last executing test programs:

6.733125721s ago: executing program 2 (id=674):
r0 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = dup(r4)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r8, 0x8914, &(0x7f0000000080)={'lo\x00'})
connect$inet6(r7, &(0x7f0000000380)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xb}, 0x8}, 0x1c)
sendmmsg$inet6(r7, &(0x7f0000003900)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001500)=[{{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f0000000040)="8c8a594a31164c9f12a4294214eac725", 0x10}], 0x1}}], 0x1, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r6, 0xae9a)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
write$selinux_context(r0, &(0x7f0000000240)='system_u:object_r:setrans_initrc_exec_t:s0\x00', 0x2b)

4.41996255s ago: executing program 0 (id=685):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x4, 0x0, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, 0x0}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mkdir(0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0xfffffdfc, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_clone(0x11000000, 0x0, 0x0, 0x0, 0x0, 0x0)

4.337256687s ago: executing program 2 (id=687):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=<r1=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',privport,access=', @ANYRESDEC=r1])
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff})
fstat(r2, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, <r3=>0x0, <r4=>0x0})
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000001600)='./file1\x00', 0x0, &(0x7f0000001a40)=ANY=[@ANYRES32=r4, @ANYRES8=0x0, @ANYRESOCT=0x0, @ANYRESDEC, @ANYBLOB="215aa15bf29ed2ff6f9241ff60693d298a3d41143bfc9091146111b4930c37eddcf542d641b821af229e7d8780d50b6f47fa3e5928555eb4d6d507d92b87b0b01c19c789895e02891afc082bb85a470e7f168a6aa2c2bc51a3f3a404a4a1e6e2fbad00d592df65bd2a593f488bf41dbc7ea43fe2554fbe34e4a77f606f35e445aff55aaa19f7ffffffffffffff19bd4739c80c9e6681229c48e0c6de634c35c029c4eb3b43412c95089416a3d607800000303758410658a4ec52e5b778eda9cd1bd8834e145c111690b0da927087e805000000000100008fd8b9bdfbdaa777db54127463a589ee1925c34b6459505702f3a45f285c53c1f15bab2eef6324d67ad8d7e247317d80ff3ad9120b4e2294e67de9adaab76fa991571a187cd8f7fbc49bf45d6f8dbf69ef0d765a02ad98e802b1688148a8c017e3af238f82c49bbd8ba542fbfec5693d82158e3216b95656986f9d7eec7244a27dfaf8623fc76943bf142a6159d6c622dbcac3d324d07be5a5cc88f85a857ff9d45924424d3453c969afa37d952940f3147d5af234b39c3ff742a2e5300e10ee692a32f5c3321d44eadaa8c44bf9d534b52fe758082299e04f839e529a6d0293bf12770ac948730a0c367e117137c6fd930b1f306138163b7180e111d6926255a71bd227b1d27f2897721e3bda884b0792a81134d8fbc9aafc732b15aee5c9e0a835ac17b457efa36ce1095a3196d278207846ea81172826d49b87aac6e662bb824f16b0b65fc6989395ba022bd6af2f1830375c311bdf55f15d9830564e65dc76e5b7c9a91e857dbcef3909cfd628649337de6ff04a398f4325a430467aee51d7fa12ef61bc0b67d1e18e62754d8a2b65fbb8e01450b2882a99f414220f9fb94009492270cc703569cfef8cc0d520b023ce6bf947c3f301b8320f12966a7736956fd7aba87b9ea3f90699ec8b916bf539b348d44069af48c413fe58e99f10ba139d16450158e3001d388e9fd31b105ee2a6c8810570469938f3d6e4bb63ea045bb4eebb1504d5457d4460bd7fe9344ffbfbef28fce0aef35003a99826f893acdfb4dd460c41d1e31f49e331993bf0a7825e2968ef4f735f20a92672e5921c05a8b4b2c4402e38f524856365d1cdeb179e3491b2d546f7b6a441136f4293857dc7a0f48b10a41825eb6c05e8386d021dcf4f1b19b7067f32877acccf22810db3cf4870f61f0ac08dd51993813f72f75a1dcdb5e9c01e87dbadc00220c06cd0628363dbc4a1da0482524b32c7292aedd9bfb5eed00fbdbdc59f8c2543bb6285441b966ec995b63c4a7a7cf279c59f5c385dcceacb520905098607b0b46f81ebf9ca2563fda18024314292dc02a6e226beb6b63bf8f190a4b2865a9246094cbeff3d593f42b5df77e5c875265ff15c8fbceb6f5310f07606ad5cbe38a86c06742a1ce62f890f05e23c67204612c7ab0500000034a829c8749455d880057b4665f6964f37f2e07dfb9654db40a56633f7751f15e392a9c73fe02135ff9a7dbd66292a0e91f7ceec617c3759e18dd7d6f16a3a597cf55efedbf42345aec4970686800085ffb22b09f5418a5d74620a7e30713c50d734a8e9da4c2815acec2afc37ed8c8a9c2354acba756f6a09d8e33706ccda743a624708cf9ccbc016a7b2c5302cc131ededaf8f54dbce508d1e27ddb0ac254426c25b851cfbd6ab4d9474d34cf486bfffe0a87055ebba5f14ee", @ANYRESDEC=0x0, @ANYRES8, @ANYRES32, @ANYRES8=<r5=>0xffffffffffffffff, @ANYRESOCT=r3, @ANYRES8, @ANYRES8=0x0, @ANYRES8], 0x1, 0x1f1, &(0x7f0000000900)="$eJzsmb2LE0EYxp+Z3cveHSLYWNhYeOCJ3n5F5ZorThArQThFLYO3CcFNIskKSUAk2NhYigi2/gMWFqks7OxstVBBsDClYCGMzOy4mSRuSLgigbw/yOR53/l6Z0ieLRYEQaws377++vLsyu7NCwCOYQuOzv+whmM4kEWfXz48/3zv6qs3n16/rx9/1B9fbx2AELPvvwHg3b6FREVCiMej/VuyeTGauwWOc1rfBoObyj9CkQYRGO4qZQOZBhobWsSRe68RH5arceTLJpBNKJuiuZecPegxHGZnE4IZ/a1O934pjqPmuFgT//aZ6JpXTLs/Vd8+x56OZX0cwJ2nT3oy1ncDHzy9SwABOAKti2A40HoXDlzXHV6Jcf5T9nB9a5bzL0qw3+nPQGZO7Cy+npURwlmKMmYQbDwj/9BZ5uSg/2Fy1vdlKT5fMOQ4jjIuAFnmmh7zcTOOrx9h04LecbLLMv2J2cBZw59s2Jl/eEntgdfqdHeqtVIlqkT1MCxe9i/6/qXQK1cd+J6yoyn+t678adNYf80cYDxQCqyAdilJmkEbSJpBFodpazjuwdvGTzWHK//j2D6TriEvWR3b+X89TH+4+pZq28otniAIgiAIgiAIgiAIgiAIYi5OgyF9BaJeVIkcwhtq9N8AAAD//zSFbeI=")
newfstatat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, <r6=>0x0}, 0x100)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
getresgid(&(0x7f0000000040)=<r8=>0x0, &(0x7f0000000180)=<r9=>0x0, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x2000, &(0x7f00000009c0)=ANY=[@ANYBLOB, @ANYRES8=<r10=>0xffffffffffffffff, @ANYRESHEX=r9, @ANYRES8=r7, @ANYRESDEC=r9, @ANYRESOCT=r8])
r11 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000000240)={0x0, <r12=>0x0}, &(0x7f0000000280)=0x5)
setuid(r12)
r13 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
fstat(r13, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, <r14=>0x0, <r15=>0x0})
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x100080d, &(0x7f0000003f80)=ANY=[@ANYRES32=r15, @ANYRESOCT, @ANYRES8=<r16=>r15, @ANYRESDEC, @ANYBLOB="215aa15bf29ed2ff6f9241ff60693d298a3d41143bfc9091146111b4930c37eddcf542d641b821af229e7d8780d50b6f47fa3e5928555eb4d6d507d92b87b0b01c19c789895e02891afc082bb85a470e7f168a6aa2c2bc51a3f3a404a4a1e6e2fbad00d592df65bd2a593f488bf41dbc7ea43fe2554fbe34e4a77f606f35e445aff55aaa19f7ffffffffffffff19bd4739c80c9e6681229c48e0c6de634c35c029c4eb3b43412c95089416a3d607800000303758410658a4ec52e5b778eda9cd1bd8834e145c111690b0da927087e805000000000100008fd8b9bdfbdaa777db54127463a589ee1925c34b6459505702f3a45f285c53c1f15bab2eef6324d67ad8d7e247317d80ff3ad9120b4e2294e67de9adaab76fa991571a187cd8f7fbc49bf45d6f8dbf69ef0d765a02ad98e802b1688148a8c017e3af238f82c49bbd8ba542fbfec5693d82158e3216b95656986f9d7eec7244a27dfaf8623fc76943bf142a6159d6c622dbcac3d324d07be5a5cc88f85a857ff9d45924424d3453c969afa37d952940f3147d5af234b39c3ff742a2e5300e10ee692a32f5c3321d44eadaa8c44bf9d534b52fe758082299e04f839e529a6d0293bf12770ac948730a0c367e117137c6fd930b1f306138163b7180e111d6926255a71bd227b1d27f2897721e3bda884b0792a81134d8fbc9aafc732b15aee5c9e0a835ac17b457efa36ce1095a3196d278207846ea81172826d49b87aac6e662bb824f16b0b65fc6989395ba022bd6af2f1830375c311bdf55f15d9830564e65dc76e5b7c9a91e857dbcef3909cfd628649337de6ff04a398f4325a430467aee51d7fa12ef61bc0b67d1e18e62754d8a2b65fbb8e01450b2882a99f414220f9fb94009492270cc703569cfef8cc0d520b023ce6bf947c3f301b8320f12966a7736956fd7aba87b9ea3f90699ec8b916bf539b348d44069af48c413fe58e99f10ba139d16450158e3001d388e9fd31b105ee2a6c8810570469938f3d6e4bb63ea045bb4eebb1504d5457d4460bd7fe9344ffbfbef28fce0aef35003a99826f893acdfb4dd460c41d1e31f49e331993bf0a7825e2968ef4f735f20a92672e5921c05a8b4b2c4402e38f524856365d1cdeb179e3491b2d546f7b6a441136f4293857dc7a0f48b10a41825eb6c05e8386d021dcf4f1b19b7067f32877acccf22810db3cf4870f61f0ac08dd51993813f72f75a1dcdb5e9c01e87dbadc00220c06cd0628363dbc4a1da0482524b32c7292aedd9bfb5eed00fbdbdc59f8c2543bb6285441b966ec995b63c4a7a7cf279c59f5c385dcceacb520905098607b0b46f81ebf9ca2563fda18024314292dc02a6e226beb6b63bf8f190a4b2865a9246094cbeff3d593f42b5df77e5c875265ff15c8fbceb6f5310f07606ad5cbe38a86c06742a1ce62f890f05e23c67204612c7ab0500000034a829c8749455d880057b4665f6964f37f2e07dfb9654db40a56633f7751f15e392a9c73fe02135ff9a7dbd66292a0e91f7ceec617c3759e18dd7d6f16a3a597cf55efedbf42345aec4970686800085ffb22b09f5418a5d74620a7e30713c50d734a8e9da4c2815acec2afc37ed8c8a9c2354acba756f6a09d8e33706ccda743a624708cf9ccbc016a7b2c5302cc131ededaf8f54dbce508d1e27ddb0ac254426c25b851cfbd6ab4d9474d34cf486bfffe0a87055ebba5f14ee", @ANYRESHEX, @ANYRESOCT=0x0, @ANYRES32, @ANYRES8, @ANYRESOCT=r14, @ANYRESDEC, @ANYRES8=r15, @ANYRES8=r13], 0xff, 0x1f1, &(0x7f0000000900)="$eJzsmb2LE0EYxp+Z3cveHSLYWNhYeOCJ3n5F5ZorThArQThFLYO3CcFNIskKSUAk2NhYigi2/gMWFqks7OxstVBBsDClYCGMzOy4mSRuSLgigbw/yOR53/l6Z0ieLRYEQaws377++vLsyu7NCwCOYQuOzv+whmM4kEWfXz48/3zv6qs3n16/rx9/1B9fbx2AELPvvwHg3b6FREVCiMej/VuyeTGauwWOc1rfBoObyj9CkQYRGO4qZQOZBhobWsSRe68RH5arceTLJpBNKJuiuZecPegxHGZnE4IZ/a1O934pjqPmuFgT//aZ6JpXTLs/Vd8+x56OZX0cwJ2nT3oy1ncDHzy9SwABOAKti2A40HoXDlzXHV6Jcf5T9nB9a5bzL0qw3+nPQGZO7Cy+npURwlmKMmYQbDwj/9BZ5uSg/2Fy1vdlKT5fMOQ4jjIuAFnmmh7zcTOOrx9h04LecbLLMv2J2cBZw59s2Jl/eEntgdfqdHeqtVIlqkT1MCxe9i/6/qXQK1cd+J6yoyn+t678adNYf80cYDxQCqyAdilJmkEbSJpBFodpazjuwdvGTzWHK//j2D6TriEvWR3b+X89TH+4+pZq28otniAIgiAIgiAIgiAIgiAIYi5OgyF9BaJeVIkcwhtq9N8AAAD//zSFbeI=")
fstat(r0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, <r17=>0x0})
newfstatat(0xffffffffffffff9c, &(0x7f0000000980)='./file0\x00', &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r18=>0x0}, 0x4000)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000002bc0)=ANY=[@ANYRESDEC=r5, @ANYRES64=0x0, @ANYBLOB="03000000000000000300000000000000f9ffffffffffffff05000000000000000200000007000000050000000000000000000000000000000100000001000000080000000000000005000000000000000000000000000080060000000000000005000000006000003bbafa41", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="71ffffff020000000000000005000000000000006906000000000000080000000c000000297b2b7d23252627040000000000000003000000000000006f7600000000000006000000000000000200000004000000000000000000000007000000000000000500000000000000ffffffffffffff7f0400000000000000ff0700000000000005000000090000000604000000c0000003000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0600000003000000000000000100000000000000000000000000008001000000030000002f000000000000000600000000000000010000000000000004000000000000000700000000000000840b00000e00000002000000000000000800000000000000070000000000000002000000000000000100000000000000ff0300000000000006000000001000000800000000c0000046050000", @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="bc00000004000000000000000600000000000000ffffffffffffffff0a0000000900000073797a6b616c6c6572000000000000000300000000000000000000000000000403000000000000000300000000000000ffffff7f000000000600000000000000dd04000000000000010000000000000008000000000000004900000000000000050000000000000004000000090000000900000010600000c00d0000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="4b09000005000000000000000200000000000000000000000000000002000000070000002f91000000000000040000000000000001000000000000000c00000000000000feffffffffffffff650b0000070000000200000000000000ff000000000000000800000000000000f8ffffffffffffff050000000000000000010000000000000000000000800000090000000040000080000000", @ANYRES32=r1, @ANYRESHEX=r16, @ANYBLOB="ff0700000100000000000000020000000000000007000000000000000d000000030000006e656967685f6372656174650000000006000000000000000100000000000000b7020000000000009b0000000000000007000000ffffffff01000000000000000900000000000000040000000000000000000000000000000cfdffffffffffff01000100000000000300000005000000060000000040000006040000", @ANYRES32=r6, @ANYRES32=r8, @ANYBLOB="01000000ff0f00000000000005000000000000000f000000000000000c00000001000000213a2b2d7de3fd2d5e7b258a000000000000000000000000000000000000000008000000000000000020010000000000020000000700000003000000000000000400000000000000090000000000000001000000000000000200000000000000ffffffffffffffff0600000000000010f902000000a0000001000000", @ANYRES32=r12, @ANYRES32=r15, @ANYRES32=r10, @ANYRES32=r17, @ANYRES32=r18, @ANYBLOB="030000000100040000000003000000007501faa6cd404014edd86bd0a60000f9ffffff5d0079ab4dfb038b00bf1c0421172908fd3f3287eb2e0bb94251d4c9d231ad5239752dca4d6f88d123a8f751b0e15d5e3c3affab863141a807015765cfb6e30c3963bac9ee1b6272f6336d7372cb258a67ad95a0c044bb70cc1a67c6e065b70d1b3a1b11f412356753c591bcbc1f2672abafab39ed14b1d11e96d70d16cdf449ee888889ed356a274c8de81a3673bb3a309d5509ebf21c703aa66cba5abda35e359912aa0136451cce5c645539511820b3bc232606938766911dbbbeb3fd231ae9d5bf74c6ff88a1aa6275affcabfd2349224209920cb2b3a392596605a97ea9d7435a1839a43844e19a3110f554439cab0da7ab6c9aa3da84f4a226a6555c07f0ec2c7cbae0c04045b042aeedfe2395ed5dd8dfb39fee"], 0x528)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r19 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r19}, 0x10)
r20 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000c80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d64050000000000650404000100000004040000fb007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327edb1fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18c65ae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c9068000000bc8619d73415cda2130f5011e4845500a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b60c2499d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d7676074a0bde4471414c99d4894ee7f8139dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff8c21ad702cca54728acad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd20785f653b621491dc6aaee0d409731091f4fb94c06006e3c1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e1590bab105b0cb578af7dc7d5e87d48d376444e2de02f47c61e8e84ff828de453f34c2b08660b080efc707e676e1fb4d5865c0ca177a4c7fbb4e829ab0894a1062b445c00f576b2b5cc7f819abd0f885cc4806f47ffb966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d3676329bb8cda690d192a070886df42b2708398773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169cdfaa4252d4ea6b8f6216ff202b5b5a182cb5e8380100632d03a7ca6f6d0339f9953c30930804fdc3690d10ecb65dc5b47481edbf1eee2e8893e903054d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026def743f1213bf817becd9e5a225d67521d1128eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979030000007081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f324661351df747aa6a65872dfdcfa68f65bd06b4082d43e121861b5cc09b986bf56c747d9a1cc5b506892c3a16ff10feea20bdac89bfb758cf3500000000000000000000000000000098e6db5a96055e764a3bfd4ccb20d2e800994f4b602d25b2c076f21c7102687e054bb93b2d013be6227fd99902b074c0de00733128c81c48c5e140b17d71ac48f137d10798c4272826d2ba55bbda0059636528c132ed06759d880d1bc291beea56ed7ee8bcb392fdf886dbc74879ec4b831904d7c101ebbaef3c0ae6d0cf0000000000000000000000000000000011cb735f66a559ef0cdb5163a15c0bb986474bf5d9542e3e48805ce53127e4c076d69d868df543717aaaa07d7aca056f7f036c2bcba0795d1a64868a29ac5321b3cd6ef5b1a741afc7124e16b64a5d1d68b45fcfd7e531090ceae2f05536a4d5d6a4081e743827fb9c031d1fc9f195c2da189c49eaed6c30c71da0452e502ef393efeb02ebe82b1851cae5fa7c958ba23110b5e0e5b890803f28a356b2920e74564e0f8377b0ba515d4cc28d702287fed2882b4780a1bcb583f1cb1470003ef9b592b9461328cfc01ebfce0ecdcea714a517dc40000000000000000000000000006bd0561e1cc72880cc3ec1bdf35eb670a9040e3b53cd826b94ad8aeb014e74787fe89fb3247a87d8bfb6d400142369f88964708d1d4d"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r20, 0x18000000000002a0, 0xfe, 0x60000004, &(0x7f0000000100)="b9ff03076044238cb89e14f008000de0ffff00184000633c77fbac141412e000002062079f4b4d2f87e5feca6aab845013f2325f1a3903050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x25, &(0x7f0000000040)="ded6e0966ec1cf6ba4b897a54e4e062b311453dcbb62932a01105d0a8066ca8e5e1f2f575d0d6e996b57fd408d420abb7337934e59815d75b4eb3e7206afce", &(0x7f0000000380)="af5fa441b438b5156d8a9fcc090f586e979858f64170cde36889dcc8539ffcca62621a4c3ea3f7acee366e6fb0b94314f90931dec60fed6c9fee64af416c29f65e47110b81f6b4da06db5e1aad1f627acb", 0x0, 0x3}, 0x2c)

4.193799048s ago: executing program 2 (id=688):
pipe2(&(0x7f0000000040), 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000070018110000", @ANYRES32=r0], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000300)=<r2=>0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000340)=0x1)
r3 = getpid()
rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f0000000240))
getsockopt$inet_opts(0xffffffffffffffff, 0x6, 0x0, 0xffffffffffffffff, 0x0)
sched_setscheduler(r3, 0x1, &(0x7f0000000100))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
syz_mount_image$exfat(&(0x7f00000016c0), &(0x7f0000000100)='./file0\x00', 0x1000806, &(0x7f0000002240)=ANY=[@ANYBLOB='errors=remount-ro,discard,dmask=000000000000,iocharset=maccenteuro,fmask=00000000000000000000003,iocharset=cp932,iocharset=cp863,fmask=00000000000000000000010,\x00'/171], 0x9, 0x1505, &(0x7f0000000180)="$eJzs3Au4jdX2MPAx5pwvm9BKcp9jjpeVXCZJEknIJUmSJMktIUmSJCS33JKQhNyT3ENyC8n9fss9SY4kSUJCwvweHefzndPp9P2/0/mc59nj9zzz2XPstcZY411jr9u7n72/azewUp3K5WsxM/xb8K9fugJACgD0AYBrASACgOKZi2e+dHk6jV3/vRsRf66Hp1ztDsTVJPNP3WT+qZvMP3WT+aduMv/UTeafusn8UzeZvxCp2ZapOa6TlXqXnP9PzeT1P3WT+aduMv/UTeafusn8UzOW+adyMv/UTeafusn8hUjN/pTzyGkvF/svOJ/9H1h/u6uudh9/sKL/p7yr95MnhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECI1ORuuMADwt/3V7ksIIYQQQgghhBB/npD2ancghBBCCCGEEEKI/zwEMBoMRJAG0kIKpIP0cA1kgIyQCa6FBFwHmeF6yAI3QFbIBtkhB+SEXJAbLBA4YIghD+SFJNwI+eAmyA8FoCAUAg+FoQjcDEXhFigGt0JxuA1KwO1QEkrBHVAa7oQycBeUhXJQHu6GClARKkFluAeqwL1QFe6DanA/VIcHoAY8CDXhIagFD0NteATqwKNQFx6DelAfGkBDaPTP8/W/zn8JOsHL0Bm66Ev3QHd4BXpAT+gFvaEPvAp94TXoB69DfxgAA+ENGARvwmB4C4bAUBgGb8NwGAEjYRSMhjEwFt6BcfAujIf3YAJMhEkwGabAVJgG78N0mAEz4QOYBR/CbJgDc2EezIePYAEshEXwMSyGT2AJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQt8ClthG2yHHbATdsFu+Az2wOewF76AffDl/zD/zD/kt0dAQIUKDRpMg2kwBVMwPabHDJgBM2EmTGACM2NmzIJZMCtmxeyYHXNiTsyNuZGQkJExD+bBJCYxH+bD/JgfC2JB9OixCBbBongLFsNiWByLYwksgSWxFJbC0lgay2AZLItlsfztcwCwAlbCSngP3oP3YlWsitWwGlbH6lgDa2BNrIm1sBbWxtpYB+tgXayL9bAeNsAG2AgbYWNsjE2wCTbDZtgcm2MLbIEtsSW2wlbYGltjG2yDbbEttsN22B47YAd8CV/Cl/Fl7IIVVDfsjt2xB/bAXtgbe+Or2Bdfw9fwdeyPA3AgvoFv4Js4GE/jEByKw3AYllEjcCSOQlZjcCyOxXE4DsfjeJyAE3EiTsYpOBWn4TScjjNwBn6As/BD/BDn4Bych/NxPi7AhbgIF+FiPINLcCkuw+W4AlfiClyNa3A1rlN/e2huxs34KX6K23Ab7sAduAt34Wf4GX6On2N/3If7cD/uxwN4AA/iQTyEh/AwHsYjeASP4lE8hsfwOJ7Ak3gCT+EpPI1n8CyexXN4Ds/jCzm/qb2rwNr+oC4xyqg0Ko1KUSkqvUqvMqgMKpPKpBIqoTKrzCqLyqKyqqwqu8qucqqcKrfKrUiRYhWrPCqPSqqkyqfyAUBXVVAVVF55VUQVUUVVUVVMFVPF1W2qhLpdlVSlVFNfWpVWZVQzX1aVU+VVeVVBVVSVVGVVWVVRVVRVVVVVU9VUdVVd1VAPqpqqG/bCh9WlydRRA7CuGoj1VH3VQDVUb+LjqrEajE1UU9VMPamG4hBsoRr7luoZ1UqNxNbqOTUKn1dt1Rhsp15U7VUH1VG9pDqpJr6z6qImYDfVXU3GHqqn6qV6q+lYUV2aWCX1uuqvBqiB6g01D99Ug9Vbaogaqoapt9VwNUKNVKPUaDVGjVXvqHHqXTVevacmqIlqkpqspqipapp6X01XM9RM9YGapT5Us9UcNVfNU/PVR2qBWqgWqY/VYvWJWqKWqmVquVqhVqpVarVao9aqdWq92qA2qk1qs9qiPlVb1Ta1Xe1QO9UutVt9pvaoz9Ve9YXap75U+9Vf1AH1lTqovlaH1DfqsPpWHVHfqaPqe3VMdVHH1Ql1Uv2oTqmf1Gl1Rp1VP6tz6hd1Xl1QF1VQoFErrbXRkU6j0+oUnU6n19foDDqjzqSv1Ql9nc6sr9dZ9A06q86ms+scOqfOpXNrq0k7zTrWeXRendQ36nz6Jp1fF9AFdSHtdWFdRN+si+pbdDF9qy6ub9Ml9O26pC6l79Cl9Z26jL5Ll9XldHl9t66gK+pKurK+R1fR9+qq+j5dTd+vq+sHdA39oK6pH9K19MO6tn5E19GP6rr6MV1P19cNdEPdSD+uG+sndBPdVDfTT+rm+indQj+tW+pndCv9rG6tn9Nt9PO6rX5Bt9Mv6va6g+6oL+iLOujOuovuqrvp7voV3UP31L10b91Hv6r76td0P/267q8H6IH6DT1Iv6kH67f0ED1UD9Nv6+F6hB6pR+nReoweq9/R4/S7erx+T0/QE/UkPVlP0VN1r8uVZl7KN/Av89/9J/n9fr31zXqL/lRv1dv0dr1D79S79G69W+/Re/RevVfv0/v0fr1fH9AH9EF9UB/Sh/RhfVgf0Uf0UX1UH9PH9HF9Qv+sf9Sn9E/6tD6jz+if9Tl9Tp+/fB+AQaOMNsZEJo1Ja1JMOpPeXGMymIwmk7nWJMx1JrO53mQxN5isJpvJbnKYnCaXyW2sIeMMm9jkMXlN0txo8pmbTH5TwBQ0hYw3hU0Rc/Pv5UeXn+H+MP93+ls+6XJ+I9PINDaNTRPTxDQzzUxz09y0MC1MS9PStDKtTGvT2rQxbUxb09a0M+1Me9PedDQdTSfTyXRGMF1NV9PdvGJ6mJ6ml+lt+phXTV/T1/Qz/Ux/098MNAPNIDPIDDaDzRAzxAwzw8xwM9yMNCPNaDPajDVjzTgzzow3480EM8FMMpPMFDPFXHphvWSmmWlmmVlmtplt5pq5Zr6ZbxaYBWaRWWQWm8VmiVlqlprlZrlZaVaa1Wa1WWvWmvVmvdloNpolZovZYraarWa72W52mp1mt9lt9pg9Zq/Za/aZfWa/2W8OmAPmoDloDplD5rA5bI6YI+aoOWqOmWPmuDluTpqT5pQ5ZU6b0+asOWvOmXPmvDlvLpqLl972RSpSkYlMlCZKE6VEKVH6KH2UIcoQZYoyRYkoEWWOMkdZohuirFG2KHuUI8oZ5YpyRzaiyEUcxVGeKG+UjG6M8kU3RfmjAlHBqFDko8JRkejmqGh0S1QsujUqHt0WlYhuj0pGpaI7otLRnVGZ6K6obFQuKh/dHVWIKkaVosrRPVGV6N6oanRfVC26P6oePRDViB6MakYPRbWih6Pa0SNRnejRqG70WFQvqh81iBpGjf7U+iGczvaE72y72LTQzXa3r9getqftZXvbPvZV29e+ZvvZ121/O8AOtG/YQfZNO9i+ZYfYoXaYfdsOtyPsSDvKjrZj7Fj7jh1n37Xj7Xt2gp1oJ9nJdoqdaqfZ9+10O8POtB/YWfZDO9vOsXPtPDvffmQX2IV2kf3YLraf2CV2qV1ml9sVdqVdZVfbNXatXWfX2w12o91kN9st9lO71W6z2+0Ou9PusrvtZ3aP/dzutV/YffZLu9/+xR6wX9mD9mt7yH5jD9tv7RH7nT1qv7fH7A/2uD1hT9of7Sn7kz1tz9iz9md7zv5iz9sL9qINl97cX3p5J0OG0lAaSqEUSk/pKQNloEyUiRKUoMyUmbJQFspKWSk7ZaeclJNyU266hIkpD+WhJCUpH+Wj/JSfClJB8uSpCBWholSUilExKk7FqQSVuPxoAbqT7qS76C4qR+XobrqbKlJFqkyVqQpVoapUlapRNapO1akG1aCaVJNqUS2qTbWpDtWhulSX6lE9akANqBE1osbUmJpQE2pGzag5NacW1IJaUktqRa2oNbWmNtSG2lJbakftqD21p47UkTpRJ+pMnakrdaXu1J16UA/qRb2oD/WhvtSX+lE/6k/9aSANpEE0iAbTYBpCQ2kYvU3DaQSNpFE0msbQWBpL42gcjafxNIEm0CSaRFNoCk2jaTSdptNMmkmzaBbNptk0l+bSfJpPC2gBLaJFtJgW0xJaQstoGa2gFbSKVtEaWkPraB1toA20iTbRFtpCW2krbafttJN20m7aTXtoD+2lvbSP9tF+2k8H6AAdpIN0iA7RYTpMR+gIHaWjdIyO0XE6TifpJJ2iU3SaTtNZOkvn6Bc6TxfoIgVKcelceneNy+AyukzuWvePcXaXw+V0uVxuZ11Wl+3vYnLO5XcFXEFXyHlX2BVxN/8mLulKuTtcaXenK+PucmV/E1dx97qq7j5Xzd3vKrt7/i6u7h5wNdyjrqZ7zNVy9V1t19DVcY+6uu4xV8/Vdw1cQ9fcPeVauKddS/eMa+We/U28wC10a9xat86td3vc5+6s+9kdcd+5c+4X19l1cX3cq66ve831c6+7/m7Ab+Jh7m033I1wI90oN9qN+U08yU12U9xUN82976a7Gb+J57uP3Cy3yM12c9xcN+/X+FJPi9zHbrH7xC1xS90yt9ytcCvdKrf6f/e63G10m9xmt9t95ra6bW672+F2ul2/xpeOY6/7wu1zX7rD7lt3wH3lDrqj7pD75tf40vEddd+7Y+4Hd9ydcCfdj+6U+8mddmd+Pf5Lx/6ju+AuuuCAkRVrNhxxGk7LKZyO0/M1nIEzcia+lhN8HWfm6zkL38BZORtn5xyck3NxbrZM7Jg55jycl5N8I+fjmzg/F+CCXIg9F+YifDMX5Vu4GN/Kxfk2LsG3c0kuxXdwab6Ty/BdXJbLcXm+mytwRa7ElfkersL3clW+j6vx/VydH+Aa/CDX5Ie4Fj/MtfkRrsOPcl1+jOtxfW7ADbkRP86N+Qluwk25GT/JzfkpbsFPc0t+hlvxs9yan+M2/Dy35Re4Hb/I7bkDd+SXuBO/zJ25C3flbtydX+Ee3JN7cW/uw69yX36N+/Hr3J8H8EB+gwfxmzyY3+IhPJSH8ds8nEfwSB7Fo3kMj+V3eBy/y+P5PZ7AE3kST+YpPJWn8fs8nWfwTP6AZ/GHPJvn8Fyex/P5I17AC3kRf8yL+RNewkt5GS/nFbySV/FqXsNreR2v5w28kTfxZt7Cn/JW3sbIO3gn7+Ld/Bnv4c95L3/B+/hL3s9/4QP8FR/kr/kQf8OH+Vs+wt/xUf6ej/EPfJxP8En+kU/xT3yaz/BZ/pnP8S98ni/wRQ4MMcYq1rGJozhNnDZOidPF6eNr4gxxxjhTfG2ciK+LM8fXx1niG+KscbY4e5wjzhnninPHNqbYxRzHcZ44b5yMb4zzxTfF+eMCccG4UOzjwnGR+Oa4aHxLXCy+NS4e3xaXiG+PS8al4kfvLx3fGZeJ74rLxuXi8vHdcYW4YlwprhzfE1eJ742rxvfF1eL742LxA3GN+MG4ZvxQXCt+OK4dPxLXiR+N68aPxfXi+nGDuGHcKH48bhw/ETeJm8bN4ifj5vFTcYv46bhl/EzcKn72Dy/vGneLu8evxK/EIdyn5ybnJecnP0ouSC5MLkp+nFyc/CS5JLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ORlC5bTg0SuvvfGRT+PT+hSfzqf31/gMPqPP5K/1CX+dz+yv91n8DT6rz+az+xw+p8/lc3vryTvPPvZ5fF6f9Df6fP4mn98X8AV9Ie99YV/EN/SNfCPf2D/hm/imvpl/0j/pn/JP+af90/4Z38o/61v753wb/7xv61/wL/gXfXvfwXf0L/lO/mXf2XfxXX1X39139z18D9/L9/J9fB/f1/f1/Xw/399f8AP9QD/ID/KD/WA/xA/xw/wwP9wP9yP9SD/aj/Zj/Vg/zo/z4/14PyFlgp/kJ/kpfoqf5qf56X66n+ln+ln5Z/nZfraf6+f6+X6+X+AX+EV+kV/sF/slfolf5pf5FX6FX+VX+TV+jV/n1/kNfoPf5Df5LX6L3+q3+u1+u9/pd/rdfrff4/f4vX6v3+dDCF32nw3+gD/ov/aH/Df+sP/WH/Hf+aP+e3/M/+CP+xP+pP/Rn/I/+dP+jD/rf/bn/C/+vL/gL/rgxybeSYxLvJsYn3gvMSExMTEpMTkxJTE1MS3xfmJ6YkZiZuKDxKzEh4nZiTmJuYl5ifmJjxILEgsTixIfJxYnPkksSSxNLEssT6xIrEyEkGtrHPKEvCEZbgz5wk0hfygQCoZCwYfCoUi4ORQNt4Ri4dZQPNwWSoTbQ8lQKtwRHgv1Qv3QIDQMjcLjoXF4IjQJTUOz8GRoHp4KLcLToWV4JrQKz4bW4bnQJjwf2oYXQrvwYmgfOoSO4aXQKbwcOocuoWvoFrqHV0KP0DP8EnqHPuHV0De8FvqF10P/MCAMDG+EQeHNMDi8FYaEoWFYeDsMDyPCyDAqjA5jwtjwThgX3g3jw3thQpgYJoXJYUqYGqaF98P0MCPMDB+EWeHDMDvMCXPDvDA/fBQWhIVhUfg4LA6fhCVhaVgWlgdIWRlWhdVhTVgb1oX1YUPYGDaFzWFL+DRsDdvC9rAj7Ay7wu7wWdgTPg97wxdhX/gy7A9/CQfCV+Fg+DocCt+Ew+HbcCR8F46G78Ox8EM4Hk6EkwHDqfBTOB3OhLPh53Au/BLOhwvhovzNmhBCCCHE/xX9B5d3+yffU5cX/Pq7c4CM23Ic+seaG7L+dd9T5WyeAIBnurR7+G+rQoWuXbtevu4SDVHeOQCQuJKfBq7ES6EZPAUtoSkU/af99VQdzvG/rv8bKQCQHv6x/i2/U3/ErD+oHyXnAOTPeyUnHVyJr9Qv9jv1szX+g/rpvhoL0OT/yMkAV+Ir9YvAE/AstPy7awohhBBCCCGEEH/VU93R5o8+3176fJ7TXMlJC1fiP/p8LoQQQgghhBBCiKvv+Q4dn368ZcumbWRzFTbtMv51Cv8t/fzOJs1/Rxt/3gYvn736b+nnP70pd/nR/j/JumpPSUIIIYQQQoj/kCtv+q92J0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghROr1/+OfkF3tYxRCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGutv8VAAD//zmwHF0=") (fail_nth: 25)

3.68120501s ago: executing program 3 (id=689):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r0}, 0x10)
pipe2(&(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

3.598885127s ago: executing program 3 (id=690):
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000340)={0x3, &(0x7f0000000000)=[{0x200000000006, 0x0, 0x0, 0x7ffc1fff}, {0x36, 0x0, 0x79, 0xeaf}, {0x748, 0x3, 0x2, 0x3}]})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001780), 0x30500, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "2af01c3d0040fbffffffffffffff00"})
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1000806, &(0x7f00000016c0)=ANY=[@ANYBLOB='errors=remount-ro,discard,dmask=00000000000000000000000,iocharset=maccenteurO,fmask=00000000000000000000003,iocharset=cp932,iocharset=iso8859-6,fmask=00000000000000000000010,\x00'], 0x9, 0x1505, &(0x7f0000000180)="$eJzs3Au4jdX2MPAx5pwvm9BKcp9jjpeVXCZJEknIJUmSJMktIUmSJCS33JKQhNyT3ENyC8n9fss9SY4kSUJCwvweHefzndPp9P2/0/mc59nj9zzz2XPstcZY411jr9u7n72/azewUp3K5WsxM/xb8K9fugJACgD0AYBrASACgOKZi2e+dHk6jV3/vRsRf66Hp1ztDsTVJPNP3WT+qZvMP3WT+aduMv/UTeafusn8UzeZvxCp2ZapOa6TlXqXnP9PzeT1P3WT+aduMv/UTeafusn8UzOW+adyMv/UTeafusn8hUjN/pTzyGkvF/svOJ/9H1h/u6uudh9/sKL/p7yr95MnhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECI1ORuuMADwt/3V7ksIIYQQQgghhBB/npD2ancghBBCCCGEEEKI/zwEMBoMRJAG0kIKpIP0cA1kgIyQCa6FBFwHmeF6yAI3QFbIBtkhB+SEXJAbLBA4YIghD+SFJNwI+eAmyA8FoCAUAg+FoQjcDEXhFigGt0JxuA1KwO1QEkrBHVAa7oQycBeUhXJQHu6GClARKkFluAeqwL1QFe6DanA/VIcHoAY8CDXhIagFD0NteATqwKNQFx6DelAfGkBDaPTP8/W/zn8JOsHL0Bm66Ev3QHd4BXpAT+gFvaEPvAp94TXoB69DfxgAA+ENGARvwmB4C4bAUBgGb8NwGAEjYRSMhjEwFt6BcfAujIf3YAJMhEkwGabAVJgG78N0mAEz4QOYBR/CbJgDc2EezIePYAEshEXwMSyGT2AJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQt8ClthG2yHHbATdsFu+Az2wOewF76AffDl/zD/zD/kt0dAQIUKDRpMg2kwBVMwPabHDJgBM2EmTGACM2NmzIJZMCtmxeyYHXNiTsyNuZGQkJExD+bBJCYxH+bD/JgfC2JB9OixCBbBongLFsNiWByLYwksgSWxFJbC0lgay2AZLItlsfztcwCwAlbCSngP3oP3YlWsitWwGlbH6lgDa2BNrIm1sBbWxtpYB+tgXayL9bAeNsAG2AgbYWNsjE2wCTbDZtgcm2MLbIEtsSW2wlbYGltjG2yDbbEttsN22B47YAd8CV/Cl/Fl7IIVVDfsjt2xB/bAXtgbe+Or2Bdfw9fwdeyPA3AgvoFv4Js4GE/jEByKw3AYllEjcCSOQlZjcCyOxXE4DsfjeJyAE3EiTsYpOBWn4TScjjNwBn6As/BD/BDn4Bych/NxPi7AhbgIF+FiPINLcCkuw+W4AlfiClyNa3A1rlN/e2huxs34KX6K23Ab7sAduAt34Wf4GX6On2N/3If7cD/uxwN4AA/iQTyEh/AwHsYjeASP4lE8hsfwOJ7Ak3gCT+EpPI1n8CyexXN4Ds/jCzm/qb2rwNr+oC4xyqg0Ko1KUSkqvUqvMqgMKpPKpBIqoTKrzCqLyqKyqqwqu8qucqqcKrfKrUiRYhWrPCqPSqqkyqfyAUBXVVAVVF55VUQVUUVVUVVMFVPF1W2qhLpdlVSlVFNfWpVWZVQzX1aVU+VVeVVBVVSVVGVVWVVRVVRVVVVVU9VUdVVd1VAPqpqqG/bCh9WlydRRA7CuGoj1VH3VQDVUb+LjqrEajE1UU9VMPamG4hBsoRr7luoZ1UqNxNbqOTUKn1dt1Rhsp15U7VUH1VG9pDqpJr6z6qImYDfVXU3GHqqn6qV6q+lYUV2aWCX1uuqvBqiB6g01D99Ug9Vbaogaqoapt9VwNUKNVKPUaDVGjVXvqHHqXTVevacmqIlqkpqspqipapp6X01XM9RM9YGapT5Us9UcNVfNU/PVR2qBWqgWqY/VYvWJWqKWqmVquVqhVqpVarVao9aqdWq92qA2qk1qs9qiPlVb1Ta1Xe1QO9UutVt9pvaoz9Ve9YXap75U+9Vf1AH1lTqovlaH1DfqsPpWHVHfqaPqe3VMdVHH1Ql1Uv2oTqmf1Gl1Rp1VP6tz6hd1Xl1QF1VQoFErrbXRkU6j0+oUnU6n19foDDqjzqSv1Ql9nc6sr9dZ9A06q86ms+scOqfOpXNrq0k7zTrWeXRendQ36nz6Jp1fF9AFdSHtdWFdRN+si+pbdDF9qy6ub9Ml9O26pC6l79Cl9Z26jL5Ll9XldHl9t66gK+pKurK+R1fR9+qq+j5dTd+vq+sHdA39oK6pH9K19MO6tn5E19GP6rr6MV1P19cNdEPdSD+uG+sndBPdVDfTT+rm+indQj+tW+pndCv9rG6tn9Nt9PO6rX5Bt9Mv6va6g+6oL+iLOujOuovuqrvp7voV3UP31L10b91Hv6r76td0P/267q8H6IH6DT1Iv6kH67f0ED1UD9Nv6+F6hB6pR+nReoweq9/R4/S7erx+T0/QE/UkPVlP0VN1r8uVZl7KN/Av89/9J/n9fr31zXqL/lRv1dv0dr1D79S79G69W+/Re/RevVfv0/v0fr1fH9AH9EF9UB/Sh/RhfVgf0Uf0UX1UH9PH9HF9Qv+sf9Sn9E/6tD6jz+if9Tl9Tp+/fB+AQaOMNsZEJo1Ja1JMOpPeXGMymIwmk7nWJMx1JrO53mQxN5isJpvJbnKYnCaXyW2sIeMMm9jkMXlN0txo8pmbTH5TwBQ0hYw3hU0Rc/Pv5UeXn+H+MP93+ls+6XJ+I9PINDaNTRPTxDQzzUxz09y0MC1MS9PStDKtTGvT2rQxbUxb09a0M+1Me9PedDQdTSfTyXRGMF1NV9PdvGJ6mJ6ml+lt+phXTV/T1/Qz/Ux/098MNAPNIDPIDDaDzRAzxAwzw8xwM9yMNCPNaDPajDVjzTgzzow3480EM8FMMpPMFDPFXHphvWSmmWlmmVlmtplt5pq5Zr6ZbxaYBWaRWWQWm8VmiVlqlprlZrlZaVaa1Wa1WWvWmvVmvdloNpolZovZYraarWa72W52mp1mt9lt9pg9Zq/Za/aZfWa/2W8OmAPmoDloDplD5rA5bI6YI+aoOWqOmWPmuDluTpqT5pQ5ZU6b0+asOWvOmXPmvDlvLpqLl972RSpSkYlMlCZKE6VEKVH6KH2UIcoQZYoyRYkoEWWOMkdZohuirFG2KHuUI8oZ5YpyRzaiyEUcxVGeKG+UjG6M8kU3RfmjAlHBqFDko8JRkejmqGh0S1QsujUqHt0WlYhuj0pGpaI7otLRnVGZ6K6obFQuKh/dHVWIKkaVosrRPVGV6N6oanRfVC26P6oePRDViB6MakYPRbWih6Pa0SNRnejRqG70WFQvqh81iBpGjf7U+iGczvaE72y72LTQzXa3r9getqftZXvbPvZV29e+ZvvZ121/O8AOtG/YQfZNO9i+ZYfYoXaYfdsOtyPsSDvKjrZj7Fj7jh1n37Xj7Xt2gp1oJ9nJdoqdaqfZ9+10O8POtB/YWfZDO9vOsXPtPDvffmQX2IV2kf3YLraf2CV2qV1ml9sVdqVdZVfbNXatXWfX2w12o91kN9st9lO71W6z2+0Ou9PusrvtZ3aP/dzutV/YffZLu9/+xR6wX9mD9mt7yH5jD9tv7RH7nT1qv7fH7A/2uD1hT9of7Sn7kz1tz9iz9md7zv5iz9sL9qINl97cX3p5J0OG0lAaSqEUSk/pKQNloEyUiRKUoMyUmbJQFspKWSk7ZaeclJNyU266hIkpD+WhJCUpH+Wj/JSfClJB8uSpCBWholSUilExKk7FqQSVuPxoAbqT7qS76C4qR+XobrqbKlJFqkyVqQpVoapUlapRNapO1akG1aCaVJNqUS2qTbWpDtWhulSX6lE9akANqBE1osbUmJpQE2pGzag5NacW1IJaUktqRa2oNbWmNtSG2lJbakftqD21p47UkTpRJ+pMnakrdaXu1J16UA/qRb2oD/WhvtSX+lE/6k/9aSANpEE0iAbTYBpCQ2kYvU3DaQSNpFE0msbQWBpL42gcjafxNIEm0CSaRFNoCk2jaTSdptNMmkmzaBbNptk0l+bSfJpPC2gBLaJFtJgW0xJaQstoGa2gFbSKVtEaWkPraB1toA20iTbRFtpCW2krbafttJN20m7aTXtoD+2lvbSP9tF+2k8H6AAdpIN0iA7RYTpMR+gIHaWjdIyO0XE6TifpJJ2iU3SaTtNZOkvn6Bc6TxfoIgVKcelceneNy+AyukzuWvePcXaXw+V0uVxuZ11Wl+3vYnLO5XcFXEFXyHlX2BVxN/8mLulKuTtcaXenK+PucmV/E1dx97qq7j5Xzd3vKrt7/i6u7h5wNdyjrqZ7zNVy9V1t19DVcY+6uu4xV8/Vdw1cQ9fcPeVauKddS/eMa+We/U28wC10a9xat86td3vc5+6s+9kdcd+5c+4X19l1cX3cq66ve831c6+7/m7Ab+Jh7m033I1wI90oN9qN+U08yU12U9xUN82976a7Gb+J57uP3Cy3yM12c9xcN+/X+FJPi9zHbrH7xC1xS90yt9ytcCvdKrf6f/e63G10m9xmt9t95ra6bW672+F2ul2/xpeOY6/7wu1zX7rD7lt3wH3lDrqj7pD75tf40vEddd+7Y+4Hd9ydcCfdj+6U+8mddmd+Pf5Lx/6ju+AuuuCAkRVrNhxxGk7LKZyO0/M1nIEzcia+lhN8HWfm6zkL38BZORtn5xyck3NxbrZM7Jg55jycl5N8I+fjmzg/F+CCXIg9F+YifDMX5Vu4GN/Kxfk2LsG3c0kuxXdwab6Ty/BdXJbLcXm+mytwRa7ElfkersL3clW+j6vx/VydH+Aa/CDX5Ie4Fj/MtfkRrsOPcl1+jOtxfW7ADbkRP86N+Qluwk25GT/JzfkpbsFPc0t+hlvxs9yan+M2/Dy35Re4Hb/I7bkDd+SXuBO/zJ25C3flbtydX+Ee3JN7cW/uw69yX36N+/Hr3J8H8EB+gwfxmzyY3+IhPJSH8ds8nEfwSB7Fo3kMj+V3eBy/y+P5PZ7AE3kST+YpPJWn8fs8nWfwTP6AZ/GHPJvn8Fyex/P5I17AC3kRf8yL+RNewkt5GS/nFbySV/FqXsNreR2v5w28kTfxZt7Cn/JW3sbIO3gn7+Ld/Bnv4c95L3/B+/hL3s9/4QP8FR/kr/kQf8OH+Vs+wt/xUf6ej/EPfJxP8En+kU/xT3yaz/BZ/pnP8S98ni/wRQ4MMcYq1rGJozhNnDZOidPF6eNr4gxxxjhTfG2ciK+LM8fXx1niG+KscbY4e5wjzhnninPHNqbYxRzHcZ44b5yMb4zzxTfF+eMCccG4UOzjwnGR+Oa4aHxLXCy+NS4e3xaXiG+PS8al4kfvLx3fGZeJ74rLxuXi8vHdcYW4YlwprhzfE1eJ742rxvfF1eL742LxA3GN+MG4ZvxQXCt+OK4dPxLXiR+N68aPxfXi+nGDuGHcKH48bhw/ETeJm8bN4ifj5vFTcYv46bhl/EzcKn72Dy/vGneLu8evxK/EIdyn5ybnJecnP0ouSC5MLkp+nFyc/CS5JLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ORlC5bTg0SuvvfGRT+PT+hSfzqf31/gMPqPP5K/1CX+dz+yv91n8DT6rz+az+xw+p8/lc3vryTvPPvZ5fF6f9Df6fP4mn98X8AV9Ie99YV/EN/SNfCPf2D/hm/imvpl/0j/pn/JP+af90/4Z38o/61v753wb/7xv61/wL/gXfXvfwXf0L/lO/mXf2XfxXX1X39139z18D9/L9/J9fB/f1/f1/Xw/399f8AP9QD/ID/KD/WA/xA/xw/wwP9wP9yP9SD/aj/Zj/Vg/zo/z4/14PyFlgp/kJ/kpfoqf5qf56X66n+ln+ln5Z/nZfraf6+f6+X6+X+AX+EV+kV/sF/slfolf5pf5FX6FX+VX+TV+jV/n1/kNfoPf5Df5LX6L3+q3+u1+u9/pd/rdfrff4/f4vX6v3+dDCF32nw3+gD/ov/aH/Df+sP/WH/Hf+aP+e3/M/+CP+xP+pP/Rn/I/+dP+jD/rf/bn/C/+vL/gL/rgxybeSYxLvJsYn3gvMSExMTEpMTkxJTE1MS3xfmJ6YkZiZuKDxKzEh4nZiTmJuYl5ifmJjxILEgsTixIfJxYnPkksSSxNLEssT6xIrEyEkGtrHPKEvCEZbgz5wk0hfygQCoZCwYfCoUi4ORQNt4Ri4dZQPNwWSoTbQ8lQKtwRHgv1Qv3QIDQMjcLjoXF4IjQJTUOz8GRoHp4KLcLToWV4JrQKz4bW4bnQJjwf2oYXQrvwYmgfOoSO4aXQKbwcOocuoWvoFrqHV0KP0DP8EnqHPuHV0De8FvqF10P/MCAMDG+EQeHNMDi8FYaEoWFYeDsMDyPCyDAqjA5jwtjwThgX3g3jw3thQpgYJoXJYUqYGqaF98P0MCPMDB+EWeHDMDvMCXPDvDA/fBQWhIVhUfg4LA6fhCVhaVgWlgdIWRlWhdVhTVgb1oX1YUPYGDaFzWFL+DRsDdvC9rAj7Ay7wu7wWdgTPg97wxdhX/gy7A9/CQfCV+Fg+DocCt+Ew+HbcCR8F46G78Ox8EM4Hk6EkwHDqfBTOB3OhLPh53Au/BLOhwvhovzNmhBCCCHE/xX9B5d3+yffU5cX/Pq7c4CM23Ic+seaG7L+dd9T5WyeAIBnurR7+G+rQoWuXbtevu4SDVHeOQCQuJKfBq7ES6EZPAUtoSkU/af99VQdzvG/rv8bKQCQHv6x/i2/U3/ErD+oHyXnAOTPeyUnHVyJr9Qv9jv1szX+g/rpvhoL0OT/yMkAV+Ir9YvAE/AstPy7awohhBBCCCGEEH/VU93R5o8+3176fJ7TXMlJC1fiP/p8LoQQQgghhBBCiKvv+Q4dn368ZcumbWRzFTbtMv51Cv8t/fzOJs1/Rxt/3gYvn736b+nnP70pd/nR/j/JumpPSUIIIYQQQoj/kCtv+q92J0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghROr1/+OfkF3tYxRCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGutv8VAAD//zmwHF0=")
open(&(0x7f0000000000)='./bus\x00', 0x20342, 0x0)
syz_open_pts(r0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000140)={0x46b, 0x0, 0x0, 0x0, 0x0, "4cca8e4d4235a1f6"})
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000140)={0xffffffffffffffff, &(0x7f0000000000), 0x20000000}, 0x20)
bpf$ITER_CREATE(0x21, &(0x7f00000001c0), 0x8)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000380)={0x2, 0x4e22}, 0x10)
listen(r1, 0x0)
syz_emit_ethernet(0x82, &(0x7f00000003c0)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x18, 0x0, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa}, @sack_perm, @md5sig={0x13, 0x3c, "91d785d58954605c802acf9f965fe399"}]}}}}}}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
r6 = socket$tipc(0x1e, 0x2, 0x0)
r7 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r6, &(0x7f00000002c0)={&(0x7f0000000000), 0x10, 0x0}, 0x0)
write$binfmt_script(r2, &(0x7f0000000140), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

3.495127036s ago: executing program 3 (id=692):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x10000000)

3.491897736s ago: executing program 4 (id=693):
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4000801)
r0 = socket$packet(0x11, 0x0, 0x300) (async)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x7, 0x4a9, &(0x7f0000000b40)="$eJzs3E9sFFUYAPBvtru0gEhFREHUIhobjS0UFA5eMJp40MSIBz02bSFIoYbWRAjRkhg8GhLvxqNXD17Vm/Fk4hUPHkwMCTFcAE9jZnem3e6flrbbLri/X7L0vZk3+963b97s23m7BNCzhrJ/koiHIuJ6ROysZZcWGKr9uXPr8sTdW5cnYj5NT/6TVMvdzvK54rjteWa4FFH6Iml4wprZi5fOjk9PT13I86Nz5z4enb146eUz58ZPT52eOj92/PjRI4ePvTr2yuqDalFfFtftfZ/N7N/71ofX3pkoF9sH8r/1cXTKUAy1akrV852urMt21KWTchcbwqpk53/WXZXq+N8ZfaHzoFekaZr2t989nza60rQFeGAl0e0WAN1RvNFnn3+LxyZNPe4LN0/UPgBlcd/JH7U95SjlZSoNn287aSgiPpj/95vsEcvdh/hzgxoAAPScn04UM8HG+V8p9tSVezhfQxmMiEciYldEPBoRuyPisYhq2ccj4onGCpKIdJn6dzfkm+c/pRvriW8l2fzvtXxta+n8r5j9xWBfntsRUUyYpw7lr8lwVPpPnZmeOrxMHT+/8ftX7fbVz/+yR1Z/MRfM23Gj3HCDbnJ8bnzNATe4eSViX7kx/qScdVyxEpBExN6I2LeK5x2sS5958bv9C5nK0nIrx1+VtlxH68BSRfptxAu1/p+PJf2/WGOy/Prk6EBMTx0azc6CQy3r+PW3q++2q3/F+H/4q/GQN4/9eHK9YS/I+n9b3fkfxfrtYvyDSUSysF47u/o6rv7xZfV5hw4271vr+b8leb+a3pJv+3R8bu7C4YgtydvN28cWjy3yRfks/uGDrcf/rvyY7JV4MiKyk/ipiHg6Ip7J234gIp6NiBahLfjl9ec+arfvHs//DZPFP9ny+rek/xfX69eQ6Dt74PrdNhePe+v/o9XUcL6l9fUvWXKJuNcGduAlBAAAgPteKarf/S+NLKRLpZGR2j2g3bGtND0zO/fSqZlPzk/WfiMwGJVScaerdj+4khT3Pwfr8mMN+SP5feOv+7ZW8yMTM9OT3Q4eetz26phPmsZ/5u++brcO2HB+8gO9a6Xxv+faJjUE2HTe/6F31Y3/+TZF5n1TBv6fvP9D72o1/j9fwzHAgyU1lqGnGf/Qu8rx3kK61NWWAJvN+z/0pPX8rn/lRNrfetdANBeOgY1pxtYWdXUlkc2sulL71rUcVfxvCm3LRGl1T9gfzbv6otMhVyJixcKn93T85E/z78p3uge/35Rx2irRlcsRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAx/0XAAD//8p53a4=") (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (async)
r2 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) (async)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000100)='./file2\x00', 0x0, &(0x7f0000000000)={[{@mblk_io_submit}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000000}}, {@nombcache}]}, 0x1, 0x48c, &(0x7f0000001440)="$eJzs3M1vFOUfAPDvzG7Lj7dfV8QXEKWKRqKxpQWVgwcwmnjQxEQPeKxtIUihhtZECNHiAY+GxLvxaOJf4EkuRj2ZeNW7ISGGC+hpzOzO9GW7uyll6VL280mWfZ554fl+d+bZfWYehgD61nD+RxKxIyL+iIihRnXlBsONt9s3L03+c/PSZBJZ9t7fSX27WzcvTZablvttLysLxfKF1e3OXbh4ZmJmZvp8UR+dP/vx6NyFiy+dPjtxavrU9Lnxo0ePHB579ZXxl9sHn6w9zzymW3s/m923560Prr4zeeLqh798n5T5N+XRJcMtllXKwnNdbqzXdi4rJ9WiUOlRMKxZfojywzVQ7/9DUYnq4rqhePOLngYH3FNZlmVb2q1MYiEDHmBJ9DoCoDfKn/r8+rd8bdjg4z5w43jjAijP+3bxaqypRlpsM9B0fdtN+dXWiYV/v8lfcW/uQwAArPDj8cb76vFfGo8u2+5YMTdUi4iHImJXRDwcEbsj4pGI+raPRcTjS7tka5meaZ4kWT3+Sa+vM7U1ycd/rxVzWyvHf+XoL2qVoraznv9AcvL0zPShiPh/RByMgS15faxDG9fe+P2rduuGI7Jy/Je/8vbLsWARR9q8z9TE/MT6M17pxuWIvdVW+SeLMwH5cdwTEXv3r6+N0y98t6/duuFl49/W+XdQXV88y2XfRjzfOP4L0ZR/Kek8Pzn6v5iZPjRanhWr/frblXfbtX9X+XdBfvy3tTz/F/OvJcvna+fqy1adk51c+fPLltc0A53zLwJIr1ebblDn5/9g8n69PFgs+3Rifv78WMRg8nax/NjS8vGlfct6uX2e/8EDrfv/rlj6JJ6IiPwkfjIinoqI/UXsT0fEMxFxoEP+P7/+7Eft1t0Px3/qjo7/nRcqZ376YUWjtQ75J9H8/Xe9uuVIvXSwWLKW77/24Szd88jTWu/nBgAAAJtJGhE7IklHFstpOjLS+Pfyu2NbOjM7N//iydlPzk01nhGoxUBa3ukaWnY/dKy4Y1DWx4vL/LJ+uLhv/HVla70+Mjk7M9Xr5KHPbW/T/3N/eX4DHnxdmEcDNqn19v8syz7vcijABvP7D/1L/4f+1aL/b22qt/0/AoDNrdXvvwt76A/G/9C/9H/oX/o/9K9qxOi1XgcBbLS7ea6/KFxu/7B9VlnT35OPP+46jA0sZNlGtZVlK9oa7H3ui4VI74sw7lUhah1PgCzbkDBqvfsQev3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0B3/BQAA//8/GOnV") (async)
r3 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet(r4, &(0x7f0000001840)=[{{&(0x7f0000000000)={0x2, 0x4e22, @remote}, 0x10, 0x0}}, {{&(0x7f00000000c0)={0x2, 0x4e20, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@ip_retopts={{0x18, 0x0, 0x34, {[@generic={0x0, 0x2}, @rr={0x7, 0x3}]}}}], 0x18}}], 0x2, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) (async)
r5 = socket(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="440000401000030400"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000024001280080001006772650018000280060003000000000006000e000000000004001200"], 0x44}}, 0x0) (async)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000300), r6)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r6, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000a80)={0x24, r7, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @multicast2}]}, 0x24}}, 0x0) (async)
io_setup(0x202, &(0x7f0000000200)=<r8=>0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYRES16=r8])
io_submit(r8, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x0, 0x1, 0x0, r3, &(0x7f0000000000), 0x16000}]) (async)
ioctl$FS_IOC_GETFSMAP(r1, 0x8010661b, 0x0) (async)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100009e173610ef171e7234c101020301090232e7000000000009"], 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r9, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000000340)={0x14, r10, 0x313, 0x0, 0x0, {0x2f}}, 0x14}}, 0x0)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r2, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000740)={0x224, r10, 0x300, 0x70bd26, 0x25dfdbfb, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x7}, {0x6, 0x11, 0x69d}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0xc}, {0x6, 0x11, 0x800}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x101}, {0x6}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x2}, {0x6, 0x11, 0x8000}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x4}, {0x6, 0x11, 0xfffd}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0xf}, {0x6}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0xe}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x37}, {0x6, 0x11, 0x4}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x9}, {0x6, 0x11, 0x1}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x80}, {0x6, 0x11, 0x69d6}}]}, 0x224}, 0x1, 0x0, 0x0, 0x11}, 0xc840)

3.43730925s ago: executing program 4 (id=694):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000200850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810314, &(0x7f0000000340)={[{@grpid}, {@abort}, {@norecovery}, {@sysvgroups}, {@init_itable}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0xa}}, {@usrjquota}, {@nombcache}, {@dioread_lock}]}, 0xff, 0x471, &(0x7f0000000640)="$eJzs289rHFUcAPDvTDZpbbWJtVZbWxutQvBH0qRVexBEUfCgIOihHmOSltptI00EW4JGkXqUgnfxKPgXePIk6knwWo+CFIoWodWLK7M7kx/b3TQxm07Ifj6w7Xszb95738y82bfzdgPoWoPZP0nE3RFxJSL6G9nlBQYb/928Pjfx9/W5iSRqtTf/SOrlblyfm6jliuN25nUOpRHpp0neSPQurXbmwsUz49Xq1Pk8PzJ79r2RmQsXnz59dvzU1Kmpc2PHjx87Ovrcs2PPtOj1b5fXGmcW3439H04f2Pfq25dfnzhx+Z0fv8n6u/dgY38Wx1rrvJ3BLPA/G3+b5n2Pd7qxkv1bW4wzqZTdG1arJyIq+eC8Ev3RE4snrz9e+aTUzgEbKrtnb2u/e74GbGFJlN0DoBzFG332+bd43aGpx6Zw7cXGB6As7pv5q7GnEmlepncD2x+MiBPz/3yZvaLpOUStxXMDAID1+i6b/zzVav6Xxt4l5Xbla0MDEXFvROyOiPsiYk9E3B9RL/tARDy4xvYHm/K3zj/Tq/8rsFXK5n/P52tby+d/xewvBnry3D31+HuTk6erU0fyv8lQ9G7L8qOtKi+qePmXz9u1v3T+l72y9ou5YF7J1UrjAd32Ysvk+Ox4pyal1z6O2F9pFX+ysBKQRMS+iNi/tqp3FYnTT3x9oF2h28e/gg6sM9W+KiqZm4+m+AvJyuuTI9ujOnVkpLgqbvXTz5feaNf+uuLvgOz871h+/TeV6P8rWbpeO7Ow44XVtnHp18/afqasrP76X5Bd/33JW/U13b582wfjs7PnRyP6ktfq+WXbxxaPLfJF+Sz+ocOtx//u/Jgs/ociIruID0bEwxFxKD93j0TEoxFxeIX4f3jpsXfb7dsM53+y5f1v4fofWH7+157oOfP9t+3aX93971g9NZRvqd//bqN9d4rbaNPVDAAAAFtYWv9ufJIOL6TTdHi48R3+PbEjrU7PzD55cvr9c5ON79APRG9aPOnqX/I8dDSZz2ts5MfyZ8XF/qP5c+Mveu6q54cnpquTJccO3W5nm/Gf+b2n7N4BG87vtaB7NY//tKR+AHee93/oXsY/dKle4x+6Wavx/1FT3loAbEW1/rJ7AJTH/B+6l/EP3cv4h660nt/1b1SissKv9yXWk+hb1+FJxPzilkhLD2dTJQ5totFU6cDoLvnGBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0CH/BQAA//+O8/d5")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
clock_getres(0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x16c5})
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r5 = gettid()
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_opts(r6, 0x29, 0x4d, &(0x7f0000000140)=ANY=[@ANYRESDEC=r0], 0x8)
setsockopt$inet6_int(r6, 0x29, 0x4a, &(0x7f0000000040)=0x7, 0x4)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r7, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
recvmsg(r6, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/41, 0x29}, 0x0)
r8 = gettid()
tkill(r5, 0x12)
signalfd4(r0, &(0x7f0000000080)={[0xffffffff00000001]}, 0x8, 0x400)
tkill(r5, 0x1)
tkill(r8, 0x16)

3.43673282s ago: executing program 3 (id=695):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="6e6f626172726965722c6e6f657874656e745f63616368652c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474720000693a653d3078303030303030303030303030303766662c736d61636b6673726f6f080000006673f52b00e58abba2d0cc27be339f6f4fe5ad35a724e1531a622f050000008586eb5ba3614d2c24abf5a2614c0f111e057112dafd66336a5e3b6512b81cda80be6e9a34ccc2b88c0100008000000000e3f5def862b95c20ee847008000b0c22653d2ff39b36732e46b56357afe57094f42ba61c5e8b4e184d7dd50000000000000000c0469264c247cd3c7fcb39043dda97538456bc294ae31e525d3b664cf8e83b52b1885b866b58698b3f132aced62a4fc7c8c400b805173d7488a35708d2523190c0014689f57be6ee3f5d28935a0000000000000000000000000000000000000059c1403d010001008ab61fa90695a8b268c277645c1e357ec9316354f659d4244fe126a8364eaa0de6bf4ba21c767782a04bdbb8c86d0cc7e3f03f8ef15c0ee311768cccb8affb0ae5d7cd0000000097676c046a6c754c98dd5f400ad99a588d983ae6e07b4e0e0907266aca53b30a815a84295fb5eab2f263613d36994dc15562892c33ed149270907e9c2e4d0cac7dd9735621a0c6768d4f70c664699157854bb1b85ce3f6ea44456e4f1ae1575315d77f2b995ce4d6ce21b17ca891c155ddd9916e997c32e78231e8d54675e4edf480980023b9736180ff98cf93f888eb70abb728b7e91a5d75b7e43e54f92b6e679249576f12533bef1c93aa993977f15c0a7b595423444db6e87480c46c408f6d48afa1ba"], 0x1, 0x551d, &(0x7f0000005c80)="$eJzs3M1rI/UbAPAn7Xbff/sr4sHbDixCC5uw6baL3qru4gt2KasePGmapCG7SaY0aVp78uBRPHj2nxAFTx79Gzx49iYeFG/CSmamuvUFLE1S2/18YPLMfPOdZ55vKIVnJiSAp9Z88stPpbgWlyJiNiKuRmT7pWLLrObhuYi4HhEzT2ylYvz3gfMRcTkiro2S5zlLxVuf3hzeWPnxjZ+//vbCuSuff/Xdya0aOGnPR0R3K9/f7eYxbeXxYTFeG7az2F0eFjF/o/uoOE7zuNvcyDLs1g7m1bJ4u5XPT7d2+qO42anVR7HV3szGt3r5BfvD1kGe7ISHte3suNHcyGK7n2axtZ/Xtbef/2/b7w/yPI0i3wdZ+hgMDmI+3txr5uvZepTFem9QjOd500ZzbxSHRSwuF/W008jq2DjOJ/3f9ma7t7P3eNjc7rfTXrJSqb5Qqd4pV7fTRnPQXC7Xuo07y8lCqzOaVh40a93VVpq2Os1KPe0uJguter1crSYLd5sb7VovqVYrtyu3yiuLxd7N5NX77ySdRrIwii+3ezuDdqefbKbbSX7GYrJUuf3iYnKjmry1tp6sP7h3b2397ffuvnv/pbXXXykm/aWsZGHp1tJSuXqrvFRdHMP6k1Oy/o+Kose4fjiW0tGmX5hUHQCniP4fOAmT6/+3H0RMvv8P/f9YnKr+d2L9/2dP7frhWI7Y/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHZ8P/fFa9nOfH58pRj/XzH0THFcioiZiHj8N2bj/KGcs0WeuX+YP/enGr4pRZZhdI0LxXY5IlaL7df/T/pTAAAAgLPryw+vf5J36/nL/EkXxDTlN21mrr4/pnyliJib/2FM2WZGL8+OKVn2930u9saULbuBdXFMyfJbbufGle1fmT0ULj4RSnmYmWo5AADAVBzuBKbbhQAAADBNHx/5jK2J1MGUleLgUebBs+Dsm/d/PBC8dOgIAAAAOIVKJ10AAAAAMHFZ/+/3/wAAAOBsy3//DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+Y+d+ctMGojgAPxtc6D8VVd23R+kOjtEjdNllxQF6CY5Ar5ALcAayyxEiiPA4KERJFMVjWyHfJ5lhLPj5GeHFzEgDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTpslov/v/9/q9tzm7fzgsv+6Nt3QAAAPAWbKv1on4zS/2PzfnPzamvTb+IiDIiHhq7j+LdSeaoyake+Xx1r4aLiDrhcI1Jc3yIiJ/Ncf2l618BAAAAztdmuZqn0Xp6mQ1dEH1Kkzblp1+Z8oqIqGZXmdLKQ963TGH1/3scfzKl1RNY00xhacptnCvtWerH/ThrN73TFKkpn/5+tnsHAAB6NDpp+h2FAAAA0KffQxfAMIq4Xco8LgVOUtMs770/6QEAAACvUDF0AQAAAEDn6vG//f8AAADgvKX9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjStlovNsvVvG3Obt9OnrsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAb9ucdBUIgDMJg7/rOZO5/WGnQ1NSkCoSPvzEYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAePO7v/yfmBpnkrnXxtLzSLJ2amydGnvnxtEfxtevAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYn9sUAEEgDINb2de/8P6HjRf0DBHMgPCwi4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCP3DOWcWqdsSWeqmqZJvaMe1UdWSXOrBJXLvTxYOsf/ggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAl537eY2jigMA/mZmZ5NWxTXKHiJiwYNebLqtrb2JByV48E8QQrqtsVt/tDnYUoRcvEnOvYgeRQQl3vo/9NxCL/XWwx4qeK7Mr2Ty47AKO7PJfj7w5n1nGOZ93yyEfPe9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYZ/zhXpxkh14Rx+W1h8/urmf9owN95v724+WsZXHUZNLHwxv1k6hfO1lsPhkAAADmQ1LV9yGEJ+nOatbHvbz+T6t7spr/p5eKuKrnD9b9VV/V/ln784+nr+0O1CvGyR56dWM0PHc4lc70ZjnDnr88wU2d/M3n370k+QcSf7L16jjN32f0w4MHH3XzcGH66QIA/8/Zqi+D6vehrB+0mRgAc6NTK7yr+j/ptZsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBPGW+GFKo5CCMudvTjz6Nnd9aP6+9uPl6t26d697fozs0ekIYSrG6PhubDY4Gxm263bd66vjUbDm80Hb4YQ2hr9g3L61z+b4OYQppTGmZbe/JwFcflhz0o+xyNo8YcSAAAnUlq2rK5/ku6sZteipRCe/7y//n+7FocJ6/+nn196WB+rXv8PGpvh7FvZvPH1yq3bd97duLF2bXht+OV75wfvDy5cvnjx8kr+XUlxbDtNAAAAjrFu2er1f7x0eP3/dC0OE9b/3/w4+K4+VqL+P9Leol/bmQAAAMy3V87883d0xPWo2w3frm1u3hwUx93z88WxhVT/s4Wy1ev/ZKntrAAAAIAmjLeifev/V2pxmHD9/8VfXv+t/swkhHCqXP8/u/7V6Epz05lpU/nj4YXy4XYWAAAAUNbjpw6s/6f5/v94d8tDHEJ4560iLv8N4ET1f/Lx97/Wx6rv/7/Q3BRnUtwv3kfe90Po9NvOCAAAgJNsMW+9vP7/K91Z/eL305927f8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaNq/AQAA//9YdT1o")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200), 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r6, 0x0)
ftruncate(r6, 0x8001)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r8 = dup(r7)
ioctl$TIOCL_SETSEL(r8, 0x4b4b, &(0x7f0000001900)={0x2, {0xc}})
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r9}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0xc000000, @mcast1={0xff, 0x5}}, 0x1c)

2.837797039s ago: executing program 0 (id=696):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x0}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fchownat(0xffffffffffffffff, &(0x7f00000005c0)='./file0\x00', 0xee00, 0x0, 0x1000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
accept(r3, 0x0, &(0x7f0000001280))
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='sched_kthread_stop_ret\x00', r7}, 0x10)
sendmsg$nl_route(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8", @ANYRESDEC=r0, @ANYRES16=r5, @ANYRES32=r3], 0x40}, 0x1, 0x0, 0x0, 0x40480c5}, 0x800)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYRESDEC=0x0, @ANYBLOB="2c67726f7570cc9b643ddc16b5ebf44bb40b0898a212ba3bd1eb9bf41f530d9e4eda6d1291e4afafe9c936adfce90fba8efcee4b7f48", @ANYBLOB=',\x00'])
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x0, 0x2, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[], 0x44}}, 0x4)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010074000000000017000000480006803c00040067636d286165f9ffffffffffffff000000000000000064aeeaa040af2f0000000000000000000014000000e3de3d7b4cd07ec3ee777de774fc7987cca4198908000600000000000000a55049f1a30392f8fb5377f0420e5e1e23229f463a55afb1b5ebfc075b6eff57b51ea3016208d4a2645ac370bd23b4d6f56a2bf3deb4446ef2936e8cfb3c2f567a82a5c660c28e0a2557eb114b87f001"], 0x5c}}, 0x0)

2.753887146s ago: executing program 2 (id=697):
syz_open_dev$vcsn(&(0x7f00000000c0), 0x6, 0xc2100) (async)
r0 = syz_open_dev$vcsn(&(0x7f00000000c0), 0x6, 0xc2100)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x6, 0x4, 0x4, 0x9}, 0x48)
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x1, 0x0, 0x0) (async)
r1 = syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x1, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
chdir(&(0x7f0000000400)='./file0\x00') (async)
chdir(&(0x7f0000000400)='./file0\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
lseek(r2, 0xfffffffffffffffd, 0x2) (async)
lseek(r2, 0xfffffffffffffffd, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = dup(r0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r5 = socket$inet(0x2, 0x2, 0x1)
setsockopt$inet_int(r5, 0x0, 0xf, 0x0, 0x0) (async)
setsockopt$inet_int(r5, 0x0, 0xf, 0x0, 0x0)
bind$inet(r5, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, &(0x7f0000000700)="0f01cf66b9e708000066b8d300000066ba000000000f30ba420066edb804018ee066660f3a149f040050660f38f67cce0f090f072e3e0f01ca6766c7442400030000006766c74424024add00006766c744240600000000670f011c24"}], 0xaaaaaaaaaaaac2e, 0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1, 0x4, 0x1, 0x2, 0x0, 0x1, 0xffffffff}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006", @ANYRES32=r6], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r8, &(0x7f0000000100)={0xa, 0x4e22, 0x0, @mcast1}, 0x1c)
listen(r8, 0xfff)
syz_emit_ethernet(0x4a, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbb00000000000000000000000001fc0100000000000000000000000000fd00004e2200"/58, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5002000090780000"], 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000340)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000001dd600a84f013287c0000000000bbfe8000000000000000000000000000aa00004e2291131033c272ebc67d7ed1fb7c9b1124d6317d709418e48d6e6d2c442dab93c42273a23602b2c715cc42bcf4fdccc6", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="8004000090780000080a000000000000000000"], 0x0) (async)
syz_emit_ethernet(0x56, &(0x7f0000000340)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000001dd600a84f013287c0000000000bbfe8000000000000000000000000000aa00004e2291131033c272ebc67d7ed1fb7c9b1124d6317d709418e48d6e6d2c442dab93c42273a23602b2c715cc42bcf4fdccc6", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="8004000090780000080a000000000000000000"], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='ext4_allocate_inode\x00', r7}, 0x10)
socket$igmp6(0xa, 0x3, 0x2) (async)
socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) (async)
r9 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r9, 0x6, 0x3, &(0x7f0000000040)=0x30, 0x5e)
connect$bt_l2cap(r9, &(0x7f00000002c0)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3}, 0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x3, 0x8, &(0x7f0000000680)=ANY=[@ANYBLOB="627a000000000000000000000000000018120000", @ANYRESOCT=r1, @ANYBLOB="0000000000000000b7030000070000008500000021000000b70000000000000095"], &(0x7f0000000640)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.118837298s ago: executing program 0 (id=698):
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00'}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x4002, @mcast2, 0x16}, 0x1c)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$pppl2tp(0x18, 0x1, 0x1)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
r5 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000240)=r5)
poll(0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0x44, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffcf8, 0x0, 0x0, 0x0, 0x16}, 0x90)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)

2.118398307s ago: executing program 2 (id=699):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x8a, &(0x7f0000000300)={[{@jqfmt_vfsold}, {@usrjquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@noload}, {@nombcache}, {@usrjquota, 0x22}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@noacl}, {@data_err_abort}]}, 0xfe, 0x451, &(0x7f00000016c0)="$eJzs3M9PHFUcAPDv7rK0tEWw/iy2ilYj8QcU+sMevNRo4kETEz3UeEKgDXZbTMHENkTRAx5NE+/Go4l/gRfrxagnE696NybEcLF6WjO7M3SBXVhgYWv380kG3tv3Nu99Z+btvn2zswF0rMHkTy7iUET8FhF91ezqCoPVf7eW5yf+WZ6fyEW5/OZfuUq9v5fnJ7Kq2fMOVjPl8gbtLr4TMV4qTV1N8yNzl98fmb12/fnpy+MXpy5OXRk7e/bUyWPdZ8ZOtyTO3qSvAx/NHD3y6ts3Xp84f+Pdn75J+nsoLa+No1UGq3u3rqda3Vib9dakc11t7AhbUoiI5HAVK+O/LwrRs1LWF6982tbOAbuqXM6X9zUuXigDd7Fkog50ouyNPvn8m217NPW4Iyydi5V1jFvpVi3pinxap5h+RtoNgxFxfuHfL5MtdmkdAgCg1s1zEfFcvflfPh6sqXdPem2oPyLujYjDEXFfRNwfEQ9EVOo+FBEPb7H9tVdI1s9/yn3bCqxJyfzvxfTa1ur5Xzb7i/5CmuutxF/MXZguTZ1I98lQFPcl+dEN2vj+5V8/b1RWO/9LtqT9bC6Y9uPPrjULdJPjc+M7ibnW0icRA1314s+tzHmT+fGRiBjYZhvTz3x9tFFZ/6bxb6AFk/LyVxFPV4//QqyJP5NreH1y9IUzY6dH9kdp6sRIdlas9/Mvi280an/z47+7lm6W40Dd838l/v7c/ojZa9cvVa7Xzm69jcXfP2v4mWa753937q1Kujt97MPxubmroxHdudfWPz52+7lZPqufnP9Dx+uP/8Nxe088EhHJSXwsIh6NiMfSvj8eEU9ExPEN4v/xpSff23r8G6zKt1AS/+Rmxz9qj//WE4VLP3xbt/Fis8f/VCU1lD7SzOtfsx3c4e4DAACA/4V85TvwufzwSjqfHx6OWKis7R7Il2Zm5569MPPBlcnqd+X7o5jPVrr6atZDR9O1vCw/tiZ/Ml03/qLQU8kPT8yUJtsdPHS4g9n4L6we/4k/Cu3uHbDr3K8Fncv4h85l/EPnMv6hcxn/0Lnqjf+P29APYO9t8v7fs1f9APae+T90LuMfOpfxDx2p4b3x+R3d8i/RpsR33Tv7rYbmE5G/Q0K+axLFqFvU1fSPWWwzsa9uUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrjvwAAAP//gk3jgQ==")
memfd_create(&(0x7f00000004c0)='\xf3e\t\x05\x00\vty\x01sen\x01C\x1f\xc6\xcf\x12\xd3A\xbbZ%\xb2\xc8<\xf8\xff\xff\xff\xe2\x8e\x9a:\x1c\xec\x87\x87\xcf\x83\xcf\x14\xb0\xfcK\xb9\x1a\xa9\xec{\xb7bn`\xbb\x0e_\bm\x1f\xb1x\x05;,\xf1h\x8cwR-\x81^T\xa8\x90\x17\x03B\x99\x85\x93scH\xe4\xfb\xda\xe7\xaa\x93ZY\xe4\xa0\x040\x8cw#\xfd\x12\xddi \xf62\xee\xe5\x92u\xd8\x06H\xbb*xN\x8c\xe1a\xe8\xcf\x99\x8f\xbe\xbe\aaC\xb0\x9d\x19*3_\xc4\xf9\xecEunE\xfa\xe82\x9f\x8d\xd4\x1d\xfeD\xba*\xef\xdb\xa4U\xfd4v\x8ei\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa7L\xbf\x9c\xe6\x89\xe1Vij\xd1yy\xefg\x8cn\xb2N\xc8Sc\x9cbF[\xecM\x15Z\xbe\xdf\x00+\x89\xcc/.\x95\x11\x97\xade\x9eZvM\x1c\xd0\xc2\x89j\x1e\xe1\xee\xf7J\x17.\xfdl\x99\x82\xf1\x05\xd9C\x1b\xceK\r\xcc', 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000280)={@mcast2, 0x800, 0x0, 0x103, 0x1}, 0x20)
syz_open_dev$usbmon(&(0x7f0000000140), 0x4, 0x0)
syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r3, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.118176917s ago: executing program 4 (id=700):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r0}, 0x10)
pipe2(&(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

2.018734796s ago: executing program 1 (id=701):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x7, 0xfc, 0x0, 0x1, 0xd}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) (async, rerun: 64)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vxcan0\x00'}) (async, rerun: 64)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async, rerun: 32)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1d, 0x9, 0x1, 0xc1c, 0x23, r0, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x4}, 0x48) (async, rerun: 32)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r5}, 0x10) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r6}, 0x10) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r8 = socket(0x10, 0x3, 0x0)
connect$netlink(r8, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) (async)
sendmsg$nl_route(r8, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3400000012000700"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000014003500776730"], 0x34}}, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 32)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x10) (async)
r10 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r10, 0x5423, &(0x7f0000000080)=0x2) (async)
read(r10, 0x0, 0x0)
ioctl$TIOCVHANGUP(r10, 0x5437, 0x0)

1.937052353s ago: executing program 0 (id=702):
socket(0x2, 0x3, 0x100000001)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000fc850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}}, {{@in, 0x0, 0x6c}, 0x0, @in6=@dev}}, 0xe8)
syz_emit_ethernet(0x3e, &(0x7f0000000500)={@local, @random="f368656e065b", @void, {@ipv4={0x88f7, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @dev}}}}}}, 0x0)

1.936730283s ago: executing program 1 (id=703):
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000340)={0x3, &(0x7f0000000000)=[{0x200000000006, 0x0, 0x0, 0x7ffc1fff}, {0x36, 0x0, 0x79, 0xeaf}, {0x748, 0x3, 0x2, 0x3}]})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001780), 0x30500, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "2af01c3d0040fbffffffffffffff00"})
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1000806, &(0x7f00000016c0)=ANY=[@ANYBLOB='errors=remount-ro,discard,dmask=00000000000000000000000,iocharset=maccenteurO,fmask=00000000000000000000003,iocharset=cp932,iocharset=iso8859-6,fmask=00000000000000000000010,\x00'], 0x9, 0x1505, &(0x7f0000000180)="$eJzs3Au4jdX2MPAx5pwvm9BKcp9jjpeVXCZJEknIJUmSJMktIUmSJCS33JKQhNyT3ENyC8n9fss9SY4kSUJCwvweHefzndPp9P2/0/mc59nj9zzz2XPstcZY411jr9u7n72/azewUp3K5WsxM/xb8K9fugJACgD0AYBrASACgOKZi2e+dHk6jV3/vRsRf66Hp1ztDsTVJPNP3WT+qZvMP3WT+aduMv/UTeafusn8UzeZvxCp2ZapOa6TlXqXnP9PzeT1P3WT+aduMv/UTeafusn8UzOW+adyMv/UTeafusn8hUjN/pTzyGkvF/svOJ/9H1h/u6uudh9/sKL/p7yr95MnhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECI1ORuuMADwt/3V7ksIIYQQQgghhBB/npD2ancghBBCCCGEEEKI/zwEMBoMRJAG0kIKpIP0cA1kgIyQCa6FBFwHmeF6yAI3QFbIBtkhB+SEXJAbLBA4YIghD+SFJNwI+eAmyA8FoCAUAg+FoQjcDEXhFigGt0JxuA1KwO1QEkrBHVAa7oQycBeUhXJQHu6GClARKkFluAeqwL1QFe6DanA/VIcHoAY8CDXhIagFD0NteATqwKNQFx6DelAfGkBDaPTP8/W/zn8JOsHL0Bm66Ev3QHd4BXpAT+gFvaEPvAp94TXoB69DfxgAA+ENGARvwmB4C4bAUBgGb8NwGAEjYRSMhjEwFt6BcfAujIf3YAJMhEkwGabAVJgG78N0mAEz4QOYBR/CbJgDc2EezIePYAEshEXwMSyGT2AJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQt8ClthG2yHHbATdsFu+Az2wOewF76AffDl/zD/zD/kt0dAQIUKDRpMg2kwBVMwPabHDJgBM2EmTGACM2NmzIJZMCtmxeyYHXNiTsyNuZGQkJExD+bBJCYxH+bD/JgfC2JB9OixCBbBongLFsNiWByLYwksgSWxFJbC0lgay2AZLItlsfztcwCwAlbCSngP3oP3YlWsitWwGlbH6lgDa2BNrIm1sBbWxtpYB+tgXayL9bAeNsAG2AgbYWNsjE2wCTbDZtgcm2MLbIEtsSW2wlbYGltjG2yDbbEttsN22B47YAd8CV/Cl/Fl7IIVVDfsjt2xB/bAXtgbe+Or2Bdfw9fwdeyPA3AgvoFv4Js4GE/jEByKw3AYllEjcCSOQlZjcCyOxXE4DsfjeJyAE3EiTsYpOBWn4TScjjNwBn6As/BD/BDn4Bych/NxPi7AhbgIF+FiPINLcCkuw+W4AlfiClyNa3A1rlN/e2huxs34KX6K23Ab7sAduAt34Wf4GX6On2N/3If7cD/uxwN4AA/iQTyEh/AwHsYjeASP4lE8hsfwOJ7Ak3gCT+EpPI1n8CyexXN4Ds/jCzm/qb2rwNr+oC4xyqg0Ko1KUSkqvUqvMqgMKpPKpBIqoTKrzCqLyqKyqqwqu8qucqqcKrfKrUiRYhWrPCqPSqqkyqfyAUBXVVAVVF55VUQVUUVVUVVMFVPF1W2qhLpdlVSlVFNfWpVWZVQzX1aVU+VVeVVBVVSVVGVVWVVRVVRVVVVVU9VUdVVd1VAPqpqqG/bCh9WlydRRA7CuGoj1VH3VQDVUb+LjqrEajE1UU9VMPamG4hBsoRr7luoZ1UqNxNbqOTUKn1dt1Rhsp15U7VUH1VG9pDqpJr6z6qImYDfVXU3GHqqn6qV6q+lYUV2aWCX1uuqvBqiB6g01D99Ug9Vbaogaqoapt9VwNUKNVKPUaDVGjVXvqHHqXTVevacmqIlqkpqspqipapp6X01XM9RM9YGapT5Us9UcNVfNU/PVR2qBWqgWqY/VYvWJWqKWqmVquVqhVqpVarVao9aqdWq92qA2qk1qs9qiPlVb1Ta1Xe1QO9UutVt9pvaoz9Ve9YXap75U+9Vf1AH1lTqovlaH1DfqsPpWHVHfqaPqe3VMdVHH1Ql1Uv2oTqmf1Gl1Rp1VP6tz6hd1Xl1QF1VQoFErrbXRkU6j0+oUnU6n19foDDqjzqSv1Ql9nc6sr9dZ9A06q86ms+scOqfOpXNrq0k7zTrWeXRendQ36nz6Jp1fF9AFdSHtdWFdRN+si+pbdDF9qy6ub9Ml9O26pC6l79Cl9Z26jL5Ll9XldHl9t66gK+pKurK+R1fR9+qq+j5dTd+vq+sHdA39oK6pH9K19MO6tn5E19GP6rr6MV1P19cNdEPdSD+uG+sndBPdVDfTT+rm+indQj+tW+pndCv9rG6tn9Nt9PO6rX5Bt9Mv6va6g+6oL+iLOujOuovuqrvp7voV3UP31L10b91Hv6r76td0P/267q8H6IH6DT1Iv6kH67f0ED1UD9Nv6+F6hB6pR+nReoweq9/R4/S7erx+T0/QE/UkPVlP0VN1r8uVZl7KN/Av89/9J/n9fr31zXqL/lRv1dv0dr1D79S79G69W+/Re/RevVfv0/v0fr1fH9AH9EF9UB/Sh/RhfVgf0Uf0UX1UH9PH9HF9Qv+sf9Sn9E/6tD6jz+if9Tl9Tp+/fB+AQaOMNsZEJo1Ja1JMOpPeXGMymIwmk7nWJMx1JrO53mQxN5isJpvJbnKYnCaXyW2sIeMMm9jkMXlN0txo8pmbTH5TwBQ0hYw3hU0Rc/Pv5UeXn+H+MP93+ls+6XJ+I9PINDaNTRPTxDQzzUxz09y0MC1MS9PStDKtTGvT2rQxbUxb09a0M+1Me9PedDQdTSfTyXRGMF1NV9PdvGJ6mJ6ml+lt+phXTV/T1/Qz/Ux/098MNAPNIDPIDDaDzRAzxAwzw8xwM9yMNCPNaDPajDVjzTgzzow3480EM8FMMpPMFDPFXHphvWSmmWlmmVlmtplt5pq5Zr6ZbxaYBWaRWWQWm8VmiVlqlprlZrlZaVaa1Wa1WWvWmvVmvdloNpolZovZYraarWa72W52mp1mt9lt9pg9Zq/Za/aZfWa/2W8OmAPmoDloDplD5rA5bI6YI+aoOWqOmWPmuDluTpqT5pQ5ZU6b0+asOWvOmXPmvDlvLpqLl972RSpSkYlMlCZKE6VEKVH6KH2UIcoQZYoyRYkoEWWOMkdZohuirFG2KHuUI8oZ5YpyRzaiyEUcxVGeKG+UjG6M8kU3RfmjAlHBqFDko8JRkejmqGh0S1QsujUqHt0WlYhuj0pGpaI7otLRnVGZ6K6obFQuKh/dHVWIKkaVosrRPVGV6N6oanRfVC26P6oePRDViB6MakYPRbWih6Pa0SNRnejRqG70WFQvqh81iBpGjf7U+iGczvaE72y72LTQzXa3r9getqftZXvbPvZV29e+ZvvZ121/O8AOtG/YQfZNO9i+ZYfYoXaYfdsOtyPsSDvKjrZj7Fj7jh1n37Xj7Xt2gp1oJ9nJdoqdaqfZ9+10O8POtB/YWfZDO9vOsXPtPDvffmQX2IV2kf3YLraf2CV2qV1ml9sVdqVdZVfbNXatXWfX2w12o91kN9st9lO71W6z2+0Ou9PusrvtZ3aP/dzutV/YffZLu9/+xR6wX9mD9mt7yH5jD9tv7RH7nT1qv7fH7A/2uD1hT9of7Sn7kz1tz9iz9md7zv5iz9sL9qINl97cX3p5J0OG0lAaSqEUSk/pKQNloEyUiRKUoMyUmbJQFspKWSk7ZaeclJNyU266hIkpD+WhJCUpH+Wj/JSfClJB8uSpCBWholSUilExKk7FqQSVuPxoAbqT7qS76C4qR+XobrqbKlJFqkyVqQpVoapUlapRNapO1akG1aCaVJNqUS2qTbWpDtWhulSX6lE9akANqBE1osbUmJpQE2pGzag5NacW1IJaUktqRa2oNbWmNtSG2lJbakftqD21p47UkTpRJ+pMnakrdaXu1J16UA/qRb2oD/WhvtSX+lE/6k/9aSANpEE0iAbTYBpCQ2kYvU3DaQSNpFE0msbQWBpL42gcjafxNIEm0CSaRFNoCk2jaTSdptNMmkmzaBbNptk0l+bSfJpPC2gBLaJFtJgW0xJaQstoGa2gFbSKVtEaWkPraB1toA20iTbRFtpCW2krbafttJN20m7aTXtoD+2lvbSP9tF+2k8H6AAdpIN0iA7RYTpMR+gIHaWjdIyO0XE6TifpJJ2iU3SaTtNZOkvn6Bc6TxfoIgVKcelceneNy+AyukzuWvePcXaXw+V0uVxuZ11Wl+3vYnLO5XcFXEFXyHlX2BVxN/8mLulKuTtcaXenK+PucmV/E1dx97qq7j5Xzd3vKrt7/i6u7h5wNdyjrqZ7zNVy9V1t19DVcY+6uu4xV8/Vdw1cQ9fcPeVauKddS/eMa+We/U28wC10a9xat86td3vc5+6s+9kdcd+5c+4X19l1cX3cq66ve831c6+7/m7Ab+Jh7m033I1wI90oN9qN+U08yU12U9xUN82976a7Gb+J57uP3Cy3yM12c9xcN+/X+FJPi9zHbrH7xC1xS90yt9ytcCvdKrf6f/e63G10m9xmt9t95ra6bW672+F2ul2/xpeOY6/7wu1zX7rD7lt3wH3lDrqj7pD75tf40vEddd+7Y+4Hd9ydcCfdj+6U+8mddmd+Pf5Lx/6ju+AuuuCAkRVrNhxxGk7LKZyO0/M1nIEzcia+lhN8HWfm6zkL38BZORtn5xyck3NxbrZM7Jg55jycl5N8I+fjmzg/F+CCXIg9F+YifDMX5Vu4GN/Kxfk2LsG3c0kuxXdwab6Ty/BdXJbLcXm+mytwRa7ElfkersL3clW+j6vx/VydH+Aa/CDX5Ie4Fj/MtfkRrsOPcl1+jOtxfW7ADbkRP86N+Qluwk25GT/JzfkpbsFPc0t+hlvxs9yan+M2/Dy35Re4Hb/I7bkDd+SXuBO/zJ25C3flbtydX+Ee3JN7cW/uw69yX36N+/Hr3J8H8EB+gwfxmzyY3+IhPJSH8ds8nEfwSB7Fo3kMj+V3eBy/y+P5PZ7AE3kST+YpPJWn8fs8nWfwTP6AZ/GHPJvn8Fyex/P5I17AC3kRf8yL+RNewkt5GS/nFbySV/FqXsNreR2v5w28kTfxZt7Cn/JW3sbIO3gn7+Ld/Bnv4c95L3/B+/hL3s9/4QP8FR/kr/kQf8OH+Vs+wt/xUf6ej/EPfJxP8En+kU/xT3yaz/BZ/pnP8S98ni/wRQ4MMcYq1rGJozhNnDZOidPF6eNr4gxxxjhTfG2ciK+LM8fXx1niG+KscbY4e5wjzhnninPHNqbYxRzHcZ44b5yMb4zzxTfF+eMCccG4UOzjwnGR+Oa4aHxLXCy+NS4e3xaXiG+PS8al4kfvLx3fGZeJ74rLxuXi8vHdcYW4YlwprhzfE1eJ742rxvfF1eL742LxA3GN+MG4ZvxQXCt+OK4dPxLXiR+N68aPxfXi+nGDuGHcKH48bhw/ETeJm8bN4ifj5vFTcYv46bhl/EzcKn72Dy/vGneLu8evxK/EIdyn5ybnJecnP0ouSC5MLkp+nFyc/CS5JLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ORlC5bTg0SuvvfGRT+PT+hSfzqf31/gMPqPP5K/1CX+dz+yv91n8DT6rz+az+xw+p8/lc3vryTvPPvZ5fF6f9Df6fP4mn98X8AV9Ie99YV/EN/SNfCPf2D/hm/imvpl/0j/pn/JP+af90/4Z38o/61v753wb/7xv61/wL/gXfXvfwXf0L/lO/mXf2XfxXX1X39139z18D9/L9/J9fB/f1/f1/Xw/399f8AP9QD/ID/KD/WA/xA/xw/wwP9wP9yP9SD/aj/Zj/Vg/zo/z4/14PyFlgp/kJ/kpfoqf5qf56X66n+ln+ln5Z/nZfraf6+f6+X6+X+AX+EV+kV/sF/slfolf5pf5FX6FX+VX+TV+jV/n1/kNfoPf5Df5LX6L3+q3+u1+u9/pd/rdfrff4/f4vX6v3+dDCF32nw3+gD/ov/aH/Df+sP/WH/Hf+aP+e3/M/+CP+xP+pP/Rn/I/+dP+jD/rf/bn/C/+vL/gL/rgxybeSYxLvJsYn3gvMSExMTEpMTkxJTE1MS3xfmJ6YkZiZuKDxKzEh4nZiTmJuYl5ifmJjxILEgsTixIfJxYnPkksSSxNLEssT6xIrEyEkGtrHPKEvCEZbgz5wk0hfygQCoZCwYfCoUi4ORQNt4Ri4dZQPNwWSoTbQ8lQKtwRHgv1Qv3QIDQMjcLjoXF4IjQJTUOz8GRoHp4KLcLToWV4JrQKz4bW4bnQJjwf2oYXQrvwYmgfOoSO4aXQKbwcOocuoWvoFrqHV0KP0DP8EnqHPuHV0De8FvqF10P/MCAMDG+EQeHNMDi8FYaEoWFYeDsMDyPCyDAqjA5jwtjwThgX3g3jw3thQpgYJoXJYUqYGqaF98P0MCPMDB+EWeHDMDvMCXPDvDA/fBQWhIVhUfg4LA6fhCVhaVgWlgdIWRlWhdVhTVgb1oX1YUPYGDaFzWFL+DRsDdvC9rAj7Ay7wu7wWdgTPg97wxdhX/gy7A9/CQfCV+Fg+DocCt+Ew+HbcCR8F46G78Ox8EM4Hk6EkwHDqfBTOB3OhLPh53Au/BLOhwvhovzNmhBCCCHE/xX9B5d3+yffU5cX/Pq7c4CM23Ic+seaG7L+dd9T5WyeAIBnurR7+G+rQoWuXbtevu4SDVHeOQCQuJKfBq7ES6EZPAUtoSkU/af99VQdzvG/rv8bKQCQHv6x/i2/U3/ErD+oHyXnAOTPeyUnHVyJr9Qv9jv1szX+g/rpvhoL0OT/yMkAV+Ir9YvAE/AstPy7awohhBBCCCGEEH/VU93R5o8+3176fJ7TXMlJC1fiP/p8LoQQQgghhBBCiKvv+Q4dn368ZcumbWRzFTbtMv51Cv8t/fzOJs1/Rxt/3gYvn736b+nnP70pd/nR/j/JumpPSUIIIYQQQoj/kCtv+q92J0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghROr1/+OfkF3tYxRCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGutv8VAAD//zmwHF0=")
open(&(0x7f0000000000)='./bus\x00', 0x20342, 0x0)
syz_open_pts(r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1, 0xc, 0x103ba, 0x1}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000000), 0x20000000}, 0x20)
bpf$ITER_CREATE(0x21, &(0x7f00000001c0), 0x8)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000380)={0x2, 0x4e22}, 0x10)
listen(r2, 0x0)
syz_emit_ethernet(0x82, &(0x7f00000003c0)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x18, 0x0, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa}, @sack_perm, @md5sig={0x13, 0x3c, "91d785d58954605c802acf9f965fe399"}]}}}}}}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
r7 = socket$tipc(0x1e, 0x2, 0x0)
r8 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r7, &(0x7f00000002c0)={&(0x7f0000000000), 0x10, 0x0}, 0x0)
write$binfmt_script(r3, &(0x7f0000000140), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

1.936275613s ago: executing program 4 (id=704):
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000340)={0x3, &(0x7f0000000000)=[{0x200000000006, 0x0, 0x0, 0x7ffc1fff}, {0x36, 0x0, 0x79, 0xeaf}, {0x748, 0x3, 0x2, 0x3}]})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001780), 0x30500, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "2af01c3d0040fbffffffffffffff00"})
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1000806, &(0x7f00000016c0)=ANY=[@ANYBLOB='errors=remount-ro,discard,dmask=00000000000000000000000,iocharset=maccenteurO,fmask=00000000000000000000003,iocharset=cp932,iocharset=iso8859-6,fmask=00000000000000000000010,\x00'], 0x9, 0x1505, &(0x7f0000000180)="$eJzs3Au4jdX2MPAx5pwvm9BKcp9jjpeVXCZJEknIJUmSJMktIUmSJCS33JKQhNyT3ENyC8n9fss9SY4kSUJCwvweHefzndPp9P2/0/mc59nj9zzz2XPstcZY411jr9u7n72/azewUp3K5WsxM/xb8K9fugJACgD0AYBrASACgOKZi2e+dHk6jV3/vRsRf66Hp1ztDsTVJPNP3WT+qZvMP3WT+aduMv/UTeafusn8UzeZvxCp2ZapOa6TlXqXnP9PzeT1P3WT+aduMv/UTeafusn8UzOW+adyMv/UTeafusn8hUjN/pTzyGkvF/svOJ/9H1h/u6uudh9/sKL/p7yr95MnhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECI1ORuuMADwt/3V7ksIIYQQQgghhBB/npD2ancghBBCCCGEEEKI/zwEMBoMRJAG0kIKpIP0cA1kgIyQCa6FBFwHmeF6yAI3QFbIBtkhB+SEXJAbLBA4YIghD+SFJNwI+eAmyA8FoCAUAg+FoQjcDEXhFigGt0JxuA1KwO1QEkrBHVAa7oQycBeUhXJQHu6GClARKkFluAeqwL1QFe6DanA/VIcHoAY8CDXhIagFD0NteATqwKNQFx6DelAfGkBDaPTP8/W/zn8JOsHL0Bm66Ev3QHd4BXpAT+gFvaEPvAp94TXoB69DfxgAA+ENGARvwmB4C4bAUBgGb8NwGAEjYRSMhjEwFt6BcfAujIf3YAJMhEkwGabAVJgG78N0mAEz4QOYBR/CbJgDc2EezIePYAEshEXwMSyGT2AJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQt8ClthG2yHHbATdsFu+Az2wOewF76AffDl/zD/zD/kt0dAQIUKDRpMg2kwBVMwPabHDJgBM2EmTGACM2NmzIJZMCtmxeyYHXNiTsyNuZGQkJExD+bBJCYxH+bD/JgfC2JB9OixCBbBongLFsNiWByLYwksgSWxFJbC0lgay2AZLItlsfztcwCwAlbCSngP3oP3YlWsitWwGlbH6lgDa2BNrIm1sBbWxtpYB+tgXayL9bAeNsAG2AgbYWNsjE2wCTbDZtgcm2MLbIEtsSW2wlbYGltjG2yDbbEttsN22B47YAd8CV/Cl/Fl7IIVVDfsjt2xB/bAXtgbe+Or2Bdfw9fwdeyPA3AgvoFv4Js4GE/jEByKw3AYllEjcCSOQlZjcCyOxXE4DsfjeJyAE3EiTsYpOBWn4TScjjNwBn6As/BD/BDn4Bych/NxPi7AhbgIF+FiPINLcCkuw+W4AlfiClyNa3A1rlN/e2huxs34KX6K23Ab7sAduAt34Wf4GX6On2N/3If7cD/uxwN4AA/iQTyEh/AwHsYjeASP4lE8hsfwOJ7Ak3gCT+EpPI1n8CyexXN4Ds/jCzm/qb2rwNr+oC4xyqg0Ko1KUSkqvUqvMqgMKpPKpBIqoTKrzCqLyqKyqqwqu8qucqqcKrfKrUiRYhWrPCqPSqqkyqfyAUBXVVAVVF55VUQVUUVVUVVMFVPF1W2qhLpdlVSlVFNfWpVWZVQzX1aVU+VVeVVBVVSVVGVVWVVRVVRVVVVVU9VUdVVd1VAPqpqqG/bCh9WlydRRA7CuGoj1VH3VQDVUb+LjqrEajE1UU9VMPamG4hBsoRr7luoZ1UqNxNbqOTUKn1dt1Rhsp15U7VUH1VG9pDqpJr6z6qImYDfVXU3GHqqn6qV6q+lYUV2aWCX1uuqvBqiB6g01D99Ug9Vbaogaqoapt9VwNUKNVKPUaDVGjVXvqHHqXTVevacmqIlqkpqspqipapp6X01XM9RM9YGapT5Us9UcNVfNU/PVR2qBWqgWqY/VYvWJWqKWqmVquVqhVqpVarVao9aqdWq92qA2qk1qs9qiPlVb1Ta1Xe1QO9UutVt9pvaoz9Ve9YXap75U+9Vf1AH1lTqovlaH1DfqsPpWHVHfqaPqe3VMdVHH1Ql1Uv2oTqmf1Gl1Rp1VP6tz6hd1Xl1QF1VQoFErrbXRkU6j0+oUnU6n19foDDqjzqSv1Ql9nc6sr9dZ9A06q86ms+scOqfOpXNrq0k7zTrWeXRendQ36nz6Jp1fF9AFdSHtdWFdRN+si+pbdDF9qy6ub9Ml9O26pC6l79Cl9Z26jL5Ll9XldHl9t66gK+pKurK+R1fR9+qq+j5dTd+vq+sHdA39oK6pH9K19MO6tn5E19GP6rr6MV1P19cNdEPdSD+uG+sndBPdVDfTT+rm+indQj+tW+pndCv9rG6tn9Nt9PO6rX5Bt9Mv6va6g+6oL+iLOujOuovuqrvp7voV3UP31L10b91Hv6r76td0P/267q8H6IH6DT1Iv6kH67f0ED1UD9Nv6+F6hB6pR+nReoweq9/R4/S7erx+T0/QE/UkPVlP0VN1r8uVZl7KN/Av89/9J/n9fr31zXqL/lRv1dv0dr1D79S79G69W+/Re/RevVfv0/v0fr1fH9AH9EF9UB/Sh/RhfVgf0Uf0UX1UH9PH9HF9Qv+sf9Sn9E/6tD6jz+if9Tl9Tp+/fB+AQaOMNsZEJo1Ja1JMOpPeXGMymIwmk7nWJMx1JrO53mQxN5isJpvJbnKYnCaXyW2sIeMMm9jkMXlN0txo8pmbTH5TwBQ0hYw3hU0Rc/Pv5UeXn+H+MP93+ls+6XJ+I9PINDaNTRPTxDQzzUxz09y0MC1MS9PStDKtTGvT2rQxbUxb09a0M+1Me9PedDQdTSfTyXRGMF1NV9PdvGJ6mJ6ml+lt+phXTV/T1/Qz/Ux/098MNAPNIDPIDDaDzRAzxAwzw8xwM9yMNCPNaDPajDVjzTgzzow3480EM8FMMpPMFDPFXHphvWSmmWlmmVlmtplt5pq5Zr6ZbxaYBWaRWWQWm8VmiVlqlprlZrlZaVaa1Wa1WWvWmvVmvdloNpolZovZYraarWa72W52mp1mt9lt9pg9Zq/Za/aZfWa/2W8OmAPmoDloDplD5rA5bI6YI+aoOWqOmWPmuDluTpqT5pQ5ZU6b0+asOWvOmXPmvDlvLpqLl972RSpSkYlMlCZKE6VEKVH6KH2UIcoQZYoyRYkoEWWOMkdZohuirFG2KHuUI8oZ5YpyRzaiyEUcxVGeKG+UjG6M8kU3RfmjAlHBqFDko8JRkejmqGh0S1QsujUqHt0WlYhuj0pGpaI7otLRnVGZ6K6obFQuKh/dHVWIKkaVosrRPVGV6N6oanRfVC26P6oePRDViB6MakYPRbWih6Pa0SNRnejRqG70WFQvqh81iBpGjf7U+iGczvaE72y72LTQzXa3r9getqftZXvbPvZV29e+ZvvZ121/O8AOtG/YQfZNO9i+ZYfYoXaYfdsOtyPsSDvKjrZj7Fj7jh1n37Xj7Xt2gp1oJ9nJdoqdaqfZ9+10O8POtB/YWfZDO9vOsXPtPDvffmQX2IV2kf3YLraf2CV2qV1ml9sVdqVdZVfbNXatXWfX2w12o91kN9st9lO71W6z2+0Ou9PusrvtZ3aP/dzutV/YffZLu9/+xR6wX9mD9mt7yH5jD9tv7RH7nT1qv7fH7A/2uD1hT9of7Sn7kz1tz9iz9md7zv5iz9sL9qINl97cX3p5J0OG0lAaSqEUSk/pKQNloEyUiRKUoMyUmbJQFspKWSk7ZaeclJNyU266hIkpD+WhJCUpH+Wj/JSfClJB8uSpCBWholSUilExKk7FqQSVuPxoAbqT7qS76C4qR+XobrqbKlJFqkyVqQpVoapUlapRNapO1akG1aCaVJNqUS2qTbWpDtWhulSX6lE9akANqBE1osbUmJpQE2pGzag5NacW1IJaUktqRa2oNbWmNtSG2lJbakftqD21p47UkTpRJ+pMnakrdaXu1J16UA/qRb2oD/WhvtSX+lE/6k/9aSANpEE0iAbTYBpCQ2kYvU3DaQSNpFE0msbQWBpL42gcjafxNIEm0CSaRFNoCk2jaTSdptNMmkmzaBbNptk0l+bSfJpPC2gBLaJFtJgW0xJaQstoGa2gFbSKVtEaWkPraB1toA20iTbRFtpCW2krbafttJN20m7aTXtoD+2lvbSP9tF+2k8H6AAdpIN0iA7RYTpMR+gIHaWjdIyO0XE6TifpJJ2iU3SaTtNZOkvn6Bc6TxfoIgVKcelceneNy+AyukzuWvePcXaXw+V0uVxuZ11Wl+3vYnLO5XcFXEFXyHlX2BVxN/8mLulKuTtcaXenK+PucmV/E1dx97qq7j5Xzd3vKrt7/i6u7h5wNdyjrqZ7zNVy9V1t19DVcY+6uu4xV8/Vdw1cQ9fcPeVauKddS/eMa+We/U28wC10a9xat86td3vc5+6s+9kdcd+5c+4X19l1cX3cq66ve831c6+7/m7Ab+Jh7m033I1wI90oN9qN+U08yU12U9xUN82976a7Gb+J57uP3Cy3yM12c9xcN+/X+FJPi9zHbrH7xC1xS90yt9ytcCvdKrf6f/e63G10m9xmt9t95ra6bW672+F2ul2/xpeOY6/7wu1zX7rD7lt3wH3lDrqj7pD75tf40vEddd+7Y+4Hd9ydcCfdj+6U+8mddmd+Pf5Lx/6ju+AuuuCAkRVrNhxxGk7LKZyO0/M1nIEzcia+lhN8HWfm6zkL38BZORtn5xyck3NxbrZM7Jg55jycl5N8I+fjmzg/F+CCXIg9F+YifDMX5Vu4GN/Kxfk2LsG3c0kuxXdwab6Ty/BdXJbLcXm+mytwRa7ElfkersL3clW+j6vx/VydH+Aa/CDX5Ie4Fj/MtfkRrsOPcl1+jOtxfW7ADbkRP86N+Qluwk25GT/JzfkpbsFPc0t+hlvxs9yan+M2/Dy35Re4Hb/I7bkDd+SXuBO/zJ25C3flbtydX+Ee3JN7cW/uw69yX36N+/Hr3J8H8EB+gwfxmzyY3+IhPJSH8ds8nEfwSB7Fo3kMj+V3eBy/y+P5PZ7AE3kST+YpPJWn8fs8nWfwTP6AZ/GHPJvn8Fyex/P5I17AC3kRf8yL+RNewkt5GS/nFbySV/FqXsNreR2v5w28kTfxZt7Cn/JW3sbIO3gn7+Ld/Bnv4c95L3/B+/hL3s9/4QP8FR/kr/kQf8OH+Vs+wt/xUf6ej/EPfJxP8En+kU/xT3yaz/BZ/pnP8S98ni/wRQ4MMcYq1rGJozhNnDZOidPF6eNr4gxxxjhTfG2ciK+LM8fXx1niG+KscbY4e5wjzhnninPHNqbYxRzHcZ44b5yMb4zzxTfF+eMCccG4UOzjwnGR+Oa4aHxLXCy+NS4e3xaXiG+PS8al4kfvLx3fGZeJ74rLxuXi8vHdcYW4YlwprhzfE1eJ742rxvfF1eL742LxA3GN+MG4ZvxQXCt+OK4dPxLXiR+N68aPxfXi+nGDuGHcKH48bhw/ETeJm8bN4ifj5vFTcYv46bhl/EzcKn72Dy/vGneLu8evxK/EIdyn5ybnJecnP0ouSC5MLkp+nFyc/CS5JLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ORlC5bTg0SuvvfGRT+PT+hSfzqf31/gMPqPP5K/1CX+dz+yv91n8DT6rz+az+xw+p8/lc3vryTvPPvZ5fF6f9Df6fP4mn98X8AV9Ie99YV/EN/SNfCPf2D/hm/imvpl/0j/pn/JP+af90/4Z38o/61v753wb/7xv61/wL/gXfXvfwXf0L/lO/mXf2XfxXX1X39139z18D9/L9/J9fB/f1/f1/Xw/399f8AP9QD/ID/KD/WA/xA/xw/wwP9wP9yP9SD/aj/Zj/Vg/zo/z4/14PyFlgp/kJ/kpfoqf5qf56X66n+ln+ln5Z/nZfraf6+f6+X6+X+AX+EV+kV/sF/slfolf5pf5FX6FX+VX+TV+jV/n1/kNfoPf5Df5LX6L3+q3+u1+u9/pd/rdfrff4/f4vX6v3+dDCF32nw3+gD/ov/aH/Df+sP/WH/Hf+aP+e3/M/+CP+xP+pP/Rn/I/+dP+jD/rf/bn/C/+vL/gL/rgxybeSYxLvJsYn3gvMSExMTEpMTkxJTE1MS3xfmJ6YkZiZuKDxKzEh4nZiTmJuYl5ifmJjxILEgsTixIfJxYnPkksSSxNLEssT6xIrEyEkGtrHPKEvCEZbgz5wk0hfygQCoZCwYfCoUi4ORQNt4Ri4dZQPNwWSoTbQ8lQKtwRHgv1Qv3QIDQMjcLjoXF4IjQJTUOz8GRoHp4KLcLToWV4JrQKz4bW4bnQJjwf2oYXQrvwYmgfOoSO4aXQKbwcOocuoWvoFrqHV0KP0DP8EnqHPuHV0De8FvqF10P/MCAMDG+EQeHNMDi8FYaEoWFYeDsMDyPCyDAqjA5jwtjwThgX3g3jw3thQpgYJoXJYUqYGqaF98P0MCPMDB+EWeHDMDvMCXPDvDA/fBQWhIVhUfg4LA6fhCVhaVgWlgdIWRlWhdVhTVgb1oX1YUPYGDaFzWFL+DRsDdvC9rAj7Ay7wu7wWdgTPg97wxdhX/gy7A9/CQfCV+Fg+DocCt+Ew+HbcCR8F46G78Ox8EM4Hk6EkwHDqfBTOB3OhLPh53Au/BLOhwvhovzNmhBCCCHE/xX9B5d3+yffU5cX/Pq7c4CM23Ic+seaG7L+dd9T5WyeAIBnurR7+G+rQoWuXbtevu4SDVHeOQCQuJKfBq7ES6EZPAUtoSkU/af99VQdzvG/rv8bKQCQHv6x/i2/U3/ErD+oHyXnAOTPeyUnHVyJr9Qv9jv1szX+g/rpvhoL0OT/yMkAV+Ir9YvAE/AstPy7awohhBBCCCGEEH/VU93R5o8+3176fJ7TXMlJC1fiP/p8LoQQQgghhBBCiKvv+Q4dn368ZcumbWRzFTbtMv51Cv8t/fzOJs1/Rxt/3gYvn736b+nnP70pd/nR/j/JumpPSUIIIYQQQoj/kCtv+q92J0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghROr1/+OfkF3tYxRCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGutv8VAAD//zmwHF0=")
open(&(0x7f0000000000)='./bus\x00', 0x20342, 0x0)
syz_open_pts(r0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000140)={0x46b, 0x0, 0x0, 0x0, 0x0, "4cca8e4d4235a1f6"})
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000140)={0xffffffffffffffff, &(0x7f0000000000), 0x20000000}, 0x20)
bpf$ITER_CREATE(0x21, &(0x7f00000001c0), 0x8)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000380)={0x2, 0x4e22}, 0x10)
listen(r1, 0x0)
syz_emit_ethernet(0x82, &(0x7f00000003c0)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x18, 0x0, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa}, @sack_perm, @md5sig={0x13, 0x3c, "91d785d58954605c802acf9f965fe399"}]}}}}}}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
r6 = socket$tipc(0x1e, 0x2, 0x0)
r7 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r6, &(0x7f00000002c0)={&(0x7f0000000000), 0x10, 0x0}, 0x0)
write$binfmt_script(r2, &(0x7f0000000140), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

1.857418359s ago: executing program 0 (id=705):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000340)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0xb, 0x0, &(0x7f0000000500)='syzkaller\x00', 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x5, &(0x7f0000000200)=0x200004)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$rtc(&(0x7f0000000000), 0x2000000003, 0x50dc82)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
fcntl$getownex(r2, 0x10, &(0x7f0000000100)={0x0, <r3=>0x0})
r4 = getpid()
kcmp$KCMP_EPOLL_TFD(r3, r4, 0x5, 0xffffffffffffffff, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a0001000000000000010000020000fd000000000038f2ff070001ffff1414bb"], 0x24}}, 0x0)

1.84341373s ago: executing program 4 (id=706):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x4, 0x0, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, 0x0}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mkdir(0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0xfffffdfc, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_clone(0x11000000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.60628315s ago: executing program 1 (id=707):
r0 = open(&(0x7f0000000140)='./file0\x00', 0x149442, 0x0)
ftruncate(r0, 0x200002) (async)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1) (async)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @dev}, 0x10) (async)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@mcast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@private0, 0x0, 0x32}, 0x0, @in=@private, 0x0, 0x4}}, 0xe8) (async)
connect$pppl2tp(r2, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x4, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x32) (async)
unshare(0x400) (async, rerun: 64)
bpf$BPF_PROG_DETACH(0x6, &(0x7f0000000080)={@map, 0xffffffffffffffff, 0x5}, 0x10) (rerun: 64)
sendfile(r2, r1, 0x0, 0x80001d00c0d0)

1.302272114s ago: executing program 3 (id=708):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000580)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b700000000000000950000000000000071dc16d4cf0a4add2a69935df395bc29960b345fe03bb87ff7b73616d9c193d91d1163312dead0"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='mm_lru_insertion\x00', r4}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000018bbdecde39739fcd1df176dde746ec834120600000000003b814e50a959736d6572462abc30ef5b65c70f73ecea54b5e5bea9836c319f653557e79a002208ce996dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e3686873600000000005493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1034e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc36160191acf5ae7469c82ab4145b595b987d75912a0fcd1c061835294cc0c618aba204f8adaa20c80108d356cd88cc86177056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6020d90ea79b8027cf75964dd86c2ed2b5e75779677aa8c76b848dd03dab190b5f02ec52830a17b01eaae1c3df076000000000000000000000000000083a48a6b926c668b9b90195018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac0111701b125cc6799c43aa4ff708dc4a00a6decad26f0378072a571da000000b1a6bdf03fd56697e348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0df04f20020ee84075b4e1a2ad43d1be1138de4668e7b6137545708790c501f1ed7f6a571d500000000000000"], 0x25, 0x5586, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx44SsumCJWPBPEEisWPIbWMASdogFiB0SyDMTaNoGSuM4avs80vjMHL8+874jK9KZiRzAU2sh/e2XJE7FsYiYi4iTSeT7SblF3Im4XIx9LiJOR0Tlri0p838lDkfE8Yg4NSle1EzKtz47Oz5z8ec3f/362yOHTnz+1XcHunDgQD0fEf3VYn+jX8SsU8RbZb4x7uaxf2FcxtUdNfpZkd9or+QVNhrb4xp5PN8pxmer68NJvNlrNCex072Z51cHxQmH4852nckH0luNtfy41V7JY3eY5bGzVZx3c6v427Y1HBV1WmW9j/LyMRptxyLf3mwX61m9ncfmYFTmi7pZq705ieMylqeLZtZr5fNYecSL/Bh4qztY30zH7bVhNxukF2v1F2r1S9X6WtZqj9oXqo1+69KFdLHTmwyrjtqN/uVOlnV67Voz6y+li51ms1qvp4tX2ivdxiCt12vna+eqF5fKvbPpa9ffS3utdHESX+kO1kfd3jC9ma2lxSeW0uXa+ReX0jP19J1rN9Ibb1+9eu3Gux9cef/6y9feeLUcdN+00sXlc8vL1fq56nJ96Sla/8flpP/D+pMHp3/4fm+XDQq7fMEA2N19/X/c2/+H/h+Yur30//3b5fH+9P/xMP1/TLP/n7RU+v9/738rB9D/zof+fx/XD3vyaP3/4anPAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAmftx/ovX852F4vhEmf9fmXqmPE4iohIRfzzAXBzeUXOurDO/y/j5e+bwTRJ5hck5jpTb8Yi4XG6//3+/rwIAAAA8ub68c/rTolsvXhYOekLMUnHTpnLywynVSyJifuGnKVWrTF6enVKx/Pt9KDanVC2/gXV0SsWKW26HplXtocztCEfvCkkRKjOdDgAAMBM7O4HZdiEAAADM0if/+O5LM5sHM5bE9qPM7WfB+X/e//1A8NiO9wAAAIDHUHLQEwAAAAD2Xd7/+/0/AAAAeLIVv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf7JzP7lpA1EcgJ8Nhv5VUdV9r9IdHKNH6LLLwgF6CY5Ar9ALcAYiZZEjRBBhT5CcgBSJMU7Q90m2M+Po5xlg88bSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXbqpVrN/f77/PTdnuztPntkAAAAAx2yq1az+Y9K0P6b+z6nra2oXEVFGxLHafRCjVuYg5VQn/r96Mob/EXXCvn+cjg8R8SMd91+6/hQAAADgeq0Xy2lTrTentARw2++ouJBm0ab89DNTXhER1eQuU1q5P33LFFb/vofxO1NavYD1LlNYs+Q2PH5vlOshbYPW5XEm8/pLrFtlN88FAAD61K4ETlQhAAAAXIFffQ+AS3he2heH0+E947i5pBeC71stAAAA4A0q+h4AAAAA0Lm6/n9N+/8V9v8DAACA7Jr9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSplrN1ovl9NT9+Qtztrvz5JsRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLA/7ygQAmEQBnvXdyZz/8NKg4bGJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxb799EZRhgEAf3anu1DUWKtpYtVgwkEvUhYEuRqjaTz4EUyassXqIgo9CGnEXryZnrkYPRpjoqm3fgfONOGCNw491MSTh5r5V2bbFRqUmUJ/v+Td99nZ4f23E9Jn3lkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKm+/Gq+0iTtKXiTwuj93eWp5P641ddWp99c50WtK4VfO4nwCvVd8cn2puIAAAABweSZnfR8TdztpsWrcnsvy/U56T5vw/PJfHZT6/O+/f2Fo+Wnw0Xeb/v/9276WdjiaSrJ+00YXFQf/U3qGMPaYpHnjPP/SMsWzls3svSfaFtD9ceXGzk61n67tbt97vZuGROkYLADyKk2VdBOXfQ2nda3JgABwaY5XEu8z/k4lmxwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQh82VeKaMWxExPXY/Tm1sLc+Pqr9ZvTO9XpRzN2+uVttMm+hExMLioH+qxrkcXOVqXv9sbjDoX7l6re7geESM+OjG/v55Ugz/X8/pRsTQkRMvj2jn4330taudPUFxeUa9aziezu+hJ7eGjrT2LPh727kmLoC6gnbx/TyOLsZr/96Hg/La+/9brvm/IwAAnnqdoqSZ6N3O2mx6rDUZsf3jcP7/RiWOobx/+0Z+JH+/Xsn/731y7na1r2r+36tpfk+CmaVLX8xcvXb9rcVLcxf7F/ufv326907vzPmzZ8/PZPdKZhai7Y4JAAAA/0G3KNX8vz25d///WCWOB+z/51vCef7/5fe9r6t9JfL/ke5v+jU9EgAAgMOouxO98Ppff7ZGnNHqduOruaWlK738def96fy11uE+oiNFqeb/yWTTowIAAADqsLnSGtr/v1CJ4wH7/9Xn/5/96ZVfqm0mETEecTki+ifnLw8u1DedA62OHypnHXWbnikAAABNGS9Kdf+/kz3/39555KEdEW+eiPi7+A1/7DP/Tz749udqX9Xn/8/UOsuDpz2Vr0dWT0WMTTU9IgAAAJ5mR4uSJvt/dNZmP/312Eddz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2fAAAA//+FVSwP")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1817c1, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r6, 0xf501, 0x0)
r7 = open(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)
write$FUSE_IOCTL(r7, &(0x7f0000000100)={0x20}, 0x20)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r6, 0xf502, 0x0)
write$cgroup_int(r5, &(0x7f0000000100), 0x1001)
ioctl$SIOCSIFHWADDR(r5, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}})
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0x3}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffefb, 0x0, 0x0, 0x0, 0xffffffff}, 0x90)
r8 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
ioctl$EXT4_IOC_MIGRATE(r8, 0x6609)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5437, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)

1.23347766s ago: executing program 1 (id=709):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@bridge_getlink={0x3c, 0x12, 0x1, 0x0, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3, 'netdevsim0\x00'}, @IFLA_EXT_MASK={0x8}]}, 0x3c}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
process_mrelease(0xffffffffffffffff, 0x700)

1.212373501s ago: executing program 1 (id=710):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x3}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f0000000080)={0xc}, 0x0, 0x0, 0x0, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
prlimit64(0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
getpid()
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x3810744, &(0x7f00000003c0)={[{@noauto_da_alloc}, {@errors_continue}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}}, {@data_err_abort}, {@errors_remount}, {@noinit_itable}, {@mblk_io_submit}, {@i_version}, {@acl}]}, 0xff, 0x451, &(0x7f0000000d00)="$eJzs281vVFUbAPDn3pkCL/DSivgBglbR2PjR0oLKwo1GExeamOgCl7UtBBmooTUR0mg1BpeGxL1xaeJf4MqVUVcmbnVvSIg2JqAbx9yZe9vOdKb0Y8pU5vdLBs6Ze+ae8+Tcc+fMOb0B9KzB7J8kYm9E/BIR/fVsY4HB+n83F+Ym/lqYm0iiWn3j96RW7sbC3ERRtPjcnjwzlEaknyR5JY1mLl0+N16pTF3M8yOz598dmbl0+emz58fPTJ2ZujB28uSJ46PPPTv2TEfizNp049AH04cPvvLW1dcmTl19+4evs/bee6R+fHkcnTKYBf5Htab52GOdrqzL/qkuxZmUu90a1qoUEVl39dXGf3+UYqnz+uPlj7vaOGBLZffsne0Pz1eBO1gS3W4B0B3FF332+7d43aapx7Zw/YX6D6As7pv5q36kHGlepm8L6x+MiFPzf3+RvaJpHaLaYt0AAGCzvs3mP0+tnP/V9kaWlUvyvaGBiLgrIvZHxN0RcSAi7snL3hcR96+z/uatoZXzz/TaBkNbk2z+93y+t9U4/ytmfzFQynP/r8Xfl5w+W5k6FhH7ImIo+nZm+dFWJy9O8dLPn7Wrf/n8L3tl9Rdzwfwk18pNC3ST47PjnZqUXv8o4lC5VfzJ4k5A1vcHI+LQ+k69r0icfeKrw+0K3Tr+VXRgn6n6ZcTj9f6fj6b4C8nq+5Mju6IydWykuCpW+vGnK6+3q39T8XdA1v+7G6//phL9fybL92tn1l/HlV8/bfubsrzB639H8mZtz3pH/t7747OzF0cjdiSv1vIN748tfbbIF+Wz+IeOth7/+/PPZPE/EBHZRXwkIh6MiIfyvns4Ih6JiKOrxP/9i4++0+7Yduj/yZb3v8Xrf6Cx/9efKJ377pt29a/t/neilhrK36nd/26hfXN25SU2ejUDAADAf08aEXsjSYcX02k6PFz/e/kDsTutTM/MPnl6+r0Lk/VnBAaiLy1WuvqXrYeOJvP5Gev5sXytuDh+PF83/rz0v1p+eGK6Mtnl2KHX7Wkz/jO/lbrdOmDLeV4Lelfz+E+71A7g9vP9D73L+IfeZfxD72o1/j9sytsLgDuT73/oXcY/9C7jH3qX8Q89aTPP9W9VorzK0/sS2yUR6bZohkSLRLkDo7vLNyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAO+TcAAP//uZjx6g==")
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r2], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
r6 = getpid()
process_vm_readv(r6, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})

886.359538ms ago: executing program 4 (id=711):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$FIGETBSZ(r2, 0x5421, &(0x7f0000000040))
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r6}, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0xfe3b)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYRES32=r8, @ANYBLOB="0000000000000000280012000900"], 0x48}}, 0x44045)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=@delchain={0x24, 0x25, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0x0, 0xfff1}}}, 0x24}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newneigh={0x24, 0x1c, 0x0, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x40, 0x6}, [@NDA_IFINDEX={0x8, 0x8, r8}]}, 0x24}}, 0x0)
mlockall(0x1)

505.384819ms ago: executing program 2 (id=712):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x800448f0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=@ipv6_newrule={0x1c, 0x20, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, 0x1c}}, 0x0)
syz_emit_ethernet(0xee, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd60"], 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x4, &(0x7f0000000000), 0x1, 0x625, &(0x7f0000001400)="$eJzs3c9rXNUeAPDvncnvvPeShsd7r2/xXkC0BW3SpK0UEWwRXJVSfywEN45NWmqnP2gimlppAnUjiBsXgisX1oX/gxYEV/4DLty4kkoR6UYpOnInd8ZpMjeZxMxMm/l8YDr33HNzz7nJfHvOnDnnTgA9azL9pxCxNyIuJxETDXl9kWVOrh539+drp9NHEpXKiz8lce16stx4riR7Ho2INOO3sUi+joiJ4vpyF5auni+Vy/NXsvT04oXL0wtLVw+cu1A6O392/uLsk7NHjxw+cnTmYMNPnXluq9e3p2H7xI3X3xx77+Qrn358L5n57LuTSRyrVzq9rq2eezOTMRmVTOP+9Pd6dKcL65Ji/XXyp2TtjrWebWOF2JLa368/Iv4dY1Fs+GuOxbvPd7VyQFtVkqi3UUCvScQ/9KhaP6D23r6198EDbe6VAJ1w53jEY/X474+I1fg/NpuNDcZQdWxg5G5y3zhPEhEHd6D8tIxvvjp5I31Em8bhgOaWVwazIfC17X9Sjc3xGKqmRu4W7ov/QjaMO56NH76wcTFjeRmTa9JZ+YPbvR6gdcsrEfGfZv3/zeP/1ew53f/aNsvPiX8AAAAAAABgG24dj4gnmn3+V6jP/xloMv9nNCKO7UD5m3/+V7i9A8UATdw5HvF00/m/hdoh48Us9ffqfID+5My58vzBiPhHROyP/sE0PdN40s8bfjoiDrw/8VFe+Y3z/9JHWn5tLmBWj9t9a2YDzZUWSztw6dDz7qxE/Lcvf/5P2v4nTdr/NL4vt1jGxKM3T+XlbR7/QLtUPonY17T9T+rHJBvfn2O62h+YrvUK1vvf2x98kVe++IfuSdv/kY3jfzBpvF/PwtbOPxARh5b6Knn52+3/DyQvFaNhJeJbpcXFKzMRA8mJ9ftnt1ZneJgMtX7oOxFRjYdavKTxv/+Rjcf/6v3/hjgczu7x1Yp//T76fV6e9h+6J43/uY3b//H72/+tb8zeHP8yr/xTLbX/h6tt+v5sj/E/2FirAdrtegIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAw6gQEX+LpDBV3y4UpqYiRiPinzFSKF9aWHz8zKU3Ls6ledXv/y/Uvul3bDWd1L7/f7whPbsmfSgi9kTEh8Xhanrq9KXyXLcvHgAAAAAAAAAAAAAAAAAAAB4Qo6tP69b/p34odrVqQCf0Zc/iHXpPX7crAHSN+IfeJf6hd+XH/y/3KlUdrQ7QQa22/5Xrba4I0HHb7P/7uAB2Ae//oVf1t3bYULvrAXSD9h8AAAAAAHaVPf+/9W0SEctPDVcfqYEsr/7B4HC3age0UyEvY7Cz9QA6zxxe6F2m/kDvanHyL7CLJfWtX5su9s+f/Z+0p0IAAAAAAAAAAAAAwDr79raw/h/YlXLX/wO73gbr/5st7HG7ANhFrP+H3uU2X0Cts5/3Tf/W/wMAAAAAAAAAAADAA2Do6vlSuTx/ZWGp5Y3rWzn4r2/8GHlZz9Q2VjpQjUpxZ86zXOrcr+4h3+iPiDVZlbHVl+35Uvnl6Gx9ahHTibIGOlhWzkaX/j8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADW+SMAAP//fSQouA==")
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r1, 0x8982, &(0x7f0000000180)={0x0, 'pimreg1\x00', {0x1}, 0xd8})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000540)='sock_rcvqueue_full\x00', r2}, 0x10)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000080), 0xfd32)
bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)

505.004909ms ago: executing program 1 (id=713):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs(r3, &(0x7f0000000600)='fd/4\x00')
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000140)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000fe5000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"])
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000280)='netlink_extack\x00', r8}, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r10, 0x8933, &(0x7f0000000000)={'wg0\x00', <r11=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@ipv4_newroute={0x2c, 0x18, 0x811, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x2}, [@RTA_OIF={0x8, 0x4, r11}, @RTA_PREFSRC={0x8, 0x7, @multicast2}]}, 0x2c}}, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
write$cgroup_type(r4, &(0x7f0000000040), 0x9)
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r4, 0x40286608, &(0x7f0000000180)={@desc={0x39d, 0x2000000, @desc3}})
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000001ec0)='kmem_cache_free\x00', r12}, 0x10)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)

47.172767ms ago: executing program 0 (id=714):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x6, 0x8, 0xb}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r3, 0x28, 0x1, &(0x7f0000000100)=0x80000001, 0x8)
bind$vsock_stream(r3, &(0x7f0000000440)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000000)={0x28, 0x0, 0x2000000, @local}, 0x10)
writev(r4, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x1)

0s ago: executing program 3 (id=715):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x100, 0xfd, 0x9, 0x1, 0x1}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x4, 0x900}, 0x38)

kernel console output (not intermixed with test programs):

aned up
[   83.488909][ T1506] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[   83.489590][   T26] usb 4-1: device descriptor read/8, error -71
[   83.608264][  T489] usb 3-1: USB disconnect, device number 10
[   83.623539][  T489] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   83.657767][  T489] ftdi_sio 3-1:0.0: device disconnected
[   83.706197][  T494] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 18
[   84.755887][  T494] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[   84.775787][  T494] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   84.783592][  T494] usb 5-1: Product: syz
[   84.789512][  T494] usb 5-1: Manufacturer: syz
[   84.794107][  T494] usb 5-1: SerialNumber: syz
[   84.799451][  T494] usb 5-1: config 0 descriptor??
[   84.816002][ T1498] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[   85.006087][   T26] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[   85.067930][ T1537] loop0: detected capacity change from 0 to 256
[   85.080786][ T1536] loop2: detected capacity change from 0 to 128
[   85.115856][   T26] usb 4-1: Using ep0 maxpacket: 16
[   85.127360][ T1536] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   85.137829][ T1536] ext4 filesystem being mounted at /41/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[   85.158626][  T411] Bluetooth: hci0: Frame reassembly failed (-84)
[   85.265875][   T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   85.286521][  T494] usb 5-1: USB disconnect, device number 10
[   85.408202][  T327] udevd[327]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   85.452321][   T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   85.491626][ T1545] device syzkaller0 entered promiscuous mode
[   85.522437][   T26] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[   85.531697][   T26] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   85.539994][   T26] usb 4-1: config 0 descriptor??
[   85.585674][   T30] kauditd_printk_skb: 52 callbacks suppressed
[   85.591810][   T30] audit: type=1400 audit(1720984935.320:661): avc:  denied  { name_bind } for  pid=1547 comm="syz.2.334" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[   85.946111][  T494] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[   86.036633][   T26] savu 0003:1E7D:2D5A.000E: item fetching failed at offset 2/5
[   86.044179][   T26] savu 0003:1E7D:2D5A.000E: parse failed
[   86.049683][   T26] savu: probe of 0003:1E7D:2D5A.000E failed with error -22
[   86.165810][  T820] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[   86.195796][  T494] usb 5-1: Using ep0 maxpacket: 16
[   86.241479][   T26] usb 4-1: USB disconnect, device number 15
[   86.258350][    T6] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[   86.309761][ T1564] netlink: 104 bytes leftover after parsing attributes in process `syz.2.338'.
[   86.315862][  T494] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[   86.329693][  T494] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[   86.338513][  T494] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   86.347035][  T494] usb 5-1: config 0 descriptor??
[   86.545859][  T820] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[   86.555399][  T820] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[   86.645882][    T6] usb 1-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 255
[   86.658426][    T6] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   86.668375][    T6] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[   86.681088][    T6] usb 1-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[   86.689852][    T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   86.698844][    T6] usb 1-1: config 0 descriptor??
[   86.746066][  T820] usb 2-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[   86.755298][    T6] usb-storage 1-1:0.0: USB Mass Storage device detected
[   86.762111][  T820] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.770416][  T820] usb 2-1: Product: syz
[   86.774690][  T820] usb 2-1: Manufacturer: syz
[   86.779732][    T6] usb-storage 1-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[   86.787343][  T820] usb 2-1: SerialNumber: syz
[   86.796909][  T820] usb 2-1: config 0 descriptor??
[   86.806209][ T1545] UDC core: couldn't find an available UDC or it's busy: -16
[   86.813556][ T1545] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   86.827873][  T494] hid (null): unknown global tag 0x83
[   86.833113][  T494] hid (null): unknown global tag 0xc
[   86.838398][  T494] hid (null): global environment stack underflow
[   86.845616][  T494] hid-generic 0003:0158:0100.000F: unknown main item tag 0x1
[   86.852890][  T494] hid-generic 0003:0158:0100.000F: unexpected long global item
[   86.860345][  T494] hid-generic: probe of 0003:0158:0100.000F failed with error -22
[   86.975255][  T494] usb 1-1: USB disconnect, device number 11
[   87.108538][ T1557] loop1: detected capacity change from 0 to 128
[   87.202837][ T1574] netlink: 104 bytes leftover after parsing attributes in process `syz.2.340'.
[   87.230699][   T30] audit: type=1400 audit(1720984936.970:662): avc:  denied  { mounton } for  pid=1556 comm="syz.1.337" path="/64/file0" dev="loop1" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[   87.664369][    T6] usb 5-1: USB disconnect, device number 11
[   87.808441][ T1581] loop0: detected capacity change from 0 to 40427
[   87.888647][ T1581] F2FS-fs (loop0): Unrecognized mount option "nV‚Í¢d²" or missing value
[   87.905815][   T26] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[   87.993129][ T1589] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1589 comm=syz.2.345
[   88.120983][ T1593] loop2: detected capacity change from 0 to 1024
[   88.156470][ T1593] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   88.166786][ T1593] EXT4-fs (loop2): orphan cleanup on readonly fs
[   88.173650][ T1593] EXT4-fs error (device loop2): ext4_free_blocks:6216: comm syz.2.346: Freeing blocks not in datazone - block = 0, count = 4096
[   88.187436][ T1593] EXT4-fs (loop2): 1 orphan inode deleted
[   88.193226][ T1593] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   88.215804][   T26] usb 4-1: Using ep0 maxpacket: 16
[   88.355942][   T26] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 8
[   88.515922][   T26] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[   88.538838][   T26] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.546945][   T26] usb 4-1: Product: syz
[   88.578938][   T26] usb 4-1: Manufacturer: syz
[   88.583363][   T26] usb 4-1: SerialNumber: syz
[   88.620790][   T26] usb 4-1: config 0 descriptor??
[   88.666345][   T26] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[   88.673892][   T26] usb 4-1: Detected FT232RL
[   88.875819][   T26] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[   88.926263][  T820] snd-usb-audio: probe of 2-1:0.0 failed with error -12
[   88.933798][  T820] usb 2-1: USB disconnect, device number 13
[   88.995893][   T60] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[   89.013877][ T1609] netlink: 104 bytes leftover after parsing attributes in process `syz.1.350'.
[   89.111982][ T1611] loop2: detected capacity change from 0 to 256
[   89.119212][   T26] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   89.211390][ T1611] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[   89.255809][   T60] usb 5-1: Using ep0 maxpacket: 16
[   89.320089][   T26] usb 4-1: USB disconnect, device number 16
[   89.327018][   T26] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   89.336496][   T26] ftdi_sio 4-1:0.0: device disconnected
[   89.406211][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   89.417088][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   89.426710][   T60] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[   89.435605][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.446412][   T60] usb 5-1: config 0 descriptor??
[   89.452629][   T30] audit: type=1326 audit(1720984939.190:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1616 comm="syz.0.353" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f41496ccbd9 code=0x0
[   89.595820][   T20] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[   89.810675][   T30] audit: type=1400 audit(1720984939.550:664): avc:  denied  { relabelfrom } for  pid=1620 comm="syz.1.354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   89.830321][   T30] audit: type=1400 audit(1720984939.550:665): avc:  denied  { relabelto } for  pid=1620 comm="syz.1.354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   89.926823][ T1625] FAULT_INJECTION: forcing a failure.
[   89.926823][ T1625] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   89.940733][   T60] savu 0003:1E7D:2D5A.0010: item fetching failed at offset 2/5
[   89.945951][ T1625] CPU: 1 PID: 1625 Comm: syz.1.356 Not tainted 5.15.151-syzkaller-00415-gdb06c48ab67e #0
[   89.948679][   T60] savu 0003:1E7D:2D5A.0010: parse failed
[   89.957727][ T1625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   89.957744][ T1625] Call Trace:
[   89.957749][ T1625]  <TASK>
[   89.957757][ T1625]  dump_stack_lvl+0x151/0x1b7
[   89.957785][ T1625]  ? io_uring_drop_tctx_refs+0x190/0x190
[   89.963259][   T60] savu: probe of 0003:1E7D:2D5A.0010 failed with error -22
[   89.973087][ T1625]  ? __mod_memcg_lruvec_state+0x11c/0x1b0
[   89.973111][ T1625]  dump_stack+0x15/0x17
[   90.005553][ T1625]  should_fail+0x3c6/0x510
[   90.009799][ T1625]  should_fail_alloc_page+0x5a/0x80
[   90.014831][ T1625]  prepare_alloc_pages+0x15c/0x700
[   90.019780][ T1625]  ? __alloc_pages_bulk+0xe40/0xe40
[   90.024817][ T1625]  __alloc_pages+0x18c/0x8f0
[   90.029249][ T1625]  ? prep_new_page+0x110/0x110
[   90.033846][ T1625]  ? __pte_map_lock+0x559/0x620
[   90.038542][ T1625]  ? do_wp_page+0x6fa/0xb60
[   90.042218][ T1627] loop3: detected capacity change from 0 to 1024
[   90.042867][ T1625]  handle_pte_fault+0xea0/0x24d0
[   90.053808][ T1625]  ? fault_around_bytes_set+0xc0/0xc0
[   90.059012][ T1625]  ? trace_raw_output_vm_unmapped_area+0x220/0x220
[   90.065346][ T1625]  ? do_handle_mm_fault+0x1578/0x23a0
[   90.070555][ T1625]  ? memcpy+0x56/0x70
[   90.074372][ T1625]  do_handle_mm_fault+0x1ea9/0x23a0
[   90.079408][ T1625]  ? numa_migrate_prep+0xe0/0xe0
[   90.084177][ T1625]  ? memset+0x35/0x40
[   90.087997][ T1625]  ? get_unmapped_area+0x31d/0x380
[   90.092942][ T1625]  ? userfaultfd_unmap_prep+0x4a0/0x4a0
[   90.098327][ T1625]  ? debug_smp_processor_id+0x17/0x20
[   90.103532][ T1625]  ? exc_page_fault+0x222/0x830
[   90.108217][ T1625]  ? access_error+0x246/0x270
[   90.112732][ T1625]  exc_page_fault+0x26f/0x830
[   90.117250][ T1625]  asm_exc_page_fault+0x27/0x30
[   90.121935][ T1625] RIP: 0033:0x7f6c0ff19453
[   90.126186][ T1625] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[   90.145626][ T1625] RSP: 002b:00007f6c0f2d44b0 EFLAGS: 00010202
[   90.151526][ T1625] RAX: 0000000000023000 RBX: 00007f6c0f2d4550 RCX: 00007f6c06eb5000
[   90.159340][ T1625] RDX: 00007f6c0f2d46f0 RSI: 0000000000000001 RDI: 00007f6c0f2d45f0
[   90.167149][ T1625] RBP: 0000000000000063 R08: 0000000000000007 R09: 0000000000000042
[   90.174958][ T1625] R10: 000000000000004e R11: 00007f6c0f2d4550 R12: 0000000000000001
[   90.182772][ T1625] R13: 00007f6c100d3f80 R14: 0000000000000073 R15: 00007f6c0f2d45f0
[   90.190588][ T1625]  </TASK>
[   90.193579][   T20] usb 3-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 255
[   90.202756][   T30] audit: type=1400 audit(1720984939.940:666): avc:  denied  { unlink } for  pid=82 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   90.206733][   T20] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   90.228687][ T1625] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   90.242801][   T20] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[   90.248327][ T1625] loop1: detected capacity change from 0 to 512
[   90.259279][   T20] usb 3-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[   90.273727][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.274066][ T1627] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   90.282258][   T60] usb 5-1: USB disconnect, device number 12
[   90.294942][ T1627] EXT4-fs (loop3): orphan cleanup on readonly fs
[   90.295407][   T20] usb 3-1: config 0 descriptor??
[   90.307647][ T1627] EXT4-fs error (device loop3): ext4_free_blocks:6216: comm syz.3.357: Freeing blocks not in datazone - block = 0, count = 4096
[   90.323246][ T1627] EXT4-fs (loop3): 1 orphan inode deleted
[   90.329361][ T1627] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   90.344627][ T1625] EXT4-fs (loop1): orphan cleanup on readonly fs
[   90.352458][ T1625] EXT4-fs (loop1): 1 orphan inode deleted
[   90.367422][   T20] usb-storage 3-1:0.0: USB Mass Storage device detected
[   90.375915][ T1625] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   90.411197][   T20] usb-storage 3-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[   90.488154][ T1642] loop1: detected capacity change from 0 to 256
[   90.547942][ T1642] exFAT-fs (loop1): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[   90.574393][ T1634] loop3: detected capacity change from 0 to 40427
[   90.582184][   T60] usb 3-1: USB disconnect, device number 11
[   90.624975][ T1646] loop1: detected capacity change from 0 to 1024
[   90.668199][ T1634] F2FS-fs (loop3): Unrecognized mount option "nV‚Í¢d²" or missing value
[   90.689575][ T1646] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   90.705486][ T1646] EXT4-fs (loop1): orphan cleanup on readonly fs
[   90.722425][ T1646] EXT4-fs error (device loop1): ext4_free_blocks:6216: comm syz.1.363: Freeing blocks not in datazone - block = 0, count = 4096
[   90.746378][ T1646] EXT4-fs (loop1): 1 orphan inode deleted
[   90.752246][ T1646] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   91.484261][ T1674] loop2: detected capacity change from 0 to 1024
[   91.568578][ T1674] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   91.576922][ T1674] EXT4-fs (loop2): orphan cleanup on readonly fs
[   91.583193][ T1674] EXT4-fs error (device loop2): ext4_free_blocks:6216: comm syz.2.371: Freeing blocks not in datazone - block = 0, count = 4096
[   91.596533][ T1674] EXT4-fs (loop2): 1 orphan inode deleted
[   91.602100][ T1674] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   91.735877][   T26] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[   91.797744][ T1682] loop1: detected capacity change from 0 to 256
[   91.831830][ T1684] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   91.839874][   T30] audit: type=1400 audit(1720984941.580:667): avc:  denied  { mounton } for  pid=1683 comm="syz.2.374" path="/proc/161/cgroup" dev="proc" ino=19299 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[   91.879420][ T1682] exFAT-fs (loop1): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[   92.035796][   T26] usb 1-1: Using ep0 maxpacket: 8
[   92.043744][   T30] audit: type=1400 audit(1720984941.780:668): avc:  denied  { create } for  pid=1689 comm="syz.4.377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   92.065105][   T30] audit: type=1400 audit(1720984941.810:669): avc:  denied  { connect } for  pid=1689 comm="syz.4.377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   92.091953][ T1691] loop1: detected capacity change from 0 to 2048
[   92.155806][  T820] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[   92.155827][   T26] usb 1-1: config 135 has an invalid interface number: 230 but max is 0
[   92.171402][   T26] usb 1-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[   92.181442][   T26] usb 1-1: config 135 has no interface number 0
[   92.187612][   T26] usb 1-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30
[   92.198679][   T26] usb 1-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53
[   92.211943][   T26] usb 1-1: config 135 interface 230 has no altsetting 0
[   92.220353][ T1691] EXT4-fs error (device loop1): ext4_orphan_get:1423: comm syz.1.376: bad orphan inode 8192
[   92.230885][ T1691] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   92.375855][   T26] usb 1-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[   92.381223][ T1697] loop3: detected capacity change from 0 to 512
[   92.384720][   T26] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   92.384742][   T26] usb 1-1: Product: syz
[   92.403066][   T26] usb 1-1: Manufacturer: syz
[   92.408396][ T1697] EXT4-fs (loop3): Mount option "noacl" will be removed by 3.5
[   92.408396][ T1697] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[   92.408396][ T1697] 
[   92.415793][  T820] usb 3-1: Using ep0 maxpacket: 16
[   92.426487][   T26] usb 1-1: SerialNumber: syz
[   92.437300][ T1697] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[   92.446014][ T1697] EXT4-fs (loop3): 1 truncate cleaned up
[   92.451471][ T1697] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[   92.615845][  T820] usb 3-1: unable to get BOS descriptor or descriptor too short
[   92.681098][ T1668] loop0: detected capacity change from 0 to 256
[   92.695857][  T820] usb 3-1: config 1 has an invalid descriptor of length 227, skipping remainder of the config
[   92.708909][  T820] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[   92.717833][  T820] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   92.748088][ T1668] exfat: Unknown parameter ''
[   92.755823][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[   92.869659][   T30] audit: type=1400 audit(1720984942.610:670): avc:  denied  { create } for  pid=1667 comm="syz.0.369" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[   92.890319][   T30] audit: type=1400 audit(1720984942.610:671): avc:  denied  { getopt } for  pid=1667 comm="syz.0.369" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   92.909585][  T820] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   92.909614][  T820] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   92.909632][  T820] usb 3-1: Product: syz
[   92.926212][   T26] usb 1-1: Found UVC 0.00 device syz (18ec:3288)
[   92.926245][   T26] usb 1-1: No valid video chain found.
[   92.929005][   T26] usb 1-1: USB disconnect, device number 12
[   92.932639][  T820] usb 3-1: Manufacturer: syz
[   92.953726][  T820] usb 3-1: SerialNumber: syz
[   93.007321][  T820] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found
[   93.013959][  T820] cdc_ncm 3-1:1.0: bind() failure
[   93.227883][  T494] usb 3-1: USB disconnect, device number 12
[   93.247832][ T1708] FAULT_INJECTION: forcing a failure.
[   93.247832][ T1708] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.267086][ T1708] CPU: 1 PID: 1708 Comm: syz.1.380 Not tainted 5.15.151-syzkaller-00415-gdb06c48ab67e #0
[   93.276727][ T1708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   93.286619][ T1708] Call Trace:
[   93.289740][ T1708]  <TASK>
[   93.292518][ T1708]  dump_stack_lvl+0x151/0x1b7
[   93.297031][ T1708]  ? io_uring_drop_tctx_refs+0x190/0x190
[   93.302501][ T1708]  dump_stack+0x15/0x17
[   93.306492][ T1708]  should_fail+0x3c6/0x510
[   93.310745][ T1708]  should_fail_usercopy+0x1a/0x20
[   93.315605][ T1708]  _copy_from_user+0x20/0xd0
[   93.320030][ T1708]  __sys_connect+0x137/0x410
[   93.324457][ T1708]  ? fput_many+0x160/0x1b0
[   93.328712][ T1708]  ? __sys_connect_file+0x170/0x170
[   93.333747][ T1708]  ? debug_smp_processor_id+0x17/0x20
[   93.338951][ T1708]  ? fpregs_assert_state_consistent+0xb6/0xe0
[   93.344853][ T1708]  __x64_sys_connect+0x7a/0x90
[   93.349458][ T1708]  do_syscall_64+0x3d/0xb0
[   93.353704][ T1708]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   93.359434][ T1708] RIP: 0033:0x7f6c10053bd9
[   93.363688][ T1708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.383128][ T1708] RSP: 002b:00007f6c0f2b4048 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[   93.391373][ T1708] RAX: ffffffffffffffda RBX: 00007f6c101e2038 RCX: 00007f6c10053bd9
[   93.399182][ T1708] RDX: 0000000000000010 RSI: 0000000020000040 RDI: 0000000000000009
[   93.406996][ T1708] RBP: 00007f6c0f2b40a0 R08: 0000000000000000 R09: 0000000000000000
[   93.414806][ T1708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.422617][ T1708] R13: 000000000000006e R14: 00007f6c101e2038 R15: 00007ffeab33cae8
[   93.430432][ T1708]  </TASK>
[   93.895790][  T820] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[   93.912035][ T1724] loop1: detected capacity change from 0 to 256
[   93.950036][   T30] audit: type=1400 audit(1720984943.690:672): avc:  denied  { ioctl } for  pid=1727 comm="syz.2.387" path="socket:[20645]" dev="sockfs" ino=20645 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   93.975880][ T1728] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=24 sclass=netlink_tcpdiag_socket pid=1728 comm=syz.2.387
[   93.993837][ T1722] loop4: detected capacity change from 0 to 40427
[   94.018017][ T1724] exFAT-fs (loop1): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[   94.041868][ T1729] netem: change failed
[   94.059391][ T1722] F2FS-fs (loop4): Unrecognized mount option "nV‚Í¢d²" or missing value
[   94.109331][ T1733] loop1: detected capacity change from 0 to 512
[   94.167541][ T1733] EXT4-fs (loop1): orphan cleanup on readonly fs
[   94.328818][ T1733] EXT4-fs (loop1): 1 orphan inode deleted
[   94.390912][ T1733] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   94.455820][   T30] audit: type=1326 audit(1720984944.190:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1737 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c10053bd9 code=0x7ffc0000
[   94.455878][  T820] usb 4-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 255
[   94.478971][   T30] audit: type=1326 audit(1720984944.190:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1737 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c10053bd9 code=0x7ffc0000
[   94.515371][  T820] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   94.525633][  T820] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[   94.538522][  T820] usb 4-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[   94.558207][ T1741] loop0: detected capacity change from 0 to 512
[   94.561786][  T820] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.575272][   T30] audit: type=1326 audit(1720984944.190:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1737 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c10053bd9 code=0x7ffc0000
[   94.598371][ T1743] loop1: detected capacity change from 0 to 512
[   94.604577][ T1741] EXT4-fs (loop0): Mount option "noacl" will be removed by 3.5
[   94.604577][ T1741] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[   94.604577][ T1741] 
[   94.624429][  T820] usb 4-1: config 0 descriptor??
[   94.629380][ T1743] EXT4-fs (loop1): Mount option "noacl" will be removed by 3.5
[   94.629380][ T1743] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[   94.629380][ T1743] 
[   94.640501][   T30] audit: type=1326 audit(1720984944.190:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1737 comm="syz.1.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6c10053bd9 code=0x7ffc0000
[   94.678762][ T1741] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[   94.678793][ T1743] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[   94.696193][  T820] usb-storage 4-1:0.0: USB Mass Storage device detected
[   94.697562][ T1743] EXT4-fs (loop1): 1 truncate cleaned up
[   94.709863][ T1743] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[   94.735922][ T1741] EXT4-fs (loop0): 1 truncate cleaned up
[   94.741517][ T1741] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[   94.741849][  T820] usb-storage 4-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[   94.908759][  T494] usb 4-1: USB disconnect, device number 17
[   95.530014][ T1767] loop2: detected capacity change from 0 to 2048
[   95.614025][ T1753] loop4: detected capacity change from 0 to 40427
[   95.626732][ T1767] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   95.723824][ T1753] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   95.731697][ T1753] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   95.744779][ T1753] F2FS-fs (loop4): invalid crc value
[   95.751747][ T1753] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[   95.759461][ T1778] loop0: detected capacity change from 0 to 256
[   95.781155][ T1753] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   95.788183][ T1753] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   95.806864][ T1753] gretap0: refused to change device tx_queue_len
[   95.816358][ T1778] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[   95.822783][ T1753] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   95.941600][ T1788] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=24 sclass=netlink_tcpdiag_socket pid=1788 comm=syz.0.399
[   96.027635][ T1788] netem: change failed
[   96.284147][ T1800] loop4: detected capacity change from 0 to 1024
[   96.359802][ T1800] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   96.375633][ T1800] EXT4-fs (loop4): orphan cleanup on readonly fs
[   96.382240][ T1800] EXT4-fs error (device loop4): ext4_free_blocks:6216: comm syz.4.403: Freeing blocks not in datazone - block = 0, count = 4096
[   96.395716][ T1800] EXT4-fs (loop4): 1 orphan inode deleted
[   96.401451][ T1800] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   96.476336][ T1802] loop2: detected capacity change from 0 to 40427
[   96.481969][ T1807] loop4: detected capacity change from 0 to 512
[   96.507460][ T1807] EXT4-fs (loop4): Mount option "noacl" will be removed by 3.5
[   96.507460][ T1807] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[   96.507460][ T1807] 
[   96.526116][ T1807] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[   96.534798][ T1807] EXT4-fs (loop4): 1 truncate cleaned up
[   96.540349][ T1807] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[   96.586140][ T1802] F2FS-fs (loop2): Unrecognized mount option "nV‚Í¢d²" or missing value
[   97.003936][ T1825] loop3: detected capacity change from 0 to 256
[   97.110767][ T1830] netlink: 104 bytes leftover after parsing attributes in process `syz.1.410'.
[   97.128964][ T1829] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   97.168262][ T1825] exFAT-fs (loop3): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[   97.345675][ T1837] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=24 sclass=netlink_tcpdiag_socket pid=1837 comm=syz.2.413
[   97.383512][   T30] kauditd_printk_skb: 37 callbacks suppressed
[   97.383525][   T30] audit: type=1400 audit(1720984947.120:714): avc:  denied  { unmount } for  pid=419 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   97.421213][ T1838] netem: change failed
[   97.468863][ T1842] loop4: detected capacity change from 0 to 8192
[   97.535823][  T494] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[   97.695784][   T39] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[   97.735795][  T820] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[   97.896079][  T494] usb 1-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 255
[   97.896131][  T494] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   97.896218][  T494] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[   97.896356][  T494] usb 1-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[   97.896403][  T494] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.899364][  T494] usb 1-1: config 0 descriptor??
[   97.936228][  T494] usb-storage 1-1:0.0: USB Mass Storage device detected
[   97.964268][  T494] usb-storage 1-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[   97.978438][   T30] audit: type=1400 audit(1720984947.720:715): avc:  denied  { ioctl } for  pid=1848 comm="syz.1.417" path="socket:[21610]" dev="sockfs" ino=21610 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   98.007027][   T30] audit: type=1400 audit(1720984947.750:716): avc:  denied  { setopt } for  pid=1848 comm="syz.1.417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   98.075832][   T39] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 18
[   98.105833][  T820] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 18
[   98.166035][   T20] usb 1-1: USB disconnect, device number 13
[   98.235837][   T39] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[   98.244751][   T39] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.252527][   T39] usb 4-1: Product: syz
[   98.256801][   T39] usb 4-1: Manufacturer: syz
[   98.261205][   T39] usb 4-1: SerialNumber: syz
[   98.266672][   T39] usb 4-1: config 0 descriptor??
[   98.285855][  T820] usb 3-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[   98.294700][  T820] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.302630][ T1840] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   98.309472][  T820] usb 3-1: Product: syz
[   98.313370][  T820] usb 3-1: Manufacturer: syz
[   98.317935][  T820] usb 3-1: SerialNumber: syz
[   98.322812][  T820] usb 3-1: config 0 descriptor??
[   98.355883][ T1844] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[   98.533494][  T409] Bluetooth: hci0: Frame reassembly failed (-84)
[   98.580037][  T412] Bluetooth: hci0: Frame reassembly failed (-84)
[   98.588355][   T39] usb 4-1: USB disconnect, device number 18
[   98.639156][  T820] usb 3-1: USB disconnect, device number 13
[   98.648161][  T327] udevd[327]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   98.667057][  T322] udevd[322]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card1/controlC1/../uevent} for writing: No such file or directory
[   99.105803][  T494] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[   99.145253][ T1871] loop2: detected capacity change from 0 to 256
[   99.226989][ T1869] loop3: detected capacity change from 0 to 40427
[   99.242639][ T1871] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[   99.258760][ T1873] loop4: detected capacity change from 0 to 512
[   99.286888][ T1873] EXT4-fs (loop4): Mount option "noacl" will be removed by 3.5
[   99.286888][ T1873] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[   99.286888][ T1873] 
[   99.287541][ T1869] F2FS-fs (loop3): Unrecognized mount option "nV‚Í¢d²" or missing value
[   99.314095][ T1873] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[   99.323085][ T1873] EXT4-fs (loop4): 1 truncate cleaned up
[   99.331988][ T1873] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[   99.357423][   T30] audit: type=1400 audit(1720984949.100:717): avc:  denied  { mount } for  pid=1872 comm="syz.4.425" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  100.469918][  T494] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  100.483787][  T494] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.494612][  T494] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  100.504173][  T494] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  100.608033][ T1891] netlink: 104 bytes leftover after parsing attributes in process `syz.0.427'.
[  100.646064][  T494] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  100.668128][  T494] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  100.717036][  T494] usb 2-1: Manufacturer: syz
[  100.751640][  T494] usb 2-1: config 0 descriptor??
[  100.822919][ T1898] fuse: Unknown parameter 'fÁvMÍÆ©'
[  100.898668][ T1904] netem: incorrect ge model size
[  100.903445][ T1904] netem: change failed
[  100.935337][ T1906] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=24 sclass=netlink_tcpdiag_socket pid=1906 comm=syz.4.433
[  101.226582][  T494] appleir 0003:05AC:8243.0011: unknown main item tag 0x0
[  101.233653][  T494] appleir 0003:05AC:8243.0011: No inputs registered, leaving
[  101.242402][  T494] appleir 0003:05AC:8243.0011: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  101.407923][  T489] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  101.441718][ T1917] loop0: detected capacity change from 0 to 256
[  101.488519][ T1917] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  101.765828][  T489] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 18
[  101.784830][ T1928] loop2: detected capacity change from 0 to 8192
[  101.945837][  T489] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  101.954757][  T489] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  101.962530][  T489] usb 5-1: Product: syz
[  101.966530][  T489] usb 5-1: Manufacturer: syz
[  101.970903][  T489] usb 5-1: SerialNumber: syz
[  101.992446][  T489] usb 5-1: config 0 descriptor??
[  102.016105][ T1913] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  102.250391][  T409] Bluetooth: hci0: Frame reassembly failed (-84)
[  102.333515][  T489] usb 5-1: USB disconnect, device number 13
[  102.518362][  T820] usb 2-1: USB disconnect, device number 14
[  102.533820][   T30] audit: type=1400 audit(1720984952.270:718): avc:  denied  { read } for  pid=1937 comm="syz.3.443" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  102.557180][   T30] audit: type=1400 audit(1720984952.270:719): avc:  denied  { open } for  pid=1937 comm="syz.3.443" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  102.841473][ T1946] FAULT_INJECTION: forcing a failure.
[  102.841473][ T1946] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  102.854927][ T1946] CPU: 1 PID: 1946 Comm: syz.4.445 Not tainted 5.15.151-syzkaller-00415-gdb06c48ab67e #0
[  102.864552][ T1946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  102.874443][ T1946] Call Trace:
[  102.877567][ T1946]  <TASK>
[  102.880344][ T1946]  dump_stack_lvl+0x151/0x1b7
[  102.884857][ T1946]  ? io_uring_drop_tctx_refs+0x190/0x190
[  102.891021][ T1946]  ? page_ext_put+0x1c/0x30
[  102.895359][ T1946]  dump_stack+0x15/0x17
[  102.899351][ T1946]  should_fail+0x3c6/0x510
[  102.903604][ T1946]  should_fail_alloc_page+0x5a/0x80
[  102.908638][ T1946]  prepare_alloc_pages+0x15c/0x700
[  102.913588][ T1946]  ? __alloc_pages_bulk+0xe40/0xe40
[  102.918618][ T1946]  ? __update_load_avg_cfs_rq+0xb1/0x2f0
[  102.924097][ T1946]  __alloc_pages+0x18c/0x8f0
[  102.928513][ T1946]  ? prep_new_page+0x110/0x110
[  102.933112][ T1946]  ? __switch_to+0x62a/0x1190
[  102.937627][ T1946]  ? dev_map_hash_lookup_elem+0x116/0x180
[  102.943182][ T1946]  ? compat_start_thread+0x20/0x20
[  102.948130][ T1946]  wp_page_copy+0x1d4/0x1b00
[  102.952555][ T1946]  ? __kasan_check_write+0x14/0x20
[  102.957502][ T1946]  ? insert_page_into_pte_locked+0x4e0/0x4e0
[  102.963315][ T1946]  ? __schedule+0xcd4/0x1590
[  102.967745][ T1946]  ? __pte_map_lock+0x559/0x620
[  102.972439][ T1946]  ? vm_normal_page+0x1e1/0x1f0
[  102.977117][ T1946]  do_wp_page+0x6fa/0xb60
[  102.981284][ T1946]  handle_pte_fault+0x7c0/0x24d0
[  102.986056][ T1946]  ? irqentry_exit_cond_resched+0x2a/0x30
[  102.991609][ T1946]  ? irqentry_exit+0x30/0x40
[  102.996035][ T1946]  ? sysvec_reschedule_ipi+0x7d/0x150
[  103.001243][ T1946]  ? fault_around_bytes_set+0xc0/0xc0
[  103.006463][ T1946]  ? do_handle_mm_fault+0x15c0/0x23a0
[  103.011659][ T1946]  do_handle_mm_fault+0x1ea9/0x23a0
[  103.016694][ T1946]  ? __this_cpu_preempt_check+0x13/0x20
[  103.022096][ T1946]  ? numa_migrate_prep+0xe0/0xe0
[  103.026848][ T1946]  ? _raw_spin_unlock+0x4d/0x70
[  103.031531][ T1946]  ? finish_task_switch+0x167/0x7b0
[  103.036570][ T1946]  ? __kasan_check_write+0x14/0x20
[  103.041514][ T1946]  ? switch_fpu_return+0x1ed/0x3d0
[  103.046461][ T1946]  ? fpu_flush_thread+0xf0/0xf0
[  103.051157][ T1946]  ? __kasan_check_read+0x11/0x20
[  103.056021][ T1946]  ? exc_page_fault+0x222/0x830
[  103.060694][ T1946]  ? access_error+0x246/0x270
[  103.065209][ T1946]  exc_page_fault+0x26f/0x830
[  103.069726][ T1946]  asm_exc_page_fault+0x27/0x30
[  103.074407][ T1946] RIP: 0033:0x7f668baa1453
[  103.078665][ T1946] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  103.098103][ T1946] RSP: 002b:00007f668ae5c4b0 EFLAGS: 00010202
[  103.104002][ T1946] RAX: 0000000000022008 RBX: 00007f668ae5c550 RCX: 00007f6682a3d000
[  103.111814][ T1946] RDX: 00007f668ae5c6f0 RSI: 0000000000000017 RDI: 00007f668ae5c5f0
[  103.119625][ T1946] RBP: 000000000000004c R08: 0000000000000009 R09: 00000000000001b7
[  103.127437][ T1946] R10: 00000000000001be R11: 00007f668ae5c550 R12: 0000000000000001
[  103.135247][ T1946] R13: 00007f668bc5bf80 R14: 00000000000000f2 R15: 00007f668ae5c5f0
[  103.143064][ T1946]  </TASK>
[  103.146203][ T1946] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  103.158033][ T1946] loop4: detected capacity change from 0 to 512
[  103.228666][ T1950] netlink: 104 bytes leftover after parsing attributes in process `syz.2.446'.
[  103.230927][ T1946] EXT4-fs (loop4): orphan cleanup on readonly fs
[  103.250238][ T1946] EXT4-fs (loop4): 1 orphan inode deleted
[  103.266855][ T1946] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  103.346505][ T1954] loop3: detected capacity change from 0 to 1024
[  103.355947][  T820] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  103.386810][ T1954] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  103.395127][ T1954] EXT4-fs (loop3): orphan cleanup on readonly fs
[  103.406037][ T1954] EXT4-fs error (device loop3): ext4_free_blocks:6216: comm syz.3.448: Freeing blocks not in datazone - block = 0, count = 4096
[  103.420553][ T1954] EXT4-fs (loop3): 1 orphan inode deleted
[  103.426240][ T1954] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  103.471420][   T30] audit: type=1400 audit(1720984953.210:720): avc:  denied  { setopt } for  pid=1955 comm="syz.4.449" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  103.516503][   T30] audit: type=1400 audit(1720984953.210:721): avc:  denied  { bind } for  pid=1955 comm="syz.4.449" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  103.537488][   T30] audit: type=1400 audit(1720984953.210:722): avc:  denied  { listen } for  pid=1955 comm="syz.4.449" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  103.695499][   T30] audit: type=1400 audit(1720984953.430:723): avc:  denied  { name_bind } for  pid=1960 comm="syz.3.450" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  103.735825][  T489] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  103.805869][  T820] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  103.816615][  T820] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  103.826134][  T820] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  103.835023][  T820] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.843358][  T820] usb 2-1: config 0 descriptor??
[  104.015979][  T489] usb 1-1: too many configurations: 65, using maximum allowed: 8
[  104.485811][    T6] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  104.535920][  T820] usb 2-1: language id specifier not provided by device, defaulting to English
[  104.715992][  T489] usb 1-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  104.733343][  T489] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.798646][    T6] usb 5-1: Using ep0 maxpacket: 8
[  104.985952][    T6] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 188, using maximum allowed: 30
[  104.996726][    T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  105.008371][    T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  105.008498][ T1952] UDC core: couldn't find an available UDC or it's busy: -16
[  105.018813][    T6] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 188
[  105.025483][ T1952] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  105.038079][    T6] usb 5-1: New USB device found, idVendor=05ac, idProduct=1440, bcdDevice= 0.00
[  105.054183][    T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.062571][    T6] usb 5-1: config 0 descriptor??
[  105.254425][ T1952] UDC core: couldn't find an available UDC or it's busy: -16
[  105.261727][ T1952] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  105.269676][   T30] audit: type=1400 audit(1720984955.020:724): avc:  denied  { ioctl } for  pid=1951 comm="syz.0.447" path="/dev/input/event2" dev="devtmpfs" ino=178 ioctlcmd=0x4592 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  105.276362][ T1952] fuse: Unknown parameter 'r000000000000'
[  105.335859][  T489] usb 1-1: string descriptor 0 read error: -71
[  105.342917][  T489] usb 1-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  105.354738][  T489] usb 1-1: No valid video chain found.
[  105.360925][  T489] usb 1-1: USB disconnect, device number 14
[  105.586483][    T6] appleir 0003:05AC:1440.0013: unexpected long global item
[  105.594494][    T6] appleir 0003:05AC:1440.0013: parse failed
[  105.600257][    T6] appleir: probe of 0003:05AC:1440.0013 failed with error -22
[  105.806749][  T489] usb 5-1: USB disconnect, device number 14
[  105.838605][ T1983] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.845499][ T1983] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.852866][ T1983] device bridge_slave_0 entered promiscuous mode
[  105.859628][ T1983] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.866488][ T1983] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.873593][ T1983] device bridge_slave_1 entered promiscuous mode
[  105.915693][ T1983] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.922606][ T1983] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.929689][ T1983] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.936563][ T1983] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.954881][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  105.962477][   T20] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.969895][   T20] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.986604][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  105.994563][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.001415][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.008579][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  106.016623][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.023455][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.030804][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  106.039188][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  106.056042][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  106.064200][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  106.072016][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  106.079312][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  106.089937][ T1983] device veth0_vlan entered promiscuous mode
[  106.100013][  T489] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  106.105780][    T6] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  106.116535][ T1983] device veth1_macvtap entered promiscuous mode
[  106.125572][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  106.139809][  T489] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  106.245816][  T820] uclogic 0003:256C:006D.0012: failed retrieving string descriptor #100: -71
[  106.256427][  T412] device bridge_slave_1 left promiscuous mode
[  106.258274][  T820] uclogic 0003:256C:006D.0012: failed retrieving pen parameters: -71
[  106.270054][  T412] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.270399][  T820] uclogic 0003:256C:006D.0012: failed probing pen v1 parameters: -71
[  106.285819][  T820] uclogic 0003:256C:006D.0012: failed probing parameters: -71
[  106.286223][  T412] device bridge_slave_0 left promiscuous mode
[  106.293146][  T820] uclogic: probe of 0003:256C:006D.0012 failed with error -71
[  106.294264][  T820] usb 2-1: USB disconnect, device number 15
[  106.302645][  T412] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.324590][  T412] device veth1_macvtap left promiscuous mode
[  106.330738][  T412] device veth0_vlan left promiscuous mode
[  106.415858][    T6] usb 3-1: too many configurations: 65, using maximum allowed: 8
[  106.435778][  T489] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  106.603383][   T30] audit: type=1400 audit(1720984956.340:725): avc:  denied  { mount } for  pid=1992 comm="syz.1.458" name="/" dev="ramfs" ino=21993 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  106.866339][  T489] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 18
[  107.055856][  T489] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  107.064787][  T489] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.072584][  T489] usb 1-1: Product: syz
[  107.076584][  T489] usb 1-1: Manufacturer: syz
[  107.080972][  T489] usb 1-1: SerialNumber: syz
[  107.085972][  T489] usb 1-1: config 0 descriptor??
[  107.105830][ T1989] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[  107.236443][    T6] usb 3-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  107.245502][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.329171][  T412] Bluetooth: hci0: Frame reassembly failed (-84)
[  107.388624][  T489] usb 1-1: USB disconnect, device number 15
[  107.398399][  T322] udevd[322]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  107.515938][    T6] usb 3-1: string descriptor 0 read error: -22
[  107.522245][    T6] usb 3-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  107.529091][    T6] usb 3-1: No valid video chain found.
[  108.454658][ T1980] device wireguard0 entered promiscuous mode
[  108.456004][ T2023] loop3: detected capacity change from 0 to 1024
[  108.498651][   T30] audit: type=1326 audit(1720984958.240:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1979 comm="syz.2.455" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb9532c8bd9 code=0x0
[  108.521675][ T2023] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  108.530000][ T2023] EXT4-fs (loop3): orphan cleanup on readonly fs
[  108.536407][ T2023] EXT4-fs error (device loop3): ext4_free_blocks:6216: comm syz.3.465: Freeing blocks not in datazone - block = 0, count = 4096
[  108.550473][ T2023] EXT4-fs (loop3): 1 orphan inode deleted
[  108.556118][ T2023] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  108.575994][  T494] usb 3-1: USB disconnect, device number 14
[  108.670894][ T2033] loop3: detected capacity change from 0 to 1024
[  108.757641][ T2033] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  108.765721][ T2033] EXT4-fs (loop3): orphan cleanup on readonly fs
[  108.772000][ T2033] EXT4-fs error (device loop3): ext4_free_blocks:6216: comm syz.3.468: Freeing blocks not in datazone - block = 0, count = 4096
[  108.785820][ T2033] EXT4-fs (loop3): 1 orphan inode deleted
[  108.791363][ T2033] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  109.191776][ T2045] loop0: detected capacity change from 0 to 256
[  109.221532][ T2048] loop2: detected capacity change from 0 to 1024
[  109.336047][ T2048] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  109.353782][   T30] audit: type=1400 audit(1720984959.090:727): avc:  denied  { setattr } for  pid=2046 comm="syz.2.471" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  110.196846][   T30] audit: type=1400 audit(1720984959.090:728): avc:  denied  { rename } for  pid=2046 comm="syz.2.471" name="file0" dev="loop2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  110.245794][   T30] audit: type=1400 audit(1720984959.090:729): avc:  denied  { unlink } for  pid=2046 comm="syz.2.471" name="file1" dev="loop2" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  110.270484][  T295] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  110.281637][ T2070] loop1: detected capacity change from 0 to 512
[  110.299100][ T2074] loop3: detected capacity change from 0 to 1024
[  110.461504][ T2074] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  110.470586][ T2074] EXT4-fs (loop3): orphan cleanup on readonly fs
[  110.477168][ T2074] EXT4-fs error (device loop3): ext4_free_blocks:6216: comm syz.3.480: Freeing blocks not in datazone - block = 0, count = 4096
[  110.490740][ T2074] EXT4-fs (loop3): 1 orphan inode deleted
[  110.496735][ T2074] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  110.512133][ T2070] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[  110.549608][ T2070] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,quota,jqfmt=vfsold,resgid=0x0000000000000000,,errors=continue. Quota mode: writeback.
[  110.669472][ T2070] ext4 filesystem being mounted at /95/file0 supports timestamps until 2038 (0x7fffffff)
[  110.775844][   T30] audit: type=1400 audit(1720984960.510:730): avc:  denied  { rmdir } for  pid=2069 comm="syz.1.478" name="file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  110.797552][ T2070] Quota error (device loop1): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  110.797620][ T2070] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  110.825321][   T30] audit: type=1326 audit(1720984960.560:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2069 comm="syz.1.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c10053bd9 code=0x7ffc0000
[  110.848884][   T30] audit: type=1326 audit(1720984960.560:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2069 comm="syz.1.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f6c10053bd9 code=0x7ffc0000
[  110.872946][   T30] audit: type=1326 audit(1720984960.560:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2069 comm="syz.1.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c10053bd9 code=0x7ffc0000
[  110.896060][  T295] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 18
[  110.947041][ T2103] netlink: 8 bytes leftover after parsing attributes in process `syz.3.487'.
[  111.576538][  T295] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  111.677826][  T295] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  111.739568][  T295] usb 5-1: Product: syz
[  111.743722][  T295] usb 5-1: Manufacturer: syz
[  111.748184][  T295] usb 5-1: SerialNumber: syz
[  111.753349][  T295] usb 5-1: config 0 descriptor??
[  111.776090][ T2059] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  111.993319][ T2125] loop1: detected capacity change from 0 to 1024
[  112.064868][ T2125] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  112.073437][ T2125] EXT4-fs (loop1): orphan cleanup on readonly fs
[  112.080162][ T2125] EXT4-fs error (device loop1): ext4_free_blocks:6216: comm syz.1.494: Freeing blocks not in datazone - block = 0, count = 4096
[  112.094390][ T2125] EXT4-fs (loop1): 1 orphan inode deleted
[  112.104266][ T2125] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  112.115825][   T26] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  112.140030][ T2131] loop3: detected capacity change from 0 to 8192
[  112.159506][  T295] usb 5-1: USB disconnect, device number 15
[  112.187374][ T2133] loop1: detected capacity change from 0 to 8192
[  112.235036][  T631] udevd[631]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  112.435819][   T26] usb 3-1: Using ep0 maxpacket: 16
[  112.585879][   T26] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 8
[  112.815870][   T26] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  112.832153][ T2142] 9pnet: Insufficient options for proto=fd
[  112.834145][   T26] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.846115][   T26] usb 3-1: Product: syz
[  112.850135][   T26] usb 3-1: Manufacturer: syz
[  112.854552][   T26] usb 3-1: SerialNumber: syz
[  112.879280][   T26] usb 3-1: config 0 descriptor??
[  112.925840][   T39] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  112.935207][   T26] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  112.944072][   T26] usb 3-1: Detected FT232RL
[  113.185846][   T26] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  113.196453][ T2147] loop3: detected capacity change from 0 to 40427
[  113.215787][   T39] usb 1-1: Using ep0 maxpacket: 32
[  113.226466][ T2147] F2FS-fs (loop3): Unrecognized mount option "nV‚Í¢d²" or missing value
[  113.437199][   T26] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  113.475868][   T39] usb 1-1: config 3 has an invalid interface number: 185 but max is 0
[  113.483939][   T39] usb 1-1: config 3 has no interface number 0
[  113.489837][   T39] usb 1-1: config 3 interface 185 altsetting 16 endpoint 0x8 has invalid maxpacket 512, setting to 64
[  113.500624][   T39] usb 1-1: config 3 interface 185 altsetting 16 has an invalid endpoint with address 0x80, skipping
[  113.511164][   T39] usb 1-1: config 3 interface 185 altsetting 16 has a duplicate endpoint with address 0xB, skipping
[  113.521740][   T39] usb 1-1: config 3 interface 185 altsetting 16 endpoint 0xF has invalid maxpacket 1023, setting to 64
[  113.532641][   T39] usb 1-1: config 3 interface 185 altsetting 16 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  113.543478][   T39] usb 1-1: config 3 interface 185 has no altsetting 0
[  113.622898][ T2155] netlink: 104 bytes leftover after parsing attributes in process `syz.4.503'.
[  113.637638][   T26] usb 3-1: USB disconnect, device number 15
[  113.644783][   T26] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  113.654901][   T26] ftdi_sio 3-1:0.0: device disconnected
[  113.725884][   T39] usb 1-1: Dual-Role OTG device on HNP port
[  113.755893][   T39] usb 1-1: New USB device found, idVendor=19d2, idProduct=0090, bcdDevice=8c.d1
[  113.764783][   T39] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.772626][   T39] usb 1-1: Product: 
[  113.776584][   T39] usb 1-1: Manufacturer: ဇ
[  113.780992][   T39] usb 1-1: SerialNumber: 怛賬䳻咀꩚㜧먖�꓿徵蔧ᦶ㿼栉쾇�侀迗錒�൦牼�ꟶ⨑࿮๬���뗳ᨻ粺㷵�ꗒ᪌듳䙻綛嵎슀䉠褣鹉
[  113.798501][   T39] usb 1-1: rejected 1 configuration due to insufficient available bus power
[  113.808058][   T39] usb 1-1: no configuration chosen from 1 choice
[  114.420464][ T2168] syz.4.507[2168] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.420526][ T2168] syz.4.507[2168] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.508642][ T2170] loop2: detected capacity change from 0 to 256
[  114.598962][ T2170] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  114.680660][ T2174] loop2: detected capacity change from 0 to 8192
[  114.810072][ T2177] loop3: detected capacity change from 0 to 4096
[  114.845795][   T60] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  114.872565][ T2177] EXT4-fs (loop3): mounted filesystem without journal. Opts: quota,auto_da_alloc=0x0000000000000008,debug_want_extra_isize=0x000000000000007e,min_batch_time=0x0000000000000002,max_dir_size_kb=0x0000000000000443,,errors=continue. Quota mode: writeback.
[  114.901684][   T30] kauditd_printk_skb: 23 callbacks suppressed
[  114.901697][   T30] audit: type=1400 audit(1720984964.640:757): avc:  denied  { mounton } for  pid=2176 comm="syz.3.511" path="/76/bus/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  114.901735][ T2177] fuse: blksize only supported for fuseblk
[  114.938920][   T30] audit: type=1400 audit(1720984964.680:758): avc:  denied  { mounton } for  pid=2176 comm="syz.3.511" path="/76/bus/file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  115.135913][  T313] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  115.215878][   T60] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 18
[  115.375886][   T60] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  115.384808][   T60] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.392597][   T60] usb 5-1: Product: syz
[  115.396762][   T60] usb 5-1: Manufacturer: syz
[  115.401176][   T60] usb 5-1: SerialNumber: syz
[  115.406206][   T60] usb 5-1: config 0 descriptor??
[  115.425846][ T2172] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  115.496405][  T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  115.507168][  T313] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  115.520195][  T313] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  115.545806][  T313] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.557855][  T313] usb 2-1: config 0 descriptor??
[  115.613641][   T26] usb 1-1: USB disconnect, device number 16
[  115.630546][ T2190] loop0: detected capacity change from 0 to 512
[  115.649941][  T411] Bluetooth: hci0: Frame reassembly failed (-84)
[  115.697767][ T2190] EXT4-fs (loop0): Mount option "noacl" will be removed by 3.5
[  115.697767][ T2190] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  115.697767][ T2190] 
[  115.708069][ T2188] loop2: detected capacity change from 0 to 40427
[  115.719379][ T2190] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  115.731135][   T60] usb 5-1: USB disconnect, device number 16
[  115.731830][ T2190] EXT4-fs (loop0): 1 truncate cleaned up
[  115.742572][ T2190] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[  115.791920][ T2197] netlink: 104 bytes leftover after parsing attributes in process `syz.4.516'.
[  115.826279][ T2188] F2FS-fs (loop2): Unrecognized mount option "nV‚Í¢d²" or missing value
[  115.834789][  T322] udevd[322]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  116.026807][  T313] plantronics 0003:047F:FFFF.0014: No inputs registered, leaving
[  116.047708][  T313] plantronics 0003:047F:FFFF.0014: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  116.335773][  T313] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  116.575836][  T313] usb 4-1: Using ep0 maxpacket: 16
[  116.645555][ T2212] loop4: detected capacity change from 0 to 256
[  116.695947][  T313] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  116.706705][  T313] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  116.716343][  T313] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  116.725188][  T313] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.725844][   T26] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  116.738958][  T313] usb 4-1: config 0 descriptor??
[  116.746861][ T2212] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  116.785776][  T820] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  116.995882][   T26] usb 3-1: Using ep0 maxpacket: 16
[  117.125841][   T26] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 8
[  117.145828][  T820] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 32, changing to 9
[  117.156671][  T820] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8712, setting to 1024
[  117.167504][  T820] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  117.176308][  T820] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.184572][  T820] usb 1-1: config 0 descriptor??
[  117.216609][  T313] savu 0003:1E7D:2D5A.0015: item fetching failed at offset 2/5
[  117.225311][  T313] savu 0003:1E7D:2D5A.0015: parse failed
[  117.231425][  T313] savu: probe of 0003:1E7D:2D5A.0015 failed with error -22
[  117.335850][   T26] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  117.344754][   T26] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.352700][   T26] usb 3-1: Product: syz
[  117.356787][   T26] usb 3-1: Manufacturer: syz
[  117.361091][   T26] usb 3-1: SerialNumber: syz
[  117.366127][   T26] usb 3-1: config 0 descriptor??
[  117.406296][   T26] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  117.413855][   T26] usb 3-1: Detected FT232RL
[  117.428079][   T39] usb 4-1: USB disconnect, device number 19
[  117.625827][   T26] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  117.666488][  T820] keytouch 0003:0926:3333.0016: fixing up Keytouch IEC report descriptor
[  117.677759][  T820] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0016/input/input5
[  117.758754][   T30] audit: type=1400 audit(1720984967.500:759): avc:  denied  { read } for  pid=85 comm="acpid" name="event3" dev="devtmpfs" ino=762 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  117.765244][  T820] keytouch 0003:0926:3333.0016: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  117.781423][   T30] audit: type=1400 audit(1720984967.500:760): avc:  denied  { open } for  pid=85 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=762 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  117.838332][   T30] audit: type=1400 audit(1720984967.500:761): avc:  denied  { ioctl } for  pid=85 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=762 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  118.035797][    C0] usb 1-1: input irq status -75 received
[  118.066516][   T26] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  118.083287][   T26] usb 2-1: USB disconnect, device number 16
[  118.121311][ T2226] loop1: detected capacity change from 0 to 8192
[  118.173882][ T2228] loop3: detected capacity change from 0 to 512
[  118.262011][  T820] usb 3-1: USB disconnect, device number 16
[  118.276966][ T2228] EXT4-fs (loop3): Mount option "noacl" will be removed by 3.5
[  118.276966][ T2228] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  118.276966][ T2228] 
[  118.295198][  T820] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  118.315936][  T820] ftdi_sio 3-1:0.0: device disconnected
[  118.362307][ T2228] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  118.454791][ T2228] EXT4-fs (loop3): 1 truncate cleaned up
[  118.463859][   T26] usb 1-1: USB disconnect, device number 17
[  118.474652][ T2228] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[  118.885790][  T820] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  118.999132][ T2243] loop0: detected capacity change from 0 to 512
[  119.024939][ T2243] EXT4-fs (loop0): Mount option "noacl" will be removed by 3.5
[  119.024939][ T2243] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  119.024939][ T2243] 
[  119.077672][ T2243] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  119.086395][ T2243] EXT4-fs (loop0): 1 truncate cleaned up
[  119.091918][ T2243] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[  119.198892][ T2241] loop1: detected capacity change from 0 to 40427
[  119.209378][ T2245] 9pnet: Insufficient options for proto=fd
[  119.245861][  T820] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 18
[  119.269661][ T2241] F2FS-fs (loop1): Unrecognized mount option "nV‚Í¢d²" or missing value
[  119.405870][  T820] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  119.414808][  T820] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.424181][  T820] usb 5-1: Product: syz
[  119.428462][  T820] usb 5-1: Manufacturer: syz
[  119.432948][  T820] usb 5-1: SerialNumber: syz
[  119.441351][  T820] usb 5-1: config 0 descriptor??
[  119.465865][ T2235] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  119.690628][  T412] Bluetooth: hci0: Frame reassembly failed (-84)
[  119.726090][ T2255] netlink: 104 bytes leftover after parsing attributes in process `syz.3.531'.
[  119.750807][  T820] usb 5-1: USB disconnect, device number 17
[  119.840520][ T2257] loop1: detected capacity change from 0 to 256
[  119.938293][ T2257] exFAT-fs (loop1): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  120.010901][ T2264] FAULT_INJECTION: forcing a failure.
[  120.010901][ T2264] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  120.024410][ T2264] CPU: 1 PID: 2264 Comm: syz.1.535 Not tainted 5.15.151-syzkaller-00415-gdb06c48ab67e #0
[  120.034031][ T2264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  120.043929][ T2264] Call Trace:
[  120.047049][ T2264]  <TASK>
[  120.049824][ T2264]  dump_stack_lvl+0x151/0x1b7
[  120.054341][ T2264]  ? io_uring_drop_tctx_refs+0x190/0x190
[  120.059809][ T2264]  ? __wake_up_klogd+0xd5/0x110
[  120.064496][ T2264]  dump_stack+0x15/0x17
[  120.068485][ T2264]  should_fail+0x3c6/0x510
[  120.072739][ T2264]  should_fail_usercopy+0x1a/0x20
[  120.077608][ T2264]  _copy_to_user+0x20/0x90
[  120.081853][ T2264]  put_itimerspec64+0x1c1/0x220
[  120.086542][ T2264]  ? get_itimerspec64+0x450/0x450
[  120.091400][ T2264]  __x64_sys_timerfd_gettime+0xed/0x150
[  120.096780][ T2264]  ? __ia32_sys_timerfd_settime+0x220/0x220
[  120.102512][ T2264]  do_syscall_64+0x3d/0xb0
[  120.106762][ T2264]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  120.112488][ T2264] RIP: 0033:0x7f6c10053bd9
[  120.116761][ T2264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.136180][ T2264] RSP: 002b:00007f6c0f2d5048 EFLAGS: 00000246 ORIG_RAX: 000000000000011f
[  120.144426][ T2264] RAX: ffffffffffffffda RBX: 00007f6c101e1f60 RCX: 00007f6c10053bd9
[  120.152244][ T2264] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  120.160048][ T2264] RBP: 00007f6c0f2d50a0 R08: 0000000000000000 R09: 0000000000000000
[  120.167860][ T2264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.175669][ T2264] R13: 000000000000000b R14: 00007f6c101e1f60 R15: 00007ffeab33cae8
[  120.183485][ T2264]  </TASK>
[  120.313753][ T2272] loop4: detected capacity change from 0 to 8192
[  120.616078][ T2268] loop1: detected capacity change from 0 to 40427
[  120.667366][ T2268] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  120.685294][ T2268] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  120.706265][ T2268] F2FS-fs (loop1): invalid crc value
[  120.738318][ T2268] F2FS-fs (loop1): Found nat_bits in checkpoint
[  120.774698][ T2285] loop0: detected capacity change from 0 to 256
[  120.807415][ T2285] FAT-fs (loop0): IO charset koi8-r1251 not found
[  120.845141][ T2268] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  120.866692][ T2268] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  120.875075][ T2268] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  120.899183][   T30] audit: type=1400 audit(1720984970.640:762): avc:  denied  { mounton } for  pid=2267 comm="syz.1.536" path="/107/bus/bus" dev="loop1" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  121.294231][ T2284] loop0: detected capacity change from 0 to 40427
[  121.307541][  T291] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  121.307562][  T291] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  121.314930][  T291] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  121.335830][  T291] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  121.344791][  T291] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  121.352273][  T291] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  121.362889][  T291] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  121.372037][   T30] audit: type=1400 audit(1720984971.110:763): avc:  denied  { unmount } for  pid=291 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  121.400684][ T2292] loop2: detected capacity change from 0 to 512
[  121.417209][ T2284] F2FS-fs (loop0): Found nat_bits in checkpoint
[  121.442806][  T412] Trying to write to read-only block-device loop1
[  121.453222][ T2292] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.542: casefold flag without casefold feature
[  121.465823][ T2284] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  121.561845][ T2292] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #2: comm syz.2.542: missing EA_INODE flag
[  121.562748][ T2302] loop3: detected capacity change from 0 to 512
[  121.579644][ T2292] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.542: error while reading EA inode 2 err=-117
[  121.697814][ T2302] EXT4-fs (loop3): Mount option "noacl" will be removed by 3.5
[  121.697814][ T2302] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  121.697814][ T2302] 
[  121.716553][ T2292] EXT4-fs (loop2): 1 orphan inode deleted
[  121.726328][ T2292] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  121.746930][ T2302] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  121.757693][ T2302] EXT4-fs (loop3): 1 truncate cleaned up
[  121.763268][ T2302] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[  121.951404][ T2314] netlink: 8 bytes leftover after parsing attributes in process `syz.0.546'.
[  122.165775][    T6] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  122.405844][  T494] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  122.675776][    T6] usb 5-1: Using ep0 maxpacket: 16
[  122.795832][    T6] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 8
[  122.936133][  T494] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  122.946361][  T494] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  122.955821][  T313] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  122.963681][    T6] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  122.972700][    T6] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.980748][    T6] usb 5-1: Product: syz
[  122.984800][    T6] usb 5-1: Manufacturer: syz
[  122.989435][    T6] usb 5-1: SerialNumber: syz
[  122.997086][    T6] usb 5-1: config 0 descriptor??
[  123.036030][  T494] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  123.036648][    T6] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  123.053232][  T494] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  123.053482][    T6] usb 5-1: Detected FT232RL
[  123.067990][  T494] usb 1-1: SerialNumber: syz
[  123.245915][    T6] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  123.247162][ T2331] loop2: detected capacity change from 0 to 1024
[  123.333736][ T2331] EXT4-fs (loop2): mounted filesystem without journal. Opts: resgid=0x0000000000000000,debug_want_extra_isize=0x0000000000000082,bsddf,max_batch_time=0x0000000000000003,data=ordered,init_itable=0x0000000000000c9b,usrquota,init_itable,,errors=continue. Quota mode: writeback.
[  123.359909][  T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  123.366566][  T494] usb 1-1: 0:2 : does not exist
[  123.375686][  T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  123.384254][   T30] audit: type=1400 audit(1720984973.120:764): avc:  denied  { nlmsg_read } for  pid=2330 comm="syz.2.551" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  123.407236][  T313] usb 2-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  123.416485][  T313] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.435955][  T313] usb 2-1: config 0 descriptor??
[  123.439555][  T494] usb 1-1: USB disconnect, device number 18
[  123.483541][  T322] udevd[322]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  123.528033][  T313] usb 2-1: MIDIStreaming interface descriptor not found
[  123.533732][ T2334] loop2: detected capacity change from 0 to 128
[  123.558521][    T6] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  123.588268][ T2334] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  123.598878][ T2334] ext4 filesystem being mounted at /88/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  123.675973][ T2334] device veth0_vlan left promiscuous mode
[  123.679614][ T2337] loop3: detected capacity change from 0 to 8192
[  123.684655][ T2334] device veth0_vlan entered promiscuous mode
[  123.719185][  T313] usb 5-1: USB disconnect, device number 18
[  123.728180][  T313] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  123.740569][  T313] ftdi_sio 5-1:0.0: device disconnected
[  123.754734][  T820] usb 2-1: USB disconnect, device number 17
[  123.804443][ T2342] loop2: detected capacity change from 0 to 256
[  123.866793][ T2342] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  123.964246][ T2346] loop0: detected capacity change from 0 to 8192
[  124.209215][ T2348] loop2: detected capacity change from 0 to 40427
[  124.270300][ T2348] F2FS-fs (loop2): Found nat_bits in checkpoint
[  124.345924][ T2348] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  124.509069][  T858] attempt to access beyond end of device
[  124.509069][  T858] loop2: rw=2049, want=45112, limit=40427
[  124.585791][  T820] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  124.608750][ T2360] loop3: detected capacity change from 0 to 1024
[  124.633829][ T2363] loop2: detected capacity change from 0 to 512
[  124.676583][ T2363] EXT4-fs (loop2): Mount option "noacl" will be removed by 3.5
[  124.676583][ T2363] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  124.676583][ T2363] 
[  124.695021][ T2360] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  124.695428][ T2363] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  124.703596][ T2360] EXT4-fs (loop3): orphan cleanup on readonly fs
[  124.711666][ T2363] EXT4-fs (loop2): 1 truncate cleaned up
[  124.725959][ T2363] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[  124.749381][ T2360] EXT4-fs error (device loop3): ext4_free_blocks:6216: comm syz.3.561: Freeing blocks not in datazone - block = 0, count = 4096
[  124.771769][ T2360] EXT4-fs (loop3): 1 orphan inode deleted
[  124.777453][ T2360] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  124.825797][  T820] usb 2-1: Using ep0 maxpacket: 16
[  124.883920][ T2371] loop0: detected capacity change from 0 to 1024
[  124.965961][  T820] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.979259][ T2371] EXT4-fs (loop0): mounted filesystem without journal. Opts: resgid=0x0000000000000000,debug_want_extra_isize=0x0000000000000082,bsddf,max_batch_time=0x0000000000000003,data=ordered,init_itable=0x0000000000000c9b,usrquota,init_itable,,errors=continue. Quota mode: writeback.
[  125.007398][  T820] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  125.017080][  T820] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  125.026007][  T820] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.042516][  T820] usb 2-1: config 0 descriptor??
[  125.598570][  T820] savu 0003:1E7D:2D5A.0017: item fetching failed at offset 2/5
[  126.000157][  T820] savu 0003:1E7D:2D5A.0017: parse failed
[  126.005642][  T820] savu: probe of 0003:1E7D:2D5A.0017 failed with error -22
[  126.013890][  T820] usb 2-1: USB disconnect, device number 18
[  126.049074][ T2387] loop3: detected capacity change from 0 to 256
[  126.111822][ T2389] loop0: detected capacity change from 0 to 1024
[  126.121393][ T2387] exFAT-fs (loop3): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  126.152780][ T2389] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  126.161064][ T2389] EXT4-fs (loop0): orphan cleanup on readonly fs
[  126.184750][ T2389] EXT4-fs error (device loop0): ext4_free_blocks:6216: comm syz.0.568: Freeing blocks not in datazone - block = 0, count = 4096
[  126.200906][ T2389] EXT4-fs (loop0): 1 orphan inode deleted
[  126.206509][ T2389] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  126.315778][    T6] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  126.503922][ T2394] loop3: detected capacity change from 0 to 40427
[  126.590065][ T2394] F2FS-fs (loop3): Found nat_bits in checkpoint
[  126.695805][    T6] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  126.717643][    T6] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  126.731748][ T2394] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  126.825851][    T6] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  126.854935][    T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  126.873085][    T6] usb 5-1: SerialNumber: syz
[  126.973781][  T935] attempt to access beyond end of device
[  126.973781][  T935] loop3: rw=2049, want=45112, limit=40427
[  127.216428][    T6] usb 5-1: 0:2 : does not exist
[  127.267350][    T6] usb 5-1: USB disconnect, device number 19
[  127.330136][  T631] udevd[631]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  127.362193][ T2419] FAULT_INJECTION: forcing a failure.
[  127.362193][ T2419] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  127.375389][ T2419] CPU: 1 PID: 2419 Comm: syz.3.573 Not tainted 5.15.151-syzkaller-00415-gdb06c48ab67e #0
[  127.385016][ T2419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  127.394905][ T2419] Call Trace:
[  127.398029][ T2419]  <TASK>
[  127.400814][ T2419]  dump_stack_lvl+0x151/0x1b7
[  127.405318][ T2419]  ? io_uring_drop_tctx_refs+0x190/0x190
[  127.410789][ T2419]  dump_stack+0x15/0x17
[  127.414777][ T2419]  should_fail+0x3c6/0x510
[  127.419032][ T2419]  should_fail_alloc_page+0x5a/0x80
[  127.424064][ T2419]  prepare_alloc_pages+0x15c/0x700
[  127.429012][ T2419]  ? __alloc_pages_bulk+0xe40/0xe40
[  127.434045][ T2419]  ? finish_task_switch+0x167/0x7b0
[  127.439095][ T2419]  __alloc_pages+0x18c/0x8f0
[  127.443504][ T2419]  ? prep_new_page+0x110/0x110
[  127.448106][ T2419]  ? __kasan_check_read+0x11/0x20
[  127.452965][ T2419]  ? __vm_enough_memory+0x119/0x2f0
[  127.458001][ T2419]  shmem_alloc_and_acct_page+0x4bd/0xa80
[  127.463469][ T2419]  ? shmem_swapin_page+0x1520/0x1520
[  127.468587][ T2419]  ? irqentry_exit+0x30/0x40
[  127.473015][ T2419]  ? xas_start+0x32c/0x3f0
[  127.477266][ T2419]  ? xas_load+0x2b7/0x2d0
[  127.481433][ T2419]  ? pagecache_get_page+0xdc2/0xeb0
[  127.486467][ T2419]  ? page_cache_prev_miss+0x410/0x410
[  127.491674][ T2419]  ? _raw_spin_lock_irqsave+0x210/0x210
[  127.497054][ T2419]  ? lru_cache_add+0x279/0x540
[  127.501655][ T2419]  shmem_getpage_gfp+0x1388/0x23c0
[  127.506608][ T2419]  ? shmem_getpage+0xa0/0xa0
[  127.511028][ T2419]  ? fault_in_safe_writeable+0x240/0x240
[  127.516497][ T2419]  shmem_write_begin+0xca/0x1b0
[  127.521183][ T2419]  generic_perform_write+0x2bc/0x5a0
[  127.526304][ T2419]  ? grab_cache_page_write_begin+0xa0/0xa0
[  127.531945][ T2419]  ? file_remove_privs+0x610/0x610
[  127.536889][ T2419]  ? rwsem_write_trylock+0x15b/0x290
[  127.542010][ T2419]  ? rwsem_mark_wake+0x6b0/0x6b0
[  127.546785][ T2419]  __generic_file_write_iter+0x25b/0x4b0
[  127.552257][ T2419]  generic_file_write_iter+0xaf/0x1c0
[  127.557462][ T2419]  vfs_write+0xd5d/0x1110
[  127.561627][ T2419]  ? bpf_trace_run2+0x210/0x210
[  127.566317][ T2419]  ? file_end_write+0x1c0/0x1c0
[  127.571006][ T2419]  ? __fdget_pos+0x209/0x3a0
[  127.575426][ T2419]  ? ksys_write+0x77/0x2c0
[  127.579679][ T2419]  ksys_write+0x199/0x2c0
[  127.583845][ T2419]  ? __ia32_sys_read+0x90/0x90
[  127.588457][ T2419]  __x64_sys_write+0x7b/0x90
[  127.592877][ T2419]  do_syscall_64+0x3d/0xb0
[  127.597126][ T2419]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  127.602878][ T2419] RIP: 0033:0x7fdba7f8d75f
[  127.607106][ T2419] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  127.626549][ T2419] RSP: 002b:00007fdba71cde00 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  127.634790][ T2419] RAX: ffffffffffffffda RBX: 0000000000010000 RCX: 00007fdba7f8d75f
[  127.642603][ T2419] RDX: 0000000000010000 RSI: 00007fdb9edae000 RDI: 0000000000000009
[  127.650421][ T2419] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000000001e3
[  127.658226][ T2419] R10: 00000000000001d0 R11: 0000000000000293 R12: 0000000000000009
[  127.666033][ T2419] R13: 00007fdba71cdf00 R14: 00007fdba71cdec0 R15: 00007fdb9edae000
[  127.673853][ T2419]  </TASK>
[  128.084469][   T30] audit: type=1400 audit(1720984977.820:765): avc:  denied  { listen } for  pid=2423 comm="syz.3.578" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  128.174730][ T2432] loop0: detected capacity change from 0 to 256
[  128.183687][ T2430] loop4: detected capacity change from 0 to 512
[  128.189650][   T30] audit: type=1400 audit(1720984977.820:766): avc:  denied  { accept } for  pid=2423 comm="syz.3.578" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  128.226941][ T2432] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  128.454336][ T2401] loop1: detected capacity change from 0 to 131072
[  128.468758][ T2430] EXT4-fs (loop4): Mount option "noacl" will be removed by 3.5
[  128.468758][ T2430] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  128.468758][ T2430] 
[  128.488636][ T2430] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  128.497575][ T2430] EXT4-fs (loop4): 1 truncate cleaned up
[  128.503039][ T2430] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[  129.230405][ T2451] netlink: 104 bytes leftover after parsing attributes in process `syz.1.572'.
[  129.315788][  T494] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  129.323206][   T39] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  129.575880][  T494] usb 3-1: Using ep0 maxpacket: 16
[  129.646526][ T2456] loop1: detected capacity change from 0 to 40427
[  129.696098][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  129.707332][  T494] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  129.718620][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  129.729243][  T494] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  129.756115][   T39] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  129.765596][  T494] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  129.774545][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.785772][  T494] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.812473][   T39] usb 4-1: config 0 descriptor??
[  129.817657][  T494] usb 3-1: config 0 descriptor??
[  129.868624][   T39] usb 4-1: MIDIStreaming interface descriptor not found
[  129.997560][ T2463] loop1: detected capacity change from 0 to 256
[  130.075436][    T6] usb 4-1: USB disconnect, device number 20
[  130.081365][ T2463] /dev/loop1: Can't open blockdev
[  130.297001][  T494] savu 0003:1E7D:2D5A.0018: item fetching failed at offset 2/5
[  130.314671][  T494] savu 0003:1E7D:2D5A.0018: parse failed
[  130.320755][  T494] savu: probe of 0003:1E7D:2D5A.0018 failed with error -22
[  130.349869][ T2473] loop0: detected capacity change from 0 to 256
[  130.408020][ T2473] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  130.483996][ T2476] loop0: detected capacity change from 0 to 512
[  130.499463][  T494] usb 3-1: USB disconnect, device number 17
[  130.551630][ T2476] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:164: inode #12: comm syz.0.592: inline data xattr refers to an external xattr inode
[  130.566407][ T2476] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.592: couldn't read orphan inode 12 (err -117)
[  130.578159][ T2476] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpid,abort,norecovery,sysvgroups,init_itable,debug_want_extra_isize=0x000000000000000a,usrjquota=,nombcache,dioread_lock,,errors=continue. Quota mode: none.
[  130.601243][   T30] audit: type=1326 audit(1720984980.340:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2475 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741d464bd9 code=0x7ffc0000
[  130.629628][   T30] audit: type=1326 audit(1720984980.340:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2475 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f741d464bd9 code=0x7ffc0000
[  130.660546][ T2476] EXT4-fs error (device loop0): __ext4_expand_extra_isize:5840: inode #18: comm syz.0.592: bad extra_isize 10 (inode size 256)
[  130.667213][ T2480] loop3: detected capacity change from 0 to 2048
[  130.677938][   T30] audit: type=1326 audit(1720984980.340:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2475 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741d464bd9 code=0x7ffc0000
[  130.703094][   T30] audit: type=1326 audit(1720984980.340:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2475 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f741d464bd9 code=0x7ffc0000
[  130.726525][   T30] audit: type=1326 audit(1720984980.370:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2475 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741d464bd9 code=0x7ffc0000
[  130.750446][   T30] audit: type=1326 audit(1720984980.370:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2475 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741d464bd9 code=0x7ffc0000
[  130.750969][ T2480] Alternate GPT is invalid, using primary GPT.
[  130.773604][   T30] audit: type=1326 audit(1720984980.370:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2475 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f741d464bd9 code=0x7ffc0000
[  130.780622][ T2480]  loop3: p1 p2 p3
[  130.803072][   T30] audit: type=1326 audit(1720984980.400:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2475 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741d464bd9 code=0x7ffc0000
[  130.886451][ T2482] loop0: detected capacity change from 0 to 512
[  130.906931][ T2482] EXT4-fs (loop0): Mount option "noacl" will be removed by 3.5
[  130.906931][ T2482] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  130.906931][ T2482] 
[  130.927285][ T2482] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  130.940365][ T2482] EXT4-fs (loop0): 1 truncate cleaned up
[  130.946004][ T2482] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[  131.063403][ T2490] loop2: detected capacity change from 0 to 128
[  131.110801][ T2490] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  131.151215][ T2490] ext4 filesystem being mounted at /98/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  131.865496][ T2512] loop0: detected capacity change from 0 to 256
[  131.986679][ T2512] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  132.004542][ T2519] loop3: detected capacity change from 0 to 512
[  132.125287][ T2519] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:164: inode #12: comm syz.3.604: inline data xattr refers to an external xattr inode
[  132.177518][ T2519] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.604: couldn't read orphan inode 12 (err -117)
[  132.258755][ T2519] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpid,abort,norecovery,sysvgroups,init_itable,debug_want_extra_isize=0x000000000000000a,usrjquota=,nombcache,dioread_lock,,errors=continue. Quota mode: none.
[  132.337070][ T2519] EXT4-fs error (device loop3): __ext4_expand_extra_isize:5840: inode #18: comm syz.3.604: bad extra_isize 10 (inode size 256)
[  132.355890][   T26] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  132.365754][    T6] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  132.727223][   T26] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  132.745849][    T6] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  132.752387][   T26] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  132.769725][    T6] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 2
[  132.885842][   T26] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  132.894758][   T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  132.902597][   T26] usb 1-1: SerialNumber: syz
[  132.955865][    T6] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  132.964802][    T6] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.972723][    T6] usb 2-1: Product: syz
[  132.976806][    T6] usb 2-1: Manufacturer: syz
[  132.981168][    T6] usb 2-1: SerialNumber: syz
[  133.186394][   T26] usb 1-1: 0:2 : does not exist
[  133.227693][   T26] usb 1-1: USB disconnect, device number 19
[  133.238787][    T6] usb 2-1: USB disconnect, device number 19
[  133.241738][  T631] udevd[631]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  133.254826][ T2543] loop1: detected capacity change from 0 to 512
[  133.410392][ T2545] loop3: detected capacity change from 0 to 40427
[  133.423282][ T2545] F2FS-fs (loop3): Found nat_bits in checkpoint
[  133.459502][ T2545] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  133.692679][ T2559] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=2559 comm=syz.2.613
[  133.711415][ T2562] loop4: detected capacity change from 0 to 256
[  133.736969][ T2562] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  133.777403][ T2564] loop0: detected capacity change from 0 to 256
[  133.815275][ T2564] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  133.888350][ T2568] loop4: detected capacity change from 0 to 512
[  133.911446][ T2568] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  133.923253][ T2568] EXT4-fs (loop4): 1 truncate cleaned up
[  133.928881][ T2568] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_dev=0x0000000000000009,noblock_validity,usrquota,journal_dev=0x0000000000000002,debug_want_extra_isize=0x0000000000000008,jqfmt=vfsold,usrjquota=min_batch_time=0x0000000000000a9f,nodiscard,,errors=continue. Quota mode: writeback.
[  134.080424][ T2578] netlink: 104 bytes leftover after parsing attributes in process `syz.0.618'.
[  134.296075][   T30] kauditd_printk_skb: 74 callbacks suppressed
[  134.296143][   T30] audit: type=1400 audit(1720984983.970:849): avc:  denied  { name_bind } for  pid=2575 comm="syz.4.620" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  134.355351][   T30] audit: type=1400 audit(1720984983.980:850): avc:  denied  { ioctl } for  pid=2575 comm="syz.4.620" path="socket:[23161]" dev="sockfs" ino=23161 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  134.384596][  T935] attempt to access beyond end of device
[  134.384596][  T935] loop3: rw=2049, want=45112, limit=40427
[  134.842288][ T2588] loop0: detected capacity change from 0 to 128
[  134.930411][ T2592] loop4: detected capacity change from 0 to 512
[  134.969958][ T2592] EXT4-fs error (device loop4): ext4_find_inline_data_nolock:164: inode #12: comm syz.4.626: inline data xattr refers to an external xattr inode
[  134.974737][ T2604] loop0: detected capacity change from 0 to 512
[  134.990831][ T2592] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.626: couldn't read orphan inode 12 (err -117)
[  134.992347][ T2606] loop1: detected capacity change from 0 to 256
[  135.007575][ T2592] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpid,abort,norecovery,sysvgroups,init_itable,debug_want_extra_isize=0x000000000000000a,usrjquota=,nombcache,dioread_lock,,errors=continue. Quota mode: none.
[  135.033625][   T30] audit: type=1326 audit(1720984984.780:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2591 comm="syz.4.626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f668bbdbbd9 code=0x7ffc0000
[  135.056833][   T30] audit: type=1326 audit(1720984984.780:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2591 comm="syz.4.626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f668bbdbbd9 code=0x7ffc0000
[  135.068032][ T2592] EXT4-fs error (device loop4): __ext4_expand_extra_isize:5840: inode #18: comm syz.4.626: bad extra_isize 10 (inode size 256)
[  135.080374][   T30] audit: type=1326 audit(1720984984.780:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2591 comm="syz.4.626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f668bbdbbd9 code=0x7ffc0000
[  135.115928][   T30] audit: type=1326 audit(1720984984.780:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2591 comm="syz.4.626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f668bbdbbd9 code=0x7ffc0000
[  135.117057][ T2604] EXT4-fs (loop0): Mount option "noacl" will be removed by 3.5
[  135.117057][ T2604] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  135.117057][ T2604] 
[  135.139284][ T2606] /dev/loop1: Can't open blockdev
[  135.157226][   T30] audit: type=1326 audit(1720984984.780:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2591 comm="syz.4.626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f668bbdbbd9 code=0x7ffc0000
[  135.163304][ T2604] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  135.184395][   T30] audit: type=1326 audit(1720984984.800:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2591 comm="syz.4.626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f668bbdbbd9 code=0x7ffc0000
[  135.192955][ T2604] EXT4-fs (loop0): 1 truncate cleaned up
[  135.220959][   T30] audit: type=1326 audit(1720984984.800:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2591 comm="syz.4.626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f668bbdbbd9 code=0x7ffc0000
[  135.243963][ T2604] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[  135.266876][   T30] audit: type=1326 audit(1720984984.800:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2591 comm="syz.4.626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f668bbdbbd9 code=0x7ffc0000
[  135.321703][ T2609] loop4: detected capacity change from 0 to 256
[  135.346541][ T2609] exfat: Unknown parameter '~}'
[  135.450756][ T2609] loop4: detected capacity change from 0 to 256
[  135.629322][ T2619] syz.3.631[2619] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  135.629621][ T2619] syz.3.631[2619] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  135.805802][   T26] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  136.235775][   T26] usb 2-1: Using ep0 maxpacket: 16
[  136.385328][   T26] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  136.396215][   T26] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  136.406405][   T26] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  136.415777][   T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.425855][   T26] usb 2-1: config 0 descriptor??
[  136.906587][   T26] savu 0003:1E7D:2D5A.0019: item fetching failed at offset 2/5
[  136.914172][   T26] savu 0003:1E7D:2D5A.0019: parse failed
[  136.920085][   T26] savu: probe of 0003:1E7D:2D5A.0019 failed with error -22
[  137.117174][   T26] usb 2-1: USB disconnect, device number 20
[  137.148515][ T2648] loop0: detected capacity change from 0 to 256
[  137.218067][ T2648] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  137.296335][ T2652] tmpfs: Unknown parameter 'nolazytimep'
[  137.312434][ T2654] loop0: detected capacity change from 0 to 512
[  137.386248][ T2654] EXT4-fs (loop0): Mount option "noacl" will be removed by 3.5
[  137.386248][ T2654] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  137.386248][ T2654] 
[  137.404840][ T2654] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  137.413715][ T2654] EXT4-fs (loop0): 1 truncate cleaned up
[  137.419350][ T2654] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[  137.505778][   T39] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  137.810439][ T2665] futex_wake_op: syz.1.647 tries to shift op by 144; fix this program
[  138.101221][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  138.126076][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  138.136043][   T39] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  138.145138][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.198609][   T39] usb 4-1: config 0 descriptor??
[  138.222584][ T2673] loop4: detected capacity change from 0 to 256
[  138.339945][ T2673] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  138.553386][ T2681] loop4: detected capacity change from 0 to 256
[  138.658600][ T2681] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  138.917912][ T2699] netlink: 104 bytes leftover after parsing attributes in process `syz.4.659'.
[  139.435817][   T39] uclogic 0003:256C:006D.001A: failed retrieving string descriptor #200: -71
[  139.444526][   T39] uclogic 0003:256C:006D.001A: failed retrieving pen parameters: -71
[  139.455035][   T39] uclogic 0003:256C:006D.001A: failed probing pen v2 parameters: -71
[  139.463578][   T39] uclogic 0003:256C:006D.001A: failed probing parameters: -71
[  139.471167][   T39] uclogic: probe of 0003:256C:006D.001A failed with error -71
[  139.480104][   T39] usb 4-1: USB disconnect, device number 21
[  139.550092][ T2710] loop0: detected capacity change from 0 to 512
[  139.590107][ T2705] loop1: detected capacity change from 0 to 128
[  139.618122][ T2710] EXT4-fs (loop0): Mount option "noacl" will be removed by 3.5
[  139.618122][ T2710] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  139.618122][ T2710] 
[  139.637290][ T2710] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  139.646017][ T2710] EXT4-fs (loop0): 1 truncate cleaned up
[  139.651488][ T2710] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[  139.763785][ T2714] FAULT_INJECTION: forcing a failure.
[  139.763785][ T2714] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.777004][ T2714] CPU: 0 PID: 2714 Comm: syz.4.664 Not tainted 5.15.151-syzkaller-00415-gdb06c48ab67e #0
[  139.786639][ T2714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  139.796527][ T2714] Call Trace:
[  139.799651][ T2714]  <TASK>
[  139.802430][ T2714]  dump_stack_lvl+0x151/0x1b7
[  139.806943][ T2714]  ? io_uring_drop_tctx_refs+0x190/0x190
[  139.812408][ T2714]  ? enqueue_hrtimer+0xca/0x240
[  139.817095][ T2714]  ? __restore_fpregs_from_fpstate+0xba/0x170
[  139.822997][ T2714]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  139.828639][ T2714]  dump_stack+0x15/0x17
[  139.832628][ T2714]  should_fail+0x3c6/0x510
[  139.836882][ T2714]  should_fail_usercopy+0x1a/0x20
[  139.841740][ T2714]  copy_fpstate_to_sigframe+0x708/0x9a0
[  139.847124][ T2714]  ? fpregs_set+0x6f0/0x6f0
[  139.851462][ T2714]  ? __kasan_check_write+0x14/0x20
[  139.856410][ T2714]  ? recalc_sigpending+0x1a5/0x230
[  139.861358][ T2714]  ? dequeue_signal+0x205/0x520
[  139.866044][ T2714]  ? _raw_spin_lock_irq+0xa5/0x1b0
[  139.870991][ T2714]  ? unhandled_signal+0x150/0x150
[  139.875850][ T2714]  ? fpu__alloc_mathframe+0x89/0x150
[  139.880970][ T2714]  get_sigframe+0x378/0x4b0
[  139.885311][ T2714]  ? memcpy+0x56/0x70
[  139.889135][ T2714]  ? restore_sigcontext+0x710/0x710
[  139.894166][ T2714]  arch_do_signal_or_restart+0x2ad/0x1680
[  139.899721][ T2714]  ? fput+0x1a/0x20
[  139.903361][ T2714]  ? do_preadv+0x2a5/0x350
[  139.907617][ T2714]  ? vfs_writev+0x560/0x560
[  139.911957][ T2714]  ? get_sigframe_size+0x10/0x10
[  139.916731][ T2714]  exit_to_user_mode_loop+0xa0/0xe0
[  139.921765][ T2714]  exit_to_user_mode_prepare+0x5a/0xa0
[  139.927060][ T2714]  syscall_exit_to_user_mode+0x26/0x160
[  139.932440][ T2714]  do_syscall_64+0x49/0xb0
[  139.936690][ T2714]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  139.942416][ T2714] RIP: 0033:0x7f668bbdbbd7
[  139.946673][ T2714] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  139.966113][ T2714] RSP: 002b:00007f668ae5d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  139.974357][ T2714] RAX: 0000000000000127 RBX: 00007f668bd69f60 RCX: 00007f668bbdbbd9
[  139.982171][ T2714] RDX: 0000000000000001 RSI: 0000000020000600 RDI: 0000000000000004
[  139.989980][ T2714] RBP: 00007f668ae5d0a0 R08: 0000000000000000 R09: 0000000000000000
[  139.997790][ T2714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  140.005600][ T2714] R13: 000000000000000b R14: 00007f668bd69f60 R15: 00007ffed277d528
[  140.013420][ T2714]  </TASK>
[  140.198111][ T2726] loop2: detected capacity change from 0 to 256
[  140.235001][ T2726] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  140.335888][   T60] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  140.384087][ T2731] netlink: 52 bytes leftover after parsing attributes in process `syz.2.669'.
[  140.403626][ T2731] tmpfs: Unknown parameter '00000000000000000011'
[  140.420777][   T30] kauditd_printk_skb: 52 callbacks suppressed
[  140.420790][   T30] audit: type=1326 audit(1720984990.160:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2728 comm="syz.2.669" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb9532c8bd9 code=0x0
[  140.527282][   T30] audit: type=1400 audit(1720984990.270:912): avc:  denied  { map } for  pid=2728 comm="syz.2.669" path="pipe:[16436]" dev="pipefs" ino=16436 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  140.550298][   T30] audit: type=1400 audit(1720984990.290:913): avc:  denied  { execute } for  pid=2728 comm="syz.2.669" path="pipe:[16436]" dev="pipefs" ino=16436 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  140.605797][   T60] usb 4-1: Using ep0 maxpacket: 32
[  140.626932][   T30] audit: type=1326 audit(1720984990.370:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2741 comm="syz.0.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741d464bd9 code=0x7ffc0000
[  140.661525][   T30] audit: type=1326 audit(1720984990.390:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2741 comm="syz.0.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741d464bd9 code=0x7ffc0000
[  140.692740][   T30] audit: type=1326 audit(1720984990.390:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2741 comm="syz.0.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f741d464bd9 code=0x7ffc0000
[  140.716256][   T30] audit: type=1326 audit(1720984990.390:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2741 comm="syz.0.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741d464bd9 code=0x7ffc0000
[  140.739730][   T30] audit: type=1326 audit(1720984990.390:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2741 comm="syz.0.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741d464bd9 code=0x7ffc0000
[  140.766642][   T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.781725][   T30] audit: type=1326 audit(1720984990.390:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2741 comm="syz.0.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f741d464bd9 code=0x7ffc0000
[  140.810232][   T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.830328][   T60] usb 4-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00
[  140.850139][   T30] audit: type=1326 audit(1720984990.390:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2741 comm="syz.0.672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741d464bd9 code=0x7ffc0000
[  140.873442][   T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.896885][   T60] usb 4-1: config 0 descriptor??
[  141.377831][   T60] hkems 0003:2006:0118.001B: hidraw0: USB HID v0.00 Device [HID 2006:0118] on usb-dummy_hcd.3-1/input0
[  141.418563][ T2759] loop1: detected capacity change from 0 to 256
[  141.427070][   T60] hkems 0003:2006:0118.001B: no inputs found
[  141.432876][   T60] hkems 0003:2006:0118.001B: force feedback init failed
[  141.495953][ T2759] /dev/loop1: Can't open blockdev
[  141.581262][   T60] usb 4-1: USB disconnect, device number 22
[  141.711475][ T2767] loop1: detected capacity change from 0 to 512
[  142.003541][ T2770] loop0: detected capacity change from 0 to 40427
[  142.105151][ T2773] loop3: detected capacity change from 0 to 512
[  142.113172][ T2770] F2FS-fs (loop0): Found nat_bits in checkpoint
[  142.149755][ T2770] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  142.258464][ T2773] EXT4-fs (loop3): Mount option "noacl" will be removed by 3.5
[  142.258464][ T2773] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  142.258464][ T2773] 
[  142.278356][ T2773] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  142.288341][ T2773] EXT4-fs (loop3): 1 truncate cleaned up
[  142.293953][ T2773] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[  143.496556][ T1983] attempt to access beyond end of device
[  143.496556][ T1983] loop0: rw=2049, want=45104, limit=40427
[  143.540636][ T2793] loop2: detected capacity change from 0 to 16
[  143.596088][ T2793] erofs: (device loop2): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  143.948171][ T2804] FAULT_INJECTION: forcing a failure.
[  143.948171][ T2804] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  143.961096][ T2804] CPU: 0 PID: 2804 Comm: syz.2.688 Not tainted 5.15.151-syzkaller-00415-gdb06c48ab67e #0
[  143.970656][ T2804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  143.980546][ T2804] Call Trace:
[  143.983670][ T2804]  <TASK>
[  143.986449][ T2804]  dump_stack_lvl+0x151/0x1b7
[  143.990959][ T2804]  ? io_uring_drop_tctx_refs+0x190/0x190
[  143.996430][ T2804]  ? __kasan_check_read+0x11/0x20
[  144.001288][ T2804]  dump_stack+0x15/0x17
[  144.005281][ T2804]  should_fail+0x3c6/0x510
[  144.009535][ T2804]  should_fail_usercopy+0x1a/0x20
[  144.014393][ T2804]  copy_page_from_iter_atomic+0x423/0x10e0
[  144.020038][ T2804]  ? pipe_zero+0x4e0/0x4e0
[  144.024288][ T2804]  ? ktime_get_coarse_real_ts64+0x117/0x130
[  144.030016][ T2804]  generic_perform_write+0x337/0x5a0
[  144.035140][ T2804]  ? grab_cache_page_write_begin+0xa0/0xa0
[  144.040779][ T2804]  ? file_remove_privs+0x610/0x610
[  144.045726][ T2804]  ? rwsem_write_trylock+0x15b/0x290
[  144.050846][ T2804]  ? rwsem_mark_wake+0x6b0/0x6b0
[  144.055621][ T2804]  __generic_file_write_iter+0x25b/0x4b0
[  144.061088][ T2804]  generic_file_write_iter+0xaf/0x1c0
[  144.066294][ T2804]  vfs_write+0xd5d/0x1110
[  144.070469][ T2804]  ? file_end_write+0x1c0/0x1c0
[  144.075149][ T2804]  ? __fdget_pos+0x209/0x3a0
[  144.079572][ T2804]  ? ksys_write+0x77/0x2c0
[  144.083825][ T2804]  ksys_write+0x199/0x2c0
[  144.087993][ T2804]  ? __ia32_sys_read+0x90/0x90
[  144.092594][ T2804]  __x64_sys_write+0x7b/0x90
[  144.097020][ T2804]  do_syscall_64+0x3d/0xb0
[  144.101272][ T2804]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  144.106997][ T2804] RIP: 0033:0x7fb9532c775f
[  144.111252][ T2804] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  144.130694][ T2804] RSP: 002b:00007fb952528e00 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  144.138937][ T2804] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007fb9532c775f
[  144.146749][ T2804] RDX: 0000000000020000 RSI: 00007fb94a109000 RDI: 000000000000000b
[  144.154563][ T2804] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000000014ff
[  144.162372][ T2804] R10: 0000000000001ffa R11: 0000000000000293 R12: 000000000000000b
[  144.170182][ T2804] R13: 00007fb952528f00 R14: 00007fb952528ec0 R15: 00007fb94a109000
[  144.177996][ T2804]  </TASK>
[  144.186573][ T2804] loop2: detected capacity change from 0 to 256
[  144.261203][ T2804] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  144.322346][ T2809] loop3: detected capacity change from 0 to 256
[  144.360237][ T2809] exFAT-fs (loop3): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  144.451381][ T2819] loop4: detected capacity change from 0 to 512
[  144.513315][ T2819] EXT4-fs error (device loop4): ext4_find_inline_data_nolock:164: inode #12: comm syz.4.694: inline data xattr refers to an external xattr inode
[  144.769119][ T2819] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.694: couldn't read orphan inode 12 (err -117)
[  144.803442][ T2819] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpid,abort,norecovery,sysvgroups,init_itable,debug_want_extra_isize=0x000000000000000a,usrjquota=,nombcache,dioread_lock,,errors=continue. Quota mode: none.
[  144.925870][ T2819] EXT4-fs error (device loop4): __ext4_expand_extra_isize:5840: inode #18: comm syz.4.694: bad extra_isize 10 (inode size 256)
[  145.722442][   T30] kauditd_printk_skb: 134 callbacks suppressed
[  145.722459][   T30] audit: type=1400 audit(1720984995.030:1055): avc:  denied  { accept } for  pid=2828 comm="syz.0.696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  145.819309][   T30] audit: type=1400 audit(1720984995.460:1056): avc:  denied  { bind } for  pid=2831 comm="syz.2.697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  145.863859][ T2843] loop2: detected capacity change from 0 to 512
[  145.889192][   T30] audit: type=1400 audit(1720984995.460:1057): avc:  denied  { node_bind } for  pid=2831 comm="syz.2.697" saddr=255.255.255.255 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  145.922269][ T2843] EXT4-fs (loop2): Mount option "noacl" will be removed by 3.5
[  145.922269][ T2843] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  145.922269][ T2843] 
[  145.942205][ T2823] loop3: detected capacity change from 0 to 40427
[  145.956954][   T30] audit: type=1400 audit(1720984995.490:1058): avc:  denied  { connect } for  pid=2831 comm="syz.2.697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  145.983502][ T2856] loop1: detected capacity change from 0 to 256
[  145.985086][ T2855] loop4: detected capacity change from 0 to 256
[  145.997415][ T2843] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  146.005834][ T2843] EXT4-fs (loop2): 1 truncate cleaned up
[  146.011355][ T2843] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[  146.039065][ T2855] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  146.075842][ T2856] /dev/loop1: Can't open blockdev
[  146.088331][ T2823] F2FS-fs (loop3): Found nat_bits in checkpoint
[  146.132084][ T2823] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  146.611325][  T935] attempt to access beyond end of device
[  146.611325][  T935] loop3: rw=2049, want=45104, limit=40427
[  146.661285][   T30] audit: type=1326 audit(1720984996.400:1059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2882 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c10053bd9 code=0x7ffc0000
[  146.704513][   T30] audit: type=1326 audit(1720984996.430:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2882 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6c10053bd9 code=0x7ffc0000
[  146.739602][ T2886] loop1: detected capacity change from 0 to 512
[  146.754159][   T30] audit: type=1326 audit(1720984996.430:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2882 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c10053bd9 code=0x7ffc0000
[  146.777368][   T30] audit: type=1326 audit(1720984996.430:1062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2882 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f6c10053bd9 code=0x7ffc0000
[  146.808850][   T30] audit: type=1326 audit(1720984996.430:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2882 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c10053bd9 code=0x7ffc0000
[  146.880358][   T30] audit: type=1326 audit(1720984996.430:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2882 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c10053bd9 code=0x7ffc0000
[  147.381119][ T2891] loop3: detected capacity change from 0 to 40427
[  147.424355][ T2896] EXT4-fs warning (device sda1): verify_group_input:147: Cannot add at group 925 (only 8 groups)
[  147.429377][ T2891] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  147.442347][ T2891] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  147.452313][ T2891] F2FS-fs (loop3): invalid crc value
[  147.705136][ T2891] F2FS-fs (loop3): Found nat_bits in checkpoint
[  147.756576][ T2891] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  147.763463][ T2891] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  147.777339][ T2890] attempt to access beyond end of device
[  147.777339][ T2890] loop3: rw=2049, want=45104, limit=40427
SYZFAIL: bad allocate request
allocated=0 size=1701996132/1701996136 (errno 11: Resource temporarily unavailable)
[  147.920549][ T2906] loop2: detected capacity change from 0 to 1024
[  147.975139][  T935] attempt to access beyond end of device
[  147.975139][  T935] loop3: rw=2051, want=45104, limit=40427
[  147.987575][  T935] F2FS-fs (loop3): Issue discard(5637, 5637, 1) failed, ret: -5
[  148.329953][ T2906] EXT4-fs (loop2): barriers disabled
[  148.352746][ T2906] JBD2: no valid journal superblock found
[  148.371476][ T2906] EXT4-fs (loop2): error loading journal
[  149.356350][  T409] device bridge_slave_1 left promiscuous mode
[  149.362296][  T409] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.369622][  T409] device bridge_slave_0 left promiscuous mode
[  149.375530][  T409] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.383204][  T409] device veth1_macvtap left promiscuous mode
[  149.389059][  T409] device veth0_vlan left promiscuous mode
[  150.756821][  T409] device bridge_slave_1 left promiscuous mode
[  150.762755][  T409] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.770143][  T409] device bridge_slave_0 left promiscuous mode
[  150.776128][  T409] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.783668][  T409] device bridge_slave_1 left promiscuous mode
[  150.789672][  T409] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.796955][  T409] device bridge_slave_0 left promiscuous mode
[  150.802861][  T409] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.810647][  T409] device bridge_slave_1 left promiscuous mode
[  150.816621][  T409] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.823818][  T409] device bridge_slave_0 left promiscuous mode
[  150.829838][  T409] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.837735][  T409] device bridge_slave_1 left promiscuous mode
[  150.843650][  T409] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.850869][  T409] device bridge_slave_0 left promiscuous mode
[  150.856855][  T409] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.864646][  T409] device veth1_macvtap left promiscuous mode
[  150.870517][  T409] device veth0_vlan left promiscuous mode
[  150.876126][  T409] device veth1_macvtap left promiscuous mode
[  150.881817][  T409] device veth0_vlan left promiscuous mode
[  150.887589][  T409] device veth1_macvtap left promiscuous mode
[  150.893400][  T409] device veth0_vlan left promiscuous mode
[  150.899184][  T409] device veth1_macvtap left promiscuous mode
[  150.904984][  T409] device veth0_vlan left promiscuous mode