ubIjkUnnFgr58cZc4ZHIJNX1iVr7h/WL29YnI+JERLw0fKS2np0pFmZ7ffADAAAA+sSxbeP/r4fr438AAADggBnpdQIAAADAvjP+BwAAgIPP+B8AAAAOtL9eu1ZdKs3rX8/eXF9bLN68MJsvLWaX1mayM8XVlex8sThf+82+pZ3+X6FYXPltLK/dzpXzpXKutL5xY6m4tly+sfDEJbABAACALjrxi3sfJBGx+bsjtaXqUK+TArpicC87f7x/eQDdN9DrBICe2dPnP3CgZHqdANBzyQ73t528827ncwEAAPbH6M9an/9Pdjw2sJl2KUVgnzj+B/3L+X/oX87/Q//KxEAYyEN/2//z/5XKnhICAAA6bqi2JGk2onYcYCjSNJuNOF67LEAmmVso5Mcj4scR8f5w5kfV9YnaI5MdxwwAAAAAAAAAAAAAAAAAAAAAAAAAQF2lkkQFAAAAONAi0k+TxvW/RofPDW0/PnAo+Wa4dhsRt167/srt6XJ5daK6/cvH28uvNrZf7MURDAAAAGC75ji9OY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE56+ODOTHPpZtzP/xgRI63iD8bh2u3hyETE0a+SGNzyuCQiBjoQf/NuRJxsFT+pphUjjSxaxT/Sw/hpRBzrQHzoZ/eq/c8fWr3/0jhTu239/rtc66GeX/v+L33c/w206X+O7zLGqftv5drGvxtxarB1/9OMn7SJf3aX8f/5j42NdvdVXo8Ybfn5kzwRK1deWsmV1jcuLCxNz+fn88uTkxOXp65MXZoaz80tFPKNvy1j/P/nbz96Vv1H28Qf2aH+c7us/7v7tx/8pN7MtIo/drb163+yTfy08dn3q0a7ev9os71Zb291+s33Tj+r/tk29e/0+o/tsv7zf/vvR7vcFQDogtL6xuJ0oZBf7evGcz0b1a9FL0QVGntt/OfFSOOFbPS2XwIAADrv6TEwAAAAAAAAAAAAAAAAAAAA0G3d/HW9ps3elAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8EzfBwAA//+8vtTr")
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000300))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000100)={0x0, 0x0, 0x10}, 0xc)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000240)={<r3=>0x0, @local, @private}, &(0x7f0000000380)=0xc)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000540)='cgroup.freeze\x00', 0x0, 0x0)
write$cgroup_int(r4, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@bloom_filter={0x1e, 0xffffffff, 0x0, 0x7, 0x38, r2, 0x1, '\x00', r3, r4, 0x1, 0x2, 0x4}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=@base={0xa, 0x0, 0x1b, 0x2, 0x210, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x15, &(0x7f0000000080)={{r6}, 0x0, 0x0}, 0x20)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0)
setsockopt$inet_int(r4, 0x0, 0x16, &(0x7f0000000440)=0x6, 0x4)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
writev(r9, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f04000000480100100000000004002b000a00010014a4ee1ee438d2fd000000000000007208", 0x39}], 0x1)
writev(r9, &(0x7f00000000c0)=[{&(0x7f0000000040)="3900000013000318680907070000000f0000ff3f04000000170a001700000000040037000d00030001332564aa58b9a64411f6bbf44dc48f57", 0x39}], 0x1)

4.294095822s ago: executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000017b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r1}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000700)='mm_lru_insertion\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r4, &(0x7f0000000180), 0x2000)

4.284034963s ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000380)='mm_page_alloc\x00', r1}, 0x10)
r2 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$int_in(r3, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r3, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r4}], 0x2c, 0x0)
dup2(r3, r4)
fcntl$setown(r3, 0x8, r2)
tkill(r2, 0x16)

3.98157696s ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000b00)={[{@nodiscard}, {}, {@acl}, {@alloc_mode_reuse}, {@inline_xattr}, {@resgid={'resgid', 0x3d, 0xffffffffffffffff}}, {@background_gc_on}, {@nouser_xattr}, {@noflush_merge}, {@user_xattr}, {@fsync_mode_strict}, {@adaptive_mode}, {@jqfmt_vfsold}, {@noinline_dentry}]}, 0x1, 0x5505, &(0x7f0000002480)="$eJzs3EtvG9UXAPDjpOn733+EWLDrSBVSItVWnT4EKwq04iFSRQUWrMCxHcut7YlixwlZsWCJWPBNEEisWPIZWLBmh1iA2CGBPHcCDQ8JKU7cNr+fND5zr6/PnGtVlc5M5ABOrMXsl58qcSnORcR8RFyMKM4r5VG4ncJzEXE5IuYeOSrl/B8TpyPifERcmiRPOSvlW59dHV+5+eObP3/97ZlTFz7/6rvZ7RqYtecjor+Zznf6KeadFB+U841xt4j9G+Mypjf6D8txnuJOe73IsNPYX9co4vVOWp9vbg8ncaPXaE5ip7tRzG8O0gWH485+nuIDDxpbxbjVXi9id5gXsbOX6trdS/+37Q1HKU+rzPdhkT5Go/2Y5tu77bSfzYdFbA5G5XzKm7fau5M4LmN5uWjmvVZRx/phvunH21vdwfZuNm5vDbv5ILtZq79Qq9+q1rfyVnvUvlFt9Fu3bmRLnd5kWXXUbvRvd/K802vXmnl/OVvqNJvVej1butNe7zYGWb1eu167Vr25XJ5dzV67927Wa2VLk/hKd7A96vaG2Ua+laVPLGcrtesvLmdX6tnbq2vZ2v27d1fX3nn/znv3Xl5949Vy0d/KypZWrq2sVOvXqiv15cd6/y9Ndf8fl0VPcf9wKJVZFwDw5NH/A7NwdP3/1v2Io+//Q/8/Ffr/k71/OBT9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAifX9whevFyeLaXyhnP9fOfVMOa5ExFxE/PYP5uP0gZzzZZ6Ff1m/8JcavqlEkWFyjTPlcT4ibpfHr/8/6m8BAAAAnl5ffnT509Stp5fFWRfEcUo3beYufjClfJWIWFj8YUrZ5iYvz04pWfHv+1TsTilbcQPr7JSSpVtup6aV7T+ZPxDOPhIqKcwdazkAAMCxONgJHG8XAgAAwHH6ZNYFMBuV2H+Uuf8suPjL+z8fCJ47MAIAAACeQJVZFwAAAAAcuaL/9/t/AAAA8HRLv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zcTY7aMBwH0H8CoaUfKqq671W6g2P0CF12WXGAXoIDdEGv0AtwBrqbI4xghBMEGbEYKU4iRu9JIdgyP2wEC9vIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAffpfbVd/f3393TXncOwmz2gAAACAW/bVdpWeLOry+6b+Y1P1uSkXEVFGxK25+yRmrcxJk1Nd2v+5bl8968O/iJRweo83zfUuIr411+Onvj8FAAAAeL12682ynq3XD4uxO8SQ6kWb8sP3THlFRFSLh0xp5SnvS6aw9P2exs9MaWkB622msHrJbZor7UXSzz1mMb+uTAMq6lt582XTVlMAAODOTFq3YWchAAAADOnH2B1gHEWctzLPe8Hpn/eX7b15qwQAAADcoWLsDgAAAAC9S/P/gc7/Ozr/DwAAAMZRn/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAn/bVdrVbb5Zdcw7HbvKMBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeGJ/3lEgBMIgDPau70zm/oeVBk1NTapA+PgbgwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODN7/7yf2JqnEnmXhtLzyPJ2qmxdWrsnRtHfxhfvwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi/15SYEQCIIomDP+d9L3P6wk6BlEiICGRxW1aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+KLf/fJ/YmqcSeZOG0vHI8naVWPrqrH3oHH0YLz9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi537eY2jigMA/mZmZ2ur4hplDxFR8KAXu93W1t7EgxI8+CcIId3W2K0/2hxsKWIu3iTnXkSPIoISb/0fck4gl3jLYQ8RPCszO5Od/ADXXzOb5POBN++7wzDv+2Yh5DvvJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACl0duTOMkOnXEcF+c29x4uZf3WoT7zeG17PmtZHNWZ9MnwYvVD1G0uEQAAAM6OpKzvQwg76fpC1sedvP5Py2uymv/bp8dxWc8frvvLvqz9s/bLz7vP7w/UGY+T3fTm8nBw6Wgqrf9vlrPtmb+8opU/+fzdS5J/IfF7q8+N0vx5Rl9vbLzTzsNzdWQLAPwTF8u+CMrfh7K+32RiAJwZrUrhXdb/SafZnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqMFoNT5ZxFEKYb03izNbew6Xj+sdr2/Nlu/bo0Vr4cnLP7BZpCOHm8nBwqdbZzLZ79x/cXhwOB3frD14KITQ1+lvF9G9/MMXFITTyfAT/URAXX/as5HMyggZ/KAEAcCqlRcvq+p10fSE7F82F8Md3B+v/VytxmLL+3/3w2mZ1rGr9369thrOvt3Ln0969+w9eX76zeGtwa/DxG5f7b/avXL969Xovf1fS88YEAACAf6ddtGr9H88dXf+/UInDlPX/Z9/0v6iOlaj/jzVZ9Gs6EwAAgLPt2Zd//y065nzUbofPF1dW7vbHx/3Pl8fHBlL9284VrVr/J3NNZwUAAADUYbQaHVj/v1GJw5Tr/099/8KP1XsmIYTzxfr/xaVPhjfqm85Mq+PPiZueIwAAAM06X7Tq+n+a7/+P97c8xCGE114Zx8W/AZyq/k/e/eqH6ljV/f9X6pviTIq74+eR990QWt2mMwIAAOA0e6JoWbH/a7q+8NFPF95v2/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAULc/AwAA//9A8T6y")
sched_setscheduler(r1, 0x0, &(0x7f0000000100)=0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff})
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r6, 0x800448f0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, <r7=>0x0}, &(0x7f0000000140)=0xc)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000a80)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid={'resgid', 0x3d, r7}}, {@grpquota}, {@usrjquota}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")

3.776090902s ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000380)='mm_page_alloc\x00', r1}, 0x10)
r2 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$int_in(r3, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r3, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r4}], 0x2c, 0x0)
dup2(r3, r4)
fcntl$setown(r3, 0x8, r2)
tkill(r2, 0x16)

3.675350838s ago: executing program 4:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000540)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB="080005"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, &(0x7f0000001780)={0x2c, 0x0, &(0x7f00000014c0)={0x0, 0x3, 0x4, @lang_id={0x4}}, 0x0, 0x0, 0x0}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)

3.546681058s ago: executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000440)={0x28, 0x0, 0x0, @local}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe2$9p(0x0, 0x0)

3.5357466s ago: executing program 1:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000001480)=ANY=[@ANYBLOB='huge=alwa'])
chdir(&(0x7f0000000140)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)

1.870418259s ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x800e, &(0x7f0000000040)={&(0x7f00000005c0)=@newsa={0xf0, 0x12, 0x0, 0x0, 0x0, {{@in6=@private2, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in=@empty}, @in6=@local}}, 0xf0}}, 0x0)

1.748483678s ago: executing program 2:
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800003f0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
socket$tipc(0x1e, 0x5, 0x0)
close(r4)

1.7403623s ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000b00)={[{@nodiscard}, {}, {@acl}, {@alloc_mode_reuse}, {@inline_xattr}, {@resgid={'resgid', 0x3d, 0xffffffffffffffff}}, {@background_gc_on}, {@nouser_xattr}, {@noflush_merge}, {@user_xattr}, {@fsync_mode_strict}, {@adaptive_mode}, {@jqfmt_vfsold}, {@noinline_dentry}]}, 0x1, 0x5505, &(0x7f0000002480)="$eJzs3EtvG9UXAPDjpOn733+EWLDrSBVSItVWnT4EKwq04iFSRQUWrMCxHcut7YlixwlZsWCJWPBNEEisWPIZWLBmh1iA2CGBPHcCDQ8JKU7cNr+fND5zr6/PnGtVlc5M5ABOrMXsl58qcSnORcR8RFyMKM4r5VG4ncJzEXE5IuYeOSrl/B8TpyPifERcmiRPOSvlW59dHV+5+eObP3/97ZlTFz7/6rvZ7RqYtecjor+Zznf6KeadFB+U841xt4j9G+Mypjf6D8txnuJOe73IsNPYX9co4vVOWp9vbg8ncaPXaE5ip7tRzG8O0gWH485+nuIDDxpbxbjVXi9id5gXsbOX6trdS/+37Q1HKU+rzPdhkT5Go/2Y5tu77bSfzYdFbA5G5XzKm7fau5M4LmN5uWjmvVZRx/phvunH21vdwfZuNm5vDbv5ILtZq79Qq9+q1rfyVnvUvlFt9Fu3bmRLnd5kWXXUbvRvd/K802vXmnl/OVvqNJvVej1butNe7zYGWb1eu167Vr25XJ5dzV67927Wa2VLk/hKd7A96vaG2Ua+laVPLGcrtesvLmdX6tnbq2vZ2v27d1fX3nn/znv3Xl5949Vy0d/KypZWrq2sVOvXqiv15cd6/y9Ndf8fl0VPcf9wKJVZFwDw5NH/A7NwdP3/1v2Io+//Q/8/Ffr/k71/OBT9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAifX9whevFyeLaXyhnP9fOfVMOa5ExFxE/PYP5uP0gZzzZZ6Ff1m/8JcavqlEkWFyjTPlcT4ibpfHr/8/6m8BAAAAnl5ffnT509Stp5fFWRfEcUo3beYufjClfJWIWFj8YUrZ5iYvz04pWfHv+1TsTilbcQPr7JSSpVtup6aV7T+ZPxDOPhIqKcwdazkAAMCxONgJHG8XAgAAwHH6ZNYFMBuV2H+Uuf8suPjL+z8fCJ47MAIAAACeQJVZFwAAAAAcuaL/9/t/AAAA8HRLv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zcTY7aMBwH0H8CoaUfKqq671W6g2P0CF12WXGAXoIDdEGv0AtwBrqbI4xghBMEGbEYKU4iRu9JIdgyP2wEC9vIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAffpfbVd/f3393TXncOwmz2gAAACAW/bVdpWeLOry+6b+Y1P1uSkXEVFGxK25+yRmrcxJk1Nd2v+5bl8968O/iJRweo83zfUuIr411+Onvj8FAAAAeL12682ynq3XD4uxO8SQ6kWb8sP3THlFRFSLh0xp5SnvS6aw9P2exs9MaWkB622msHrJbZor7UXSzz1mMb+uTAMq6lt582XTVlMAAODOTFq3YWchAAAADOnH2B1gHEWctzLPe8Hpn/eX7b15qwQAAADcoWLsDgAAAAC9S/P/gc7/Ozr/DwAAAMZRn/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAn/bVdrVbb5Zdcw7HbvKMBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeGJ/3lEgBMIgDPau70zm/oeVBk1NTapA+PgbgwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODN7/7yf2JqnEnmXhtLzyPJ2qmxdWrsnRtHfxhfvwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi/15SYEQCIIomDP+d9L3P6wk6BlEiICGRxW1aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+KLf/fJ/YmqcSeZOG0vHI8naVWPrqrH3oHH0YLz9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi537eY2jigMA/mZmZ2ur4hplDxFR8KAXu93W1t7EgxI8+CcIId3W2K0/2hxsKWIu3iTnXkSPIoISb/0fck4gl3jLYQ8RPCszO5Od/ADXXzOb5POBN++7wzDv+2Yh5DvvJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACl0duTOMkOnXEcF+c29x4uZf3WoT7zeG17PmtZHNWZ9MnwYvVD1G0uEQAAAM6OpKzvQwg76fpC1sedvP5Py2uymv/bp8dxWc8frvvLvqz9s/bLz7vP7w/UGY+T3fTm8nBw6Wgqrf9vlrPtmb+8opU/+fzdS5J/IfF7q8+N0vx5Rl9vbLzTzsNzdWQLAPwTF8u+CMrfh7K+32RiAJwZrUrhXdb/SafZnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqMFoNT5ZxFEKYb03izNbew6Xj+sdr2/Nlu/bo0Vr4cnLP7BZpCOHm8nBwqdbZzLZ79x/cXhwOB3frD14KITQ1+lvF9G9/MMXFITTyfAT/URAXX/as5HMyggZ/KAEAcCqlRcvq+p10fSE7F82F8Md3B+v/VytxmLL+3/3w2mZ1rGr9369thrOvt3Ln0969+w9eX76zeGtwa/DxG5f7b/avXL969Xovf1fS88YEAACAf6ddtGr9H88dXf+/UInDlPX/Z9/0v6iOlaj/jzVZ9Gs6EwAAgLPt2Zd//y065nzUbofPF1dW7vbHx/3Pl8fHBlL9284VrVr/J3NNZwUAAADUYbQaHVj/v1GJw5Tr/099/8KP1XsmIYTzxfr/xaVPhjfqm85Mq+PPiZueIwAAAM06X7Tq+n+a7/+P97c8xCGE114Zx8W/AZyq/k/e/eqH6ljV/f9X6pviTIq74+eR990QWt2mMwIAAOA0e6JoWbH/a7q+8NFPF95v2/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAULc/AwAA//9A8T6y")
sched_setscheduler(r1, 0x0, &(0x7f0000000100)=0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff})
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r6, 0x800448f0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, <r7=>0x0}, &(0x7f0000000140)=0xc)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000a80)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid={'resgid', 0x3d, r7}}, {@grpquota}, {@usrjquota}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")

1.370296347s ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f00000001c0)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
chdir(&(0x7f0000000040)='./file0\x00')
syz_mount_image$fuse(0x0, &(0x7f0000006340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)

1.354399239s ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x9, 0x1, 0x8e, 0xe7c9, 0xa}, 0x48)

1.276987282s ago: executing program 2:
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000030000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='./file1\x00', 0x0, 0x2804, 0x0)

1.271694302s ago: executing program 4:
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x2a08095, &(0x7f00000024c0)=ANY=[], 0x0, 0x2b0, &(0x7f00000017c0)="$eJzs3MFrI1UYAPAvm3Y3XZD0sLIo4o548VTaFe8p0sJqQFGCKB4sbhYlUxc2UEgO2+zJf0LxP9CjBy+CB/HiwX9ABKmCF/cmIow0M8kmu0kTXZJI/f0ueX3v+9775k3oDKW89545bN283b51//5JVJ4txVotavFnxGZciHLkegEAnCd/ZFn8nuVWXQsAsByP9/wvLaIkAGDB5nz+v55/HC+rLABggfz9HwD+f958+51Xd+v1vTeSpBJx+PFR46jR/9woAm7Fh5FGM7ajGn9FFK8KXxWj2f6N+t52cuqXzWgcHhf5x0eN/L8Hdwf5O1GNzWF+/20jy7Jr+zdKeztJbjx/PS4X+T9ejmZcj2pceSS/v/71ifkX44XnR9bfimr88H7cjjRunhY+kn93J0lefq2exFqM5F/qx/VtDLerPLJ1r1x5sracmwQAAAAAAAAAAAAAAAAAAAAAwLmzlQxNPL9na2vaeJ6/O/l8oCzLojI4X2d74vk8a/H02mqvHQAAAAAAAAAAAAAAAAAAAP4r2p1u6yBdz3/opWnzTt4z1vjou8+/mTL0oHHyfe+tWTHdVqlY96yY5TSeeO7nT6bH3CsN9ycuTIkpPdRTi/GYcjHHPyzs62sP9bxbnmOeUm/SUOU07UFPpdj92WWUZ5T67ckHT73YvvrS5JhyPM7d2fh393T9rK/Wb9W4VIyPD92bOmGx6zFr9S9W+jUeXPXM4Kuf1g6+vPvTr/POvOBfPAAAAAAAAAAAAAAAAAAAwCPanW6rsuoiAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDF2p1u6yBNmxej0/0s0rR5Z9BzZmN/jphhY9XXCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfwcAAP//27d+8A==")
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket(0x10, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0xac, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @mcast1}]}]}, 0xac}}, 0x0)
r9 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r9, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff00", @ANYRES32=r10, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newqdisc={0x148, 0x24, 0x100, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}, [@TCA_STAB={0x124, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xa1, 0x79, 0xfff7, 0xcc9, 0x0, 0x553, 0x7, 0x6}}, {0x10, 0x2, [0x0, 0x0, 0x3e5c, 0x2, 0x397e, 0xdc5f]}}, {{0x1c, 0x1, {0x1, 0x0, 0x167, 0x9, 0x0, 0x3f, 0x0, 0x6}}, {0x10, 0x2, [0x81, 0x9, 0x3, 0xe938, 0x81, 0x3]}}, {{0x1c, 0x1, {0x50, 0x6, 0xff, 0x71a7, 0x0, 0x240, 0x81, 0x2}}, {0x8, 0x2, [0x90cd, 0x7]}}, {{0x1c, 0x1, {0x8, 0x19, 0x0, 0x6, 0x0, 0x3, 0x2, 0x3}}, {0xa, 0x2, [0xdf, 0x8, 0x7fff]}}, {{0x1c, 0x1, {0x7, 0x3, 0x40, 0x8, 0x1, 0xfffff1f5, 0x4dd8, 0x2}}, {0x8, 0x2, [0x5, 0xfffb]}}, {{0x1c, 0x1, {0xf3, 0xfe, 0x3ff, 0xfffffffa, 0x1, 0xdf7b, 0x0, 0x4}}, {0xc, 0x2, [0xfffb, 0x400, 0x1, 0xf04]}}, {{0x1c, 0x1, {0x0, 0x3, 0x3, 0x1, 0x1, 0x4, 0x9, 0x8}}, {0x14, 0x2, [0x2, 0x6, 0x8, 0xfffc, 0x0, 0x4, 0x8000, 0x0]}}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x90}, 0x0)
bind$packet(r1, &(0x7f0000000400)={0x11, 0x0, r10, 0x1, 0x0, 0x6, @remote}, 0x14)

1.250243285s ago: executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000d8ffffffb703000008000000b70400000000925e850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000107000000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000013007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c})
openat(0xffffffffffffffff, 0x0, 0x0, 0x0)

963.56643ms ago: executing program 0:
newfstatat(0xffffffffffffff9c, &(0x7f0000001040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, <r0=>0x0}, 0x6c00)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10, &(0x7f00000003c0)={[{@test_dummy_encryption}, {@journal_checksum}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x6}}, {@i_version}, {@noblock_validity}, {@dioread_nolock}, {@resuid={'resuid', 0x3d, r0}}, {@discard}]}, 0xfe, 0x254, &(0x7f0000000900)="$eJzs3T9oJGUcBuB3Znc9c1nk1EYQ/4CIaCCcnWBzNgoHchyHCCqciNgoiRAT7BIrGwutVVLZBLEzWkqaYKMI2kRNERtBg4XBQouV3UkkJqtJ3LhzZJ4HJjOT+WZ+37DzfrsszE6AxrqQ5FKSVpKpJJ0kxf4G91bThd3V5Yn160mvd+2XYtCuWq/s7TeZZCnJI0nWyiIvt5OF1We3ftt44oG35jv3f7D6zMRYT3LX9tbmkzvvX3nz48sPL3z59U9XilxK92/ndfqKIf9rF8lt/0exG0TRrrsHHMfV1z/6tp/725PcN8h/J2WqF+/tuZvWOnnovX/a952fv7pznH0FTl+v1+m/By71gMYpk3RTlNNJquWynJ6uPsN/1zpfvjI799rUS7PzMy/WPVIBp6WbbD7+6blPJg/k/8dWlf/hWuPtJHAS3wz7vmmYfv6furryfX95R6yhGe6qZv38Tz2/+GDkHxpH/qG55B+aS/6hueQfmkv+4Wy5Nnn8tvIPZ1jn3zfLPzSX/ENzyT801/78AwDN0jtX9x3IQF3qHn8AAAAAAAAAAAAAAAAAAIDDlifWr+9N46r5+bvJ9mNJ2sPqtwbPI05uHvw9/2vRb/aXotptJM/dM+IBRvRhzXdf3/JDvfW/uLve+oszydIbSS6224evv2L3+vvvbj1ie+eFEQuc0MFnAz/69HjrH/THSr31L28kn/XHn4vDxp8ydwzmw8ef7tE/sXykV38f8QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACMzZ8BAAD//+GoboM=")
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000500)='./bus\x00', 0x2004180, &(0x7f0000000000)={[{@quota}]}, 0x13, 0x52a, &(0x7f0000000b00)="$eJzs3c9vI1cdAPDvTOL82E2blB8SVKKtaFG2grU3DT9WPZRFQvRCJaBIHJc0caIoThzFTruJKkjFH4CEEBw4cYELEuKMhPonIKRKIK4IEAixu3DgADvIY5t4HTuxqGPvJp+PNJn33ryZ75uxMvabefYEcGk9FxG3ImIiIl6MiPlWedqaXm1kjpr17t97e7UxJZFlr/89iSRm87L2tpLW/GpzlZiJiK+9GvFGEjHdFbd2cLi1UqmU91r5Un17t1Q7OLy+ub2yUd4o7ywvL8VkdG/6/9JY+cmIeOWLf/7Bd3/6pVd+9am3/nD7r9e+1Sifi9m8Tud+DFOz4YX8WLRNJhF75xFsDCZa88KY2wEAwGAan/E/EBEfzz//z8dEx4fuh90accsAAACAYck+Pxf/TiIyAAAA4MJK8zGwSVpsjQWYizQtFptjeD8UV9JKtVb/5Hp1f2etsSxiIQrp+malfKM1VnghCkkjv5Snj/MvdeWXI+KpiPj+/GyeL65WK2vjvvgBAAAAl8TVrv7/P+eb/X8AAADgglkYdwMAAACAc6f/DwAAABef/j8AAABcaF957bXGlLWff7325sH+VvXN62vl2lZxe3+1uFrd2y1uVKsb+W/2bZ+1vUq1uvvp2Nm/U6qXa/VS7eDw9nZ1f6d+e/OhR2ADAAAAI/TUs+/+LomImZiNo5dn87KpcTcKGImkb6aHP0Vk59scYIQm8r/pKTW+3V3w4Z+cZ4OAkZkcdwOAsSmMuwHAuB2d1fXvO3jn18NvDAAAcD4WP9q8/3/08sn7/64NwMV22p0/AOBicv8fLq9CawQgcHk9ecby93//Pzv+6kB2YkwxAAAwAnP5lKTF1r3AuUjTYjHiifyxAIVkfbNSvtHqH/x2vjDdyC/layZnfl0YAAAAAAAAAAAAAAAAAAAAAAAAAGjKsiQyAAAA4EKLSP+S5L/mH7E4/8Jc9/WBqeRf8/k8It760es/vLNSr+8tNcrv5uXtZwDk5S8NcsXhoSeOTg3nKgYAAADQqd1Pb/fjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCY7t97e7U9jTLu374QEQs94z87k89mohARV/6RxGTHeklETAwh/tE7EfGRXvGTRrNiIZqt6BV/9vzip2fFTyPi6hDiw2X2buP8c6vX/38az+Xz3v9/jfT0EOL3P/+l0T7/TfQ5/zwxYIyn3/t5qW/8dyKenuyKP9uM0I6f9In//IDxv/n1w8N+y7IfRyz2fP9JIn5xHKtU394t1Q4Or29ur2yUN8o7y8tLn735uZufuXmjtL5ZKbf+9ozxvY/98sFp+3+lT/yFE/vfSB2f9l/ovcmp7oL/vHfn3gebyUKv+Nee74r/+85qJ49/2nrv+0Qr3Vi+2E4fNdOdnvnZb545bf/X+uz/TEe9Xq//tX4b7fLiV7/zxwGrAgAjUDs43FqpVMp7405MxwCVJ2KwDWYPsmxIDZt51A7UY5iIu1k2/C1/443BKn956vRXMGm9wo/AgeqbaPc5Rhj0f6eIE30WAADg8dTRSQMAAAAAAAAAAAAAAAAAAADGZCQ//9blaDy7CgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwqv8GAAD//6T7y1Q=")
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x4, 0x2, 0x1, 0xf31}, 0x48)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0}, 0x10)
mkdir(&(0x7f0000000540)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="2c616c6c6f775f6f746865722c64656661756c745f703b3b741d665265726d69737369886e732c6d61785f726561643d3078303030303030300008303030303030302c6d61785f726561643d3078303030303030303030303030303033662c6d61785f726561643d3078303030303030303030303030303530312c6d61785f726561643d3078303030303032303038010030303030302c00"])
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB='\x00'], 0x0}, 0x90)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
getdents64(0xffffffffffffffff, &(0x7f0000000180)=""/59, 0x3b)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x3, &(0x7f00000000c0)=[{}, {0x64, 0x0, 0x0, 0x1}, {0x6}]})
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)

762.006892ms ago: executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x0, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
socket$inet(0x2, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)

479.122486ms ago: executing program 1:
fchmodat(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x10)
open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
read$FUSE(0xffffffffffffffff, &(0x7f00000077c0)={0x2020}, 0x2020)
chdir(&(0x7f0000000180)='./file0\x00')

411.712446ms ago: executing program 4:
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800003f0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
socket$tipc(0x1e, 0x5, 0x0)
close(r4)

402.479658ms ago: executing program 2:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000540)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB="080005"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, &(0x7f0000001780)={0x2c, 0x0, &(0x7f00000014c0)={0x0, 0x3, 0x4, @lang_id={0x4}}, 0x0, 0x0, 0x0}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)

395.332788ms ago: executing program 4:
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8906, 0x0)
gettid()
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
readv(r0, &(0x7f0000002980)=[{&(0x7f0000000700)=""/163, 0xa3}], 0x1)
write$UHID_DESTROY(0xffffffffffffffff, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

87.278876ms ago: executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$inet(r0, 0x0, 0x0)

80.704597ms ago: executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x9, 0x1, 0x8e, 0xe7c9, 0xa}, 0x48)

56.049611ms ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000900)='mm_page_alloc\x00', r1}, 0x10)
r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
fsetxattr$system_posix_acl(r2, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004"], 0xfe44, 0x0)

49.004783ms ago: executing program 0:
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r2], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000023"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

0s ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x5, 0x8, 0x1}, 0x48)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000940)={r0, &(0x7f0000000780), &(0x7f0000000900)=@udp=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='kfree\x00', r2}, 0x10)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1038, 0x1410, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, {0x9}}}]}}]}}, 0x0)

kernel console output (not intermixed with test programs):

1058.713358][  T302] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1058.743524][  T302] usb 4-1: config 0 descriptor??
[ 1058.749093][T29816] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1058.755937][T29816] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1058.774120][T29816] device bridge_slave_0 entered promiscuous mode
[ 1058.787502][T21774] usb 2-1: 0:2 : does not exist
[ 1058.795640][T29816] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1058.816319][T29816] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1058.837443][T29816] device bridge_slave_1 entered promiscuous mode
[ 1059.006003][T29821] futex_wake_op: syz-executor.2 tries to shift op by -1; fix this program
[ 1059.028483][T21774] usb 2-1: USB disconnect, device number 125
[ 1059.042700][T29816] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1059.049590][T29816] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1059.056679][T29816] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1059.063450][T29816] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1059.092725][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1059.100636][  T624] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1059.107863][  T624] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1059.125991][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1059.134124][  T624] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1059.141003][  T624] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1059.149448][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1059.157514][  T624] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1059.164386][  T624] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1059.171803][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1059.179712][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1059.197179][T29827] loop2: detected capacity change from 0 to 40427
[ 1059.204735][T29685] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1059.216256][T29816] device veth0_vlan entered promiscuous mode
[ 1059.223577][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1059.231345][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1059.237579][T29827] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1059.239236][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1059.246016][T29827] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1059.262411][T29816] device veth1_macvtap entered promiscuous mode
[ 1059.269844][ T5924] device bridge_slave_1 left promiscuous mode
[ 1059.269884][T29827] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1059.275772][ T5924] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1059.289770][ T5924] device bridge_slave_0 left promiscuous mode
[ 1059.295734][ T5924] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1059.303981][ T5924] device veth1_macvtap left promiscuous mode
[ 1059.312769][T29827] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1059.319700][T29827] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1059.353562][T29827] F2FS-fs (loop2): skip recovering inline_dots inode (ino:3, pino:3) in readonly mountpoint
[ 1059.363723][  T337] usb 1-1: new high-speed USB device number 124 using dummy_hcd
[ 1059.371258][  T302] usb 4-1: Cannot read MAC address
[ 1059.376252][  T302] MOSCHIP usb-ethernet driver: probe of 4-1:0.0 failed with error -32
[ 1059.419346][T29685] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1059.436403][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1059.444964][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1059.610727][T29845] usb usb8: usbfs: interface 0 claimed by hub while 'syz-executor.1' sets config #1
[ 1059.746985][  T337] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1059.764194][  T337] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1059.789726][  T337] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1059.815005][  T337] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1059.916802][  T337] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1059.930616][  T337] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1059.946586][  T337] usb 1-1: Manufacturer: syz
[ 1059.956172][  T337] usb 1-1: config 0 descriptor??
[ 1060.008889][T29858] futex_wake_op: syz-executor.1 tries to shift op by -1; fix this program
[ 1060.218878][T29863] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1060.417844][  T337] appleir 0003:05AC:8243.00D3: item fetching failed at offset 0/1
[ 1060.419172][  T724] usb 4-1: USB disconnect, device number 120
[ 1060.425672][  T337] appleir 0003:05AC:8243.00D3: parse failed
[ 1060.476775][  T337] appleir: probe of 0003:05AC:8243.00D3 failed with error -22
[ 1060.620978][ T3442] usb 1-1: USB disconnect, device number 124
[ 1060.639976][T29865] loop4: detected capacity change from 0 to 40427
[ 1060.674347][T29882] syz-executor.3[29882] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1060.674583][T29882] syz-executor.3[29882] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1060.697771][T29865] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[ 1060.704480][T29884] futex_wake_op: syz-executor.3 tries to shift op by -1; fix this program
[ 1060.716709][T29865] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1060.767937][T29865] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1060.834604][T29865] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1060.847980][T29865] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1060.964218][T29894] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1061.339692][T29816] attempt to access beyond end of device
[ 1061.339692][T29816] loop4: rw=2049, want=45112, limit=40427
[ 1062.081888][T29924] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1062.143335][T29933] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1062.391174][T29936] fuse: Bad value for 'fd'
[ 1062.397198][   T30] kauditd_printk_skb: 20 callbacks suppressed
[ 1062.626699][T29685] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1062.630416][   T30] audit: type=1326 audit(1718779268.907:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29929 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efc0a44bf29 code=0x0
[ 1062.757338][  T337] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1062.794905][T29943] loop2: detected capacity change from 0 to 256
[ 1062.801184][  T337] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1062.876829][   T20] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1062.937564][T29941] loop4: detected capacity change from 0 to 40427
[ 1062.952404][T29941] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[ 1062.965599][T29941] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1062.984723][   T20] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1063.025971][T29941] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1063.037038][T29685] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1063.119021][T29685] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1063.135287][T29941] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1063.142313][T29941] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1063.236760][  T302] usb 3-1: new high-speed USB device number 117 using dummy_hcd
[ 1063.456808][   T20] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1063.590068][T29974] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1063.599549][  T302] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1063.613056][  T302] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1063.637463][T29816] attempt to access beyond end of device
[ 1063.637463][T29816] loop4: rw=2049, want=45112, limit=40427
[ 1063.837017][  T302] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1063.927898][  T302] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1063.963127][  T302] usb 3-1: SerialNumber: syz
[ 1064.276759][T29685] usb 4-1: new high-speed USB device number 121 using dummy_hcd
[ 1064.457297][  T302] usb 3-1: 0:2 : does not exist
[ 1064.517073][T29685] usb 4-1: Using ep0 maxpacket: 8
[ 1064.676851][T29685] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1064.689776][T29685] usb 4-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[ 1064.698160][  T302] usb 3-1: USB disconnect, device number 117
[ 1064.698746][T29685] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1064.713378][T29685] usb 4-1: config 0 descriptor??
[ 1064.870448][T29685] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1064.960212][T29685] usb 4-1: USB disconnect, device number 121
[ 1065.177275][T30008] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1065.376934][T30012] loop2: detected capacity change from 0 to 256
[ 1065.697595][T30021] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1066.497636][T30040] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1066.571129][  T331] usb 3-1: new high-speed USB device number 118 using dummy_hcd
[ 1066.936793][  T331] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1066.946781][  T331] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1067.026908][  T331] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1067.051187][  T331] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1067.059216][  T331] usb 3-1: SerialNumber: syz
[ 1067.286109][T30070] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1068.356965][   T30] audit: type=1400 audit(1718779274.407:937): avc:  denied  { setopt } for  pid=30064 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1068.587416][  T331] usb 3-1: 0:2 : does not exist
[ 1068.828122][  T331] usb 3-1: USB disconnect, device number 118
[ 1071.568518][T30179] futex_wake_op: syz-executor.3 tries to shift op by -1; fix this program
[ 1072.133960][T30198] 9pnet: Insufficient options for proto=fd
[ 1072.766951][  T332] usb 3-1: new high-speed USB device number 119 using dummy_hcd
[ 1073.016833][  T332] usb 3-1: Using ep0 maxpacket: 8
[ 1073.024269][T30221] syz-executor.1[30221] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1073.024351][T30221] syz-executor.1[30221] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1073.146849][  T332] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1073.173918][  T332] usb 3-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[ 1073.182802][  T332] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1073.191287][  T332] usb 3-1: config 0 descriptor??
[ 1073.237651][  T332] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1073.446075][  T724] usb 3-1: USB disconnect, device number 119
[ 1074.198429][T30253] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[ 1074.225558][T30253] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1074.886760][T29685] usb 1-1: new high-speed USB device number 125 using dummy_hcd
[ 1075.136813][T29685] usb 1-1: Using ep0 maxpacket: 8
[ 1075.266835][T29685] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1075.279514][T29685] usb 1-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[ 1075.288333][T29685] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1075.301464][T29685] usb 1-1: config 0 descriptor??
[ 1075.357463][T29685] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1075.595600][T29685] usb 1-1: USB disconnect, device number 125
[ 1075.836536][T30295] fuse: Bad value for 'fd'
[ 1075.850423][   T30] audit: type=1326 audit(1718779282.357:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30292 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f186e288f29 code=0x0
[ 1077.475934][ T5924] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1077.927044][T30342] fuse: Bad value for 'fd'
[ 1078.094779][   T30] audit: type=1326 audit(1718779284.447:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30337 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4f99a13f29 code=0x0
[ 1079.036818][  T624] usb 2-1: new high-speed USB device number 126 using dummy_hcd
[ 1079.296929][  T624] usb 2-1: Using ep0 maxpacket: 8
[ 1079.681667][T21774] Bluetooth: hci0: command 0x1003 tx timeout
[ 1079.687627][ T7959] Bluetooth: hci0: sending frame failed (-49)
[ 1079.726792][  T624] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1079.746735][  T624] usb 2-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[ 1079.755595][  T624] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1079.777406][  T624] usb 2-1: config 0 descriptor??
[ 1079.817282][  T624] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 1079.961035][T30366] loop2: detected capacity change from 0 to 40427
[ 1080.007638][T30366] F2FS-fs (loop2): Invalid gid value -1
[ 1080.017780][  T624] usb 2-1: USB disconnect, device number 126
[ 1080.289612][T30378] loop2: detected capacity change from 0 to 512
[ 1081.200690][T30378] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode #
[ 1081.214604][T30378] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117
[ 1081.227383][T30378] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode #
[ 1081.242360][T30378] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117
[ 1081.255093][T30378] EXT4-fs (loop2): 1 orphan inode deleted
[ 1081.260671][T30378] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[ 1081.741103][  T624] Bluetooth: hci0: command 0x1001 tx timeout
[ 1081.747013][ T7959] Bluetooth: hci0: sending frame failed (-49)
[ 1082.316748][  T724] usb 3-1: new high-speed USB device number 120 using dummy_hcd
[ 1082.556761][  T302] usb 1-1: new high-speed USB device number 126 using dummy_hcd
[ 1082.676873][  T724] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1082.686969][  T724] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1082.766907][  T724] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1082.775804][  T724] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1082.783629][  T724] usb 3-1: SerialNumber: syz
[ 1082.806860][  T302] usb 1-1: Using ep0 maxpacket: 8
[ 1082.926851][  T302] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1082.939640][  T302] usb 1-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[ 1082.948690][  T302] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1082.957413][  T302] usb 1-1: config 0 descriptor??
[ 1083.000974][  T302] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1083.047239][  T724] usb 3-1: 0:2 : does not exist
[ 1083.747754][T24997] usb 1-1: USB disconnect, device number 126
[ 1083.850128][  T624] Bluetooth: hci0: command 0x1009 tx timeout
[ 1083.911604][  T724] usb 3-1: USB disconnect, device number 120
[ 1084.619991][T30442] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[ 1084.628999][T30442] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1085.126802][T29685] usb 2-1: new high-speed USB device number 127 using dummy_hcd
[ 1085.726821][T29685] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1085.742805][T29685] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1085.752621][T29685] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1085.761512][T29685] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1085.770181][T29685] usb 2-1: config 0 descriptor??
[ 1086.016762][T20493] usb 5-1: new high-speed USB device number 112 using dummy_hcd
[ 1086.036801][T24997] usb 1-1: new high-speed USB device number 127 using dummy_hcd
[ 1086.296933][T24997] usb 1-1: Using ep0 maxpacket: 8
[ 1086.446942][T20493] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1086.458758][T24997] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1086.472979][T20493] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1086.483057][T24997] usb 1-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[ 1086.492010][T24997] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1086.505475][T24997] usb 1-1: config 0 descriptor??
[ 1086.511732][T29685] usb 2-1: language id specifier not provided by device, defaulting to English
[ 1086.547110][T24997] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1086.556785][T20493] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1086.565657][T20493] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1086.573472][T20493] usb 5-1: SerialNumber: syz
[ 1086.747902][T24997] usb 1-1: USB disconnect, device number 127
[ 1086.837284][T20493] usb 5-1: 0:2 : does not exist
[ 1086.937707][T29685] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.00D4/input/input132
[ 1086.950460][T29685] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.00D4/input/input133
[ 1086.962939][T29685] uclogic 0003:256C:006D.00D4: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.1-1/input0
[ 1087.138441][  T332] usb 2-1: USB disconnect, device number 127
[ 1087.262617][T20493] usb 5-1: USB disconnect, device number 112
[ 1087.692899][T30484] 9pnet: Insufficient options for proto=fd
[ 1088.097676][T30486] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[ 1088.106390][T30486] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1088.251528][T30508] overlayfs: failed to resolve './file1': -2
[ 1088.258106][T30507] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1088.846770][  T331] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 1088.940669][T30522] loop4: detected capacity change from 0 to 40427
[ 1088.998209][T30522] F2FS-fs (loop4): invalid crc value
[ 1089.005473][T30522] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1089.027682][T30522] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0
[ 1089.034398][T30522] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[ 1089.049812][T29816] attempt to access beyond end of device
[ 1089.049812][T29816] loop4: rw=2049, want=45104, limit=40427
[ 1089.216862][  T331] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1089.229385][  T331] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1089.239015][  T331] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1089.248167][  T331] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1089.256575][  T331] usb 1-1: config 0 descriptor??
[ 1089.956839][  T331] usb 1-1: language id specifier not provided by device, defaulting to English
[ 1090.320237][T30545] futex_wake_op: syz-executor.4 tries to shift op by -1; fix this program
[ 1090.387704][  T331] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.00D5/input/input134
[ 1090.410947][  T331] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.00D5/input/input135
[ 1090.423959][  T331] uclogic 0003:256C:006D.00D5: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.0-1/input0
[ 1090.619594][  T724] usb 1-1: USB disconnect, device number 2
[ 1091.733599][T30579] futex_wake_op: syz-executor.1 tries to shift op by -1; fix this program
[ 1091.773474][   T30] audit: type=1400 audit(1718779298.277:940): avc:  denied  { listen } for  pid=30577 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1091.858027][   T30] audit: type=1400 audit(1718779298.297:941): avc:  denied  { accept } for  pid=30577 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1092.596956][  T624] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[ 1092.906854][  T624] usb 2-1: device descriptor read/64, error -71
[ 1093.045662][T30618] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1093.306752][  T624] usb 2-1: device descriptor read/64, error -71
[ 1093.586735][  T624] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[ 1093.886754][  T624] usb 2-1: device descriptor read/64, error -71
[ 1094.642548][  T624] usb 2-1: device descriptor read/64, error -71
[ 1094.818257][  T624] usb usb2-port1: attempt power cycle
[ 1095.322414][T30669] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1095.846753][T30624] usb 5-1: new high-speed USB device number 113 using dummy_hcd
[ 1096.136894][T30624] usb 5-1: device descriptor read/64, error -71
[ 1096.493775][T30705] futex_wake_op: syz-executor.0 tries to shift op by -1; fix this program
[ 1096.566786][T30624] usb 5-1: device descriptor read/64, error -71
[ 1096.726769][T20493] usb 3-1: new high-speed USB device number 121 using dummy_hcd
[ 1096.736040][T30716] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1096.757496][T30717] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1096.836836][T30624] usb 5-1: new high-speed USB device number 114 using dummy_hcd
[ 1097.096834][T20493] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1097.107596][T20493] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1097.117106][T20493] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1097.125951][T20493] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1097.134417][T20493] usb 3-1: config 0 descriptor??
[ 1097.156763][T30624] usb 5-1: device descriptor read/64, error -71
[ 1097.566793][T30624] usb 5-1: device descriptor read/64, error -71
[ 1097.688264][T30624] usb usb5-port1: attempt power cycle
[ 1097.846807][T20493] usb 3-1: language id specifier not provided by device, defaulting to English
[ 1098.106764][T30624] usb 5-1: new high-speed USB device number 115 using dummy_hcd
[ 1098.288160][T20493] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.00D6/input/input136
[ 1098.301090][T20493] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.00D6/input/input137
[ 1098.306825][T30624] usb 5-1: device descriptor read/8, error -71
[ 1098.316767][T20493] uclogic 0003:256C:006D.00D6: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.2-1/input0
[ 1098.502270][  T724] usb 3-1: USB disconnect, device number 121
[ 1098.596775][T30624] usb 5-1: device descriptor read/8, error -71
[ 1098.758199][   T30] audit: type=1326 audit(1718779305.267:942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30759 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7bfba7f29 code=0x7fc00000
[ 1098.782060][   T30] audit: type=1326 audit(1718779305.267:943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30759 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa7bfba7f29 code=0x7fc00000
[ 1099.491701][   T30] audit: type=1326 audit(1718779305.997:944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30759 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7bfba7f29 code=0x7fc00000
[ 1099.557950][T30777] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1099.966763][  T337] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 1100.366829][  T337] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1100.377598][  T337] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1100.387089][  T337] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1100.395951][  T337] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1100.404307][  T337] usb 1-1: config 0 descriptor??
[ 1100.746649][T30813] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1100.807222][   T30] audit: type=1326 audit(1718779307.317:945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30810 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f186e288f29 code=0x7fc00000
[ 1100.831080][   T30] audit: type=1326 audit(1718779307.317:946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30810 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f186e288f29 code=0x7fc00000
[ 1101.266880][  T337] usb 1-1: language id specifier not provided by device, defaulting to English
[ 1101.546816][   T30] audit: type=1326 audit(1718779308.047:947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30810 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f186e288f29 code=0x7fc00000
[ 1101.698007][  T337] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.00D7/input/input138
[ 1101.737586][  T337] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.00D7/input/input139
[ 1101.788842][  T337] uclogic 0003:256C:006D.00D7: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.0-1/input0
[ 1101.898611][T20493] usb 1-1: USB disconnect, device number 3
[ 1101.985832][T30840] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1101.992931][T30840] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1102.000295][T30840] device bridge_slave_0 entered promiscuous mode
[ 1102.009506][T30840] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1102.016361][T30840] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1102.023778][T30840] device bridge_slave_1 entered promiscuous mode
[ 1102.100525][T30840] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1102.107403][T30840] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1102.114507][T30840] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1102.121287][T30840] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1102.150654][T30624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1102.158702][T30624] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1102.166082][T30624] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1102.189172][ T5131] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1102.198539][ T5131] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1102.205392][ T5131] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1102.214171][ T5131] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1102.222867][ T5131] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1102.229725][ T5131] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1102.247677][ T5131] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1102.255587][ T5131] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1102.286160][ T5131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1102.302844][ T5924] device bridge_slave_1 left promiscuous mode
[ 1102.309113][ T5924] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1102.326674][ T5924] device bridge_slave_0 left promiscuous mode
[ 1102.333051][ T5924] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1102.353470][ T5924] device veth1_macvtap left promiscuous mode
[ 1102.461596][T30856] 9pnet: Insufficient options for proto=fd
[ 1102.592840][T30840] device veth0_vlan entered promiscuous mode
[ 1102.600433][T30624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1102.609310][T30624] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1102.616548][T30624] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1102.629043][T30624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1102.852699][T30840] device veth1_macvtap entered promiscuous mode
[ 1102.864238][  T724] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1102.872644][  T724] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1102.892571][  T724] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1102.900998][  T724] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1103.016221][T30877] loop2: detected capacity change from 0 to 40427
[ 1103.058567][T30877] F2FS-fs (loop2): invalid crc value
[ 1103.072037][T30877] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1103.131037][T30877] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[ 1103.138987][T30877] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[ 1103.209964][T30877] attempt to access beyond end of device
[ 1103.209964][T30877] loop2: rw=2049, want=45104, limit=40427
[ 1103.283871][T30888] 9pnet: Insufficient options for proto=fd
[ 1103.636777][  T724] usb 3-1: new high-speed USB device number 122 using dummy_hcd
[ 1104.006787][  T724] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1104.017754][  T724] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1104.027450][  T724] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1104.036504][  T724] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1104.048393][  T724] usb 3-1: config 0 descriptor??
[ 1104.747261][T30922] fuse: Bad value for 'fd'
[ 1104.762397][  T724] usb 3-1: language id specifier not provided by device, defaulting to English
[ 1104.890999][   T30] audit: type=1326 audit(1718779311.267:948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30917 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f186e288f29 code=0x0
[ 1105.208577][  T724] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.00D8/input/input140
[ 1105.221371][  T724] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.00D8/input/input141
[ 1105.233650][  T724] uclogic 0003:256C:006D.00D8: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.2-1/input0
[ 1105.395622][  T331] usb 3-1: USB disconnect, device number 122
[ 1105.790117][T30939] 9pnet: Insufficient options for proto=fd
[ 1105.946773][  T724] usb 5-1: new high-speed USB device number 117 using dummy_hcd
[ 1105.970497][   T30] audit: type=1326 audit(1718779312.477:949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30928 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc0a44bf29 code=0x7fc00000
[ 1105.994478][   T30] audit: type=1326 audit(1718779312.477:950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30928 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efc0a44bf29 code=0x7fc00000
[ 1106.018269][   T30] audit: type=1326 audit(1718779312.477:951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30928 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc0a44bf29 code=0x7fc00000
[ 1106.066900][   T30] audit: type=1326 audit(1718779312.477:952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30928 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc0a44bf29 code=0x7fc00000
[ 1106.102436][   T30] audit: type=1326 audit(1718779312.477:953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30928 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc0a44bf29 code=0x7fc00000
[ 1106.126350][   T30] audit: type=1326 audit(1718779312.477:954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30928 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc0a44bf29 code=0x7fc00000
[ 1106.150580][   T30] audit: type=1326 audit(1718779312.477:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30928 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc0a44bf29 code=0x7fc00000
[ 1106.176376][   T30] audit: type=1326 audit(1718779312.477:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30928 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc0a44bf29 code=0x7fc00000
[ 1106.200221][   T30] audit: type=1326 audit(1718779312.477:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30928 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc0a44bf29 code=0x7fc00000
[ 1106.325288][T30955] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[ 1106.334094][  T724] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1106.344245][T30955] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1106.576626][  T724] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[ 1106.586745][  T724] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1106.594578][  T724] usb 5-1: Product: syz
[ 1106.598560][  T724] usb 5-1: Manufacturer: syz
[ 1106.602991][  T724] usb 5-1: SerialNumber: syz
[ 1106.607988][  T724] usb 5-1: config 0 descriptor??
[ 1106.866870][  T724] snd-usb-audio: probe of 5-1:0.0 failed with error -2
[ 1106.874060][  T724] usb 5-1: USB disconnect, device number 117
[ 1106.936775][   T20] usb 4-1: new high-speed USB device number 122 using dummy_hcd
[ 1107.019690][T30975] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1107.181141][T30981] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1107.316829][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1107.338428][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1107.349018][   T20] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1107.372497][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1107.382096][   T20] usb 4-1: config 0 descriptor??
[ 1107.991444][T31004] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1108.066889][   T20] usb 4-1: language id specifier not provided by device, defaulting to English
[ 1108.075721][  T337] usb 5-1: new high-speed USB device number 118 using dummy_hcd
[ 1108.466856][  T337] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1108.476994][  T337] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1108.527865][   T20] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.00D9/input/input142
[ 1108.540327][   T20] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.00D9/input/input143
[ 1108.552521][   T20] uclogic 0003:256C:006D.00D9: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.3-1/input0
[ 1108.564154][  T337] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1108.573642][  T337] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1108.581467][  T337] usb 5-1: SerialNumber: syz
[ 1108.728185][   T20] usb 4-1: USB disconnect, device number 122
[ 1109.047465][  T337] usb 5-1: 0:2 : does not exist
[ 1109.096759][  T724] usb 3-1: new high-speed USB device number 123 using dummy_hcd
[ 1109.222312][T31029] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1109.287943][  T337] usb 5-1: USB disconnect, device number 118
[ 1109.456837][  T724] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1109.626847][  T724] usb 3-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[ 1109.635748][  T724] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1109.643557][  T724] usb 3-1: Product: syz
[ 1109.647576][  T724] usb 3-1: Manufacturer: syz
[ 1109.651955][  T724] usb 3-1: SerialNumber: syz
[ 1109.657696][  T724] usb 3-1: config 0 descriptor??
[ 1109.917380][  T724] snd-usb-audio: probe of 3-1:0.0 failed with error -2
[ 1109.949902][  T724] usb 3-1: USB disconnect, device number 123
[ 1110.015424][T31043] 9pnet: Insufficient options for proto=fd
[ 1110.036845][T24997] usb 5-1: new high-speed USB device number 119 using dummy_hcd
[ 1110.286905][T24997] usb 5-1: Using ep0 maxpacket: 8
[ 1110.409147][T24997] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1110.431968][T24997] usb 5-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[ 1110.452145][T24997] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1110.460758][T24997] usb 5-1: config 0 descriptor??
[ 1110.497156][T24997] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1110.598048][T31063] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1110.697903][T30624] usb 5-1: USB disconnect, device number 119
[ 1110.746784][   T20] usb 3-1: new high-speed USB device number 124 using dummy_hcd
[ 1110.824281][T31071] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1111.126872][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1111.146761][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1111.156343][   T20] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1111.176729][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1111.185909][   T20] usb 3-1: config 0 descriptor??
[ 1111.476795][  T724] usb 5-1: new high-speed USB device number 120 using dummy_hcd
[ 1111.626237][   T30] kauditd_printk_skb: 59 callbacks suppressed
[ 1111.626251][   T30] audit: type=1326 audit(1718779318.127:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31081 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc0a44bf29 code=0x7fc00000
[ 1111.656074][   T30] audit: type=1326 audit(1718779318.127:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31081 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efc0a44bf29 code=0x7fc00000
[ 1111.786391][T31085] tipc: Failed to remove unknown binding: 66,1,1/0:744649162/744649164
[ 1111.794873][T31085] tipc: Failed to remove unknown binding: 66,1,1/0:744649162/744649164
[ 1111.803424][T31085] tipc: Failed to remove unknown binding: 66,1,1/0:744649162/744649164
[ 1111.857008][  T724] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1111.896833][   T20] usb 3-1: language id specifier not provided by device, defaulting to English
[ 1112.056902][  T724] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[ 1112.067451][  T724] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1112.075426][  T724] usb 5-1: Product: syz
[ 1112.079859][  T724] usb 5-1: Manufacturer: syz
[ 1112.084397][  T724] usb 5-1: SerialNumber: syz
[ 1112.091013][  T724] usb 5-1: config 0 descriptor??
[ 1112.346886][  T724] snd-usb-audio: probe of 5-1:0.0 failed with error -2
[ 1112.348350][   T20] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.00DA/input/input144
[ 1112.354198][  T724] usb 5-1: USB disconnect, device number 120
[ 1112.371263][   T30] audit: type=1326 audit(1718779318.867:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31081 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc0a44bf29 code=0x7fc00000
[ 1112.397654][   T20] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.00DA/input/input145
[ 1112.412930][   T20] uclogic 0003:256C:006D.00DA: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.2-1/input0
[ 1112.556880][T24997] usb 3-1: USB disconnect, device number 124
[ 1113.073548][T31121] 9pnet: Insufficient options for proto=fd
[ 1113.153732][T31127] loop2: detected capacity change from 0 to 256
[ 1113.166044][T31118] loop4: detected capacity change from 0 to 40427
[ 1113.208097][T31118] F2FS-fs (loop4): invalid crc value
[ 1113.214761][T31118] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1113.237937][T31118] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0
[ 1113.244613][T31118] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[ 1113.343365][T31135] attempt to access beyond end of device
[ 1113.343365][T31135] loop4: rw=2049, want=45104, limit=40427
[ 1113.448080][T31136] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1113.966767][T30624] usb 4-1: new high-speed USB device number 123 using dummy_hcd
[ 1114.306778][   T20] usb 3-1: new high-speed USB device number 125 using dummy_hcd
[ 1114.336798][T30624] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1114.536842][T30624] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[ 1114.545762][T30624] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1114.556372][T30624] usb 4-1: Product: syz
[ 1114.560407][T30624] usb 4-1: Manufacturer: syz
[ 1114.564785][T30624] usb 4-1: SerialNumber: syz
[ 1114.570044][T30624] usb 4-1: config 0 descriptor??
[ 1114.666840][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1114.677543][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1114.687211][   T20] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1114.696053][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1114.704377][   T20] usb 3-1: config 0 descriptor??
[ 1114.802762][T31171] loop4: detected capacity change from 0 to 1024
[ 1114.816897][T30624] snd-usb-audio: probe of 4-1:0.0 failed with error -2
[ 1114.824041][T30624] usb 4-1: USB disconnect, device number 123
[ 1114.848147][T31171] EXT4-fs (loop4): Ignoring removed orlov option
[ 1114.854364][T31171] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[ 1114.862576][T31171] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a80ec018, mo2=0002]
[ 1114.870626][T31171] System zones: 0-1, 3-36
[ 1114.875842][T31171] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug,orlov,nomblk_io_submit,block_validity,debug_want_extra_isize=0x0000000000000006,init_itable=0x0000000000000000,usrquota,usrquota,,errors=continue. Quota mode: writeback.
[ 1115.300250][T31183] 9pnet: Insufficient options for proto=fd
[ 1115.406879][   T20] usb 3-1: language id specifier not provided by device, defaulting to English
[ 1115.666743][T30624] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[ 1115.809812][T31203] loop4: detected capacity change from 0 to 1024
[ 1115.827955][T31203] EXT4-fs (loop4): Ignoring removed orlov option
[ 1115.828354][   T20] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.00DB/input/input146
[ 1115.834227][T31203] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[ 1115.847043][   T20] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.00DB/input/input147
[ 1115.854621][T31203] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a80ec018, mo2=0002]
[ 1115.865515][   T20] uclogic 0003:256C:006D.00DB: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.2-1/input0
[ 1115.872589][T31203] System zones: 0-1, 3-36
[ 1115.888879][T31203] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug,orlov,nomblk_io_submit,block_validity,debug_want_extra_isize=0x0000000000000006,init_itable=0x0000000000000000,usrquota,usrquota,,errors=continue. Quota mode: writeback.
[ 1115.946862][T30624] usb 1-1: Using ep0 maxpacket: 8
[ 1116.034575][  T724] usb 3-1: USB disconnect, device number 125
[ 1116.096798][T30624] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1116.109437][T30624] usb 1-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[ 1116.118276][T30624] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1116.127262][T30624] usb 1-1: config 0 descriptor??
[ 1116.141233][T31208] loop4: detected capacity change from 0 to 40427
[ 1116.177319][T30624] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1116.187428][T31208] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[ 1116.193900][T31208] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1116.204703][T31208] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1116.238783][T31208] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1116.245718][T31208] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1116.273124][T31214] 9pnet: Insufficient options for proto=fd
[ 1116.377594][T30624] usb 1-1: USB disconnect, device number 4
[ 1116.912493][T29816] attempt to access beyond end of device
[ 1116.912493][T29816] loop4: rw=524288, want=45072, limit=40427
[ 1116.924735][T29816] attempt to access beyond end of device
[ 1116.924735][T29816] loop4: rw=0, want=45072, limit=40427
[ 1116.945617][ T1076] attempt to access beyond end of device
[ 1116.945617][ T1076] loop4: rw=2049, want=45120, limit=40427
[ 1117.324863][T31247] 9pnet: Insufficient options for proto=fd
[ 1117.386773][T30624] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[ 1117.503998][T31260] fuse: Bad value for 'fd'
[ 1117.517511][   T30] audit: type=1326 audit(1718779324.017:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31250 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efc0a44bf29 code=0x0
[ 1118.131894][T31268] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1118.143182][T31268] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1118.154916][T31268] device bridge_slave_0 entered promiscuous mode
[ 1118.156812][T30624] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1118.166395][T31268] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1118.176731][T30624] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1118.186140][T31268] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1118.196733][T30624] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1118.200105][T31268] device bridge_slave_1 entered promiscuous mode
[ 1118.206340][T30624] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1118.288538][ T5924] device bridge_slave_1 left promiscuous mode
[ 1118.294497][ T5924] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1118.301699][T30624] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1118.310985][T30624] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1118.319187][T30624] usb 1-1: Manufacturer: syz
[ 1118.323844][ T5924] device bridge_slave_0 left promiscuous mode
[ 1118.324330][T30624] usb 1-1: config 0 descriptor??
[ 1118.329948][ T5924] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1118.342421][ T5924] device veth1_macvtap left promiscuous mode
[ 1118.416946][T31268] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1118.423851][T31268] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1118.430945][T31268] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1118.437703][T31268] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1118.468148][  T724] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1118.476003][  T724] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1118.483358][  T724] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1118.492357][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1118.500476][  T624] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1118.507311][  T624] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1118.515813][T24997] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1118.523879][T24997] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1118.530734][T24997] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1118.688788][  T724] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1118.697033][  T724] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1118.714923][  T724] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1118.880744][T31268] device veth0_vlan entered promiscuous mode
[ 1118.904558][T24997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1118.976678][T24997] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1119.024207][T24997] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1119.131083][T24997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1119.139520][T24997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1119.148460][T31268] device veth1_macvtap entered promiscuous mode
[ 1119.157518][T30624] appleir 0003:05AC:8243.00DC: item fetching failed at offset 0/1
[ 1119.160762][T24997] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1119.168478][T30624] appleir 0003:05AC:8243.00DC: parse failed
[ 1119.172959][T24997] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1119.178305][T30624] appleir: probe of 0003:05AC:8243.00DC failed with error -22
[ 1119.186222][T24997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1119.206020][T20493] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1119.214150][T20493] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1119.240942][T31303] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1119.358078][T30624] usb 1-1: USB disconnect, device number 5
[ 1119.416786][   T20] usb 3-1: new high-speed USB device number 126 using dummy_hcd
[ 1119.706821][   T20] usb 3-1: Using ep0 maxpacket: 8
[ 1119.866852][   T20] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1119.879601][   T20] usb 3-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[ 1119.888524][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1119.897041][   T20] usb 3-1: config 0 descriptor??
[ 1119.947408][   T20] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1120.147833][ T5131] usb 3-1: USB disconnect, device number 126
[ 1120.627737][T31340] fuse: Bad value for 'fd'
[ 1120.696841][   T30] audit: type=1326 audit(1718779327.147:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31337 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efc0a44bf29 code=0x0
[ 1121.276904][ T5131] usb 3-1: new high-speed USB device number 127 using dummy_hcd
[ 1121.706854][ T5131] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1121.717724][ T5131] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1121.728744][ T5131] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1121.738402][ T5131] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1121.871326][   T30] audit: type=1326 audit(1718779328.377:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31371 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efc0a44bf29 code=0x0
[ 1121.896845][T20493] usb 4-1: new high-speed USB device number 124 using dummy_hcd
[ 1121.964417][ T5131] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1121.973362][ T5131] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1121.981800][ T5131] usb 3-1: Manufacturer: syz
[ 1121.987254][ T5131] usb 3-1: config 0 descriptor??
[ 1122.256880][T20493] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1122.269818][T20493] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1122.279467][T20493] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1122.288292][T20493] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1122.296969][T20493] usb 4-1: config 0 descriptor??
[ 1122.336789][  T724] usb 5-1: new high-speed USB device number 121 using dummy_hcd
[ 1122.477625][ T5131] appleir 0003:05AC:8243.00DD: item fetching failed at offset 0/1
[ 1122.485926][ T5131] appleir 0003:05AC:8243.00DD: parse failed
[ 1122.491817][ T5131] appleir: probe of 0003:05AC:8243.00DD failed with error -22
[ 1122.576778][  T724] usb 5-1: Using ep0 maxpacket: 8
[ 1122.677830][ T5131] usb 3-1: USB disconnect, device number 127
[ 1122.696825][  T724] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1122.715477][  T724] usb 5-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[ 1122.724547][  T724] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1122.733039][  T724] usb 5-1: config 0 descriptor??
[ 1122.777928][  T724] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1122.977822][  T331] usb 5-1: USB disconnect, device number 121
[ 1122.996796][T20493] usb 4-1: language id specifier not provided by device, defaulting to English
[ 1123.395943][T31398] loop2: detected capacity change from 0 to 40427
[ 1123.443562][T20493] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.00DE/input/input148
[ 1123.513449][T31398] F2FS-fs (loop2): invalid crc value
[ 1123.565468][T20493] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.00DE/input/input149
[ 1123.628249][T31398] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1123.650968][T20493] uclogic 0003:256C:006D.00DE: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.3-1/input0
[ 1123.663609][T20493] usb 4-1: USB disconnect, device number 124
[ 1123.674378][T31398] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1123.691601][T31398] attempt to access beyond end of device
[ 1123.691601][T31398] loop2: rw=2049, want=45104, limit=40427
[ 1123.708785][T30840] attempt to access beyond end of device
[ 1123.708785][T30840] loop2: rw=2049, want=45112, limit=40427
[ 1124.077117][T31417] loop2: detected capacity change from 0 to 128
[ 1124.117647][T31417] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1124.124350][T31417] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1124.136577][T31417] EXT4-fs (loop2): can't mount with journal_checksum, fs mounted w/o journal
[ 1124.219530][T31417] loop2: detected capacity change from 0 to 512
[ 1124.269932][T31417] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[ 1124.540936][   T30] audit: type=1326 audit(1718779331.047:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31416 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f04df30ef29 code=0x0
[ 1124.725336][T31437] 9pnet: p9_errstr2errno: server reported unknown error 
[ 1125.211503][T31455] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1125.456755][ T5131] usb 5-1: new high-speed USB device number 122 using dummy_hcd
[ 1125.652386][T31462] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1125.659335][T31462] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1125.666468][T31462] device bridge_slave_0 entered promiscuous mode
[ 1125.673235][T31462] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1125.680217][T31462] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1125.687540][T31462] device bridge_slave_1 entered promiscuous mode
[ 1125.733171][T31462] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1125.740038][T31462] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1125.747148][T31462] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1125.753901][T31462] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1125.776381][T30624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1125.784272][T30624] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1125.791731][T30624] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1125.807752][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1125.815715][  T331] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1125.822550][  T331] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1125.830030][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1125.838004][  T331] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1125.844822][  T331] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1125.846832][ T5131] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1125.852111][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1125.862672][ T5131] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1125.879761][ T5131] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1125.887005][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1125.896192][ T5131] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1125.905089][ T5131] usb 5-1: config 0 descriptor??
[ 1125.916118][T31462] device veth0_vlan entered promiscuous mode
[ 1125.922437][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1125.930861][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1125.938891][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1125.946182][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1125.963290][T31462] device veth1_macvtap entered promiscuous mode
[ 1125.971776][T30624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1126.016835][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1126.028730][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1126.119392][T31475] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1126.147587][T31475] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1126.176959][T31475] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1126.355389][ T5924] device bridge_slave_1 left promiscuous mode
[ 1126.367414][ T5924] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1126.380445][ T5924] device bridge_slave_0 left promiscuous mode
[ 1126.391766][ T5924] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1126.408619][ T5924] device veth1_macvtap left promiscuous mode
[ 1126.788227][ T5131] usb 5-1: language id specifier not provided by device, defaulting to English
[ 1127.103187][ T5131] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.00DF/input/input150
[ 1127.116615][ T5131] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.00DF/input/input151
[ 1127.128895][ T5131] uclogic 0003:256C:006D.00DF: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.4-1/input0
[ 1127.268965][ T5131] usb 5-1: USB disconnect, device number 122
[ 1127.409895][T31496] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1127.416970][T31496] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1127.424306][T31496] device bridge_slave_0 entered promiscuous mode
[ 1127.431209][T31496] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1127.438217][T31496] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1127.445540][T31496] device bridge_slave_1 entered promiscuous mode
[ 1127.492521][T31496] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1127.499411][T31496] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1127.506519][T31496] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1127.513292][T31496] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1127.536590][  T724] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1127.543987][  T724] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1127.551107][  T724] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1127.562610][ T5131] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1127.571033][ T5131] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1127.578011][ T5131] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1127.587081][  T724] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1127.595150][  T724] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1127.602015][  T724] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1127.624290][T31496] device veth0_vlan entered promiscuous mode
[ 1127.631442][T20493] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1127.640058][T20493] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1127.648728][T20493] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1127.655943][T20493] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1127.663353][T20493] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1127.671193][T20493] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1127.685578][ T5131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1127.694717][T31496] device veth1_macvtap entered promiscuous mode
[ 1127.704138][T20493] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1127.716965][ T5131] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1127.789489][T31507] loop4: detected capacity change from 0 to 1024
[ 1127.809596][T31507] EXT4-fs (loop4): Ignoring removed orlov option
[ 1127.815796][T31507] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[ 1127.824370][T31507] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a80ec018, mo2=0002]
[ 1127.832520][T31507] System zones: 0-1, 3-36
[ 1127.838178][T31507] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug,orlov,nomblk_io_submit,block_validity,debug_want_extra_isize=0x0000000000000006,init_itable=0x0000000000000000,usrquota,usrquota,,errors=continue. Quota mode: writeback.
[ 1127.861599][ T5924] device bridge_slave_1 left promiscuous mode
[ 1127.871644][ T5924] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1127.879346][ T5924] device bridge_slave_0 left promiscuous mode
[ 1127.885366][ T5924] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1127.893656][ T5924] device veth1_macvtap left promiscuous mode
[ 1127.899616][ T5924] device veth0_vlan left promiscuous mode
[ 1128.139727][T31514] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1128.163360][T31513] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1128.173136][T31513] device gretap0 entered promiscuous mode
[ 1129.086774][T20493] Bluetooth: hci0: command 0x1003 tx timeout
[ 1129.092701][ T7959] Bluetooth: hci0: sending frame failed (-49)
[ 1129.144702][T31538] loop4: detected capacity change from 0 to 128
[ 1129.177617][T31538] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1129.184333][T31538] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1129.196871][T31538] EXT4-fs (loop4): can't mount with journal_checksum, fs mounted w/o journal
[ 1129.272332][T31538] loop4: detected capacity change from 0 to 512
[ 1129.299429][T31538] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[ 1129.361213][T31540] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1129.368275][T31540] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1129.375598][T31540] device bridge_slave_0 entered promiscuous mode
[ 1129.382973][T31540] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1129.390098][T31540] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1129.397656][T31540] device bridge_slave_1 entered promiscuous mode
[ 1129.464409][T31540] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1129.471293][T31540] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1129.478375][T31540] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1129.485157][T31540] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1129.864662][T31547] fuse: Bad value for 'fd'
[ 1129.906857][   T30] audit: type=1326 audit(1718779336.387:1024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31537 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6a3492bf29 code=0x0
[ 1129.969251][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1129.976671][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1129.986296][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1130.003265][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1130.011428][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1130.019339][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1130.027358][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1130.074419][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1130.082937][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1130.279969][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1130.287828][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1130.295606][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1130.302921][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1130.454921][T31540] device veth0_vlan entered promiscuous mode
[ 1130.467354][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1130.475430][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1130.493118][T31540] device veth1_macvtap entered promiscuous mode
[ 1130.504426][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1130.512547][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1130.520742][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1130.541936][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1130.551723][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1130.609799][   T10] device bridge_slave_1 left promiscuous mode
[ 1130.618238][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1130.627966][   T10] device bridge_slave_0 left promiscuous mode
[ 1130.664290][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1130.677052][   T10] device veth1_macvtap left promiscuous mode
[ 1130.683388][   T10] device veth0_vlan left promiscuous mode
[ 1130.998007][T31583] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1132.638697][  T331] Bluetooth: hci0: command 0x1001 tx timeout
[ 1132.644573][ T7959] Bluetooth: hci0: sending frame failed (-49)
[ 1133.185872][T31599] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1133.193035][T31599] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1133.200352][T31599] device bridge_slave_0 entered promiscuous mode
[ 1133.209903][T31599] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1133.221974][T31599] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1133.233484][T31599] device bridge_slave_1 entered promiscuous mode
[ 1133.327947][T31599] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1133.334813][T31599] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1133.341950][T31599] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1133.348715][T31599] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1133.376592][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1133.384772][   T20] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1133.392129][   T20] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1133.410281][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1133.419253][  T624] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1133.426119][  T624] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1133.433601][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1133.442741][  T624] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1133.449603][  T624] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1133.470493][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1133.478706][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1133.493109][T31599] device veth0_vlan entered promiscuous mode
[ 1133.501173][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1133.510221][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1133.517595][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1133.546292][  T624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1133.566286][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1133.643147][T31599] device veth1_macvtap entered promiscuous mode
[ 1133.681121][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1133.735376][  T724] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1133.757755][   T10] device bridge_slave_1 left promiscuous mode
[ 1133.764167][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1133.771736][   T10] device bridge_slave_0 left promiscuous mode
[ 1133.778071][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1133.786056][   T10] device veth1_macvtap left promiscuous mode
[ 1133.826752][T24997] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[ 1134.186846][T24997] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[ 1134.196375][T24997] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[ 1134.357602][T24997] usb 2-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[ 1134.366522][T24997] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1134.374293][T24997] usb 2-1: Product: syz
[ 1134.378300][T24997] usb 2-1: Manufacturer: syz
[ 1134.382677][T24997] usb 2-1: SerialNumber: syz
[ 1134.387646][T24997] usb 2-1: config 0 descriptor??
[ 1134.421920][T31620] loop2: detected capacity change from 0 to 256
[ 1134.596771][   T20] usb 5-1: new high-speed USB device number 123 using dummy_hcd
[ 1134.716651][T31624] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1134.726050][  T337] Bluetooth: hci0: command 0x1009 tx timeout
[ 1134.747938][T24997] snd-usb-audio: probe of 2-1:0.0 failed with error -12
[ 1134.756873][T24997] usb 2-1: USB disconnect, device number 5
[ 1135.736852][   T20] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1135.747006][   T20] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1135.755822][   T20] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1135.767231][   T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1135.775852][   T20] usb 5-1: config 0 descriptor??
[ 1135.927345][T31648] tmpfs: Unknown parameter ''
[ 1137.328284][  T337] usb 5-1: USB disconnect, device number 123
[ 1137.386631][T31672] loop4: detected capacity change from 0 to 1024
[ 1137.419724][T31672] EXT4-fs (loop4): Ignoring removed orlov option
[ 1137.427713][T31672] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[ 1137.448454][T31672] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a80ec018, mo2=0002]
[ 1137.451015][T31675] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1137.456803][T31672] System zones: 0-1, 3-36
[ 1137.480345][T31672] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug,orlov,nomblk_io_submit,block_validity,debug_want_extra_isize=0x0000000000000006,init_itable=0x0000000000000000,usrquota,usrquota,,errors=continue. Quota mode: writeback.
[ 1137.992823][T31691] loop2: detected capacity change from 0 to 256
[ 1138.247127][T31693] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1139.423636][T31707] loop4: detected capacity change from 0 to 40427
[ 1139.462419][T31715] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1139.478386][T31707] F2FS-fs (loop4): invalid crc value
[ 1139.498647][T31707] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1139.506809][  T331] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[ 1139.544012][T31707] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0
[ 1139.556950][T31707] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[ 1139.636771][   T42] usb 4-1: new high-speed USB device number 125 using dummy_hcd
[ 1139.659370][T31720] attempt to access beyond end of device
[ 1139.659370][T31720] loop4: rw=2049, want=45104, limit=40427
[ 1139.876817][  T331] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1139.886787][   T42] usb 4-1: Using ep0 maxpacket: 8
[ 1139.891638][  T331] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1139.900506][  T331] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1139.909364][  T331] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1139.917687][  T331] usb 3-1: config 0 descriptor??
[ 1140.006836][   T42] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1140.019766][   T42] usb 4-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[ 1140.028532][   T42] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1140.036917][   T42] usb 4-1: config 0 descriptor??
[ 1140.077123][   T42] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1140.282194][  T331] usb 4-1: USB disconnect, device number 125
[ 1140.392013][T31732] loop4: detected capacity change from 0 to 256
[ 1140.654065][T31735] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1141.087356][  T331] Bluetooth: hci0: command 0x1003 tx timeout
[ 1141.093720][ T7959] Bluetooth: hci0: sending frame failed (-49)
[ 1141.553468][T31765] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1142.184957][T31775] loop4: detected capacity change from 0 to 1024
[ 1142.192597][  T331] usb 3-1: USB disconnect, device number 2
[ 1142.204362][T31777] loop2: detected capacity change from 0 to 256
[ 1142.207599][T31775] EXT4-fs (loop4): Ignoring removed orlov option
[ 1142.216622][T31775] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[ 1142.224969][T31775] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a80ec018, mo2=0002]
[ 1142.233125][T31775] System zones: 0-1, 3-36
[ 1142.238343][T31775] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug,orlov,nomblk_io_submit,block_validity,debug_want_extra_isize=0x0000000000000006,init_itable=0x0000000000000000,usrquota,usrquota,,errors=continue. Quota mode: writeback.
[ 1142.351750][T31793] loop4: detected capacity change from 0 to 512
[ 1142.407495][T31793] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1142.456128][T31793] EXT4-fs (loop4): failed to initialize system zone (-117)
[ 1142.498068][T31799] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1142.507406][T31793] EXT4-fs (loop4): mount failed
[ 1143.166781][  T331] Bluetooth: hci0: command 0x1001 tx timeout
[ 1143.172664][ T7959] Bluetooth: hci0: sending frame failed (-49)
[ 1143.601102][T31817] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1144.000970][T31824] loop2: detected capacity change from 0 to 1024
[ 1144.038799][T31824] EXT4-fs (loop2): Ignoring removed orlov option
[ 1144.045026][T31824] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[ 1144.067245][T31824] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a80ec018, mo2=0002]
[ 1144.078438][T31824] System zones: 0-1, 3-36
[ 1144.083638][T31824] EXT4-fs (loop2): mounted filesystem without journal. Opts: debug,orlov,nomblk_io_submit,block_validity,debug_want_extra_isize=0x0000000000000006,init_itable=0x0000000000000000,usrquota,usrquota,,errors=continue. Quota mode: writeback.
[ 1145.144091][T31865] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1145.246757][ T3442] Bluetooth: hci0: command 0x1009 tx timeout
[ 1146.030481][T31872] loop2: detected capacity change from 0 to 1024
[ 1146.082869][T31872] EXT4-fs (loop2): Ignoring removed orlov option
[ 1146.089268][T31872] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[ 1146.098486][T31872] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a80ec018, mo2=0002]
[ 1146.106593][T31872] System zones: 0-1, 3-36
[ 1146.112008][T31872] EXT4-fs (loop2): mounted filesystem without journal. Opts: debug,orlov,nomblk_io_submit,block_validity,debug_want_extra_isize=0x0000000000000006,init_itable=0x0000000000000000,usrquota,usrquota,,errors=continue. Quota mode: writeback.
[ 1147.232123][T31916] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1147.365997][T31922] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[ 1147.386758][T31922] overlayfs: missing 'lowerdir'
[ 1149.665876][T31978] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1150.474686][T32000] fuse: Bad value for 'fd'
[ 1150.480284][   T30] audit: type=1326 audit(1718779356.987:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31994 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4f99a13f29 code=0x0
[ 1150.716804][ T3442] usb 4-1: new high-speed USB device number 126 using dummy_hcd
[ 1150.828617][T32005] loop4: detected capacity change from 0 to 256
[ 1151.027166][ T3442] usb 4-1: Using ep0 maxpacket: 8
[ 1151.147205][T32011] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1151.175056][ T3442] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1151.191495][ T3442] usb 4-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[ 1151.202423][ T3442] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1151.211623][ T3442] usb 4-1: config 0 descriptor??
[ 1151.257276][ T3442] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1151.458535][T29685] usb 4-1: USB disconnect, device number 126
[ 1152.116750][ T3442] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[ 1152.378920][T32048] loop4: detected capacity change from 0 to 128
[ 1152.389060][T32041] overlayfs: missing 'lowerdir'
[ 1152.408046][T32048] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1152.419223][T32048] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1152.431668][T32048] EXT4-fs (loop4): can't mount with journal_checksum, fs mounted w/o journal
[ 1152.492127][T32048] loop4: detected capacity change from 0 to 512
[ 1152.517293][ T3442] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1152.533359][ T3442] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1152.549477][ T3442] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1152.558567][T32048] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[ 1152.559736][ T3442] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1152.590724][ T3442] usb 2-1: config 0 descriptor??
[ 1152.734407][T32065] loop2: detected capacity change from 0 to 40427
[ 1152.741589][T32066] fuse: Bad value for 'fd'
[ 1152.747142][   T30] audit: type=1326 audit(1718779359.257:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32047 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6a3492bf29 code=0x0
[ 1152.798152][T32065] F2FS-fs (loop2): Small segment_count (9 < 1 * 24)
[ 1152.804763][T32065] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1152.859990][T32065] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1152.909059][T32065] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1152.916028][T32065] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1153.300805][ T3442] usb 2-1: language id specifier not provided by device, defaulting to English
[ 1153.585654][T31540] attempt to access beyond end of device
[ 1153.585654][T31540] loop2: rw=524288, want=45072, limit=40427
[ 1153.597307][T31540] attempt to access beyond end of device
[ 1153.597307][T31540] loop2: rw=0, want=45072, limit=40427
[ 1153.621815][ T1076] attempt to access beyond end of device
[ 1153.621815][ T1076] loop2: rw=2049, want=41056, limit=40427
[ 1153.746810][ T3442] uclogic 0003:256C:006D.00E0: failed retrieving string descriptor #200: -71
[ 1153.758627][ T3442] uclogic 0003:256C:006D.00E0: failed retrieving pen parameters: -71
[ 1153.773802][ T3442] uclogic 0003:256C:006D.00E0: failed probing pen v2 parameters: -71
[ 1153.787946][ T3442] uclogic 0003:256C:006D.00E0: failed probing parameters: -71
[ 1153.801488][ T3442] uclogic: probe of 0003:256C:006D.00E0 failed with error -71
[ 1153.818327][ T3442] usb 2-1: USB disconnect, device number 6
[ 1154.015562][T32093] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1154.026841][T32093] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1154.037258][T32093] device bridge_slave_0 entered promiscuous mode
[ 1154.047204][T32093] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1154.054196][T32093] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1154.061898][T32093] device bridge_slave_1 entered promiscuous mode
[ 1154.225259][T32093] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1154.232175][T32093] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1154.239292][T32093] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1154.246131][T32093] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1154.334781][T29685] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1154.343553][T29685] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1154.351041][T29685] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1154.359809][ T1076] device bridge_slave_1 left promiscuous mode
[ 1154.366048][ T1076] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1154.380532][ T1076] device bridge_slave_0 left promiscuous mode
[ 1154.394284][ T1076] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1154.409702][ T1076] device veth1_macvtap left promiscuous mode
[ 1154.422679][ T1076] device veth0_vlan left promiscuous mode
[ 1154.449026][T32110] loop4: detected capacity change from 0 to 40427
[ 1154.477554][T32110] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[ 1154.486185][T32110] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1154.514889][T32110] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1154.567513][T32110] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1154.574496][T32110] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1154.602283][ T5131] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1154.610787][ T5131] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1154.617689][ T5131] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1154.635577][T29685] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1154.643588][T29685] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1154.650467][T29685] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1154.660783][T29685] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1154.668748][T29685] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1154.682426][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1154.690550][T24997] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[ 1154.698615][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1154.711863][T32093] device veth0_vlan entered promiscuous mode
[ 1154.720925][ T3442] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1154.730365][ T3442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1154.745195][T32093] device veth1_macvtap entered promiscuous mode
[ 1154.752337][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1154.760393][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1154.768011][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1154.776058][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1154.784777][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1154.836495][T29685] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1154.845680][T29685] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1154.857193][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1154.865548][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1155.056796][T24997] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1155.065102][T31268] attempt to access beyond end of device
[ 1155.065102][T31268] loop4: rw=524288, want=45072, limit=40427
[ 1155.077009][T24997] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1155.078324][T31268] attempt to access beyond end of device
[ 1155.078324][T31268] loop4: rw=0, want=45072, limit=40427
[ 1155.108133][ T1076] attempt to access beyond end of device
[ 1155.108133][ T1076] loop4: rw=2049, want=41056, limit=40427
[ 1155.172383][T24997] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1155.183076][T32126] overlayfs: missing 'lowerdir'
[ 1155.196932][T24997] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1155.204762][T24997] usb 2-1: SerialNumber: syz
[ 1155.517588][T24997] usb 2-1: 0:2 : does not exist
[ 1155.659625][T32143] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1155.666534][T32143] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1155.673955][T32143] device bridge_slave_0 entered promiscuous mode
[ 1155.685332][T32143] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1155.692358][T32143] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1155.699930][T32143] device bridge_slave_1 entered promiscuous mode
[ 1155.726881][  T337] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[ 1155.824512][T24997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1155.832916][T24997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1155.841071][ T1076] device bridge_slave_1 left promiscuous mode
[ 1155.847271][ T1076] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1155.855048][ T1076] device bridge_slave_0 left promiscuous mode
[ 1155.861514][ T1076] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1155.869962][ T1076] device veth1_macvtap left promiscuous mode
[ 1155.875825][ T1076] device veth0_vlan left promiscuous mode
[ 1155.939190][T21774] usb 2-1: USB disconnect, device number 7
[ 1156.019953][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1156.029174][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1156.037232][  T331] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1156.044083][  T331] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1156.051627][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1156.061749][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1156.069992][  T331] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1156.076871][  T331] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1156.084211][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1156.099659][T29685] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1156.111573][T30624] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1156.119330][  T337] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1156.136567][  T337] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1156.152633][T32143] device veth0_vlan entered promiscuous mode
[ 1156.158774][  T337] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1156.176033][  T337] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1156.184965][T32143] device veth1_macvtap entered promiscuous mode
[ 1156.192825][  T337] usb 1-1: config 0 descriptor??
[ 1156.204304][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1156.213952][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1156.223097][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1156.231122][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1156.239281][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1156.247138][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1156.263235][T29685] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1156.299501][T32157] 9pnet: p9_errstr2errno: server reported unknown error 
[ 1156.653160][T32169] loop2: detected capacity change from 0 to 40427
[ 1156.707808][T32169] F2FS-fs (loop2): Small segment_count (9 < 1 * 24)
[ 1156.714408][T32169] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1156.816886][  T302] usb 5-1: new high-speed USB device number 124 using dummy_hcd
[ 1156.915266][T32169] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1156.988696][  T337] usb 1-1: language id specifier not provided by device, defaulting to English
[ 1156.999389][T32169] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1157.006262][T32169] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1157.066792][  T302] usb 5-1: Using ep0 maxpacket: 8
[ 1157.186789][  T302] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1157.199899][  T302] usb 5-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[ 1157.208964][  T302] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1157.220262][  T302] usb 5-1: config 0 descriptor??
[ 1157.225761][T32189] 9pnet: p9_errstr2errno: server reported unknown error 
[ 1157.257430][  T302] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1157.316832][  T337] uclogic 0003:256C:006D.00E1: failed retrieving string descriptor #200: -71
[ 1157.327235][  T337] uclogic 0003:256C:006D.00E1: failed retrieving pen parameters: -71
[ 1157.335289][  T337] uclogic 0003:256C:006D.00E1: failed probing pen v2 parameters: -71
[ 1157.366581][  T337] uclogic 0003:256C:006D.00E1: failed probing parameters: -71
[ 1157.381486][  T337] uclogic: probe of 0003:256C:006D.00E1 failed with error -71
[ 1157.389751][  T337] usb 1-1: USB disconnect, device number 6
[ 1157.397047][T32093] attempt to access beyond end of device
[ 1157.397047][T32093] loop2: rw=524288, want=45072, limit=40427
[ 1157.409757][T32093] attempt to access beyond end of device
[ 1157.409757][T32093] loop2: rw=0, want=45072, limit=40427
[ 1157.438444][   T10] attempt to access beyond end of device
[ 1157.438444][   T10] loop2: rw=2049, want=41056, limit=40427
[ 1157.484792][T24997] usb 5-1: USB disconnect, device number 124
[ 1157.756109][T32204] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1157.766904][T32204] device gretap0 entered promiscuous mode
[ 1157.782419][T32204] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1157.791993][T32204] 0ªX¹¦D: renamed from gretap0
[ 1157.800118][T32204] device 
30ªX¹¦D left promiscuous mode
[ 1157.808037][T32204] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[ 1158.061404][T32208] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1158.068780][T32208] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1158.076119][T32208] device bridge_slave_0 entered promiscuous mode
[ 1158.120526][T32208] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1158.146166][T32208] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1158.167730][T32208] device bridge_slave_1 entered promiscuous mode
[ 1158.298787][   T10] device bridge_slave_1 left promiscuous mode
[ 1158.305086][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1158.312705][   T10] device bridge_slave_0 left promiscuous mode
[ 1158.318827][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1158.327052][   T10] device veth1_macvtap left promiscuous mode
[ 1158.332932][   T10] device veth0_vlan left promiscuous mode
[ 1158.491672][T32208] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1158.498591][T32208] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1158.505656][T32208] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1158.512433][T32208] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1158.536134][T24997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1158.543600][T24997] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1158.551131][T24997] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1158.560410][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1158.568816][T21774] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1158.575658][T21774] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1158.790113][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1158.799618][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1158.807847][T21774] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1158.814729][T21774] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1158.834944][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1158.843133][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1158.851191][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1158.873709][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1159.094481][ T5131] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1159.103056][ T5131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1159.115038][T32208] device veth0_vlan entered promiscuous mode
[ 1159.128779][T32208] device veth1_macvtap entered promiscuous mode
[ 1159.135981][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1159.382422][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1159.386796][  T331] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[ 1159.390373][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1159.405132][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1159.413081][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1159.420873][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1159.428225][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1159.441491][T24997] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1159.450081][T24997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1159.470424][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1159.485275][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1159.667365][T32245] loop2: detected capacity change from 0 to 40427
[ 1159.687545][T32245] F2FS-fs (loop2): Invalid gid value -1
[ 1159.799983][  T331] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1159.811997][T32249] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1159.818938][  T331] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1159.819313][T32249] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1159.835871][T32249] device bridge_slave_0 entered promiscuous mode
[ 1159.835999][  T331] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1159.854203][T32249] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1159.861298][T32249] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1159.866750][  T331] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1159.868697][T32249] device bridge_slave_1 entered promiscuous mode
[ 1159.920425][  T331] usb 2-1: config 0 descriptor??
[ 1160.074584][T32254] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1160.084309][T32254] device 
30ªX¹¦D entered promiscuous mode
[ 1160.173715][T32245] loop2: detected capacity change from 0 to 512
[ 1160.236290][T32249] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1160.236287][T32245] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode #
[ 1160.236462][T32245] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117
[ 1160.243180][T32249] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1160.243292][T32249] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1160.282833][T32249] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1160.299632][T32245] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode #
[ 1160.341397][T32245] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117
[ 1160.364144][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1160.374119][  T302] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1160.394734][  T302] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1160.404442][T32245] EXT4-fs (loop2): 1 orphan inode deleted
[ 1160.430470][  T724] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1160.438666][T32245] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[ 1160.463885][  T724] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1160.470753][  T724] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1160.604843][  T724] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1160.613053][  T724] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1160.619922][  T724] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1160.627195][  T331] usb 2-1: language id specifier not provided by device, defaulting to English
[ 1160.666967][  T724] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1160.675195][  T724] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1160.706609][T32249] device veth0_vlan entered promiscuous mode
[ 1160.715032][T24997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1160.723350][T24997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1160.731421][T24997] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1160.738800][T24997] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1160.760077][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1160.769789][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1160.779065][   T10] device bridge_slave_1 left promiscuous mode
[ 1160.785457][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1160.792935][   T10] device bridge_slave_0 left promiscuous mode
[ 1160.799213][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1160.807585][   T10] device veth1_macvtap left promiscuous mode
[ 1160.909860][T32249] device veth1_macvtap entered promiscuous mode
[ 1160.916195][   T30] audit: type=1326 audit(1718779367.417:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32277 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7711380f29 code=0x7fc00000
[ 1160.945455][ T5131] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1160.950689][   T30] audit: type=1326 audit(1718779367.447:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32277 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7711380f29 code=0x7fc00000
[ 1160.954021][ T5131] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1160.984656][ T5131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1160.992933][ T5131] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1161.002124][ T5131] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1161.066784][  T331] uclogic 0003:256C:006D.00E2: failed retrieving string descriptor #200: -71
[ 1161.075530][  T331] uclogic 0003:256C:006D.00E2: failed retrieving pen parameters: -71
[ 1161.083547][  T331] uclogic 0003:256C:006D.00E2: failed probing pen v2 parameters: -71
[ 1161.091893][  T331] uclogic 0003:256C:006D.00E2: failed probing parameters: -71
[ 1161.099282][  T331] uclogic: probe of 0003:256C:006D.00E2 failed with error -71
[ 1161.109302][  T331] usb 2-1: USB disconnect, device number 8
[ 1161.296768][ T5131] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[ 1161.635081][   T30] audit: type=1326 audit(1718779368.137:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32277 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7711380f29 code=0x7fc00000
[ 1161.697907][ T5131] usb 1-1: Using ep0 maxpacket: 8
[ 1161.886818][  T302] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[ 1162.048009][ T5131] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1162.066808][ T5131] usb 1-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[ 1162.076736][ T5131] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1162.088840][ T5131] usb 1-1: config 0 descriptor??
[ 1162.138100][ T5131] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1162.277046][  T302] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1162.287186][  T302] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1162.300030][T32301] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1162.306922][T32301] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1162.314109][T32301] device bridge_slave_0 entered promiscuous mode
[ 1162.323259][T32301] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1162.330190][T32301] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1162.337310][T32301] device bridge_slave_1 entered promiscuous mode
[ 1162.343831][ T5131] usb 1-1: USB disconnect, device number 7
[ 1162.366939][  T302] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1162.375994][  T302] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1162.383806][  T302] usb 3-1: SerialNumber: syz
[ 1162.408683][T32301] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1162.415552][T32301] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1162.422646][T32301] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1162.429422][T32301] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1162.458649][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1162.466364][T21774] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1162.473676][T21774] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1162.502002][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1162.510370][  T337] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1162.517228][  T337] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1162.525005][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1162.533521][  T337] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1162.540386][  T337] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1162.547915][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1162.555760][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1162.574647][T32301] device veth0_vlan entered promiscuous mode
[ 1162.584474][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1162.593241][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1162.601132][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1162.609048][T21774] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1162.623506][T32301] device veth1_macvtap entered promiscuous mode
[ 1162.634741][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1162.648290][  T302] usb 3-1: 0:2 : does not exist
[ 1162.648337][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1162.675272][ T5131] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1162.705815][   T10] device bridge_slave_1 left promiscuous mode
[ 1162.712338][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1162.731265][   T10] device bridge_slave_0 left promiscuous mode
[ 1162.750135][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1162.763394][   T10] device veth1_macvtap left promiscuous mode
[ 1162.769738][   T10] device veth0_vlan left promiscuous mode
[ 1163.056761][T24997] usb 5-1: new high-speed USB device number 125 using dummy_hcd
[ 1163.072511][  T724] usb 3-1: USB disconnect, device number 3
[ 1163.108008][T32332] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1163.118748][T32333] tmpfs: Bad value for 'huge'
[ 1163.416807][T24997] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1163.427622][T24997] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1163.437785][T24997] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1163.446532][T24997] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1163.454876][T24997] usb 5-1: config 0 descriptor??
[ 1164.156832][T24997] usb 5-1: language id specifier not provided by device, defaulting to English
[ 1164.276744][  T337] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[ 1164.471495][T32347] loop2: detected capacity change from 0 to 1024
[ 1164.527749][T32347] EXT4-fs (loop2): Ignoring removed orlov option
[ 1164.533971][T32347] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[ 1164.542251][T32347] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a80ec018, mo2=0002]
[ 1164.550221][  T337] usb 1-1: Using ep0 maxpacket: 8
[ 1164.550241][T32347] System zones: 0-1, 3-36
[ 1164.560344][T32347] EXT4-fs (loop2): mounted filesystem without journal. Opts: debug,orlov,nomblk_io_submit,block_validity,debug_want_extra_isize=0x0000000000000006,init_itable=0x0000000000000000,usrquota,usrquota,,errors=continue. Quota mode: writeback.
[ 1164.596778][T24997] uclogic 0003:256C:006D.00E3: failed retrieving string descriptor #200: -71
[ 1164.605561][T24997] uclogic 0003:256C:006D.00E3: failed retrieving pen parameters: -71
[ 1164.613613][T24997] uclogic 0003:256C:006D.00E3: failed probing pen v2 parameters: -71
[ 1164.621543][T24997] uclogic 0003:256C:006D.00E3: failed probing parameters: -71
[ 1164.629056][T24997] uclogic: probe of 0003:256C:006D.00E3 failed with error -71
[ 1164.637129][T24997] usb 5-1: USB disconnect, device number 125
[ 1164.676840][  T337] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1164.690059][  T337] usb 1-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[ 1164.698977][  T337] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1164.707976][  T337] usb 1-1: config 0 descriptor??
[ 1164.747405][  T337] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1164.810518][T32355] loop2: detected capacity change from 0 to 40427
[ 1164.867709][T32355] F2FS-fs (loop2): Invalid gid value -1
[ 1164.948017][  T337] usb 1-1: USB disconnect, device number 8
[ 1165.010526][T32355] loop2: detected capacity change from 0 to 512
[ 1165.059821][T32355] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode #
[ 1165.073550][T32355] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117
[ 1165.086157][T32355] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode #
[ 1165.101188][T32355] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117
[ 1165.114085][T32355] EXT4-fs (loop2): 1 orphan inode deleted
[ 1165.126936][T32355] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[ 1165.194605][T32362] loop4: detected capacity change from 0 to 256
[ 1165.477658][T32370] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1165.606654][T32374] fuse: Bad value for 'fd'
[ 1165.613146][   T30] audit: type=1326 audit(1718779372.117:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32373 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f25a828ef29 code=0x0
[ 1266.476756][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[ 1266.483188][    C0] rcu: 	0-...!: (1 GPs behind) idle=a3d/1/0x4000000000000000 softirq=157350/157351 fqs=0 last_accelerate: 522b/793b dyntick_enabled: 1
[ 1266.496803][    C0] 	(t=10002 jiffies g=161261 q=80)
[ 1266.501744][    C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 10001 jiffies! g161261 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[ 1266.513981][    C0] rcu: 	Possible timer handling issue on cpu=1 timer-softirq=50205
[ 1266.521707][    C0] rcu: rcu_preempt kthread starved for 10004 jiffies! g161261 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1
[ 1266.532988][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1266.542799][    C0] rcu: RCU grace-period kthread stack dump:
[ 1266.548525][    C0] task:rcu_preempt     state:I stack:27976 pid:   14 ppid:     2 flags:0x00004000
[ 1266.557552][    C0] Call Trace:
[ 1266.560679][    C0]  <TASK>
[ 1266.563459][    C0]  __schedule+0xccc/0x1590
[ 1266.567710][    C0]  ? __sched_text_start+0x8/0x8
[ 1266.572392][    C0]  ? __kasan_check_write+0x14/0x20
[ 1266.577340][    C0]  schedule+0x11f/0x1e0
[ 1266.581334][    C0]  schedule_timeout+0x18c/0x370
[ 1266.586018][    C0]  ? _raw_spin_unlock_irq+0x4e/0x70
[ 1266.591054][    C0]  ? console_conditional_schedule+0x30/0x30
[ 1266.596783][    C0]  ? update_process_times+0x200/0x200
[ 1266.601992][    C0]  ? prepare_to_swait_event+0x308/0x320
[ 1266.607373][    C0]  rcu_gp_fqs_loop+0x2af/0xf80
[ 1266.611971][    C0]  ? debug_smp_processor_id+0x17/0x20
[ 1266.617180][    C0]  ? __note_gp_changes+0x4ab/0x920
[ 1266.622126][    C0]  ? rcu_gp_init+0xc30/0xc30
[ 1266.626552][    C0]  ? _raw_spin_unlock_irq+0x4e/0x70
[ 1266.631586][    C0]  ? rcu_gp_init+0x9cf/0xc30
[ 1266.636013][    C0]  rcu_gp_kthread+0xa4/0x350
[ 1266.640438][    C0]  ? _raw_spin_lock+0x1b0/0x1b0
[ 1266.645127][    C0]  ? wake_nocb_gp+0x1e0/0x1e0
[ 1266.649640][    C0]  ? __kasan_check_read+0x11/0x20
[ 1266.654499][    C0]  ? __kthread_parkme+0xb2/0x200
[ 1266.659278][    C0]  kthread+0x421/0x510
[ 1266.663178][    C0]  ? wake_nocb_gp+0x1e0/0x1e0
[ 1266.667692][    C0]  ? kthread_blkcg+0xd0/0xd0
[ 1266.672117][    C0]  ret_from_fork+0x1f/0x30
[ 1266.676373][    C0]  </TASK>
[ 1266.679236][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 1266.685408][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 1266.690458][    C1] NMI backtrace for cpu 1
[ 1266.690469][    C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0
[ 1266.690487][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 1266.690498][    C1] RIP: 0010:kvm_wait+0x147/0x180
[ 1266.690578][    C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[ 1266.690593][    C1] RSP: 0018:ffffc900001d07e0 EFLAGS: 00000246
[ 1266.690609][    C1] RAX: 0000000000000001 RBX: 1ffff9200003a100 RCX: 1ffffffff0d1aa9c
[ 1266.690621][    C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7138ad4
[ 1266.690633][    C1] RBP: ffffc900001d0890 R08: dffffc0000000000 R09: ffffed103ee2715b
[ 1266.690646][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[ 1266.690658][    C1] R13: ffff8881f7138ad4 R14: 0000000000000001 R15: 1ffff9200003a104
[ 1266.690671][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1266.690686][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1266.690699][    C1] CR2: 0000001b33223000 CR3: 0000000114799000 CR4: 00000000003506a0
[ 1266.690714][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1266.690725][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1266.690736][    C1] Call Trace:
[ 1266.690741][    C1]  <NMI>
[ 1266.690749][    C1]  ? show_regs+0x58/0x60
[ 1266.690791][    C1]  ? nmi_cpu_backtrace+0x29f/0x300
[ 1266.690835][    C1]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[ 1266.690856][    C1]  ? kvm_wait+0x147/0x180
[ 1266.690871][    C1]  ? kvm_wait+0x147/0x180
[ 1266.690886][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1266.690910][    C1]  ? nmi_handle+0xa8/0x280
[ 1266.690927][    C1]  ? kvm_wait+0x147/0x180
[ 1266.690942][    C1]  ? default_do_nmi+0x69/0x160
[ 1266.690962][    C1]  ? exc_nmi+0xaf/0x120
[ 1266.690978][    C1]  ? end_repeat_nmi+0x16/0x31
[ 1266.691002][    C1]  ? kvm_wait+0x147/0x180
[ 1266.691017][    C1]  ? kvm_wait+0x147/0x180
[ 1266.691033][    C1]  ? kvm_wait+0x147/0x180
[ 1266.691049][    C1]  </NMI>
[ 1266.691054][    C1]  <IRQ>
[ 1266.691060][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1266.691077][    C1]  ? kvm_arch_para_hints+0x30/0x30
[ 1266.691096][    C1]  __pv_queued_spin_lock_slowpath+0x41b/0xc40
[ 1266.691122][    C1]  ? __kasan_slab_free+0x11/0x20
[ 1266.691139][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[ 1266.691158][    C1]  ? __irq_exit_rcu+0x50/0xf0
[ 1266.691180][    C1]  ? sysvec_apic_timer_interrupt+0x9a/0xc0
[ 1266.691198][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1266.691215][    C1]  ? acpi_idle_enter+0x416/0x760
[ 1266.691234][    C1]  ? cpuidle_enter+0x5f/0xa0
[ 1266.691294][    C1]  ? do_idle+0x36b/0x5d0
[ 1266.691326][    C1]  _raw_spin_lock_bh+0x139/0x1b0
[ 1266.691345][    C1]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[ 1266.691365][    C1]  ? sock_hash_bucket_hash+0x36d/0x7e0
[ 1266.691426][    C1]  sock_hash_delete_elem+0xb1/0x2f0
[ 1266.691445][    C1]  ? kvfree+0x35/0x40
[ 1266.691491][    C1]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xe60
[ 1266.691506][    C1]  bpf_trace_run2+0xec/0x210
[ 1266.691538][    C1]  ? debug_smp_processor_id+0x17/0x20
[ 1266.691556][    C1]  ? kasan_quarantine_put+0x34/0x1a0
[ 1266.691575][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[ 1266.691592][    C1]  ? kvfree+0x35/0x40
[ 1266.691606][    C1]  ? ____kasan_slab_free+0x131/0x160
[ 1266.691624][    C1]  ? kvfree+0x35/0x40
[ 1266.691638][    C1]  __bpf_trace_kfree+0x6f/0x90
[ 1266.691655][    C1]  ? kvfree+0x35/0x40
[ 1266.691669][    C1]  kfree+0x1f3/0x220
[ 1266.691692][    C1]  ? kmem_cache_free+0x116/0x2e0
[ 1266.691711][    C1]  ? __bpf_prog_put_noref+0x2c0/0x2c0
[ 1266.691747][    C1]  kvfree+0x35/0x40
[ 1266.691761][    C1]  __bpf_prog_put_rcu+0x3b/0xc0
[ 1266.691781][    C1]  ? __bpf_prog_put_noref+0x2c0/0x2c0
[ 1266.691798][    C1]  rcu_do_batch+0x57a/0xc10
[ 1266.691821][    C1]  ? local_bh_enable+0x20/0x20
[ 1266.691838][    C1]  ? _raw_spin_lock_irqsave+0xf9/0x210
[ 1266.691857][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[ 1266.691876][    C1]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[ 1266.691895][    C1]  ? rcu_report_qs_rnp+0x2bf/0x390
[ 1266.691914][    C1]  rcu_core+0x517/0x1020
[ 1266.691935][    C1]  ? rcu_cpu_kthread_park+0x90/0x90
[ 1266.691956][    C1]  rcu_core_si+0x9/0x10
[ 1266.691972][    C1]  __do_softirq+0x26d/0x5bf
[ 1266.691992][    C1]  __irq_exit_rcu+0x50/0xf0
[ 1266.692008][    C1]  irq_exit_rcu+0x9/0x10
[ 1266.692024][    C1]  sysvec_apic_timer_interrupt+0x9a/0xc0
[ 1266.692042][    C1]  </IRQ>
[ 1266.692047][    C1]  <TASK>
[ 1266.692053][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1266.692070][    C1] RIP: 0010:acpi_idle_enter+0x416/0x760
[ 1266.692090][    C1] Code: 89 de 48 83 e6 08 31 ff e8 f7 30 a7 fc 48 83 e3 08 0f 85 b0 00 00 00 0f 1f 44 00 00 e8 a3 2c a7 fc 0f 00 2d fc 41 c0 00 fb f4 <fa> e9 e1 00 00 00 49 83 c7 04 4c 89 f8 48 c1 e8 03 42 0f b6 04 30
[ 1266.692104][    C1] RSP: 0018:ffffc90000157c30 EFLAGS: 000002d3
[ 1266.692118][    C1] RAX: ffffffff84c90abd RBX: 0000000000000000 RCX: ffff8881003313c0
[ 1266.692130][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1266.692141][    C1] RBP: ffffc90000157c70 R08: ffffffff84c90aa9 R09: ffffed1020066279
[ 1266.692153][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000001
[ 1266.692164][    C1] R13: ffff8881049e5804 R14: dffffc0000000000 R15: ffff888105bf5864
[ 1266.692180][    C1]  ? acpi_idle_enter+0x3f9/0x760
[ 1266.692197][    C1]  ? acpi_idle_enter+0x40d/0x760
[ 1266.692217][    C1]  ? intel_idle_ibrs+0x130/0x130
[ 1266.692235][    C1]  cpuidle_enter_state+0x5e1/0x1550
[ 1266.692256][    C1]  ? cpuidle_enter_s2idle+0x600/0x600
[ 1266.692274][    C1]  ? menu_enable_device+0x380/0x380
[ 1266.692308][    C1]  ? sched_clock_cpu+0x18/0x3b0
[ 1266.692326][    C1]  cpuidle_enter+0x5f/0xa0
[ 1266.692344][    C1]  do_idle+0x36b/0x5d0
[ 1266.692362][    C1]  ? idle_inject_timer_fn+0x60/0x60
[ 1266.692381][    C1]  ? do_idle+0x5b5/0x5d0
[ 1266.692399][    C1]  cpu_startup_entry+0x18/0x20
[ 1266.692416][    C1]  start_secondary+0x2e6/0x3a0
[ 1266.692433][    C1]  secondary_startup_64_no_verify+0xb1/0xbb
[ 1266.692454][    C1]  </TASK>
[ 1266.693463][    C0] NMI backtrace for cpu 0
[ 1267.268776][    C0] CPU: 0 PID: 32400 Comm: syz-executor.0 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0
[ 1267.278925][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 1267.288822][    C0] Call Trace:
[ 1267.291944][    C0]  <IRQ>
[ 1267.294640][    C0]  dump_stack_lvl+0x151/0x1b7
[ 1267.299147][    C0]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1267.304617][    C0]  ? ttwu_do_wakeup+0x187/0x430
[ 1267.309303][    C0]  dump_stack+0x15/0x17
[ 1267.313295][    C0]  nmi_cpu_backtrace+0x2f7/0x300
[ 1267.318072][    C0]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[ 1267.324057][    C0]  ? _raw_spin_lock_irqsave+0xf9/0x210
[ 1267.329351][    C0]  ? _raw_spin_lock+0x1b0/0x1b0
[ 1267.334040][    C0]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[ 1267.339941][    C0]  nmi_trigger_cpumask_backtrace+0x15d/0x270
[ 1267.345755][    C0]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[ 1267.351658][    C0]  arch_trigger_cpumask_backtrace+0x10/0x20
[ 1267.357385][    C0]  rcu_dump_cpu_stacks+0x1d8/0x330
[ 1267.362334][    C0]  print_cpu_stall+0x315/0x5f0
[ 1267.366932][    C0]  rcu_sched_clock_irq+0x989/0x12f0
[ 1267.371968][    C0]  ? rcu_boost_kthread_setaffinity+0x340/0x340
[ 1267.377956][    C0]  ? hrtimer_run_queues+0x15f/0x440
[ 1267.382990][    C0]  update_process_times+0x198/0x200
[ 1267.388027][    C0]  tick_sched_timer+0x188/0x240
[ 1267.392709][    C0]  ? tick_setup_sched_timer+0x480/0x480
[ 1267.398093][    C0]  __hrtimer_run_queues+0x41a/0xad0
[ 1267.403128][    C0]  ? hrtimer_interrupt+0xaa0/0xaa0
[ 1267.408072][    C0]  ? clockevents_program_event+0x22f/0x300
[ 1267.413716][    C0]  ? ktime_get_update_offsets_now+0x2ba/0x2d0
[ 1267.419619][    C0]  hrtimer_interrupt+0x40c/0xaa0
[ 1267.424392][    C0]  __sysvec_apic_timer_interrupt+0xfd/0x3c0
[ 1267.430118][    C0]  sysvec_apic_timer_interrupt+0x95/0xc0
[ 1267.435586][    C0]  </IRQ>
[ 1267.438363][    C0]  <TASK>
[ 1267.441142][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1267.446956][    C0] RIP: 0010:kvm_wait+0x147/0x180
[ 1267.451730][    C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[ 1267.471170][    C0] RSP: 0018:ffffc90000db73a0 EFLAGS: 00000246
[ 1267.477071][    C0] RAX: 0000000000000003 RBX: 1ffff920001b6e78 RCX: ffffffff8154fb7f
[ 1267.484883][    C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810ba30928
[ 1267.492697][    C0] RBP: ffffc90000db7450 R08: dffffc0000000000 R09: ffffed1021746126
[ 1267.500507][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[ 1267.508320][    C0] R13: ffff88810ba30928 R14: 0000000000000003 R15: 1ffff920001b6e7c
[ 1267.516132][    C0]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[ 1267.522209][    C0]  ? asm_common_interrupt+0x27/0x40
[ 1267.527238][    C0]  ? kvm_arch_para_hints+0x30/0x30
[ 1267.532188][    C0]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[ 1267.538262][    C0]  __pv_queued_spin_lock_slowpath+0x6bc/0xc40
[ 1267.544164][    C0]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[ 1267.550414][    C0]  _raw_spin_lock_bh+0x139/0x1b0
[ 1267.555185][    C0]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[ 1267.560220][    C0]  ? get_page_from_freelist+0x3550/0x35d0
[ 1267.565777][    C0]  ? sock_hash_bucket_hash+0x36d/0x7e0
[ 1267.571071][    C0]  sock_hash_delete_elem+0xb1/0x2f0
[ 1267.576106][    C0]  ? sock_map_unref+0x352/0x4d0
[ 1267.580794][    C0]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xe60
[ 1267.586171][    C0]  bpf_trace_run2+0xec/0x210
[ 1267.590600][    C0]  ? bpf_trace_run1+0x1c0/0x1c0
[ 1267.595286][    C0]  ? sock_map_unref+0x352/0x4d0
[ 1267.599973][    C0]  ? sock_map_unref+0x352/0x4d0
[ 1267.604659][    C0]  __bpf_trace_kfree+0x6f/0x90
[ 1267.609259][    C0]  ? sock_map_unref+0x352/0x4d0
[ 1267.613945][    C0]  kfree+0x1f3/0x220
[ 1267.617681][    C0]  sock_map_unref+0x352/0x4d0
[ 1267.622192][    C0]  sock_hash_delete_elem+0x274/0x2f0
[ 1267.627314][    C0]  ? ida_alloc_range+0x987/0xa80
[ 1267.632084][    C0]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xe60
[ 1267.637468][    C0]  bpf_trace_run2+0xec/0x210
[ 1267.641892][    C0]  ? bpf_trace_run1+0x1c0/0x1c0
[ 1267.646578][    C0]  ? ida_alloc_range+0x987/0xa80
[ 1267.651353][    C0]  ? ida_alloc_range+0x987/0xa80
[ 1267.656126][    C0]  __bpf_trace_kfree+0x6f/0x90
[ 1267.660729][    C0]  ? ida_alloc_range+0x987/0xa80
[ 1267.665499][    C0]  kfree+0x1f3/0x220
[ 1267.669232][    C0]  ? xas_nomem+0x19a/0x1d0
[ 1267.673487][    C0]  ida_alloc_range+0x987/0xa80
[ 1267.678090][    C0]  ? idr_replace+0x230/0x230
[ 1267.682514][    C0]  ? __kasan_check_write+0x14/0x20
[ 1267.687461][    C0]  ? _copy_from_user+0x96/0xd0
[ 1267.692058][    C0]  raw_ioctl+0x1a38/0x3510
[ 1267.696314][    C0]  ? ioctl_has_perm+0x3f5/0x560
[ 1267.701000][    C0]  ? audio_source_pcm_show+0xd0/0xd0
[ 1267.706118][    C0]  ? has_cap_mac_admin+0x3c0/0x3c0
[ 1267.711073][    C0]  ? security_file_ioctl+0x84/0xb0
[ 1267.716012][    C0]  ? audio_source_pcm_show+0xd0/0xd0
[ 1267.721136][    C0]  __se_sys_ioctl+0x114/0x190
[ 1267.725649][    C0]  __x64_sys_ioctl+0x7b/0x90
[ 1267.730074][    C0]  do_syscall_64+0x3d/0xb0
[ 1267.734328][    C0]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1267.740054][    C0] RIP: 0033:0x7f25a828ec8b
[ 1267.744311][    C0] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[ 1267.763749][    C0] RSP: 002b:00007f25a7606fa0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1267.771994][    C0] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007f25a828ec8b
[ 1267.779805][    C0] RDX: 00007f25a7608070 RSI: 0000000041015500 RDI: 0000000000000007
[ 1267.787616][    C0] RBP: 00007f25a7608070 R08: 0000000000000010 R09: 00302e6364755f79
[ 1267.795429][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1267.803239][    C0] R13: 00007f25a7607040 R14: 0000000020000000 R15: 00007f25a84f2320
[ 1267.811058][    C0]  </TASK>
[ 1409.036521][    C0] watchdog: BUG: soft lockup - CPU#0 stuck for 246s! [syz-executor.0:32400]
[ 1409.045019][    C0] Modules linked in:
[ 1409.048750][    C0] CPU: 0 PID: 32400 Comm: syz-executor.0 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0
[ 1409.058906][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 1409.068815][    C0] RIP: 0010:kvm_wait+0x147/0x180
[ 1409.073569][    C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[ 1409.093531][    C0] RSP: 0018:ffffc90000db73a0 EFLAGS: 00000246
[ 1409.099433][    C0] RAX: 0000000000000003 RBX: 1ffff920001b6e78 RCX: ffffffff8154fb7f
[ 1409.107352][    C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810ba30928
[ 1409.115160][    C0] RBP: ffffc90000db7450 R08: dffffc0000000000 R09: ffffed1021746126
[ 1409.122968][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[ 1409.130794][    C0] R13: ffff88810ba30928 R14: 0000000000000003 R15: 1ffff920001b6e7c
[ 1409.138592][    C0] FS:  00007f25a76096c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1409.147445][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1409.153868][    C0] CR2: 00007f25a7608070 CR3: 000000010d826000 CR4: 00000000003506b0
[ 1409.161681][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1409.169494][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1409.177308][    C0] Call Trace:
[ 1409.180429][    C0]  <IRQ>
[ 1409.183127][    C0]  ? show_regs+0x58/0x60
[ 1409.187196][    C0]  ? watchdog_timer_fn+0x4b1/0x5f0
[ 1409.192147][    C0]  ? proc_watchdog_cpumask+0xd0/0xd0
[ 1409.197264][    C0]  ? __hrtimer_run_queues+0x41a/0xad0
[ 1409.202474][    C0]  ? hrtimer_interrupt+0xaa0/0xaa0
[ 1409.207420][    C0]  ? clockevents_program_event+0x22f/0x300
[ 1409.213060][    C0]  ? ktime_get_update_offsets_now+0x2ba/0x2d0
[ 1409.218962][    C0]  ? hrtimer_interrupt+0x40c/0xaa0
[ 1409.223913][    C0]  ? __sysvec_apic_timer_interrupt+0xfd/0x3c0
[ 1409.229814][    C0]  ? sysvec_apic_timer_interrupt+0x95/0xc0
[ 1409.235452][    C0]  </IRQ>
[ 1409.238231][    C0]  <TASK>
[ 1409.241012][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1409.246999][    C0]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[ 1409.253085][    C0]  ? kvm_wait+0x147/0x180
[ 1409.257245][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1409.263229][    C0]  ? kvm_arch_para_hints+0x30/0x30
[ 1409.268174][    C0]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[ 1409.274250][    C0]  __pv_queued_spin_lock_slowpath+0x6bc/0xc40
[ 1409.280154][    C0]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[ 1409.286401][    C0]  _raw_spin_lock_bh+0x139/0x1b0
[ 1409.291173][    C0]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[ 1409.296209][    C0]  ? get_page_from_freelist+0x3550/0x35d0
[ 1409.301763][    C0]  ? sock_hash_bucket_hash+0x36d/0x7e0
[ 1409.307059][    C0]  sock_hash_delete_elem+0xb1/0x2f0
[ 1409.312092][    C0]  ? sock_map_unref+0x352/0x4d0
[ 1409.316785][    C0]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xe60
[ 1409.322159][    C0]  bpf_trace_run2+0xec/0x210
[ 1409.326586][    C0]  ? bpf_trace_run1+0x1c0/0x1c0
[ 1409.331272][    C0]  ? sock_map_unref+0x352/0x4d0
[ 1409.335959][    C0]  ? sock_map_unref+0x352/0x4d0
[ 1409.340645][    C0]  __bpf_trace_kfree+0x6f/0x90
[ 1409.345246][    C0]  ? sock_map_unref+0x352/0x4d0
[ 1409.349931][    C0]  kfree+0x1f3/0x220
[ 1409.353665][    C0]  sock_map_unref+0x352/0x4d0
[ 1409.358180][    C0]  sock_hash_delete_elem+0x274/0x2f0
[ 1409.363297][    C0]  ? ida_alloc_range+0x987/0xa80
[ 1409.368072][    C0]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xe60
[ 1409.373455][    C0]  bpf_trace_run2+0xec/0x210
[ 1409.377881][    C0]  ? bpf_trace_run1+0x1c0/0x1c0
[ 1409.382565][    C0]  ? ida_alloc_range+0x987/0xa80
[ 1409.387340][    C0]  ? ida_alloc_range+0x987/0xa80
[ 1409.392114][    C0]  __bpf_trace_kfree+0x6f/0x90
[ 1409.396716][    C0]  ? ida_alloc_range+0x987/0xa80
[ 1409.401486][    C0]  kfree+0x1f3/0x220
[ 1409.405220][    C0]  ? xas_nomem+0x19a/0x1d0
[ 1409.409472][    C0]  ida_alloc_range+0x987/0xa80
[ 1409.414074][    C0]  ? idr_replace+0x230/0x230
[ 1409.418503][    C0]  ? __kasan_check_write+0x14/0x20
[ 1409.423446][    C0]  ? _copy_from_user+0x96/0xd0
[ 1409.428047][    C0]  raw_ioctl+0x1a38/0x3510
[ 1409.432300][    C0]  ? ioctl_has_perm+0x3f5/0x560
[ 1409.436986][    C0]  ? audio_source_pcm_show+0xd0/0xd0
[ 1409.442106][    C0]  ? has_cap_mac_admin+0x3c0/0x3c0
[ 1409.447062][    C0]  ? security_file_ioctl+0x84/0xb0
[ 1409.451999][    C0]  ? audio_source_pcm_show+0xd0/0xd0
[ 1409.457120][    C0]  __se_sys_ioctl+0x114/0x190
[ 1409.461635][    C0]  __x64_sys_ioctl+0x7b/0x90
[ 1409.466062][    C0]  do_syscall_64+0x3d/0xb0
[ 1409.470315][    C0]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1409.476041][    C0] RIP: 0033:0x7f25a828ec8b
[ 1409.480298][    C0] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[ 1409.499738][    C0] RSP: 002b:00007f25a7606fa0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1409.507981][    C0] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007f25a828ec8b
[ 1409.515791][    C0] RDX: 00007f25a7608070 RSI: 0000000041015500 RDI: 0000000000000007
[ 1409.523604][    C0] RBP: 00007f25a7608070 R08: 0000000000000010 R09: 00302e6364755f79
[ 1409.531418][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1409.539228][    C0] R13: 00007f25a7607040 R14: 0000000020000000 R15: 00007f25a84f2320
[ 1409.547045][    C0]  </TASK>
[ 1409.549905][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 1409.554964][    C1] NMI backtrace for cpu 1
[ 1409.554974][    C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0
[ 1409.554993][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 1409.555010][    C1] RIP: 0010:kvm_wait+0x147/0x180
[ 1409.555032][    C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[ 1409.555046][    C1] RSP: 0018:ffffc900001d07e0 EFLAGS: 00000246
[ 1409.555062][    C1] RAX: 0000000000000001 RBX: 1ffff9200003a100 RCX: 1ffffffff0d1aa9c
[ 1409.555074][    C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7138ad4
[ 1409.555086][    C1] RBP: ffffc900001d0890 R08: dffffc0000000000 R09: ffffed103ee2715b
[ 1409.555099][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[ 1409.555111][    C1] R13: ffff8881f7138ad4 R14: 0000000000000001 R15: 1ffff9200003a104
[ 1409.555123][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1409.555138][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1409.555151][    C1] CR2: 0000001b33223000 CR3: 0000000114799000 CR4: 00000000003506a0
[ 1409.555167][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1409.555177][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1409.555188][    C1] Call Trace:
[ 1409.555194][    C1]  <NMI>
[ 1409.555214][    C1]  ? show_regs+0x58/0x60
[ 1409.555232][    C1]  ? nmi_cpu_backtrace+0x29f/0x300
[ 1409.555253][    C1]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[ 1409.555275][    C1]  ? kvm_wait+0x147/0x180
[ 1409.555289][    C1]  ? kvm_wait+0x147/0x180
[ 1409.555304][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1409.555323][    C1]  ? nmi_handle+0xa8/0x280
[ 1409.555341][    C1]  ? kvm_wait+0x147/0x180
[ 1409.555355][    C1]  ? kvm_wait+0x147/0x180
[ 1409.555370][    C1]  ? default_do_nmi+0x69/0x160
[ 1409.555389][    C1]  ? exc_nmi+0xaf/0x120
[ 1409.555405][    C1]  ? end_repeat_nmi+0x16/0x31
[ 1409.555428][    C1]  ? kvm_wait+0x147/0x180
[ 1409.555444][    C1]  ? kvm_wait+0x147/0x180
[ 1409.555460][    C1]  ? kvm_wait+0x147/0x180
[ 1409.555475][    C1]  </NMI>
[ 1409.555480][    C1]  <IRQ>
[ 1409.555485][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1409.555503][    C1]  ? kvm_arch_para_hints+0x30/0x30
[ 1409.555522][    C1]  __pv_queued_spin_lock_slowpath+0x41b/0xc40
[ 1409.555543][    C1]  ? __kasan_slab_free+0x11/0x20
[ 1409.555561][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[ 1409.555579][    C1]  ? __irq_exit_rcu+0x50/0xf0
[ 1409.555597][    C1]  ? sysvec_apic_timer_interrupt+0x9a/0xc0
[ 1409.555615][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1409.555631][    C1]  ? acpi_idle_enter+0x416/0x760
[ 1409.555650][    C1]  ? cpuidle_enter+0x5f/0xa0
[ 1409.555669][    C1]  ? do_idle+0x36b/0x5d0
[ 1409.555688][    C1]  _raw_spin_lock_bh+0x139/0x1b0
[ 1409.555706][    C1]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[ 1409.555725][    C1]  ? sock_hash_bucket_hash+0x36d/0x7e0
[ 1409.555747][    C1]  sock_hash_delete_elem+0xb1/0x2f0
[ 1409.555765][    C1]  ? kvfree+0x35/0x40
[ 1409.555782][    C1]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xe60
[ 1409.555797][    C1]  bpf_trace_run2+0xec/0x210
[ 1409.555814][    C1]  ? debug_smp_processor_id+0x17/0x20
[ 1409.555832][    C1]  ? kasan_quarantine_put+0x34/0x1a0
[ 1409.555850][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[ 1409.555867][    C1]  ? kvfree+0x35/0x40
[ 1409.555882][    C1]  ? ____kasan_slab_free+0x131/0x160
[ 1409.555898][    C1]  ? kvfree+0x35/0x40
[ 1409.555913][    C1]  __bpf_trace_kfree+0x6f/0x90
[ 1409.555929][    C1]  ? kvfree+0x35/0x40
[ 1409.555944][    C1]  kfree+0x1f3/0x220
[ 1409.555960][    C1]  ? kmem_cache_free+0x116/0x2e0
[ 1409.555979][    C1]  ? __bpf_prog_put_noref+0x2c0/0x2c0
[ 1409.555996][    C1]  kvfree+0x35/0x40
[ 1409.556016][    C1]  __bpf_prog_put_rcu+0x3b/0xc0
[ 1409.556032][    C1]  ? __bpf_prog_put_noref+0x2c0/0x2c0
[ 1409.556049][    C1]  rcu_do_batch+0x57a/0xc10
[ 1409.556071][    C1]  ? local_bh_enable+0x20/0x20
[ 1409.556088][    C1]  ? _raw_spin_lock_irqsave+0xf9/0x210
[ 1409.556108][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[ 1409.556126][    C1]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[ 1409.556146][    C1]  ? rcu_report_qs_rnp+0x2bf/0x390
[ 1409.556165][    C1]  rcu_core+0x517/0x1020
[ 1409.556186][    C1]  ? rcu_cpu_kthread_park+0x90/0x90
[ 1409.556207][    C1]  rcu_core_si+0x9/0x10
[ 1409.556223][    C1]  __do_softirq+0x26d/0x5bf
[ 1409.556242][    C1]  __irq_exit_rcu+0x50/0xf0
[ 1409.556259][    C1]  irq_exit_rcu+0x9/0x10
[ 1409.556275][    C1]  sysvec_apic_timer_interrupt+0x9a/0xc0
[ 1409.556293][    C1]  </IRQ>
[ 1409.556298][    C1]  <TASK>
[ 1409.556303][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1409.556320][    C1] RIP: 0010:acpi_idle_enter+0x416/0x760
[ 1409.556340][    C1] Code: 89 de 48 83 e6 08 31 ff e8 f7 30 a7 fc 48 83 e3 08 0f 85 b0 00 00 00 0f 1f 44 00 00 e8 a3 2c a7 fc 0f 00 2d fc 41 c0 00 fb f4 <fa> e9 e1 00 00 00 49 83 c7 04 4c 89 f8 48 c1 e8 03 42 0f b6 04 30
[ 1409.556353][    C1] RSP: 0018:ffffc90000157c30 EFLAGS: 000002d3
[ 1409.556366][    C1] RAX: ffffffff84c90abd RBX: 0000000000000000 RCX: ffff8881003313c0
[ 1409.556378][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1409.556388][    C1] RBP: ffffc90000157c70 R08: ffffffff84c90aa9 R09: ffffed1020066279
[ 1409.556400][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000001
[ 1409.556411][    C1] R13: ffff8881049e5804 R14: dffffc0000000000 R15: ffff888105bf5864
[ 1409.556426][    C1]  ? acpi_idle_enter+0x3f9/0x760
[ 1409.556442][    C1]  ? acpi_idle_enter+0x40d/0x760
[ 1409.556462][    C1]  ? intel_idle_ibrs+0x130/0x130
[ 1409.556481][    C1]  cpuidle_enter_state+0x5e1/0x1550
[ 1409.556501][    C1]  ? cpuidle_enter_s2idle+0x600/0x600
[ 1409.556519][    C1]  ? menu_enable_device+0x380/0x380
[ 1409.556537][    C1]  ? sched_clock_cpu+0x18/0x3b0
[ 1409.556556][    C1]  cpuidle_enter+0x5f/0xa0
[ 1409.556573][    C1]  do_idle+0x36b/0x5d0
[ 1409.556590][    C1]  ? idle_inject_timer_fn+0x60/0x60
[ 1409.556610][    C1]  ? do_idle+0x5b5/0x5d0
[ 1409.556627][    C1]  cpu_startup_entry+0x18/0x20
[ 1409.556644][    C1]  start_secondary+0x2e6/0x3a0
[ 1409.556661][    C1]  secondary_startup_64_no_verify+0xb1/0xbb
[ 1409.556683][    C1]  </TASK>