last executing test programs:

7.002732642s ago: executing program 4 (id=1265):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1678f5e0b33006bd1049ca45fd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc968af1cf80e96649d943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906c6e2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75", @ANYRES64, @ANYRESHEX, @ANYBLOB="db321087701328393f6e897a058962b43a13528465415a2127a56be442625470ad22f7e62eb2de1ba92621dbda4497efa4f04b3a7bff18c407cc2f683719c0d47e4d47648197f6f974de9cc39378ff0c350c097e3c3bdc393de447912eb222ea55bc39fdfea451e78e0989991df5d8b17e41845e264f39e2da52dcadcc3acdaea8c06bd7c741d78a0f783342dfe3958d8bf8662be34d8492bcb8892009dd2263abbddd6c1e817d4c1dc197d41181e1187fd06bdbeb650873a1416b9806c46e4364bdb40953630ada6cd397cf03b18b73e9c285ab6a0e0d3bb49f1d2037c766024217585857c704625f9120ef5f8f75f9a4e6"], 0x1, 0x5511, &(0x7f0000006b80)="$eJzs3E1rY9UfB/CTPs7Tf/5FXLibC4PQwiQ0fRh0V3UGH7BD8WHhStMkDZlJckuTprUrFy7Fhe9EFFy59DW4cO1OXCjuhJHccypTH0Bp2tjp5wO333tPTn73nEtpOfeGBODSWsh++akUboarIYTpEMKNEIr9UtoKGzGeCyHcCiFMPbGVUvvvDXMhhGshhJuj4rFmKb302Z3h7fUf3/j562/nZ65//tV3k5s1MGnPhxC6u3H/oBszb8V8mNprw3aR3bVhyvhC91E6zmMeNLeLCge14361IldbsX++u98f5U6nVh9lq71TtO/24gn7w9ZxneIND2t7xXGjuV1ku58X2TqK4zo8in/bjvqDWKeR6n1YlA+DwXHG9uZhM85n91GR9d4gtce6eaN5OMphynS6UM87jWIc26e50v9tb7Z7+4fZsLnXb+e9bL1SfaFSvVuu7uWN5qC5Vq51G3fXssVWZ9StPGjWuhutPG91mpV63l3KFlv1erlazRbvNbfbtV5WrVZWK8vl9aW0dyd79cG7WaeRLY7y5XZvf9Du9LOdfC+L71jKViqrLy5lt6vZ25tb2dZb9+9vbr3z/r33Hry0+forqdOfhpUtriyvrJSry+WV6tLFnf/of/2/mv/HadBjnD+cSmnSAwC4eKz/gUm46Ov/YP0/Ftb/l3b+j5PTXUAuN+t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBL6/vZL14rdhbi8fXU/r/U9Ew6LoUQpkIIj//CdJg7UXM61Zn9m/6zfxjDN6VQVBidYz5t10IIG2n79f9nfRUAAADg6fXlR7c+jav1+GNh0gPiPMWbNlM3PhhTvVIIYXbhhzFUCelmU3j29KOKRr/fM+FwTNWKG1hXxlQs3nKbGVe1f2T6RFx5Ikoxpo57zp3ruAAAgLN0ciVwvqsQAAAAztMnkx4Ak1E8aU2fxU+P+eZjpAeCV08cAQAAABdQadIDAAAAAM5csf73/X8AAADwdIvf/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAbO3eTkzoUBQD4tND3eD9GYpy7FWewDJfg0KFhKywBt+AGWAPOXIIBQ3tRMRhM+hfJ9yXt5TbN4ZTQwTm3KQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG16KhbTh/urUd046009zVwNAAAAcMiqWEzLD+Nq/i8dP0uHLtI8i4g8Ig7V7oP4tRdzkOIUX5xffMrhMaKMsP2O32n7GxHXaXs5b/tXAAAAgNO1nM0nVbVe7cZ9J0SXqqZN/v+moXhZRBTj54ai5dvd5bdO3RzvD23/38O4q59WqWxg1X5kZqdsuQ2binbcIN3ub8Pow5BVQ95dOgAAQFf2K4EOqxAAAAA6dtt3AvQji91S5m4tuHzy/n1B8M/eDAAAAPiBsr4TAAAAAFpX1v/e/wcAAACnrXr/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1aFYvpcjaf1I2z3tTTzNUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvLI/7ygMw2AQBjeJ8uqELuD739Is2K1bNzMg+Pi3EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAlcfx8jzj1ZjJNnqdSd49rySfTo1vp8avc+OfZKy7fwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwsz8vKRACQRAFc8b/Tvr+h5UEPYMIEdDwqKIWDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfNHvfvk/MTXOJHOnjaXjkWTtqrF11dh70Dh6MN7+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsXP/vnFTcQDAv2efr7SACAFlCEJUYoCFptfS0pUBFDHwJyBF6bUErvxoM9CqQsrChjJ3QTAihAQKW/+Hzq3UpWwdMhSJiQFkn528HpU4WtW+Np+P9Py+thy/73OiKF8/5wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo7L67H+flZmESZ/Wxm/eurpf9ram+dH379nLZyrjXZtJPhlfTnd5Sd4kAAABwcORNfR8xiGJntQyyhar+L5pzypr/++cncVPPT9f9Td/U/mX77de7L+8NtDAZp7zouY3x6Pi/U+k/xmnOtRf+84x+deerZy959Q3JPth6abeo7mfv2xs33htU4aE2sgUAHsaxpq+D5u+hsh92mRgAB0Y/Kbzv1PV/vtBtTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABtGGzFs03ci4jl/n5cunXv6nrVT+1f37693LTT165tp9csL1FExLmN8eh4WxN5Aly6fOXTtfF4dLH94LWI6G70OvhohnMiusxQ8KhBVv+sz/ZVRyOi+5y7Dzr+xQQAwFOnqFtZ198pdlbLY73FiL9/uL/+fyOJI63/p/q0/r/78emb6Vhp/T9sbYbzb2Xzwhcrly5feWvjwtr50fnRZ2+fGL4zPHnm1KkzK9WzkhVPTAAAAHg0g7ql9X+2GLE7tf5/JIljxvr/y++GX6dj5er/B9pf9Os6EwAAgIPtxaN//tF7wPHeYBBfrW1uXhxOtnv7JybbDlL93w7VLa3/88WuswIAAADasLvVu2/9/2wSx4zr/8/9+MrP6TXziDhcr/8fW/98fLa96XTkr5nOauPfiR/7VAEAAJhrh+uWrv8X1fv/2d4rD1lEvPn6JK4/BnCm+j9//5uf0rHS9/9PtjfFuZQtTe5H1S9F9Je6zggAAICn2TN1K4v934ud1U9+OfLhwPv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG37JwAA//9VakSc")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$RTC_AIE_OFF(r0, 0x7002)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
write$P9_RXATTRCREATE(r4, &(0x7f0000001400)={0x7}, 0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r4, 0x0)
ftruncate(r4, 0x796c)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r5, &(0x7f0000000300)={0xb0000004})
epoll_pwait2(0xffffffffffffffff, &(0x7f0000002240)=[{}], 0x1, 0x0, 0x0, 0x0)

5.672130321s ago: executing program 1 (id=1277):
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100))
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
dup3(r0, 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000200)={0x30, 0x30, 0x30}}}], 0x0, 0x0, 0x0})

5.585915557s ago: executing program 1 (id=1278):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
ptrace(0x8, r0)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file1\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2bb, &(0x7f0000000440)="$eJzs3UFrE1sYxvGnTW+TprTJhcuFe0E96EY3oY0fQIO0IAaU2hR1IUztREPGpMyESkRsNuLWD+Gq6M6doC7ddCNu3LsrguCmC3HETNImbVrTNklj+/9BmTd5z8OcttPyptDJ2o1n9/NZL5G1ShqMGA1KFa1L8V9VzUDtOFith9WoonOj3z6duH7z1pVUOj01Y8x0avZ80hgzfurNg0cvTr8rjc69Gn8d1mr89trX5OfVf1f/W/sxey/nmZxnCsWSscx8sViy5h3bLOS8fMKYa45tebbJFTzbbepnneLiYtlYhYWx6KJre56xCmWTt8umVDQlt2ysu1auYBKJhBmL6ngbamNNZmVmxkrt2PZDHd0Rum6k1ZOum6q0bmZWerAnAADQZ3af/4NZf+f5Pz0XHNua/18+l9qb/6VOzv8DPf2C9rlK06PfzP84Elw3ZUVrP7/NmP8BAAAAAAAAAAAAAAAAAAAAAPgTrPt+zPf9WP1Y/whLikiqPz7sfaI79vn9v3BI20WHNfzjXkRyni5lljLBMeinssrJka0JxfS9ej3UBPX05fTUhKmK662zXMsvL2VCCtfzdfFW+ZN/TwZ505z/S9HG8ycV0z+tz59smR/W2TMN+YRi+nBHRTlaqF7Xm/nHk8Zcuprekh+prgMAAAAA4ChImA3bXr9X+9UFEW3vB/k9/H1gy+vrIf3fzi0qAQAAAADAgXnlh3nLcWx3H0VY0gHieyj8ga6fonNFSH2xjS3FRUl9sI1eFRFJwTNmP/EvG/G2Un4ba4YkHfTzivTw0jrs30wAAAAAOm1z6N9D6OOTLu4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDjp937gdXXb2vVG7vEG04X0vuNtwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjp2fAQAA//91iCZA")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001480)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x500, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r4, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
unshare(0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000980)=@newtaction={0x60, 0x30, 0x36eac49ec043b62f, 0x0, 0x25dfdbfc, {}, [{0x4c, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
waitid(0x2, 0x0, 0x0, 0x4, 0x0)

5.325908826s ago: executing program 3 (id=1279):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="020a040007"], 0x38}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e"], 0x70}}, 0x0)
sendmsg$key(r0, &(0x7f0000000240)={0x7, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="020100090a000000007fffffff0000000200100000e9000000e9000000000000030005000000000002000000ac1414000000000000000000030006000000000002"], 0x50}}, 0x0)
sendmmsg(r0, &(0x7f0000000180), 0x40000000000007b, 0x4004)

5.14250856s ago: executing program 3 (id=1281):
r0 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(r2, &(0x7f0000000480)={&(0x7f0000000080)={0x1d, r1}, 0x10, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="0100"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0)
sendmsg$can_bcm(r2, &(0x7f00000005c0)={&(0x7f0000000180)={0x1d, r1}, 0x10, &(0x7f00000001c0)={&(0x7f0000000cc0)={0x1, 0x420, 0x0, {0x0, 0xea60}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "c6e83912ce2150c0"}}, 0x48}, 0x2}, 0x0)

5.14226976s ago: executing program 3 (id=1282):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x3, &(0x7f0000000040)=@framed={{0x25, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x98}}, &(0x7f0000000000)='GPL\x00'}, 0x90)
chdir(0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, @val=@iter={0x0}}, 0x40)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4400000013000100"/20, @ANYRES32, @ANYBLOB="000000000000000005002700000000001c001a8018000a80140007"], 0x44}}, 0x0)

4.117157895s ago: executing program 3 (id=1286):
openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0xc0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x1ff)
r0 = openat$cgroup(0xffffffffffffff9c, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0)
r1 = signalfd(0xffffffffffffffff, &(0x7f0000000180), 0x8)
ioctl$TCSETS2(r1, 0x5452, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "0001e68e4dffbdf3aa38d90000050900"})
openat(0xffffffffffffff9c, 0x0, 0x6e142, 0x0)
mount(0x0, &(0x7f0000000280)='./file1\x00', 0x0, 0x101c, 0x0)
mount$cgroup(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f0000000400), 0x2100000, &(0x7f00000001c0))
close(r0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r2}, &(0x7f0000bbdffc))
pipe2(&(0x7f0000000080)={<r3=>0xffffffffffffffff}, 0x0)
read$char_usb(r3, &(0x7f0000000840)=""/171, 0xab)
close(r3)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='oom_score\x00')
rt_sigreturn()
timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x3938700}}, 0x0)
rt_sigreturn()
mlockall(0x1)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
r4 = socket$unix(0x1, 0x5, 0x0)
recvmsg$unix(r4, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0x18}, 0x0)
ioctl$GIO_UNIMAP(r5, 0x541b, 0x0)

3.936802299s ago: executing program 1 (id=1288):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000001c000000000000002300850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = dup2(r0, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
syslog(0xa, 0x0, 0x0)

3.902020002s ago: executing program 1 (id=1289):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x3, &(0x7f0000000040)=@framed={{0x25, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x98}}, &(0x7f0000000000)='GPL\x00'}, 0x90)

3.761215352s ago: executing program 4 (id=1290):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x0, 0x0, 0x0, 0x2f, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x0, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1, 0x40005}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

3.417741057s ago: executing program 0 (id=1291):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000366000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
listen(r0, 0x0)
accept4(r0, 0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
rt_sigreturn()
poll(0x0, 0x0, 0x64)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/fscaps', 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
recvmsg(r2, &(0x7f0000000040)={&(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, 0x0}, 0x0)
close(r3)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/user\x00')
prlimit64(0x0, 0x7, &(0x7f0000002040), 0x0)
connect$unix(r1, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

3.059370174s ago: executing program 3 (id=1292):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000366000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
listen(r0, 0x0)
accept4(r0, 0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
rt_sigreturn()
poll(0x0, 0x0, 0x64)
prlimit64(0x0, 0x7, &(0x7f0000002040), 0x0)
connect$unix(r1, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

3.011772137s ago: executing program 1 (id=1293):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000800}, 0x40004)
close(0xffffffffffffffff)
syz_usb_connect(0x0, 0x51, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x29, 0xb6, 0x45, 0x40, 0x8086, 0xb03, 0x3a45, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xe, 0x1, 0x0, 0x0, [@uac_as={[@format_type_i_continuous={0x8, 0x24, 0x2, 0x1, 0x0, 0x2}]}, @cdc_ecm={{0x5}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x0, 0xbe0}, [@dmm={0x7}, @network_terminal={0x7}]}]}}]}}]}}, 0x0)
pipe(&(0x7f0000000480))
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')

2.773711415s ago: executing program 4 (id=1295):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x4, 0x8, 0xa}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000002000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1800b900000000000000000000000065b55b86beac006112000000000000956d000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x80)

2.735362078s ago: executing program 4 (id=1296):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x3, &(0x7f0000000040)=@framed={{0x25, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x98}}, &(0x7f0000000000)='GPL\x00'}, 0x90)
chdir(0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, @val=@iter={0x0}}, 0x40)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4400000013000100"/20, @ANYRES32, @ANYBLOB="000000000000000005002700000000001c001a8018000a80140007"], 0x44}}, 0x0)

2.408735902s ago: executing program 2 (id=1297):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
socketpair(0x10, 0x6, 0x1, &(0x7f0000000180))
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ptrace$ARCH_GET_FS(0x1e, 0x0, 0x0, 0x1003)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x2, 0x40000000, 0x8000, 0x282, 0xffffffffffffffff, 0x0, '\x00', 0x0, r3, 0x2, 0x1}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYRES32=0x0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x57, '\x00', 0x0, 0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r6, 0x0, 0x0)
r7 = userfaultfd(0x1)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f00000001c0)={{&(0x7f0000ffd000/0x2000)=nil, 0x2000}, 0x2})
ioctl$UFFDIO_WRITEPROTECT(r7, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_emit_ethernet(0x1f, &(0x7f0000001ac0)=ANY=[@ANYBLOB="aaaaaaaaaaaa7d321a25982f0011aa"], 0x0)
r8 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r8, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
sendto$inet6(r8, &(0x7f00000002c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffd6, 0xc001, 0x0, 0xfffffffffffffe88)
setsockopt$inet6_udp_int(r8, 0x11, 0x1, &(0x7f0000000080), 0x4)

2.145720651s ago: executing program 0 (id=1298):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
ptrace(0x8, r0)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file1\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2bb, &(0x7f0000000440)="$eJzs3UFrE1sYxvGnTW+TprTJhcuFe0E96EY3oY0fQIO0IAaU2hR1IUztREPGpMyESkRsNuLWD+Gq6M6doC7ddCNu3LsrguCmC3HETNImbVrTNklj+/9BmTd5z8OcttPyptDJ2o1n9/NZL5G1ShqMGA1KFa1L8V9VzUDtOFith9WoonOj3z6duH7z1pVUOj01Y8x0avZ80hgzfurNg0cvTr8rjc69Gn8d1mr89trX5OfVf1f/W/sxey/nmZxnCsWSscx8sViy5h3bLOS8fMKYa45tebbJFTzbbepnneLiYtlYhYWx6KJre56xCmWTt8umVDQlt2ysu1auYBKJhBmL6ngbamNNZmVmxkrt2PZDHd0Rum6k1ZOum6q0bmZWerAnAADQZ3af/4NZf+f5Pz0XHNua/18+l9qb/6VOzv8DPf2C9rlK06PfzP84Elw3ZUVrP7/NmP8BAAAAAAAAAAAAAAAAAAAAAPgTrPt+zPf9WP1Y/whLikiqPz7sfaI79vn9v3BI20WHNfzjXkRyni5lljLBMeinssrJka0JxfS9ej3UBPX05fTUhKmK662zXMsvL2VCCtfzdfFW+ZN/TwZ505z/S9HG8ycV0z+tz59smR/W2TMN+YRi+nBHRTlaqF7Xm/nHk8Zcuprekh+prgMAAAAA4ChImA3bXr9X+9UFEW3vB/k9/H1gy+vrIf3fzi0qAQAAAADAgXnlh3nLcWx3H0VY0gHieyj8ga6fonNFSH2xjS3FRUl9sI1eFRFJwTNmP/EvG/G2Un4ba4YkHfTzivTw0jrs30wAAAAAOm1z6N9D6OOTLu4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDjp937gdXXb2vVG7vEG04X0vuNtwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjp2fAQAA//91iCZA")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001480)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x500, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r4, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
unshare(0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000980)=@newtaction={0x60, 0x30, 0x36eac49ec043b62f, 0x0, 0x25dfdbfc, {}, [{0x4c, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
waitid(0x2, 0x0, 0x0, 0x4, 0x0)

1.784494988s ago: executing program 4 (id=1299):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d0000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r0}, 0x2e)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

1.7512704s ago: executing program 4 (id=1300):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1678f5e0b33006bd1049ca45fd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc968af1cf80e96649d943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906c6e2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75", @ANYRES64, @ANYRESHEX, @ANYBLOB="db321087701328393f6e897a058962b43a13528465415a2127a56be442625470ad22f7e62eb2de1ba92621dbda4497efa4f04b3a7bff18c407cc2f683719c0d47e4d47648197f6f974de9cc39378ff0c350c097e3c3bdc393de447912eb222ea55bc39fdfea451e78e0989991df5d8b17e41845e264f39e2da52dcadcc3acdaea8c06bd7c741d78a0f783342dfe3958d8bf8662be34d8492bcb8892009dd2263abbddd6c1e817d4c1dc197d41181e1187fd06bdbeb650873a1416b9806c46e4364bdb40953630ada6cd397cf03b18b73e9c285ab6a0e0d3bb49f1d2037c766024217585857c704625f9120ef5f8f75f9a4e6"], 0x1, 0x5511, &(0x7f0000006b80)="$eJzs3E1rY9UfB/CTPs7Tf/5FXLibC4PQwiQ0fRh0V3UGH7BD8WHhStMkDZlJckuTprUrFy7Fhe9EFFy59DW4cO1OXCjuhJHccypTH0Bp2tjp5wO333tPTn73nEtpOfeGBODSWsh++akUboarIYTpEMKNEIr9UtoKGzGeCyHcCiFMPbGVUvvvDXMhhGshhJuj4rFmKb302Z3h7fUf3/j562/nZ65//tV3k5s1MGnPhxC6u3H/oBszb8V8mNprw3aR3bVhyvhC91E6zmMeNLeLCge14361IldbsX++u98f5U6nVh9lq71TtO/24gn7w9ZxneIND2t7xXGjuV1ku58X2TqK4zo8in/bjvqDWKeR6n1YlA+DwXHG9uZhM85n91GR9d4gtce6eaN5OMphynS6UM87jWIc26e50v9tb7Z7+4fZsLnXb+e9bL1SfaFSvVuu7uWN5qC5Vq51G3fXssVWZ9StPGjWuhutPG91mpV63l3KFlv1erlazRbvNbfbtV5WrVZWK8vl9aW0dyd79cG7WaeRLY7y5XZvf9Du9LOdfC+L71jKViqrLy5lt6vZ25tb2dZb9+9vbr3z/r33Hry0+forqdOfhpUtriyvrJSry+WV6tLFnf/of/2/mv/HadBjnD+cSmnSAwC4eKz/gUm46Ov/YP0/Ftb/l3b+j5PTXUAuN+t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBL6/vZL14rdhbi8fXU/r/U9Ew6LoUQpkIIj//CdJg7UXM61Zn9m/6zfxjDN6VQVBidYz5t10IIG2n79f9nfRUAAADg6fXlR7c+jav1+GNh0gPiPMWbNlM3PhhTvVIIYXbhhzFUCelmU3j29KOKRr/fM+FwTNWKG1hXxlQs3nKbGVe1f2T6RFx5Ikoxpo57zp3ruAAAgLN0ciVwvqsQAAAAztMnkx4Ak1E8aU2fxU+P+eZjpAeCV08cAQAAABdQadIDAAAAAM5csf73/X8AAADwdIvf/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAbO3eTkzoUBQD4tND3eD9GYpy7FWewDJfg0KFhKywBt+AGWAPOXIIBQ3tRMRhM+hfJ9yXt5TbN4ZTQwTm3KQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG16KhbTh/urUd046009zVwNAAAAcMiqWEzLD+Nq/i8dP0uHLtI8i4g8Ig7V7oP4tRdzkOIUX5xffMrhMaKMsP2O32n7GxHXaXs5b/tXAAAAgNO1nM0nVbVe7cZ9J0SXqqZN/v+moXhZRBTj54ai5dvd5bdO3RzvD23/38O4q59WqWxg1X5kZqdsuQ2binbcIN3ub8Pow5BVQ95dOgAAQFf2K4EOqxAAAAA6dtt3AvQji91S5m4tuHzy/n1B8M/eDAAAAPiBsr4TAAAAAFpX1v/e/wcAAACnrXr/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1aFYvpcjaf1I2z3tTTzNUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvLI/7ygMw2AQBjeJ8uqELuD739Is2K1bNzMg+Pi3EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAlcfx8jzj1ZjJNnqdSd49rySfTo1vp8avc+OfZKy7fwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwsz8vKRACQRAFc8b/Tvr+h5UEPYMIEdDwqKIWDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfNHvfvk/MTXOJHOnjaXjkWTtqrF11dh70Dh6MN7+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsXP/vnFTcQDAv2efr7SACAFlCEJUYoCFptfS0pUBFDHwJyBF6bUErvxoM9CqQsrChjJ3QTAihAQKW/+Hzq3UpWwdMhSJiQFkn528HpU4WtW+Np+P9Py+thy/73OiKF8/5wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo7L67H+flZmESZ/Wxm/eurpf9ram+dH379nLZyrjXZtJPhlfTnd5Sd4kAAABwcORNfR8xiGJntQyyhar+L5pzypr/++cncVPPT9f9Td/U/mX77de7L+8NtDAZp7zouY3x6Pi/U+k/xmnOtRf+84x+deerZy959Q3JPth6abeo7mfv2xs33htU4aE2sgUAHsaxpq+D5u+hsh92mRgAB0Y/Kbzv1PV/vtBtTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABtGGzFs03ci4jl/n5cunXv6nrVT+1f37693LTT165tp9csL1FExLmN8eh4WxN5Aly6fOXTtfF4dLH94LWI6G70OvhohnMiusxQ8KhBVv+sz/ZVRyOi+5y7Dzr+xQQAwFOnqFtZ198pdlbLY73FiL9/uL/+fyOJI63/p/q0/r/78emb6Vhp/T9sbYbzb2Xzwhcrly5feWvjwtr50fnRZ2+fGL4zPHnm1KkzK9WzkhVPTAAAAHg0g7ql9X+2GLE7tf5/JIljxvr/y++GX6dj5er/B9pf9Os6EwAAgIPtxaN//tF7wPHeYBBfrW1uXhxOtnv7JybbDlL93w7VLa3/88WuswIAAADasLvVu2/9/2wSx4zr/8/9+MrP6TXziDhcr/8fW/98fLa96XTkr5nOauPfiR/7VAEAAJhrh+uWrv8X1fv/2d4rD1lEvPn6JK4/BnCm+j9//5uf0rHS9/9PtjfFuZQtTe5H1S9F9Je6zggAAICn2TN1K4v934ud1U9+OfLhwPv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG37JwAA//9VakSc")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$RTC_AIE_OFF(r0, 0x7002)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
write$P9_RXATTRCREATE(r4, &(0x7f0000001400)={0x7}, 0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r4, 0x0)
ftruncate(r4, 0x796c)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = epoll_create(0x4000100)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000300)={0xb0000004})
epoll_pwait2(r6, &(0x7f0000002240)=[{}], 0x1, 0x0, 0x0, 0x0)

1.501672079s ago: executing program 3 (id=1301):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x0, &(0x7f0000000580)={[{@journal_dev={'journal_dev', 0x3d, 0x9}}, {@noblock_validity}, {@usrquota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}, {@jqfmt_vfsold}, {@usrjquota, 0x5}, {@min_batch_time={'min_batch_time', 0x3d, 0xa9f}}, {@nodiscard}]}, 0xff, 0x45e, &(0x7f0000000680)="$eJzs3M9vVFUbAOD33pkCH3zSioiCoFU0Nv5oaUFl4UajiQtNTHSBy7EtBBmooTURQrQagktD4t64NPEvcOXKqCsTt7o3JKjEBHTjmDtzL3SGmdJ2pkxlnie5cM7cc++5L/ecO2fOmSGAgTWa/ZFE/D8ifo6I4Ua2ucBo469rV85N/3Xl3HQStdobvyf1clevnJsuihbHbcszY2lEej7JK2k2f+bsiUq1Ons6z08snHx3Yv7M2aePn6wcmz02e2rq8OFDByefe3bqmZ7EmcV3dc8Hc3t3v/LWxdemj1x8+/uvsuvdta+xf2kcXSoXidEs8D9qda2FHutRZRvFP7UbcSblfl8NK1XKG+xQvf8PR+lG843hePnjvl4csK6yZ/bmzrsXa8AdLIl+XwHQH8Ubffb5t9hu09BjQ7j8QuMDUBb3tXxr7ClHmpcZWsf6RyPiyOLfn2dbtMxD1NrMGwAAdOubbPzzVLvxXxq7lpTbnq8NjUTE3RGxIyLuiYidEXFvRL3sfRFx/yrrb10aunn8mV5aU2ArlI3/ns/XtprHf8XoL0ZKee6uevxDydHj1dkD+b/JWAxtzvKT7U5enOKlnz7tVP/S8V+2ZfUXY8H8JJfKLRN0M5WFSq8GpZc/ithTbhd/cn0lIImI3RGxZ3Wn3l4kjj/x5d5OhW4d/zJ6sM5U+yLi8cb9X4yW+AvJ8uuTE1uiOntgomgVN/vhxwuvd6q/q/h7ILv/W5vbf0uJ4T+Tpeu186uv48Ivn3T8TFleY/vflLxZX9PdlL/2fmVh4fRkxKbk1Xq+6fWpG8cW+aJ8Fv/Y/vb9f0d+TBb/AxGRNeJ9EfFgRDyU37uHI+KRiNi/TPzfvfjoO532bYT7P9P2+Xe9/Y803//VJ0onvv26U/0re/4dqqfG8lfqz79b6Hw5W/ISa23NAAAA8N+T1r8bn6Tj19NpOj7e+A7/ztiaVufmF548OvfeqZnGd+hHYigtZrqGl8yHTiaL+Rkb+al8rrjYfzCfN/6s9L96fnx6rjrT59hh0G3r0P8zv5b6fXXAuvN7LRhcrf0/7dN1ALef938YXPo/DC79HwZXu/7/YUveWgDcmbz/w+DS/2Fw6f8wuPR/GEjd/K5/vRLlZX69L7FREpF2c3gs+380SHSXKK+1d5//rXHgiUq1jw8lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHvo3AAD//7k07kc=")
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

992.155976ms ago: executing program 2 (id=1302):
syz_emit_ethernet(0x4a, &(0x7f0000000540)=ANY=[@ANYBLOB="91a6e34dd8bbaaaaaaaaaabb86dd6c005c1a001411030000000000800000000000000000000100000000000000000000ffff"], 0x0)

992.078836ms ago: executing program 2 (id=1303):
open$dir(&(0x7f0000000040)='./file0\x00', 0xae828e137847f62, 0x0)
r0 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x1, 0x0)
pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000000)="1cd2d176f4b8f82c1d09936270286ea75b958983a9f15438392f4d2feb0900000000000ef962", 0xa8269}], 0x1, 0x0, 0x0)
r1 = open$dir(&(0x7f00000002c0)='./file0\x00', 0x1, 0x0)
ftruncate(r1, 0x80002)

991.978026ms ago: executing program 2 (id=1304):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x3, &(0x7f0000000040)=@framed={{0x25, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x98}}, &(0x7f0000000000)='GPL\x00'}, 0x90)

614.428704ms ago: executing program 0 (id=1305):
r0 = socket(0x18, 0x2, 0x0)
close(r0)
socket(0x11, 0x3, 0x0)
close(r0)

614.204964ms ago: executing program 0 (id=1306):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x0, 0x0, 0x0, 0x2f, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x0, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1, 0x40005}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

394.077501ms ago: executing program 0 (id=1307):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='kvm_userspace_exit\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='kvm_userspace_exit\x00', r2}, 0x10)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = dup(r4)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

376.427861ms ago: executing program 1 (id=1308):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f00000002c0)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x90c20}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x0, {0x0, 0x17}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
io_setup(0x1fe, &(0x7f0000000200)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x7000000, 0x4, 0x1, 0x0, r2, 0x0}])

304.909887ms ago: executing program 0 (id=1309):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x3, &(0x7f0000000040)=@framed={{0x25, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x98}}, &(0x7f0000000000)='GPL\x00'}, 0x90)
chdir(0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, @val=@iter={0x0}}, 0x40)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4400000013000100"/20, @ANYRES32, @ANYBLOB="000000000000000005002700000000001c001a8018000a80140007"], 0x44}}, 0x0)

223.144603ms ago: executing program 2 (id=1310):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r0}, 0x10)

0s ago: executing program 2 (id=1311):
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap$binder(&(0x7f0000000000/0x4000)=nil, 0x1fffff, 0x1, 0x11, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0xe)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600702, 0x19)

kernel console output (not intermixed with test programs):

_user+0x1e/0xc0
[  142.590165][ T2289]  copy_msghdr_from_user+0xaa/0x670
[  142.595197][ T2289]  ? _parse_integer+0x2a/0x40
[  142.599709][ T2289]  ? sendmsg_copy_msghdr+0x70/0x70
[  142.604661][ T2289]  __sys_sendmmsg+0x375/0x6f0
[  142.609168][ T2289]  ? kasan_set_track+0x4b/0x70
[  142.613782][ T2289]  ? __ia32_sys_sendmsg+0x90/0x90
[  142.618637][ T2289]  ? __kasan_check_write+0x14/0x20
[  142.623592][ T2289]  ? __kasan_check_write+0x14/0x20
[  142.628535][ T2289]  ? proc_fail_nth_write+0x20b/0x290
[  142.633651][ T2289]  ? selinux_file_permission+0x2bb/0x560
[  142.639121][ T2289]  ? proc_fail_nth_read+0x210/0x210
[  142.644155][ T2289]  ? fsnotify_perm+0x6a/0x5d0
[  142.648674][ T2289]  ? vfs_write+0xbb3/0xeb0
[  142.652923][ T2289]  ? __kasan_slab_free+0x11/0x20
[  142.657700][ T2289]  ? __kasan_check_write+0x14/0x20
[  142.662641][ T2289]  ? mutex_unlock+0xb2/0x260
[  142.667082][ T2289]  ? __ia32_sys_read+0x90/0x90
[  142.671663][ T2289]  ? debug_smp_processor_id+0x17/0x20
[  142.676868][ T2289]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  142.682772][ T2289]  __x64_sys_sendmmsg+0xa0/0xb0
[  142.687461][ T2289]  x64_sys_call+0x81d/0x9a0
[  142.691888][ T2289]  do_syscall_64+0x3b/0xb0
[  142.696224][ T2289]  ? clear_bhb_loop+0x55/0xb0
[  142.700743][ T2289]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  142.706471][ T2289] RIP: 0033:0x7f9c7c179eb9
[  142.710724][ T2289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.715141][ T2324] loop4: detected capacity change from 0 to 512
[  142.730168][ T2289] RSP: 002b:00007f9c7d02a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  142.730198][ T2289] RAX: ffffffffffffffda RBX: 00007f9c7c315f80 RCX: 00007f9c7c179eb9
[  142.730213][ T2289] RDX: 000000000800001d RSI: 0000000020007fc0 RDI: 0000000000000005
[  142.730227][ T2289] RBP: 00007f9c7d02a090 R08: 0000000000000000 R09: 0000000000000000
[  142.730239][ T2289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  142.775818][ T2289] R13: 0000000000000000 R14: 00007f9c7c315f80 R15: 00007ffc1f96a938
[  142.783808][ T2289]  </TASK>
[  142.786738][   T19] usb 1-1: Using ep0 maxpacket: 16
[  142.790051][ T2324] EXT4-fs: Ignoring removed nobh option
[  142.797524][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  142.805898][ T2324] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  142.808107][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  142.816840][ T2324] EXT4-fs (loop4): orphan cleanup on readonly fs
[  142.829388][ T2324] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3845: comm syz.4.428: Allocating blocks 41-42 which overlap fs metadata
[  142.843578][ T2324] EXT4-fs (loop4): Remounting filesystem read-only
[  142.850060][ T2324] __quota_error: 4 callbacks suppressed
[  142.850079][ T2324] Quota error (device loop4): write_blk: dquota write failed
[  142.852638][ T2301] device veth0_vlan entered promiscuous mode
[  142.856650][ T2324] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  142.864622][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  142.868846][ T2324] EXT4-fs error (device loop4): ext4_acquire_dquot:6764: comm syz.4.428: Failed to acquire dquot type 0
[  142.879059][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  142.887345][ T2324] EXT4-fs (loop4): 1 truncate cleaned up
[  142.897979][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  142.905551][  T313] usbhid 3-1:0.0: can't add hid device: -71
[  142.911775][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  142.921376][  T313] usbhid: probe of 3-1:0.0 failed with error -71
[  142.930629][   T19] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 11
[  142.930670][   T19] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  142.939175][  T313] usb 3-1: USB disconnect, device number 12
[  142.945846][   T19] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  142.959727][ T2301] device veth1_macvtap entered promiscuous mode
[  142.961069][   T19] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[  142.986158][   T19] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[  142.996034][   T19] usb 1-1: config 1 interface 0 has no altsetting 0
[  143.002525][   T19] usb 1-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  143.011372][   T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.020667][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  143.029124][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  143.037663][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  143.049649][ T2328] loop3: detected capacity change from 0 to 128
[  143.051111][   T19] ums-sddr09 1-1:1.0: USB Mass Storage device detected
[  143.067601][ T2324] EXT4-fs (loop4): pa ffff888110ae47e0: logic 1, phys. 41, len 23
[  143.075425][ T2324] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4885: group 0, free 22, pa_free 23
[  143.156537][ T2333] loop4: detected capacity change from 0 to 256
[  143.675413][ T2335] capability: warning: `syz.3.432' uses deprecated v2 capabilities in a way that may be insecure
[  144.188638][ T2342] loop1: detected capacity change from 0 to 512
[  144.195277][   T19] scsi host1: usb-storage 1-1:1.0
[  144.202664][   T19] usb 1-1: USB disconnect, device number 5
[  144.247447][ T2342] ext4 filesystem being mounted at /3/file0 supports timestamps until 2038 (0x7fffffff)
[  144.263172][ T2342] tmpfs: Bad value for 'size'
[  144.380965][ T2354] FAULT_INJECTION: forcing a failure.
[  144.380965][ T2354] name failslab, interval 1, probability 0, space 0, times 0
[  144.393499][ T2354] CPU: 1 PID: 2354 Comm: syz.2.433 Not tainted 6.1.93-syzkaller-00068-gb5e374dda921 #0
[  144.402978][ T2354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  144.412877][ T2354] Call Trace:
[  144.416096][ T2354]  <TASK>
[  144.418877][ T2354]  dump_stack_lvl+0x151/0x1b7
[  144.423385][ T2354]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  144.428672][ T2354]  ? __schedule+0xcbd/0x1560
[  144.433102][ T2354]  dump_stack+0x15/0x1c
[  144.437092][ T2354]  should_fail_ex+0x3d0/0x520
[  144.441604][ T2354]  ? getname_flags+0xba/0x520
[  144.446119][ T2354]  __should_failslab+0xaf/0xf0
[  144.450718][ T2354]  should_failslab+0x9/0x20
[  144.455074][ T2354]  kmem_cache_alloc+0x3b/0x2c0
[  144.459660][ T2354]  getname_flags+0xba/0x520
[  144.463998][ T2354]  __x64_sys_symlinkat+0x7c/0xb0
[  144.468856][ T2354]  x64_sys_call+0x6fe/0x9a0
[  144.473197][ T2354]  do_syscall_64+0x3b/0xb0
[  144.477447][ T2354]  ? clear_bhb_loop+0x55/0xb0
[  144.481965][ T2354]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  144.487701][ T2354] RIP: 0033:0x7f9c7c179eb9
[  144.491942][ T2354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.511389][ T2354] RSP: 002b:00007f9c7cfe8038 EFLAGS: 00000246 ORIG_RAX: 000000000000010a
[  144.516545][ T2355] loop3: detected capacity change from 0 to 512
[  144.519716][ T2354] RAX: ffffffffffffffda RBX: 00007f9c7c316130 RCX: 00007f9c7c179eb9
[  144.526877][   T28] audit: type=1400 audit(1725115526.968:194): avc:  denied  { write } for  pid=2344 comm="syz.2.433" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  144.533601][ T2354] RDX: 0000000020000100 RSI: 0000000000000008 RDI: 0000000020000300
[  144.533618][ T2354] RBP: 00007f9c7cfe8090 R08: 0000000000000000 R09: 0000000000000000
[  144.533631][ T2354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  144.533643][ T2354] R13: 0000000000000000 R14: 00007f9c7c316130 R15: 00007ffc1f96a938
[  144.533663][ T2354]  </TASK>
[  144.588062][ T2355] EXT4-fs (loop3): Test dummy encryption mode enabled
[  144.602418][   T28] audit: type=1400 audit(1725115527.198:195): avc:  denied  { ioctl } for  pid=2344 comm="syz.2.433" path="socket:[24041]" dev="sockfs" ino=24041 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  144.633698][ T2355] EXT4-fs error (device loop3): __ext4_iget:5046: inode #11: block 1: comm syz.3.430: invalid block
[  144.646625][ T2355] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.430: couldn't read orphan inode 11 (err -117)
[  144.922239][ T2353] 9pnet_fd: Insufficient options for proto=fd
[  144.939764][ T2359] loop4: detected capacity change from 0 to 512
[  144.955606][ T2359] EXT4-fs: Ignoring removed nobh option
[  144.975862][ T2359] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  145.004448][ T2359] EXT4-fs (loop4): orphan cleanup on readonly fs
[  145.155829][ T2359] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3845: comm syz.4.436: Allocating blocks 41-42 which overlap fs metadata
[  145.176258][ T2363] loop0: detected capacity change from 0 to 512
[  145.190792][ T2363] EXT4-fs: Ignoring removed nobh option
[  145.199193][ T2359] EXT4-fs (loop4): Remounting filesystem read-only
[  145.213985][ T2363] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  145.230286][ T2367] loop2: detected capacity change from 0 to 256
[  145.236972][ T2359] Quota error (device loop4): write_blk: dquota write failed
[  145.248170][ T2359] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  145.270659][ T2367] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  145.270932][ T2359] EXT4-fs error (device loop4): ext4_acquire_dquot:6764: comm syz.4.436: Failed to acquire dquot type 0
[  145.295819][ T2363] EXT4-fs (loop0): orphan cleanup on readonly fs
[  145.374792][ T2371] loop3: detected capacity change from 0 to 512
[  145.382709][ T2372] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.383297][ T2363] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3845: comm syz.0.437: Allocating blocks 41-42 which overlap fs metadata
[  145.389610][ T2372] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.411132][ T2372] device bridge_slave_0 entered promiscuous mode
[  145.421629][ T2372] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.428492][ T2372] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.526422][ T2371] EXT4-fs: Ignoring removed nobh option
[  145.551149][ T2377] FAULT_INJECTION: forcing a failure.
[  145.551149][ T2377] name fail_futex, interval 1, probability 0, space 0, times 1
[  145.555420][ T2359] EXT4-fs (loop4): 1 truncate cleaned up
[  145.568715][ T2372] device bridge_slave_1 entered promiscuous mode
[  145.573894][ T2371] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  145.589225][ T2363] EXT4-fs (loop0): Remounting filesystem read-only
[  145.596226][ T2359] EXT4-fs (loop4): pa ffff888138285d20: logic 1, phys. 41, len 23
[  145.600070][ T2377] CPU: 0 PID: 2377 Comm: syz.2.440 Not tainted 6.1.93-syzkaller-00068-gb5e374dda921 #0
[  145.604009][ T2359] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4885: group 0, 
[  145.613433][ T2377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  145.613454][ T2377] Call Trace:
[  145.613462][ T2377]  <TASK>
[  145.613471][ T2377]  dump_stack_lvl+0x151/0x1b7
[  145.613499][ T2377]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  145.621670][ T2359] free 22, pa_free 23
[  145.631553][ T2377]  ? __kasan_check_write+0x14/0x20
[  145.631579][ T2377]  dump_stack+0x15/0x1c
[  145.634802][ T2363] Quota error (device loop0): write_blk: dquota write failed
[  145.637458][ T2377]  should_fail_ex+0x3d0/0x520
[  145.642227][ T2363] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  145.647258][ T2377]  should_fail+0xb/0x10
[  145.651111][ T2363] EXT4-fs error (device loop0): ext4_acquire_dquot:6764: comm syz.0.437: Failed to acquire dquot type 0
[  145.656019][ T2377]  get_futex_key+0x177/0xc90
[  145.701445][ T2377]  ? futex_setup_timer+0xd0/0xd0
[  145.706181][ T2377]  ? finish_task_switch+0x16f/0x7b0
[  145.711305][ T2377]  futex_wake+0x1af/0xb60
[  145.715472][ T2377]  ? futex_wake_mark+0x170/0x170
[  145.720326][ T2377]  ? __kasan_check_write+0x14/0x20
[  145.725282][ T2377]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  145.730658][ T2377]  ? _raw_spin_lock+0x1b0/0x1b0
[  145.735344][ T2377]  ? preempt_schedule_notrace+0x140/0x140
[  145.740907][ T2377]  do_futex+0x501/0x9a0
[  145.744900][ T2377]  ? __ia32_sys_get_robust_list+0x90/0x90
[  145.750452][ T2377]  ? uprobe_free_utask+0x82/0x150
[  145.755311][ T2377]  mm_release+0x1be/0x2e0
[  145.759571][ T2377]  ? exit_mm_release+0x30/0x30
[  145.764166][ T2377]  ? futex_exit_release+0x121/0x1e0
[  145.769197][ T2377]  exit_mm_release+0x25/0x30
[  145.773715][ T2377]  do_exit+0xa1b/0x2b80
[  145.777706][ T2377]  ? __kasan_check_write+0x14/0x20
[  145.782651][ T2377]  ? llist_add_batch+0x160/0x1d0
[  145.787426][ T2377]  ? put_task_struct+0x80/0x80
[  145.791097][ T2363] EXT4-fs (loop0): 1 truncate cleaned up
[  145.792021][ T2377]  ? find_next_clump8+0x1c0/0x1c0
[  145.802463][ T2377]  ? __kasan_check_write+0x14/0x20
[  145.807410][ T2377]  ? __kasan_check_write+0x14/0x20
[  145.812347][ T2377]  ? _raw_spin_lock_irq+0xa5/0x1b0
[  145.814890][ T2371] EXT4-fs (loop3): orphan cleanup on readonly fs
[  145.817294][ T2377]  do_group_exit+0x21a/0x2d0
[  145.824782][ T2371] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3845: comm syz.3.441: Allocating blocks 41-42 which overlap fs metadata
[  145.827884][ T2377]  ? __kasan_check_write+0x14/0x20
[  145.841802][ T2371] EXT4-fs (loop3): Remounting filesystem read-only
[  145.846199][ T2377]  get_signal+0x169d/0x1820
[  145.852743][ T2371] Quota error (device loop3): write_blk: dquota write failed
[  145.856874][ T2377]  ? cpudl_cleanup+0x40/0x40
[  145.864508][ T2371] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  145.868503][ T2377]  ? ptrace_notify+0x350/0x350
[  145.878497][ T2371] EXT4-fs error (device loop3): ext4_acquire_dquot:6764: comm syz.3.441: Failed to acquire dquot type 0
[  145.882825][ T2377]  arch_do_signal_or_restart+0xb0/0x16f0
[  145.894359][ T2371] EXT4-fs (loop3): 1 truncate cleaned up
[  145.899326][ T2377]  ? __kasan_check_write+0x14/0x20
[  145.909745][ T2377]  ? put_task_struct_rcu_user+0x6c/0x90
[  145.915299][ T2377]  ? finish_task_switch+0x343/0x7b0
[  145.920335][ T2377]  ? get_sigframe_size+0x10/0x10
[  145.925112][ T2377]  exit_to_user_mode_loop+0x74/0xa0
[  145.930159][ T2377]  exit_to_user_mode_prepare+0x5a/0xa0
[  145.935436][ T2377]  irqentry_exit_to_user_mode+0x9/0x10
[  145.940731][ T2377]  irqentry_exit+0x12/0x40
[  145.944984][ T2377]  sysvec_reschedule_ipi+0x80/0x160
[  145.950107][ T2377]  asm_sysvec_reschedule_ipi+0x1b/0x20
[  145.955405][ T2377] RIP: 0033:0x7f9c7c152720
[  145.959666][ T2377] Code: 74 4f e1 c5 fd d7 c1 c4 e2 6a f7 c0 85 c0 0f 84 1a ff ff ff f3 0f bc c0 c5 f8 77 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 <89> f8 48 89 fa c5 f9 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 27
[  145.979537][ T2377] RSP: 002b:00007f9c7cfe8058 EFLAGS: 00000202
[  145.985430][ T2377] RAX: 0000000000000001 RBX: 000000000000000b RCX: 0000000000000000
[  145.993242][ T2377] RDX: 0000000000000000 RSI: 00007f9c7cfe8090 RDI: 00007f9c7cfe8090
[  146.001073][ T2377] RBP: 00007f9c7cfe8090 R08: 0000000000000000 R09: 00007f9c7cfe7df7
[  146.008959][ T2377] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  146.016764][ T2377] R13: 0000000000000000 R14: 00007f9c7c316130 R15: 00007ffc1f96a938
[  146.024582][ T2377]  </TASK>
[  146.051462][ T2363] EXT4-fs (loop0): pa ffff888138285888: logic 1, phys. 41, len 23
[  146.059125][ T2363] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:4885: group 0, free 22, pa_free 23
[  146.070133][ T2371] EXT4-fs (loop3): pa ffff888138285150: logic 1, phys. 41, len 23
[  146.077819][ T2371] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4885: group 0, free 22, pa_free 23
[  146.285055][ T2383] loop2: detected capacity change from 0 to 512
[  146.310586][   T10] device bridge_slave_1 left promiscuous mode
[  146.311726][ T2383] ext4 filesystem being mounted at /11/file0 supports timestamps until 2038 (0x7fffffff)
[  146.316727][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.365962][ T2383] tmpfs: Bad value for 'size'
[  146.367765][ T2388] loop4: detected capacity change from 0 to 256
[  146.380452][   T10] device bridge_slave_0 left promiscuous mode
[  146.397114][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.408249][   T10] device veth1_macvtap left promiscuous mode
[  146.414180][   T10] device veth0_vlan left promiscuous mode
[  146.522546][ T2391] loop0: detected capacity change from 0 to 512
[  146.833247][ T2391] ext4 filesystem being mounted at /10/file0 supports timestamps until 2038 (0x7fffffff)
[  146.861039][ T2391] tmpfs: Bad value for 'size'
[  147.008680][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  147.018670][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  147.039868][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  147.057615][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  147.076669][   T19] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.083578][   T19] bridge0: port 1(bridge_slave_0) entered forwarding state
[  147.095069][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  147.108720][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  147.129325][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.136251][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[  147.183676][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  147.214276][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  147.222257][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  147.230106][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  147.240825][ T2400] loop3: detected capacity change from 0 to 512
[  147.247112][ T2372] device veth0_vlan entered promiscuous mode
[  147.251228][ T2400] EXT4-fs: Ignoring removed nobh option
[  147.266703][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  147.274892][ T2400] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  147.275338][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  147.313789][ T2400] EXT4-fs (loop3): orphan cleanup on readonly fs
[  147.321300][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  147.328722][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  147.336714][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  147.344814][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  147.354782][ T2372] device veth1_macvtap entered promiscuous mode
[  147.378318][ T2400] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3845: comm syz.3.451: Allocating blocks 41-42 which overlap fs metadata
[  147.391840][ T2405] loop4: detected capacity change from 0 to 128
[  147.412035][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  147.419691][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  147.429913][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  147.438205][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  147.446371][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  147.468044][ T2400] EXT4-fs (loop3): Remounting filesystem read-only
[  147.475244][ T2400] EXT4-fs error (device loop3): ext4_acquire_dquot:6764: comm syz.3.451: Failed to acquire dquot type 0
[  147.487157][ T2400] EXT4-fs (loop3): 1 truncate cleaned up
[  147.493560][ T2400] EXT4-fs (loop3): pa ffff888138285930: logic 1, phys. 41, len 23
[  147.501310][ T2400] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4885: group 0, free 22, pa_free 23
[  147.805715][ T2401] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.812753][ T2401] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.822226][ T2401] device bridge_slave_0 entered promiscuous mode
[  147.829348][ T2401] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.836276][ T2401] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.843737][ T2401] device bridge_slave_1 entered promiscuous mode
[  147.898081][ T2412] loop1: detected capacity change from 0 to 256
[  147.925129][ T2412] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  147.954217][ T2402] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.961458][ T2402] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.974067][ T2402] device bridge_slave_0 entered promiscuous mode
[  147.996107][ T2402] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.006339][ T2402] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.017869][ T2402] device bridge_slave_1 entered promiscuous mode
[  148.195251][ T2401] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.202204][ T2401] bridge0: port 2(bridge_slave_1) entered forwarding state
[  148.209368][ T2401] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.216281][ T2401] bridge0: port 1(bridge_slave_0) entered forwarding state
[  148.351197][ T1233] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.361656][ T1233] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.370241][ T2422] loop3: detected capacity change from 0 to 128
[  148.381475][ T2422] EXT4-fs (loop3): Test dummy encryption mode enabled
[  148.425024][ T2422] ext4 filesystem being mounted at /4/mnt supports timestamps until 2038 (0x7fffffff)
[  148.544375][ T2425] loop4: detected capacity change from 0 to 512
[  148.551779][ T2425] EXT4-fs (loop4): Test dummy encryption mode enabled
[  148.628655][ T2425] EXT4-fs error (device loop4): __ext4_iget:5046: inode #11: block 1: comm syz.4.454: invalid block
[  148.640241][ T2425] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.454: couldn't read orphan inode 11 (err -117)
[  148.703653][ T2425] 9pnet_fd: Insufficient options for proto=fd
[  148.844516][ T2428] FAULT_INJECTION: forcing a failure.
[  148.844516][ T2428] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  148.929662][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  148.937075][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  148.938120][ T2428] CPU: 1 PID: 2428 Comm: syz.3.453 Not tainted 6.1.93-syzkaller-00068-gb5e374dda921 #0
[  148.953637][ T2428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  148.963552][ T2428] Call Trace:
[  148.966654][ T2428]  <TASK>
[  148.969439][ T2428]  dump_stack_lvl+0x151/0x1b7
[  148.973946][ T2428]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  148.974892][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  148.979238][ T2428]  dump_stack+0x15/0x1c
[  148.987875][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  148.991217][ T2428]  should_fail_ex+0x3d0/0x520
[  148.991254][ T2428]  should_fail+0xb/0x10
[  148.991282][ T2428]  should_fail_usercopy+0x1a/0x20
[  148.991311][ T2428]  _copy_from_user+0x1e/0xc0
[  148.991337][ T2428]  copy_msghdr_from_user+0xaa/0x670
[  148.991366][ T2428]  ? sendmsg_copy_msghdr+0x70/0x70
[  148.991397][ T2428]  __sys_sendmsg+0x236/0x390
[  149.010041][ T1233] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.012542][ T2428]  ? ____sys_sendmsg+0x9a0/0x9a0
[  149.012596][ T2428]  ? fpregs_restore_userregs+0x130/0x290
[  149.016967][ T1233] bridge0: port 1(bridge_slave_0) entered forwarding state
[  149.022008][ T2428]  __x64_sys_sendmsg+0x7f/0x90
[  149.022045][ T2428]  x64_sys_call+0x16a/0x9a0
[  149.062519][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  149.064532][ T2428]  do_syscall_64+0x3b/0xb0
[  149.076685][ T2428]  ? clear_bhb_loop+0x55/0xb0
[  149.081198][ T2428]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  149.082985][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  149.086924][ T2428] RIP: 0033:0x7f0098b79eb9
[  149.098993][ T2428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.115136][ T1233] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.118430][ T2428] RSP: 002b:00007f0099939038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  149.125323][ T1233] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.133530][ T2428] RAX: ffffffffffffffda RBX: 00007f0098d16130 RCX: 00007f0098b79eb9
[  149.133549][ T2428] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000009
[  149.156460][ T2428] RBP: 00007f0099939090 R08: 0000000000000000 R09: 0000000000000000
[  149.164263][ T2428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.172158][ T2428] R13: 0000000000000000 R14: 00007f0098d16130 R15: 00007ffec2b5a238
[  149.180015][ T2428]  </TASK>
[  149.213247][   T10] device bridge_slave_1 left promiscuous mode
[  149.219337][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.242434][   T10] device bridge_slave_0 left promiscuous mode
[  149.249426][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.271543][   T10] device bridge_slave_1 left promiscuous mode
[  149.287834][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.453375][ T2435] loop4: detected capacity change from 0 to 1024
[  149.476539][   T28] kauditd_printk_skb: 2 callbacks suppressed
[  149.476584][   T28] audit: type=1400 audit(1725115532.088:196): avc:  denied  { setattr } for  pid=2430 comm="syz.4.455" name="file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  150.273245][   T10] device bridge_slave_0 left promiscuous mode
[  150.279465][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.357588][   T28] audit: type=1400 audit(1725115532.938:197): avc:  denied  { write } for  pid=2432 comm="syz.1.456" name="ns" dev="proc" ino=24544 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  150.379546][ T2442] loop4: detected capacity change from 0 to 1024
[  150.389972][   T10] device veth1_macvtap left promiscuous mode
[  150.395370][ T2442] EXT4-fs: dax option not supported
[  150.402813][   T10] device veth0_vlan left promiscuous mode
[  150.539381][   T10] device veth1_macvtap left promiscuous mode
[  150.545492][   T10] device veth0_vlan left promiscuous mode
[  150.646582][ T2444] loop4: detected capacity change from 0 to 1024
[  150.652928][ T2444] ext4: Unknown parameter 'smackfsdef'
[  150.658320][   T28] audit: type=1400 audit(1725115533.258:198): avc:  denied  { map } for  pid=2441 comm="syz.4.457" path="/dev/ashmem" dev="devtmpfs" ino=177 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  150.933745][  T316] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  150.961471][ T2449] 9pnet_fd: Insufficient options for proto=fd
[  151.062648][   T28] audit: type=1400 audit(1725115533.678:199): avc:  denied  { connect } for  pid=2450 comm="syz.3.460" lport=256 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  151.190855][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  151.212619][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  151.360552][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  151.383193][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  151.475339][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  151.489321][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  151.528398][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  151.693562][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  151.715328][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  151.723114][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  151.735240][ T2461] kvm: emulating exchange as write
[  151.741796][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  151.751185][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  151.759258][ T2401] device veth0_vlan entered promiscuous mode
[  151.781761][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  151.792452][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  151.801868][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[  151.808732][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[  151.817456][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  151.833563][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  151.843895][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.850783][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[  151.888202][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  151.897269][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  151.906491][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  151.939057][ T2401] device veth1_macvtap entered promiscuous mode
[  151.950199][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  151.960088][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  151.970823][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  151.979693][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  151.988694][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  152.024698][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  152.033772][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  152.051277][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  152.061889][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  152.089312][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  152.100952][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  152.129096][ T2402] device veth0_vlan entered promiscuous mode
[  152.224973][ T2402] device veth1_macvtap entered promiscuous mode
[  152.240954][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  152.248720][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  152.257105][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  152.270313][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  152.304266][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  152.315255][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  152.326386][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  152.358619][ T2474] loop0: detected capacity change from 0 to 256
[  152.382297][ T2474] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  152.430920][   T28] audit: type=1400 audit(1725115535.038:200): avc:  denied  { write } for  pid=2472 comm="syz.3.465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  152.486059][   T28] audit: type=1400 audit(1725115535.078:201): avc:  denied  { nlmsg_write } for  pid=2472 comm="syz.3.465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  152.492177][ T2471] loop4: detected capacity change from 0 to 1024
[  152.516859][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  152.558219][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  152.568800][   T28] audit: type=1400 audit(1725115535.178:202): avc:  denied  { bind } for  pid=2477 comm="syz.3.467" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  152.581974][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  152.595636][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  152.602488][ T2471] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038 (0x7fffffff)
[  152.622625][ T2471] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.466: inode #262275072: comm syz.4.466: iget: illegal inode #
[  152.643647][ T2471] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.466: error while reading EA inode 262275072 err=-117
[  152.723840][   T28] audit: type=1400 audit(1725115535.338:203): avc:  denied  { create } for  pid=2486 comm="syz.4.469" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  152.743512][   T28] audit: type=1400 audit(1725115535.338:204): avc:  denied  { bind } for  pid=2486 comm="syz.4.469" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  152.763644][   T28] audit: type=1400 audit(1725115535.338:205): avc:  denied  { write } for  pid=2486 comm="syz.4.469" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  152.786984][ T2489] loop2: detected capacity change from 0 to 128
[  153.121102][ T2496] request_module fs-nfs4 succeeded, but still no fs?
[  153.304861][ T2501] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  153.313655][ T2501] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  153.399112][ T2503] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39518 sclass=netlink_route_socket pid=2503 comm=syz.3.473
[  153.400462][ T2494] loop4: detected capacity change from 0 to 40427
[  153.419340][ T2494] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  153.427036][ T2494] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  153.443087][ T2494] F2FS-fs (loop4): Found nat_bits in checkpoint
[  153.622792][ T2494] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  153.629723][ T2494] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  153.631451][ T2510] loop2: detected capacity change from 0 to 2048
[  153.728940][ T2515] syz.4.470: attempt to access beyond end of device
[  153.728940][ T2515] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  153.852444][ T2519] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  153.867208][ T2519] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28
[  153.879469][ T2519] EXT4-fs (loop2): This should not happen!! Data will be lost
[  153.879469][ T2519] 
[  153.888929][ T2519] EXT4-fs (loop2): Total free blocks count 0
[  153.894799][ T2519] EXT4-fs (loop2): Free/Dirty block details
[  153.900719][ T2519] EXT4-fs (loop2): free_blocks=2415919104
[  153.906314][ T2519] EXT4-fs (loop2): dirty_blocks=64
[  153.911278][ T2519] EXT4-fs (loop2): Block reservation details
[  153.917097][ T2519] EXT4-fs (loop2): i_reserved_data_blocks=4
[  153.990677][ T1233] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  154.018473][ T1997] syz-executor: attempt to access beyond end of device
[  154.018473][ T1997] loop4: rw=2051, sector=45096, nr_sectors = 8 limit=40427
[  154.032903][ T1997] F2FS-fs (loop4): Issue discard(5637, 5637, 1) failed, ret: -5
[  154.110780][  T296] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  154.350800][ T1233] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  154.359520][ T1233] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  154.369814][ T1233] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[  154.378841][ T1233] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  154.389932][ T1233] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  154.560621][  T296] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.560771][  T324] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  154.581887][  T296] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.591059][   T28] kauditd_printk_skb: 1 callbacks suppressed
[  154.591080][   T28] audit: type=1400 audit(1725115537.188:207): avc:  denied  { read } for  pid=2522 comm="syz.1.478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  154.594127][  T296] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  154.599175][ T1233] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  154.599203][ T1233] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  154.620429][  T324] EXT4-fs (loop2): This should not happen!! Data will be lost
[  154.620429][  T324] 
[  154.629152][ T1233] usb 1-1: Product: syz
[  154.647743][ T2402] EXT4-fs unmount: 30 callbacks suppressed
[  154.656613][  T296] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.658296][ T1233] usb 1-1: Manufacturer: syz
[  154.676257][  T296] usb 4-1: config 0 descriptor??
[  154.711068][ T1233] cdc_wdm 1-1:1.0: skipping garbage
[  154.716121][ T1233] cdc_wdm 1-1:1.0: skipping garbage
[  154.721125][ T2521] loop4: detected capacity change from 0 to 40427
[  154.722083][ T1233] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  154.743227][ T2521] F2FS-fs (loop4): Found nat_bits in checkpoint
[  154.791095][ T2521] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  154.895493][ T2535] Illegal XDP return value 248308823 on prog  (id 380) dev N/A, expect packet loss!
[  154.920137][  T528] usb 1-1: USB disconnect, device number 6
[  155.081127][   T28] audit: type=1400 audit(1725115537.698:208): avc:  denied  { read } for  pid=2544 comm="syz.4.485" name="ppp" dev="devtmpfs" ino=138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  155.103771][   T28] audit: type=1400 audit(1725115537.698:209): avc:  denied  { open } for  pid=2544 comm="syz.4.485" path="/dev/ppp" dev="devtmpfs" ino=138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  155.126883][   T28] audit: type=1400 audit(1725115537.698:210): avc:  denied  { ioctl } for  pid=2544 comm="syz.4.485" path="/dev/ppp" dev="devtmpfs" ino=138 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  155.240646][  T296] usbhid 4-1:0.0: can't add hid device: -71
[  155.246887][  T296] usbhid: probe of 4-1:0.0 failed with error -71
[  155.251530][ T2552] loop4: detected capacity change from 0 to 512
[  155.257073][  T296] usb 4-1: USB disconnect, device number 12
[  155.468740][ T2554] netlink: 20 bytes leftover after parsing attributes in process `syz.4.488'.
[  155.482146][   T28] audit: type=1400 audit(1725115538.048:211): avc:  denied  { create } for  pid=2551 comm="syz.4.488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  155.705485][   T28] audit: type=1400 audit(1725115538.058:212): avc:  denied  { bind } for  pid=2551 comm="syz.4.488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  155.725900][   T28] audit: type=1400 audit(1725115538.058:213): avc:  denied  { listen } for  pid=2551 comm="syz.4.488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  155.749387][   T28] audit: type=1400 audit(1725115538.068:214): avc:  denied  { connect } for  pid=2551 comm="syz.4.488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  155.770406][   T28] audit: type=1400 audit(1725115538.068:215): avc:  denied  { write } for  pid=2551 comm="syz.4.488" path="socket:[24994]" dev="sockfs" ino=24994 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  155.794007][   T28] audit: type=1400 audit(1725115538.068:216): avc:  denied  { accept } for  pid=2551 comm="syz.4.488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  156.418993][ T2606] loop1: detected capacity change from 0 to 512
[  156.432508][ T2606] EXT4-fs (loop1): first meta block group too large: 16711680 (group descriptor block count 1)
[  156.977224][ T2617] loop4: detected capacity change from 0 to 128
[  156.983451][  T799] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  156.992195][ T2617] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  157.001015][ T2617] ext4 filesystem being mounted at /44/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  157.040679][ T1233] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  157.070574][ T2617] loop4: detected capacity change from 128 to 105
[  157.089279][ T1997] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  157.105262][ T1997] EXT4-fs error (device loop4): htree_dirblock_to_tree:1082: inode #2: comm syz-executor: Directory block failed checksum
[  157.126086][ T1997] EXT4-fs (loop4): unmounting filesystem.
[  157.224800][ T2623] loop0: detected capacity change from 0 to 128
[  157.258182][ T2623] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  157.276814][ T2623] ext4 filesystem being mounted at /14/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  157.295633][ T2621] loop2: detected capacity change from 0 to 40427
[  157.316111][ T2621] F2FS-fs (loop2): invalid crc value
[  157.327755][ T2621] F2FS-fs (loop2): Found nat_bits in checkpoint
[  157.360641][  T799] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  157.370572][ T2623] loop0: detected capacity change from 128 to 105
[  157.377061][ T2623] EXT4-fs error (device loop0): ext4_xattr_block_get:546: inode #13: comm syz.0.515: corrupted xattr block 18
[  157.397290][ T2621] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  157.397623][ T2401] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  157.412855][ T2621] F2FS-fs (loop2): Unexpected flush for atomic writes: ino=10, npages=1
[  157.431462][ T2401] EXT4-fs error (device loop0): htree_dirblock_to_tree:1082: inode #2: comm syz-executor: Directory block failed checksum
[  157.440791][ T1233] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  157.455345][ T2402] syz-executor: attempt to access beyond end of device
[  157.455345][ T2402] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  157.456322][ T1233] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  157.482680][ T2401] EXT4-fs (loop0): unmounting filesystem.
[  157.488715][ T1233] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  157.503377][ T1233] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 22
[  157.543680][ T2628] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.550775][ T2628] bridge0: port 1(bridge_slave_0) entered disabled state
[  157.557937][ T2628] device bridge_slave_0 entered promiscuous mode
[  157.564364][  T799] usb 4-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  157.565383][ T2628] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.580165][  T799] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.588261][  T799] usb 4-1: Product: syz
[  157.588610][ T2628] bridge0: port 2(bridge_slave_1) entered disabled state
[  157.592345][ T1233] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  157.592373][ T1233] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  157.592394][ T1233] usb 2-1: SerialNumber: syz
[  157.595197][  T799] usb 4-1: Manufacturer: syz
[  157.616130][ T2615] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  157.621565][ T2628] device bridge_slave_1 entered promiscuous mode
[  157.638008][  T799] usb 4-1: SerialNumber: syz
[  157.646414][  T799] usb 4-1: config 0 descriptor??
[  157.701053][  T799] dm9601: probe of 4-1:0.0 failed with error -22
[  157.799260][ T2628] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.806153][ T2628] bridge0: port 2(bridge_slave_1) entered forwarding state
[  157.813253][ T2628] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.820012][ T2628] bridge0: port 1(bridge_slave_0) entered forwarding state
[  157.830080][  T328] device bridge_slave_1 left promiscuous mode
[  157.836101][  T328] bridge0: port 2(bridge_slave_1) entered disabled state
[  157.843663][  T328] device bridge_slave_0 left promiscuous mode
[  157.850328][  T328] bridge0: port 1(bridge_slave_0) entered disabled state
[  157.859173][  T328] device veth1_macvtap left promiscuous mode
[  157.862920][  T296] usb 2-1: USB disconnect, device number 10
[  157.865120][  T328] device veth0_vlan left promiscuous mode
[  158.047865][ T2636] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.055422][ T2636] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.063593][ T2636] device bridge_slave_0 entered promiscuous mode
[  158.080230][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  158.088217][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  158.097233][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  158.106386][ T2636] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.113427][ T2636] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.120976][ T2636] device bridge_slave_1 entered promiscuous mode
[  158.131155][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  158.138966][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  158.180682][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  158.194436][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  158.216452][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  158.225482][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  158.235379][ T2628] device veth0_vlan entered promiscuous mode
[  158.246369][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  158.247442][ T2660] loop2: detected capacity change from 0 to 128
[  158.263936][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  158.268627][ T2660] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  158.282936][ T2660] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  158.311125][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  158.319271][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  158.328189][ T2628] device veth1_macvtap entered promiscuous mode
[  158.350854][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  158.358652][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  158.367190][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  158.396980][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  158.406048][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  158.806580][ T2676] loop1: detected capacity change from 0 to 2048
[  158.814666][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  158.832165][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  158.834921][ T2676] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  158.862358][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  158.871400][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  158.879435][  T528] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.886322][  T528] bridge0: port 1(bridge_slave_0) entered forwarding state
[  158.901917][ T2372] EXT4-fs (loop1): unmounting filesystem.
[  158.902126][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  158.915768][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  158.923871][  T528] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.930775][  T528] bridge0: port 2(bridge_slave_1) entered forwarding state
[  158.938117][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  158.957745][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  158.971097][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  158.984189][ T2684] loop1: detected capacity change from 0 to 2048
[  158.994704][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  159.009318][ T2636] device veth0_vlan entered promiscuous mode
[  159.016107][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  159.028231][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  159.035845][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  159.047433][ T2636] device veth1_macvtap entered promiscuous mode
[  159.055109][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  159.114922][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  159.124481][ T2684] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  159.245501][ T2693] loop4: detected capacity change from 0 to 256
[  159.253646][ T2693] exfat: Deprecated parameter 'namecase'
[  159.274594][ T2693] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  159.492524][ T1233] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  159.494467][ T2372] EXT4-fs (loop1): unmounting filesystem.
[  159.731384][  T328] device bridge_slave_1 left promiscuous mode
[  159.732964][   T19] usb 4-1: USB disconnect, device number 13
[  159.743229][  T328] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.768645][  T328] device bridge_slave_0 left promiscuous mode
[  159.781990][  T328] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.801108][  T328] device veth1_macvtap left promiscuous mode
[  159.814744][  T328] device veth0_vlan left promiscuous mode
[  159.837951][  T313] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  160.129049][ T2719] loop4: detected capacity change from 0 to 512
[  160.248934][ T2719] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  160.284581][ T2719] EXT4-fs (loop4): 1 truncate cleaned up
[  160.293291][ T2719] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  160.302182][  T313] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  160.319868][  T313] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  160.432640][  T313] usb 3-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[  160.442107][  T313] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.454542][ T2718] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  160.478684][  T313] usb 3-1: config 0 descriptor??
[  160.576660][ T2726] netlink: 'syz.4.546': attribute type 3 has an invalid length.
[  160.855511][ T2628] EXT4-fs (loop4): unmounting filesystem.
[  160.892259][ T2735] loop4: detected capacity change from 0 to 2048
[  160.903487][ T2735] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  160.922714][ T2628] EXT4-fs (loop4): unmounting filesystem.
[  161.041932][  T313] logitech-hidpp-device 0003:046D:C086.0005: unknown main item tag 0x0
[  161.050122][  T313] logitech-hidpp-device 0003:046D:C086.0005: unknown main item tag 0x0
[  161.059037][  T313] logitech-hidpp-device 0003:046D:C086.0005: item fetching failed at offset 2/5
[  161.078291][  T313] logitech-hidpp-device 0003:046D:C086.0005: hidpp_probe:parse failed
[  161.087175][  T313] logitech-hidpp-device: probe of 0003:046D:C086.0005 failed with error -22
[  161.098507][ T2751] loop4: detected capacity change from 0 to 8192
[  161.143925][   T28] kauditd_printk_skb: 4 callbacks suppressed
[  161.143952][   T28] audit: type=1400 audit(1725115543.758:221): avc:  denied  { unmount } for  pid=2628 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  161.254267][   T19] usb 3-1: USB disconnect, device number 13
[  161.280002][   T28] audit: type=1400 audit(1725115543.888:222): avc:  denied  { read write } for  pid=2760 comm="syz.3.560" name="uinput" dev="devtmpfs" ino=170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  161.291530][ T2761] input: syz0 as /devices/virtual/input/input4
[  161.303745][   T28] audit: type=1400 audit(1725115543.898:223): avc:  denied  { open } for  pid=2760 comm="syz.3.560" path="/dev/uinput" dev="devtmpfs" ino=170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  161.334984][   T28] audit: type=1400 audit(1725115543.898:224): avc:  denied  { ioctl } for  pid=2760 comm="syz.3.560" path="/dev/uinput" dev="devtmpfs" ino=170 ioctlcmd=0x5504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  161.422335][ T2762] Dead loop on virtual device ip6_vti0, fix it urgently!
[  161.429372][ T2762] Dead loop on virtual device ip6_vti0, fix it urgently!
[  161.436484][ T2762] Dead loop on virtual device ip6_vti0, fix it urgently!
[  161.443506][ T2762] Dead loop on virtual device ip6_vti0, fix it urgently!
[  161.450510][ T2762] Dead loop on virtual device ip6_vti0, fix it urgently!
[  161.457510][ T2762] Dead loop on virtual device ip6_vti0, fix it urgently!
[  161.522128][   T28] audit: type=1400 audit(1725115543.998:225): avc:  denied  { ioctl } for  pid=2757 comm="syz.4.559" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=25512 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  161.640927][   T28] audit: type=1400 audit(1725115544.258:226): avc:  denied  { name_bind } for  pid=2765 comm="syz.3.562" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  161.662879][   T28] audit: type=1400 audit(1725115544.258:227): avc:  denied  { node_bind } for  pid=2765 comm="syz.3.562" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  161.767815][   T28] audit: type=1326 audit(1725115544.378:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2770 comm="syz.0.564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff867179eb9 code=0x7ffc0000
[  161.770293][ T2776] loop1: detected capacity change from 0 to 512
[  161.791183][   T28] audit: type=1326 audit(1725115544.378:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2770 comm="syz.0.564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7ff867179eb9 code=0x7ffc0000
[  161.791250][   T28] audit: type=1326 audit(1725115544.378:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2770 comm="syz.0.564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff867179eb9 code=0x7ffc0000
[  161.882767][ T2776] EXT4-fs (loop1): orphan cleanup on readonly fs
[  161.889167][ T2776] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  161.902026][ T2776] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  161.917102][ T2776] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.566: attempt to clear invalid blocks 2 len 1
[  161.930846][ T2776] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.566: invalid indirect mapped block 1819239214 (level 0)
[  161.945768][ T2776] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.566: invalid indirect mapped block 1819239214 (level 1)
[  161.961085][ T2776] EXT4-fs (loop1): 1 truncate cleaned up
[  161.966682][ T2776] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  161.990933][ T2776] EXT4-fs error (device loop1): __ext4_remount:6412: comm syz.1.566: Abort forced by user
[  162.038311][ T2372] EXT4-fs (loop1): unmounting filesystem.
[  162.116692][ T2794] loop1: detected capacity change from 0 to 1024
[  162.161414][ T2794] EXT4-fs: Ignoring removed orlov option
[  162.188077][ T2790] netlink: 68 bytes leftover after parsing attributes in process `syz.2.572'.
[  162.292393][ T2794] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a802e018, mo2=0002]
[  162.301657][ T2794] System zones: 0-1, 3-12
[  162.321589][ T2794] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  162.493140][ T2816] loop3: detected capacity change from 0 to 1024
[  162.525171][ T2816] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  162.581621][ T2372] EXT4-fs (loop1): unmounting filesystem.
[  164.817666][ T2301] EXT4-fs (loop3): unmounting filesystem.
[  164.830396][ T2831] EXT4-fs warning (device sda1): ext4_resize_fs:2028: can't read last block, resize aborted
[  164.871846][ T2833] device veth0_vlan left promiscuous mode
[  165.092006][ T2843] loop1: detected capacity change from 0 to 512
[  165.104498][ T2843] EXT4-fs (loop1): Encoding requested by superblock is unknown
[  165.126217][ T2837] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.133281][ T2837] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.158565][ T2846] loop2: detected capacity change from 0 to 1024
[  165.165251][ T2846] EXT4-fs: Ignoring removed oldalloc option
[  165.205984][ T2856] loop3: detected capacity change from 0 to 512
[  165.215369][ T2846] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  165.217014][ T2856] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  165.248006][ T2856] EXT4-fs (loop3): orphan cleanup on readonly fs
[  165.263144][ T2862] loop4: detected capacity change from 0 to 128
[  165.280219][ T2402] EXT4-fs (loop2): unmounting filesystem.
[  165.290471][ T2856] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.592: bg 0: block 248: padding at end of block bitmap is not set
[  165.319915][ T2862] syz.4.595: attempt to access beyond end of device
[  165.319915][ T2862] loop4: rw=2049, sector=145, nr_sectors = 33 limit=128
[  165.333487][ T2856] EXT4-fs error (device loop3): ext4_acquire_dquot:6764: comm syz.3.592: Failed to acquire dquot type 1
[  165.350270][ T2856] EXT4-fs (loop3): 1 truncate cleaned up
[  165.365908][ T2856] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  165.381741][ T2856] EXT4-fs (loop3): unmounting filesystem.
[  165.400602][ T2869] loop1: detected capacity change from 0 to 2048
[  165.438833][ T2856] syz.3.592 (2856) used greatest stack depth: 19976 bytes left
[  165.460844][ T2869] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  165.478074][ T2878] netlink: 24 bytes leftover after parsing attributes in process `syz.3.601'.
[  165.677340][ T2894] netlink: 'syz.1.597': attribute type 1 has an invalid length.
[  165.883013][ T2893] syz.3.607[2893] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  165.884123][ T2893] syz.3.607[2893] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  165.948747][ T2902] 9pnet_fd: Insufficient options for proto=fd
[  166.065459][   T19] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x4
[  166.096115][   T19] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x2
[  166.128308][   T19] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x3
[  166.392032][   T19] hid-generic 0000:3000000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  166.402731][   T28] kauditd_printk_skb: 34 callbacks suppressed
[  166.402747][   T28] audit: type=1326 audit(1725115549.018:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2922 comm="syz.2.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d44b79eb9 code=0x7ffc0000
[  166.437209][ T2372] EXT4-fs (loop1): unmounting filesystem.
[  166.438564][   T28] audit: type=1326 audit(1725115549.018:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2922 comm="syz.2.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d44b79eb9 code=0x7ffc0000
[  166.467038][   T28] audit: type=1326 audit(1725115549.018:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2922 comm="syz.2.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=93 compat=0 ip=0x7f8d44b79eb9 code=0x7ffc0000
[  166.498886][   T28] audit: type=1326 audit(1725115549.018:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2922 comm="syz.2.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d44b79eb9 code=0x7ffc0000
[  166.522581][   T28] audit: type=1326 audit(1725115549.048:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2922 comm="syz.2.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d44b79eb9 code=0x7ffc0000
[  166.549383][   T28] audit: type=1400 audit(1725115549.138:268): avc:  denied  { setopt } for  pid=2924 comm="syz.0.620" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  166.569106][   T28] audit: type=1400 audit(1725115549.138:269): avc:  denied  { write } for  pid=2924 comm="syz.0.620" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  166.618552][ T2936] device wg0 entered promiscuous mode
[  166.623917][ T2936] device vlan3 entered promiscuous mode
[  166.629986][ T2936] device wg0 left promiscuous mode
[  166.691165][   T28] audit: type=1400 audit(1725115549.308:270): avc:  denied  { sys_module } for  pid=2940 comm="syz.4.626" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  166.713012][   T28] audit: type=1400 audit(1725115549.308:271): avc:  denied  { module_load } for  pid=2940 comm="syz.4.626" path="/sys/power/wakeup_count" dev="sysfs" ino=1145 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  166.750626][   T28] audit: type=1326 audit(1725115549.358:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2944 comm="syz.2.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d44b79eb9 code=0x7ffc0000
[  166.821758][ T2953] loop2: detected capacity change from 0 to 128
[  166.836820][ T2953] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  166.845499][ T2953] ext4 filesystem being mounted at /39/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  166.891052][ T2402] EXT4-fs (loop2): unmounting filesystem.
[  167.017878][ T2976] loop2: detected capacity change from 0 to 128
[  167.029177][ T2976] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  167.038131][ T2976] ext4 filesystem being mounted at /42/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  167.069422][   T39] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  167.085745][ T2402] EXT4-fs (loop2): unmounting filesystem.
[  167.101247][ T2981] loop2: detected capacity change from 0 to 512
[  167.107533][ T2981] EXT4-fs: Ignoring removed i_version option
[  167.128830][ T2983] loop3: detected capacity change from 0 to 512
[  167.132071][ T2981] journal_path: Lookup failure for './file2'
[  167.141334][ T2983] EXT4-fs: Ignoring removed nomblk_io_submit option
[  167.146748][ T2985] loop0: detected capacity change from 0 to 1024
[  167.148058][ T2981] EXT4-fs: error: could not find journal device path
[  167.172458][ T2985] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  167.172833][ T2983] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  167.189543][ T2983] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038 (0x7fffffff)
[  167.207533][ T2636] EXT4-fs (loop0): unmounting filesystem.
[  167.222214][ T2301] EXT4-fs (loop3): unmounting filesystem.
[  167.235633][ T2991] Non-string source
[  167.290182][ T3000] loop3: detected capacity change from 0 to 512
[  167.296800][ T3000] EXT4-fs: Ignoring removed mblk_io_submit option
[  167.308530][ T3003] loop0: detected capacity change from 0 to 512
[  167.317837][ T3003] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.651: iget: bad extended attribute block 1
[  167.321023][ T3000] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  167.334345][ T3003] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.651: couldn't read orphan inode 15 (err -117)
[  167.338791][   T39] usb 5-1: Using ep0 maxpacket: 8
[  167.351336][ T3003] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  167.376534][ T3000] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038 (0x7fffffff)
[  167.392698][ T2636] EXT4-fs (loop0): unmounting filesystem.
[  167.425033][ T2301] EXT4-fs (loop3): unmounting filesystem.
[  167.500727][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  167.514622][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.524913][   T39] usb 5-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  167.534083][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.543144][   T39] usb 5-1: config 0 descriptor??
[  167.568555][ T3030] loop0: detected capacity change from 0 to 2048
[  167.592779][ T3030] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  167.602896][ T3030] EXT4-fs error (device loop0): ext4_find_extent:936: inode #2: comm syz.0.663: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  167.628843][ T2636] EXT4-fs (loop0): unmounting filesystem.
[  167.766981][ T3057] syz.1.674[3057] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  167.767071][ T3057] syz.1.674[3057] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  168.064784][ T3071] loop3: detected capacity change from 0 to 1024
[  168.097869][ T3071] EXT4-fs: Ignoring removed oldalloc option
[  168.108758][ T3071] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  168.132673][ T3071] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  168.167080][ T2301] EXT4-fs (loop3): unmounting filesystem.
[  168.517377][   T39] usbhid 5-1:0.0: can't add hid device: -71
[  168.531389][   T39] usbhid: probe of 5-1:0.0 failed with error -71
[  168.547106][   T39] usb 5-1: USB disconnect, device number 8
[  168.762392][ T3115] loop2: detected capacity change from 0 to 512
[  168.784999][ T3116] loop0: detected capacity change from 0 to 1024
[  168.790409][ T3115] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  168.810998][ T3116] EXT4-fs: Ignoring removed oldalloc option
[  168.828732][ T3124] loop1: detected capacity change from 0 to 512
[  168.846575][ T3115] EXT4-fs (loop2): 1 truncate cleaned up
[  168.852699][ T3115] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  168.855530][ T3124] EXT4-fs (loop1): orphan cleanup on readonly fs
[  168.871741][ T3116] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  168.880293][ T3124] EXT4-fs error (device loop1): ext4_find_extent:936: inode #4: comm syz.1.700: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0)
[  168.909992][ T3135] loop3: detected capacity change from 0 to 512
[  168.921969][ T3135] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  168.937663][ T3124] EXT4-fs warning (device loop1): ext4_enable_quotas:6999: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  168.954754][ T2636] EXT4-fs (loop0): unmounting filesystem.
[  168.961326][ T3135] EXT4-fs (loop3): 1 orphan inode deleted
[  168.962397][ T3124] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  168.969410][ T3135] EXT4-fs (loop3): 1 truncate cleaned up
[  168.981813][ T3124] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  168.997528][ T3135] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  169.015593][ T2372] EXT4-fs (loop1): unmounting filesystem.
[  169.015616][ T3143] loop0: detected capacity change from 0 to 256
[  169.033424][ T2402] EXT4-fs (loop2): unmounting filesystem.
[  169.044657][ T3135] EXT4-fs error (device loop3): ext4_search_dir:1548: inode #12: block 7: comm syz.3.704: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=784, size=56 fake=0
[  169.072173][ T3147] fuse: Bad value for 'fd'
[  169.089616][ T3143] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[  169.102823][ T3143] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  169.112256][ T3135] EXT4-fs (loop3): Remounting filesystem read-only
[  169.148087][ T3143] device syzkaller0 entered promiscuous mode
[  169.154702][ T2301] EXT4-fs (loop3): unmounting filesystem.
[  169.309477][ T3162] loop3: detected capacity change from 0 to 128
[  169.344620][ T3162] EXT4-fs: Ignoring removed i_version option
[  169.353048][ T3162] EXT4-fs: Ignoring removed bh option
[  169.395736][ T3162] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  169.416916][ T3162] ext4 filesystem being mounted at /63/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  169.515880][ T2301] EXT4-fs (loop3): unmounting filesystem.
[  169.600534][  T528] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  169.659491][ T3161] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.669895][ T3161] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.680118][ T3161] device bridge_slave_0 entered promiscuous mode
[  169.689093][  T328] device bridge_slave_1 left promiscuous mode
[  169.696436][  T328] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.705274][  T328] device bridge_slave_0 left promiscuous mode
[  169.711623][  T328] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.721555][  T328] device veth1_macvtap left promiscuous mode
[  169.727650][  T328] device veth0_vlan left promiscuous mode
[  169.934769][ T3161] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.945980][ T3161] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.956893][ T3161] device bridge_slave_1 entered promiscuous mode
[  169.980707][  T528] usb 1-1: config 0 has no interfaces?
[  169.986245][  T528] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  169.995388][  T528] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.006101][  T528] usb 1-1: config 0 descriptor??
[  170.100169][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  170.108169][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  170.123603][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  170.131978][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  170.140055][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.147057][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[  170.156667][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  170.166511][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  170.174681][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.181727][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[  170.198764][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  170.206675][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  170.214762][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  170.223413][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  170.231903][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  170.248091][ T3161] device veth0_vlan entered promiscuous mode
[  170.254769][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  170.278020][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  170.286537][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  170.294919][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  170.309930][ T3161] device veth1_macvtap entered promiscuous mode
[  170.321041][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  170.321432][  T296] usb 1-1: USB disconnect, device number 7
[  170.328368][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  170.351189][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  170.359323][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  170.378597][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  170.387175][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  170.395784][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  170.404192][  T799] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  170.459156][ T3195] loop1: detected capacity change from 0 to 1024
[  170.482429][ T3199] loop4: detected capacity change from 0 to 256
[  170.495181][ T3195] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  170.520163][ T2372] EXT4-fs (loop1): unmounting filesystem.
[  171.851353][ T3245] loop0: detected capacity change from 0 to 2048
[  171.862448][ T3245] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  171.879969][ T2636] EXT4-fs (loop0): unmounting filesystem.
[  172.328685][ T3272] fuse: Bad value for 'fd'
[  173.297159][   T28] kauditd_printk_skb: 37 callbacks suppressed
[  173.297180][   T28] audit: type=1400 audit(1725115555.908:309): avc:  denied  { write } for  pid=3309 comm="syz.3.765" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  174.235463][   T28] audit: type=1400 audit(1725115556.848:310): avc:  denied  { bind } for  pid=3345 comm="syz.2.780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  174.290593][  T528] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  174.650656][  T528] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  174.659803][  T528] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.668678][  T528] usb 1-1: config 0 descriptor??
[  176.897078][ T3412] loop4: detected capacity change from 0 to 40427
[  176.904287][ T3412] F2FS-fs (loop4): Wrong NAT boundary, start(2560) end(462336) blocks(1024)
[  176.913067][ T3412] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  176.923955][ T3412] F2FS-fs (loop4): Found nat_bits in checkpoint
[  176.972399][ T3412] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  176.979270][ T3412] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  176.992525][ T3412] syz.4.801: attempt to access beyond end of device
[  176.992525][ T3412] loop4: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  177.007245][ T3412] syz.4.801: attempt to access beyond end of device
[  177.007245][ T3412] loop4: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  177.022607][ T3412] syz.4.801: attempt to access beyond end of device
[  177.022607][ T3412] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  177.042497][ T2628] syz-executor: attempt to access beyond end of device
[  177.042497][ T2628] loop4: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  177.560595][  T528] usb 1-1: Cannot set autoneg
[  177.565166][  T528] MOSCHIP usb-ethernet driver: probe of 1-1:0.0 failed with error -71
[  177.601317][  T528] usb 1-1: USB disconnect, device number 8
[  178.403764][   T28] audit: type=1326 audit(1725115561.018:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3454 comm="syz.3.817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0098b79eb9 code=0x7ffc0000
[  178.448480][   T28] audit: type=1326 audit(1725115561.018:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3454 comm="syz.3.817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0098b79eb9 code=0x7ffc0000
[  178.489015][ T3457] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  178.495438][   T28] audit: type=1326 audit(1725115561.038:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3454 comm="syz.3.817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7f0098b79eb9 code=0x7ffc0000
[  178.549359][   T28] audit: type=1326 audit(1725115561.038:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3454 comm="syz.3.817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0098b79eb9 code=0x7ffc0000
[  178.600830][   T28] audit: type=1326 audit(1725115561.038:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3454 comm="syz.3.817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0098b79eb9 code=0x7ffc0000
[  178.658061][   T28] audit: type=1400 audit(1725115561.268:316): avc:  denied  { setopt } for  pid=3464 comm="syz.4.816" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  178.994200][ T3474] loop4: detected capacity change from 0 to 512
[  179.131282][ T3477] loop0: detected capacity change from 0 to 2048
[  179.135717][ T3474] tmpfs: Unknown parameter 'fscontext…'
[  179.137689][ T3477] EXT4-fs: Ignoring removed bh option
[  179.171219][ T3480] loop4: detected capacity change from 0 to 512
[  179.174966][   T28] audit: type=1326 audit(1725115561.788:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3481 comm="syz.2.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8f1779eb9 code=0x7ffc0000
[  179.202392][   T28] audit: type=1326 audit(1725115561.788:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3481 comm="syz.2.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8f1779eb9 code=0x7ffc0000
[  179.204054][ T3477] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  179.226553][   T28] audit: type=1326 audit(1725115561.818:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3481 comm="syz.2.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff8f1779eb9 code=0x7ffc0000
[  179.247262][ T3482] loop2: detected capacity change from 0 to 1024
[  179.266909][ T3480] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  179.269615][ T3482] EXT4-fs: Ignoring removed nobh option
[  179.282111][   T28] audit: type=1326 audit(1725115561.818:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3481 comm="syz.2.822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8f1779eb9 code=0x7ffc0000
[  179.282154][ T2636] EXT4-fs (loop0): unmounting filesystem.
[  179.305837][ T3480] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038 (0x7fffffff)
[  179.315647][ T3482] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  179.351246][ T3482] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  179.365450][ T2628] EXT4-fs (loop4): unmounting filesystem.
[  179.384862][ T3161] EXT4-fs (loop2): unmounting filesystem.
[  179.420104][ T3497] loop0: detected capacity change from 0 to 512
[  179.478780][ T3497] EXT4-fs error (device loop0): __ext4_iget:5046: inode #15: block 1803188595: comm syz.0.832: invalid block
[  179.495547][ T3497] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.832: couldn't read orphan inode 15 (err -117)
[  179.508071][ T3497] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  179.517475][ T3497] EXT4-fs (loop0): unmounting filesystem.
[  179.607727][ T3511] loop2: detected capacity change from 0 to 1024
[  179.615241][ T3511] EXT4-fs: Ignoring removed oldalloc option
[  179.622201][ T3511] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  179.665916][ T3511] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  179.680081][ T3529] 9pnet_fd: Insufficient options for proto=fd
[  179.691887][ T3511] netlink: 'syz.2.837': attribute type 3 has an invalid length.
[  179.908348][ T3574] loop0: detected capacity change from 0 to 512
[  179.921670][ T3574] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  179.930301][ T3574] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  179.941430][ T3574] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended
[  179.951545][ T3574] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #16: comm syz.0.866: iget: bogus i_mode (5)
[  179.962823][ T3574] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.866: couldn't read orphan inode 16 (err -117)
[  180.006163][ T3580] loop0: detected capacity change from 0 to 1024
[  180.010735][  T799] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  180.017663][ T3580] EXT4-fs: Ignoring removed orlov option
[  180.026381][ T3580] EXT4-fs (loop0): Test dummy encryption mode enabled
[  180.115070][ T3589] 9pnet_fd: Insufficient options for proto=fd
[  180.180363][ T3600] loop0: detected capacity change from 0 to 2048
[  180.212203][ T3604] loop0: detected capacity change from 0 to 512
[  180.223258][ T3604] ext4 filesystem being mounted at /83/file0 supports timestamps until 2038 (0x7fffffff)
[  180.267218][ T3608] loop0: detected capacity change from 0 to 2048
[  180.290596][  T799] usb 3-1: device descriptor read/64, error -71
[  180.301515][ T3608]  loop0: p1 < > p4
[  180.305980][ T3608] loop0: p4 size 8388608 extends beyond EOD, truncated
[  180.352025][  T101]  loop0: p1 < > p4
[  180.356894][  T101] loop0: p4 size 8388608 extends beyond EOD, truncated
[  180.376619][  T101]  loop0: p1 < > p4
[  180.381060][  T101] loop0: p4 size 8388608 extends beyond EOD, truncated
[  180.441667][  T316] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  180.454209][  T380] udevd[380]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  180.455749][  T316] udevd[316]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  180.508372][  T316] udevd[316]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  180.575171][  T380] udevd[380]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  180.970553][  T799] usb 3-1: device descriptor read/64, error -71
[  180.976947][ T3619] loop0: detected capacity change from 0 to 40427
[  180.986309][ T3619] F2FS-fs (loop0): Found nat_bits in checkpoint
[  181.029153][ T3619] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  181.052411][ T2636] F2FS-fs (loop0): access invalid blkaddr:2048
[  181.058799][ T2636] CPU: 0 PID: 2636 Comm: syz-executor Not tainted 6.1.93-syzkaller-00068-gb5e374dda921 #0
[  181.068520][ T2636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  181.078417][ T2636] Call Trace:
[  181.081544][ T2636]  <TASK>
[  181.084353][ T2636]  dump_stack_lvl+0x151/0x1b7
[  181.088918][ T2636]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  181.094409][ T2636]  ? f2fs_get_next_page_offset+0x770/0x770
[  181.100047][ T2636]  dump_stack+0x15/0x1c
[  181.104039][ T2636]  __f2fs_is_valid_blkaddr+0xda6/0x1450
[  181.109509][ T2636]  f2fs_is_valid_blkaddr+0x25/0x30
[  181.114454][ T2636]  f2fs_map_blocks+0xd32/0x43a0
[  181.119160][ T2636]  ? mempool_alloc_slab+0x1d/0x30
[  181.124014][ T2636]  ? f2fs_map_lock+0x260/0x260
[  181.128683][ T2636]  ? xa_load+0x1a1/0x210
[  181.132765][ T2636]  ? xas_find_conflict+0x8c0/0x8c0
[  181.137717][ T2636]  ? folio_unlock+0x5c/0x70
[  181.142053][ T2636]  f2fs_mpage_readpages+0xc65/0x20f0
[  181.147175][ T2636]  ? get_page_from_freelist+0x27ea/0x2870
[  181.152734][ T2636]  ? xas_load+0x39d/0x3b0
[  181.156893][ T2636]  ? dquot_release_reservation_block+0xa0/0xa0
[  181.162879][ T2636]  ? __this_cpu_preempt_check+0x13/0x20
[  181.168281][ T2636]  ? memcg_rstat_updated+0x4f/0x110
[  181.173301][ T2636]  f2fs_readahead+0xfd/0x250
[  181.177720][ T2636]  ? blk_start_plug+0x9c/0x130
[  181.182320][ T2636]  read_pages+0x1be/0xd40
[  181.187182][ T2636]  ? workingset_activation+0x430/0x430
[  181.192484][ T2636]  ? folio_add_lru+0x280/0x3f0
[  181.197076][ T2636]  ? page_cache_ra_unbounded+0x690/0x690
[  181.202543][ T2636]  ? filemap_add_folio+0x18f/0x200
[  181.207492][ T2636]  ? __filemap_add_folio+0xd10/0xd10
[  181.212621][ T2636]  page_cache_ra_unbounded+0x4c1/0x690
[  181.217918][ T2636]  ? readahead_gfp_mask+0x190/0x190
[  181.222943][ T2636]  ? __kernel_text_address+0xd/0x40
[  181.227977][ T2636]  ? unwind_get_return_address+0x4d/0x90
[  181.233458][ T2636]  page_cache_ra_order+0x987/0xc40
[  181.238407][ T2636]  ? do_page_cache_ra+0x110/0x110
[  181.243259][ T2636]  ? __stack_depot_save+0x36/0x480
[  181.248198][ T2636]  ? putname+0xfa/0x150
[  181.252202][ T2636]  ondemand_readahead+0x91a/0xee0
[  181.257051][ T2636]  ? kasan_set_track+0x4b/0x70
[  181.261652][ T2636]  ? kasan_save_free_info+0x2b/0x40
[  181.266682][ T2636]  ? ____kasan_slab_free+0x131/0x180
[  181.271807][ T2636]  ? do_syscall_64+0x3b/0xb0
[  181.276264][ T2636]  ? page_cache_sync_ra+0x450/0x450
[  181.281267][ T2636]  ? blk_cgroup_congested+0x132/0x150
[  181.286660][ T2636]  page_cache_sync_ra+0x3d6/0x450
[  181.291511][ T2636]  f2fs_readdir+0x599/0xc10
[  181.295861][ T2636]  ? f2fs_fill_dentries+0xd00/0xd00
[  181.300893][ T2636]  ? __this_cpu_preempt_check+0x13/0x20
[  181.306791][ T2636]  ? memcg_rstat_updated+0x4f/0x110
[  181.311836][ T2636]  ? security_file_permission+0x86/0xb0
[  181.317219][ T2636]  iterate_dir+0x265/0x610
[  181.321462][ T2636]  ? f2fs_fill_dentries+0xd00/0xd00
[  181.326497][ T2636]  __se_sys_getdents64+0x1c1/0x460
[  181.331445][ T2636]  ? __x64_sys_getdents64+0x90/0x90
[  181.336479][ T2636]  ? filldir+0x670/0x670
[  181.340566][ T2636]  ? debug_smp_processor_id+0x17/0x20
[  181.345765][ T2636]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  181.351764][ T2636]  ? exit_to_user_mode_prepare+0x39/0xa0
[  181.357225][ T2636]  __x64_sys_getdents64+0x7b/0x90
[  181.362089][ T2636]  x64_sys_call+0x5ae/0x9a0
[  181.366432][ T2636]  do_syscall_64+0x3b/0xb0
[  181.370942][ T2636]  ? clear_bhb_loop+0x55/0xb0
[  181.375452][ T2636]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  181.381186][ T2636] RIP: 0033:0x7ff8671ac053
[  181.385517][ T2636] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  181.404967][ T2636] RSP: 002b:00007ffda1c0ccb8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  181.413204][ T2636] RAX: ffffffffffffffda RBX: 00005555566c84e0 RCX: 00007ff8671ac053
[  181.421012][ T2636] RDX: 0000000000008000 RSI: 00005555566c84e0 RDI: 0000000000000005
[  181.428825][ T2636] RBP: 00005555566c84b4 R08: 0000000000000000 R09: 0000000000000000
[  181.436641][ T2636] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  181.444450][ T2636] R13: 0000000000000010 R14: 00005555566c84b0 R15: 00007ffda1c0ef60
[  181.452267][ T2636]  </TASK>
[  181.457516][ T2636] syz-executor: attempt to access beyond end of device
[  181.457516][ T2636] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  181.477162][ T2636] syz-executor: attempt to access beyond end of device
[  181.477162][ T2636] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  181.518239][  T328] kworker/u4:4: attempt to access beyond end of device
[  181.518239][  T328] loop0: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  181.539344][ T3640] loop1: detected capacity change from 0 to 512
[  181.552259][  T316] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  181.610573][  T799] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  181.783909][ T3643] netlink: 20 bytes leftover after parsing attributes in process `syz.1.890'.
[  182.128229][ T3648] bridge0: port 1(bridge_slave_0) entered blocking state
[  182.135288][ T3648] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.140693][  T799] usb 3-1: device descriptor read/64, error -71
[  182.148514][ T3648] device bridge_slave_0 entered promiscuous mode
[  182.167969][ T3648] bridge0: port 2(bridge_slave_1) entered blocking state
[  182.175117][ T3648] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.233709][ T3648] device bridge_slave_1 entered promiscuous mode
[  182.498490][ T3662] loop3: detected capacity change from 0 to 128
[  182.549071][ T3648] bridge0: port 2(bridge_slave_1) entered blocking state
[  182.555995][ T3648] bridge0: port 2(bridge_slave_1) entered forwarding state
[  182.563090][ T3648] bridge0: port 1(bridge_slave_0) entered blocking state
[  182.569934][ T3648] bridge0: port 1(bridge_slave_0) entered forwarding state
[  182.596223][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  182.604177][  T528] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.611598][  T528] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.624344][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  182.790779][  T313] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  182.902421][  T528] bridge0: port 1(bridge_slave_0) entered blocking state
[  182.909300][  T528] bridge0: port 1(bridge_slave_0) entered forwarding state
[  182.916824][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  182.924943][  T528] bridge0: port 2(bridge_slave_1) entered blocking state
[  182.931830][  T528] bridge0: port 2(bridge_slave_1) entered forwarding state
[  182.955061][  T425] device bridge_slave_1 left promiscuous mode
[  182.964774][  T425] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.974397][  T425] device bridge_slave_0 left promiscuous mode
[  182.986937][  T425] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.001113][  T425] device veth1_macvtap left promiscuous mode
[  183.007110][  T425] device veth0_vlan left promiscuous mode
[  183.070521][  T313] usb 2-1: Using ep0 maxpacket: 16
[  183.118146][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  183.126169][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  183.134111][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  183.142194][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  183.150441][ T3671] netlink: 'syz.2.901': attribute type 4 has an invalid length.
[  183.161156][ T3671] netlink: 'syz.2.901': attribute type 4 has an invalid length.
[  183.177656][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  183.185925][  T528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  183.197377][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  183.205016][  T313] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 11
[  183.214538][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  183.222243][  T313] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  183.232126][  T313] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  183.233384][ T3648] device veth0_vlan entered promiscuous mode
[  183.241650][  T313] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[  183.257064][  T313] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[  183.258027][ T3648] device veth1_macvtap entered promiscuous mode
[  183.266840][  T313] usb 2-1: config 1 interface 0 has no altsetting 0
[  183.279270][  T313] usb 2-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  183.288189][  T313] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.296081][  T296] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  183.305598][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  183.313502][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  183.321074][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  183.329620][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  183.365214][  T313] ums-sddr09 2-1:1.0: USB Mass Storage device detected
[  183.372358][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  183.380319][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  183.388785][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  183.397288][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  183.405965][ T1369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  183.571543][ T3682] loop0: detected capacity change from 0 to 40427
[  183.578230][ T3682] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  183.586835][ T3682] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  183.594908][  T313] scsi host1: usb-storage 2-1:1.0
[  183.595981][ T3682] F2FS-fs (loop0): invalid crc value
[  183.600524][  T296] usb 5-1: Using ep0 maxpacket: 16
[  183.608198][ T3682] F2FS-fs (loop0): Found nat_bits in checkpoint
[  183.654549][ T3682] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  183.661779][ T3682] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  183.760629][  T296] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  183.770714][  T296] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 11
[  183.779489][  T296] usb 5-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  183.788567][  T296] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.962777][  T296] ums-sddr09 5-1:1.0: USB Mass Storage device detected
[  184.089868][  T528] usb 2-1: USB disconnect, device number 11
[  184.150595][ T1233] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  184.161399][  T799] usb 5-1: USB disconnect, device number 9
[  184.850561][ T1233] usb 4-1: Using ep0 maxpacket: 32
[  184.869206][ T3706] loop0: detected capacity change from 0 to 2048
[  184.903542][ T3706]  loop0: p1 < > p4
[  184.912146][ T3706] loop0: p4 size 8388608 extends beyond EOD, truncated
[  184.970697][ T1233] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  184.981651][ T1233] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  184.992428][ T1233] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  185.001584][ T1233] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.025029][ T1233] usb 4-1: config 0 descriptor??
[  185.037838][  T101]  loop0: p1 < > p4
[  185.043565][  T101] loop0: p4 size 8388608 extends beyond EOD, truncated
[  185.072169][ T1233] hub 4-1:0.0: USB hub found
[  185.074216][  T101]  loop0: p1 < > p4
[  185.081695][  T101] loop0: p4 size 8388608 extends beyond EOD, truncated
[  185.117994][  T316] udevd[316]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  185.144220][  T380] udevd[380]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  185.157421][ T3724] loop4: detected capacity change from 0 to 128
[  185.178134][  T455] udevd[455]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  185.189216][  T380] udevd[380]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  185.211239][  T316] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  185.549474][ T1233] hub 4-1:0.0: 1 port detected
[  185.610549][ T1233] hub 4-1:0.0: hub_hub_status failed (err = -71)
[  185.617798][ T1233] hub 4-1:0.0: config failed, can't get hub status (err -71)
[  185.730561][ T1233] usbhid 4-1:0.0: can't add hid device: -71
[  185.736508][ T1233] usbhid: probe of 4-1:0.0 failed with error -71
[  185.770822][ T1233] usb 4-1: USB disconnect, device number 14
[  185.985201][ T3726] loop1: detected capacity change from 0 to 131072
[  186.018297][ T3726] F2FS-fs (loop1): Found nat_bits in checkpoint
[  186.063046][ T3726] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  186.104909][ T3748] loop0: detected capacity change from 0 to 512
[  186.133365][ T3748] EXT4-fs (loop0): 1 orphan inode deleted
[  186.138996][ T3748] EXT4-fs mount: 9 callbacks suppressed
[  186.139016][ T3748] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  186.153964][ T3748] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038 (0x7fffffff)
[  186.363172][ T3648] EXT4-fs (loop0): unmounting filesystem.
[  186.369200][ T3762] loop1: detected capacity change from 0 to 512
[  186.380714][ T3762] EXT4-fs (loop1): 1 truncate cleaned up
[  186.380742][ T3762] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  186.503923][ T3772] loop0: detected capacity change from 0 to 512
[  186.719695][ T3772] EXT4-fs (loop0): 1 truncate cleaned up
[  186.743910][ T3772] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  187.268596][ T1233] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  187.371551][ T2372] EXT4-fs (loop1): unmounting filesystem.
[  187.414228][ T3648] EXT4-fs (loop0): unmounting filesystem.
[  187.609909][   T45] Bluetooth: hci0: sending frame failed (-49)
[  187.616672][ T3686] Bluetooth: hci0: Opcode 0x1003 failed: -49
[  188.398812][ T3814] loop3: detected capacity change from 0 to 128
[  188.418903][ T3818] loop1: detected capacity change from 0 to 128
[  188.425408][ T3814] EXT4-fs (loop3): Test dummy encryption mode enabled
[  188.482964][ T3814] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  188.491513][ T3814] ext4 filesystem being mounted at /102/mnt supports timestamps until 2038 (0x7fffffff)
[  189.584601][ T2301] EXT4-fs (loop3): unmounting filesystem.
[  189.646750][ T3838] loop4: detected capacity change from 0 to 512
[  189.666778][ T3838] EXT4-fs (loop4): 1 truncate cleaned up
[  189.686312][ T3838] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  189.786783][ T3849] loop2: detected capacity change from 0 to 512
[  189.823569][ T3849] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  189.836327][ T3849] EXT4-fs (loop2): 1 truncate cleaned up
[  189.847256][ T3849] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  191.375870][ T3161] EXT4-fs (loop2): unmounting filesystem.
[  191.392043][ T2628] EXT4-fs (loop4): unmounting filesystem.
[  191.429340][ T3861] loop2: detected capacity change from 0 to 128
[  191.541195][ T3861] syz.2.955: attempt to access beyond end of device
[  191.541195][ T3861] loop2: rw=2049, sector=145, nr_sectors = 33 limit=128
[  191.993573][ T3875] loop0: detected capacity change from 0 to 128
[  192.020267][ T3875] EXT4-fs (loop0): Test dummy encryption mode enabled
[  192.037338][ T3875] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  192.048595][ T3857] loop3: detected capacity change from 0 to 40427
[  192.055337][ T3875] ext4 filesystem being mounted at /17/mnt supports timestamps until 2038 (0x7fffffff)
[  192.059429][ T3857] F2FS-fs (loop3): Invalid SB checksum offset: 0
[  192.071442][ T3857] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  192.161804][ T3857] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  192.200400][ T3857] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  192.207692][ T3857] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  192.875154][ T3648] EXT4-fs (loop0): unmounting filesystem.
[  192.936632][ T3894] loop0: detected capacity change from 0 to 512
[  192.942864][  T313] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  192.997627][ T3889] syz.3.956: attempt to access beyond end of device
[  192.997627][ T3889] loop3: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  193.044787][ T3902] fuse: Unknown parameter '00000000000000000003'
[  193.053393][ T3894] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  193.062026][ T3894] EXT4-fs (loop0): 1 truncate cleaned up
[  193.067663][ T3894] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  194.279627][ T3909] loop4: detected capacity change from 0 to 1024
[  194.572524][ T3648] EXT4-fs (loop0): unmounting filesystem.
[  194.607879][ T3909] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  194.651760][ T2301] syz-executor: attempt to access beyond end of device
[  194.651760][ T2301] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  194.871376][  T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  194.882729][  T313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  194.883273][ T2628] EXT4-fs (loop4): unmounting filesystem.
[  194.893026][  T313] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  194.911324][  T313] usb 2-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10
[  194.914991][ T3917] loop0: detected capacity change from 0 to 2048
[  194.920277][  T313] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.931270][  T313] usb 2-1: config 0 descriptor??
[  194.993367][ T3917] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  195.207309][ T3928] netlink: 'syz.0.973': attribute type 1 has an invalid length.
[  195.524692][  T313] prodikeys 0003:041E:2801.0007: unknown main item tag 0x0
[  195.534927][  T313] prodikeys 0003:041E:2801.0007: unknown main item tag 0x0
[  195.550418][  T313] prodikeys 0003:041E:2801.0007: unknown main item tag 0x0
[  195.577855][  T313] prodikeys 0003:041E:2801.0007: unknown main item tag 0x0
[  195.585354][  T313] prodikeys 0003:041E:2801.0007: unknown main item tag 0x0
[  195.592749][ T3919] loop4: detected capacity change from 0 to 40427
[  195.599568][ T3919] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  195.603882][  T313] prodikeys 0003:041E:2801.0007: hidraw0: USB HID v0.00 Device [HID 041e:2801] on usb-dummy_hcd.1-1/input0
[  195.617464][ T3919] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  195.668431][ T3919] F2FS-fs (loop4): Found nat_bits in checkpoint
[  195.738580][ T3919] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  195.748815][  T313] usb 2-1: USB disconnect, device number 12
[  195.772683][ T3919] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  195.787574][ T3648] EXT4-fs (loop0): unmounting filesystem.
[  195.913979][ T2628] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  195.914004][ T2628] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  195.950700][ T2628] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  195.958092][ T2628] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  195.980544][ T2628] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  195.988036][ T2628] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  196.020572][ T2628] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  196.354351][ T3953] loop1: detected capacity change from 0 to 512
[  196.474667][ T3953] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  196.510385][ T3953] EXT4-fs (loop1): 1 truncate cleaned up
[  196.693276][ T3953] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  197.258782][ T2372] EXT4-fs (loop1): unmounting filesystem.
[  199.129268][   T28] kauditd_printk_skb: 81 callbacks suppressed
[  199.129287][   T28] audit: type=1400 audit(1725115581.738:402): avc:  denied  { accept } for  pid=4024 comm="syz.1.1010" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  200.128535][   T28] audit: type=1400 audit(1725115582.738:403): avc:  denied  { create } for  pid=4055 comm="syz.2.1023" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  200.192809][ T4062] loop2: detected capacity change from 0 to 512
[  200.246125][ T4062] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  200.260677][ T4062] EXT4-fs (loop2): 1 truncate cleaned up
[  200.266219][ T4062] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  200.878475][ T4064] loop1: detected capacity change from 0 to 40427
[  200.893423][ T4064] F2FS-fs (loop1): Invalid SB checksum offset: 0
[  200.906297][ T4064] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  200.950453][ T4064] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  201.010761][ T4064] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  201.057812][ T3161] EXT4-fs (loop2): unmounting filesystem.
[  201.060523][ T4064] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  201.414698][ T4083] syz.1.1026: attempt to access beyond end of device
[  201.414698][ T4083] loop1: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  201.649291][ T2372] syz-executor: attempt to access beyond end of device
[  201.649291][ T2372] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  201.953340][   T28] audit: type=1400 audit(1725115584.568:404): avc:  denied  { name_bind } for  pid=4100 comm="syz.1.1038" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  201.953660][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request.  Check SNMP counters.
[  204.754748][ T4201] loop1: detected capacity change from 0 to 512
[  204.795727][ T4201] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  204.810793][ T4201] EXT4-fs (loop1): 1 truncate cleaned up
[  204.816365][ T4201] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  205.618419][ T2372] EXT4-fs (loop1): unmounting filesystem.
[  206.360841][ T4235] loop0: detected capacity change from 0 to 512
[  206.415120][ T4235] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  206.431134][ T4235] EXT4-fs (loop0): 1 truncate cleaned up
[  206.436874][ T4235] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  207.231139][ T3648] EXT4-fs (loop0): unmounting filesystem.
[  208.134013][ T4303] loop4: detected capacity change from 0 to 512
[  208.178561][ T4303] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  208.200641][ T4303] EXT4-fs (loop4): 1 truncate cleaned up
[  208.206135][ T4303] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  208.985458][ T2628] EXT4-fs (loop4): unmounting filesystem.
[  210.210869][ T4374] loop3: detected capacity change from 0 to 512
[  210.261059][ T4374] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  210.273612][ T4374] EXT4-fs (loop3): 1 truncate cleaned up
[  210.279164][ T4374] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  210.465135][ T4388] Dead loop on virtual device ip6_vti0, fix it urgently!
[  210.472254][ T4388] Dead loop on virtual device ip6_vti0, fix it urgently!
[  210.479219][ T4388] Dead loop on virtual device ip6_vti0, fix it urgently!
[  210.486114][ T4388] Dead loop on virtual device ip6_vti0, fix it urgently!
[  210.493087][ T4388] Dead loop on virtual device ip6_vti0, fix it urgently!
[  210.500026][ T4388] Dead loop on virtual device ip6_vti0, fix it urgently!
[  211.130080][ T2301] EXT4-fs (loop3): unmounting filesystem.
[  211.169680][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request.  Check SNMP counters.
[  211.193896][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request.  Check SNMP counters.
[  211.410589][  T314] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  211.650578][  T314] usb 1-1: Using ep0 maxpacket: 8
[  211.662313][ T4419] fuse: Unknown parameter 'fd18446744073709551615'
[  211.770559][  T314] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  211.781423][  T314] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  211.791129][  T314] usb 1-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  211.800413][  T314] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.814258][  T314] usb 1-1: config 0 descriptor??
[  212.040371][ T4429] loop3: detected capacity change from 0 to 2048
[  212.064665][ T4429] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  212.091150][ T2301] EXT4-fs (loop3): unmounting filesystem.
[  212.390613][  T314] usbhid 1-1:0.0: can't add hid device: -71
[  212.396474][  T314] usbhid: probe of 1-1:0.0 failed with error -71
[  212.403478][  T314] usb 1-1: USB disconnect, device number 9
[  212.720020][ T4468] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  213.142059][ T4483] loop1: detected capacity change from 0 to 512
[  213.161877][ T4483] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  213.180642][ T4483] EXT4-fs (loop1): 1 truncate cleaned up
[  213.190636][ T4483] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  213.954267][ T4516] loop3: detected capacity change from 0 to 128
[  213.976560][ T4516] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  213.990867][ T4516] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  214.011918][ T2372] EXT4-fs (loop1): unmounting filesystem.
[  214.360436][ T4535] syz.4.1191[4535] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  214.377817][ T4535] syz.4.1191[4535] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  214.526356][ T4540] loop4: detected capacity change from 0 to 2048
[  214.579629][ T4549] loop1: detected capacity change from 0 to 512
[  214.596993][ T4540] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  214.599725][ T4549] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  214.614031][ T4549] EXT4-fs (loop1): 1 truncate cleaned up
[  214.619504][ T4549] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  214.665452][ T2628] EXT4-fs (loop4): unmounting filesystem.
[  215.217522][ T4577] syz.3.1206[4577] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  215.217600][ T4577] syz.3.1206[4577] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  215.309172][ T4585] loop3: detected capacity change from 0 to 2048
[  215.362915][ T4585] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  215.408028][ T2301] EXT4-fs (loop3): unmounting filesystem.
[  215.459837][ T2372] EXT4-fs (loop1): unmounting filesystem.
[  215.487603][   T28] audit: type=1400 audit(1725115598.098:405): avc:  denied  { create } for  pid=4596 comm="syz.1.1214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  215.514492][   T28] audit: type=1400 audit(1725115598.098:406): avc:  denied  { write } for  pid=4596 comm="syz.1.1214" path="socket:[34239]" dev="sockfs" ino=34239 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  215.554807][ T4603] loop1: detected capacity change from 0 to 128
[  215.561595][ T4603] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  215.574464][ T4603] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  216.221575][ T4626] loop4: detected capacity change from 0 to 2048
[  216.235029][ T4625] device syzkaller0 entered promiscuous mode
[  216.237717][ T4628] loop0: detected capacity change from 0 to 512
[  216.247266][   T28] audit: type=1400 audit(1725115598.858:407): avc:  denied  { relabelfrom } for  pid=4623 comm="syz.2.1222" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  216.249763][ T4628] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  216.284793][   T28] audit: type=1400 audit(1725115598.858:408): avc:  denied  { relabelto } for  pid=4623 comm="syz.2.1222" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  216.285233][ T4628] EXT4-fs (loop0): 1 truncate cleaned up
[  216.306858][ T4626] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  216.309978][ T4628] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  216.455135][ T2628] EXT4-fs (loop4): unmounting filesystem.
[  216.616257][ T4645] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  217.089812][ T3648] EXT4-fs (loop0): unmounting filesystem.
[  217.100695][ T3912] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  217.124405][ T4662] Dead loop on virtual device ip6_vti0, fix it urgently!
[  217.131657][ T4662] Dead loop on virtual device ip6_vti0, fix it urgently!
[  217.138744][ T4662] Dead loop on virtual device ip6_vti0, fix it urgently!
[  217.145853][ T4662] Dead loop on virtual device ip6_vti0, fix it urgently!
[  217.152998][ T4662] Dead loop on virtual device ip6_vti0, fix it urgently!
[  217.160295][ T4662] Dead loop on virtual device ip6_vti0, fix it urgently!
[  217.195454][ T4667] loop0: detected capacity change from 0 to 2048
[  217.212658][ T4667] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  217.237053][ T3648] EXT4-fs (loop0): unmounting filesystem.
[  217.270139][ T4676] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  217.273985][ T4673] loop0: detected capacity change from 0 to 128
[  217.286309][  T314] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  217.293520][ T4673] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  217.317317][ T4673] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  217.581317][ T3912] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0038, bcdDevice=69.f5
[  217.614592][ T3912] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.695641][ T3912] usb 4-1: config 0 descriptor??
[  217.791790][ T4688] usb usb8: usbfs: interface 0 claimed by hub while 'syz.4.1245' sets config #536871169
[  217.801433][  T314] usb 2-1: Using ep0 maxpacket: 32
[  217.819205][ T4690] loop4: detected capacity change from 0 to 512
[  217.828051][ T4690] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  217.836501][ T4690] EXT4-fs (loop4): 1 truncate cleaned up
[  217.842172][ T4690] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  217.960593][  T314] usb 2-1: unable to get BOS descriptor or descriptor too short
[  218.419920][ T4699] Dead loop on virtual device ip6_vti0, fix it urgently!
[  218.465903][ T3912] usb 4-1: USB disconnect, device number 15
[  218.738708][ T4702] loop0: detected capacity change from 0 to 2048
[  218.755793][ T4702] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  218.775080][ T2628] EXT4-fs (loop4): unmounting filesystem.
[  218.802061][  T314] usb 2-1: config 125 has an invalid interface number: 27 but max is 0
[  218.810587][  T314] usb 2-1: config 125 has no interface number 0
[  218.816601][  T314] usb 2-1: config 125 interface 27 altsetting 24 has an invalid endpoint with address 0xBA, skipping
[  218.828304][  T314] usb 2-1: config 125 interface 27 altsetting 24 has an invalid endpoint with address 0x0, skipping
[  218.834277][ T3648] EXT4-fs (loop0): unmounting filesystem.
[  218.839192][  T314] usb 2-1: config 125 interface 27 altsetting 24 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  218.859657][  T314] usb 2-1: config 125 interface 27 has no altsetting 0
[  218.903424][ T4712] tipc: Started in network mode
[  218.909146][ T4712] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  218.918767][ T4712] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  218.927274][ T4712] tipc: Enabled bearer <udp:syz1>, priority 10
[  218.934445][ T4714] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  219.020586][  T314] usb 2-1: New USB device found, idVendor=1199, idProduct=68aa, bcdDevice=a4.70
[  219.029557][  T314] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.043258][  T314] usb 2-1: Product: syz
[  219.047256][  T314] usb 2-1: Manufacturer: syz
[  219.071036][  T314] usb 2-1: SerialNumber: syz
[  219.100604][ T4658] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  219.159573][ T4730] loop3: detected capacity change from 0 to 128
[  219.173983][ T4730] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  219.194732][ T4730] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  219.620750][  T314] hub 2-1:125.27: bad descriptor, ignoring hub
[  219.627263][  T314] hub: probe of 2-1:125.27 failed with error -5
[  219.661149][  T314] usb 2-1: USB disconnect, device number 13
[  219.730221][ T4740] loop4: detected capacity change from 0 to 2048
[  219.756425][ T4740] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  219.788254][ T2628] EXT4-fs (loop4): unmounting filesystem.
[  220.451756][  T378] tipc: Node number set to 1
[  220.657841][ T4761] loop3: detected capacity change from 0 to 512
[  220.703040][ T4761] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  220.727880][ T4764] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3432369683 (27458957464 ns) > initial count (6515116696 ns). Using initial count to start timer.
[  220.762931][ T4761] ext4 filesystem being mounted at /151/file0 supports timestamps until 2038 (0x7fffffff)
[  220.787273][ T4761] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 3: comm syz.3.1268: path /151/file0: bad entry in directory: directory entry overrun - offset=60, inode=113, rec_len=26368, size=2048 fake=0
[  220.878162][ T4750] loop4: detected capacity change from 0 to 40427
[  220.885164][ T4761] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 7: comm syz.3.1268: path /151/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=536870912, rec_len=0, size=2048 fake=0
[  220.910748][ T4750] F2FS-fs (loop4): Invalid SB checksum offset: 0
[  220.918510][ T4750] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  220.929204][ T4777] loop1: detected capacity change from 0 to 2048
[  220.939317][ T4761] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 12: comm syz.3.1268: path /151/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  220.967243][ T4761] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 13: comm syz.3.1268: path /151/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  220.992304][ T4761] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 14: comm syz.3.1268: path /151/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  221.015169][ T4750] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  221.030153][ T4777] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  221.102816][ T4761] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 15: comm syz.3.1268: path /151/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  221.129761][ T2372] EXT4-fs (loop1): unmounting filesystem.
[  221.138083][ T4750] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  221.145015][ T4750] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  221.149389][ T4761] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 16: comm syz.3.1268: path /151/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  221.173600][ T4761] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 17: comm syz.3.1268: path /151/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  221.220556][ T4761] EXT4-fs error (device loop3): ext4_map_blocks:607: inode #2: block 18: comm syz.3.1268: lblock 23 mapped to illegal pblock 18 (length 1)
[  221.517095][ T2301] EXT4-fs (loop3): unmounting filesystem.
[  221.551428][ T4795] loop1: detected capacity change from 0 to 128
[  221.570900][ T4795] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  221.600955][ T4795] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  221.623096][   T28] audit: type=1400 audit(1725115604.238:409): avc:  denied  { connect } for  pid=4801 comm="syz.3.1281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  221.659347][   T28] audit: type=1400 audit(1725115604.258:410): avc:  denied  { write } for  pid=4801 comm="syz.3.1281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  222.021706][ T4806] net_ratelimit: 2 callbacks suppressed
[  222.021729][ T4806] Dead loop on virtual device ip6_vti0, fix it urgently!
[  223.059496][ T2628] syz-executor: attempt to access beyond end of device
[  223.059496][ T2628] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  224.100577][  T314] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  225.149206][ T4867] loop0: detected capacity change from 0 to 128
[  225.157767][ T4867] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  225.172797][ T4867] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  225.200589][  T314] usb 2-1: New USB device found, idVendor=8086, idProduct=0b03, bcdDevice=3a.45
[  225.212617][  T314] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.228817][  T314] usb 2-1: Product: syz
[  225.237003][  T314] usb 2-1: Manufacturer: syz
[  225.245577][  T314] usb 2-1: SerialNumber: syz
[  225.280636][  T314] usb 2-1: config 0 descriptor??
[  225.620647][  T314] usb 2-1: Found UVC 0.00 device syz (8086:0b03)
[  225.627169][  T314] usb 2-1: No valid video chain found.
[  225.706765][ T4865] loop4: detected capacity change from 0 to 40427
[  225.713889][ T4865] F2FS-fs (loop4): Invalid SB checksum offset: 0
[  225.720121][ T4865] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  225.784320][ T4865] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  225.805645][ T4882] loop3: detected capacity change from 0 to 512
[  225.822344][ T4882] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  225.825393][  T378] usb 2-1: USB disconnect, device number 14
[  225.831142][ T4882] EXT4-fs (loop3): 1 truncate cleaned up
[  225.851358][ T4865] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  225.858703][ T4882] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  225.874575][ T4865] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  226.443240][ T4895] syz.4.1300: attempt to access beyond end of device
[  226.443240][ T4895] loop4: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  226.615620][   T28] audit: type=1400 audit(1725115609.228:411): avc:  denied  { map } for  pid=4907 comm="syz.2.1311" path="/dev/zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[  226.953445][ T4908] BUG: kernel NULL pointer dereference, address: 0000000000000000
[  226.961102][ T4908] #PF: supervisor instruction fetch in kernel mode
[  226.967550][ T4908] #PF: error_code(0x0010) - not-present page
[  226.973355][ T4908] PGD 117760067 P4D 117760067 PUD 122c74067 PMD 0 
[  226.979690][ T4908] Oops: 0010 [#1] PREEMPT SMP KASAN
[  226.984815][ T4908] CPU: 1 PID: 4908 Comm: syz.2.1311 Not tainted 6.1.93-syzkaller-00068-gb5e374dda921 #0
[  226.994360][ T4908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  227.004531][ T4908] RIP: 0010:0x0
[  227.007831][ T4908] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  227.015030][ T4908] RSP: 0018:ffffc90002626ff8 EFLAGS: 00010246
[  227.020926][ T4908] RAX: 1ffff920004c4eb8 RBX: dffffc0000000000 RCX: 0000000000040000
[  227.028739][ T4908] RDX: ffffc90000ea9000 RSI: ffffea0004ed6000 RDI: ffff888120c8f200
[  227.036547][ T4908] RBP: ffffc90002627150 R08: ffffffff81a46b48 R09: fffff940009dac07
[  227.044359][ T4908] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc900026275c0
[  227.052319][ T4908] R13: ffffea0004ed6000 R14: ffffc900026275d8 R15: 0000000000000000
[  227.060211][ T4908] FS:  00007ff8f24ef6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  227.069062][ T4908] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  227.075486][ T4908] CR2: ffffffffffffffd6 CR3: 0000000115e98000 CR4: 00000000003506a0
[  227.083395][ T4908] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  227.091367][ T4908] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  227.099180][ T4908] Call Trace:
[  227.102311][ T4908]  <TASK>
[  227.105085][ T4908]  ? __die_body+0x62/0xb0
[  227.109246][ T4908]  ? __die+0x7e/0x90
[  227.112983][ T4908]  ? page_fault_oops+0x7f9/0xa90
[  227.117751][ T4908]  ? __kasan_check_read+0x11/0x20
[  227.122620][ T4908]  ? kernelmode_fixup_or_oops+0xd0/0xd0
[  227.128084][ T4908]  ? raw_irqentry_exit_cond_resched+0x2a/0x30
[  227.133981][ T4908]  ? irqentry_exit+0x30/0x40
[  227.138496][ T4908]  ? sysvec_reschedule_ipi+0x80/0x160
[  227.143716][ T4908]  ? is_errata93+0xc7/0x240
[  227.148047][ T4908]  ? exc_page_fault+0x529/0x6d0
[  227.152735][ T4908]  ? asm_exc_page_fault+0x27/0x30
[  227.157657][ T4908]  ? read_pages+0x838/0xd40
[  227.161942][ T4908]  read_pages+0x89c/0xd40
[  227.166103][ T4908]  ? workingset_activation+0x430/0x430
[  227.171396][ T4908]  ? folio_add_lru+0x280/0x3f0
[  227.175994][ T4908]  ? page_cache_ra_unbounded+0x690/0x690
[  227.181552][ T4908]  ? filemap_add_folio+0x18f/0x200
[  227.186495][ T4908]  ? __filemap_add_folio+0xd10/0xd10
[  227.191616][ T4908]  ? page_cache_ra_order+0x48c/0xc40
[  227.196756][ T4908]  page_cache_ra_order+0x822/0xc40
[  227.201866][ T4908]  ? do_page_cache_ra+0x110/0x110
[  227.206720][ T4908]  ? inode_to_bdi+0x7c/0xf0
[  227.211078][ T4908]  ondemand_readahead+0x91a/0xee0
[  227.215917][ T4908]  ? mem_cgroup_update_tree+0x3b/0x550
[  227.221213][ T4908]  ? preempt_schedule+0xd9/0xe0
[  227.225898][ T4908]  ? preempt_schedule_common+0xbe/0xf0
[  227.231198][ T4908]  ? page_cache_sync_ra+0x450/0x450
[  227.236247][ T4908]  ? blk_cgroup_congested+0x132/0x150
[  227.241437][ T4908]  page_cache_sync_ra+0x3d6/0x450
[  227.246301][ T4908]  hpage_collapse_scan_file+0x19ba/0x46e0
[  227.251865][ T4908]  ? sysvec_reschedule_ipi+0x80/0x160
[  227.257083][ T4908]  ? __kasan_check_write+0x14/0x20
[  227.262007][ T4908]  ? wake_up_q+0x11c/0x1d0
[  227.266744][ T4908]  ? hugepage_vma_revalidate+0x310/0x310
[  227.272295][ T4908]  ? mutex_unlock+0x17b/0x260
[  227.276893][ T4908]  ? __lru_add_drain_all+0x714/0x770
[  227.282014][ T4908]  madvise_collapse+0x639/0xcf0
[  227.286708][ T4908]  ? khugepaged_min_free_kbytes_update+0x90/0x90
[  227.292860][ T4908]  ? memset+0x35/0x40
[  227.296671][ T4908]  ? blk_start_plug+0x9c/0x130
[  227.301361][ T4908]  do_madvise+0x1604/0x40b0
[  227.305705][ T4908]  ? schedule_preempt_disabled+0x20/0x20
[  227.311177][ T4908]  ? madvise_set_anon_name+0x4c0/0x4c0
[  227.316464][ T4908]  ? __kasan_check_write+0x14/0x20
[  227.321407][ T4908]  ? wake_up_q+0x11c/0x1d0
[  227.325665][ T4908]  ? futex_wake+0x758/0xb60
[  227.330001][ T4908]  ? futex_wake_mark+0x170/0x170
[  227.334784][ T4908]  ? ____kasan_slab_free+0x13c/0x180
[  227.339912][ T4908]  ? __kasan_slab_free+0x11/0x20
[  227.344669][ T4908]  ? putname+0xfa/0x150
[  227.348662][ T4908]  ? putname+0xfa/0x150
[  227.352939][ T4908]  ? getname_flags+0x3a2/0x520
[  227.357515][ T4908]  ? do_futex+0x501/0x9a0
[  227.361686][ T4908]  ? __this_cpu_preempt_check+0x13/0x20
[  227.367061][ T4908]  ? xfd_validate_state+0x6f/0x170
[  227.372010][ T4908]  ? restore_fpregs_from_fpstate+0xfc/0x230
[  227.377827][ T4908]  ? save_fpregs_to_fpstate+0x220/0x220
[  227.383239][ T4908]  ? fpregs_restore_userregs+0x130/0x290
[  227.388680][ T4908]  __x64_sys_madvise+0xa8/0xc0
[  227.393278][ T4908]  x64_sys_call+0xec/0x9a0
[  227.397525][ T4908]  do_syscall_64+0x3b/0xb0
[  227.401785][ T4908]  ? clear_bhb_loop+0x55/0xb0
[  227.406295][ T4908]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  227.412022][ T4908] RIP: 0033:0x7ff8f1779eb9
[  227.416276][ T4908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  227.435718][ T4908] RSP: 002b:00007ff8f24ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  227.443962][ T4908] RAX: ffffffffffffffda RBX: 00007ff8f1915f80 RCX: 00007ff8f1779eb9
[  227.451772][ T4908] RDX: 0000000000000019 RSI: 0000000000600702 RDI: 0000000020000000
[  227.459691][ T4908] RBP: 00007ff8f17e793e R08: 0000000000000000 R09: 0000000000000000
[  227.467485][ T4908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  227.475293][ T4908] R13: 0000000000000000 R14: 00007ff8f1915f80 R15: 00007ffc764e7c18
[  227.483111][ T4908]  </TASK>
[  227.485981][ T4908] Modules linked in:
[  227.489712][ T4908] CR2: 0000000000000000
[  227.493701][ T4908] ---[ end trace 0000000000000000 ]---
[  227.498989][ T4908] RIP: 0010:0x0
[  227.502296][ T4908] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  227.509493][ T4908] RSP: 0018:ffffc90002626ff8 EFLAGS: 00010246
[  227.515396][ T4908] RAX: 1ffff920004c4eb8 RBX: dffffc0000000000 RCX: 0000000000040000
[  227.523204][ T4908] RDX: ffffc90000ea9000 RSI: ffffea0004ed6000 RDI: ffff888120c8f200
[  227.531016][ T4908] RBP: ffffc90002627150 R08: ffffffff81a46b48 R09: fffff940009dac07
[  227.538913][ T4908] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc900026275c0
[  227.546727][ T4908] R13: ffffea0004ed6000 R14: ffffc900026275d8 R15: 0000000000000000
[  227.554539][ T4908] FS:  00007ff8f24ef6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  227.563302][ T4908] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  227.569728][ T4908] CR2: ffffffffffffffd6 CR3: 0000000115e98000 CR4: 00000000003506a0
[  227.577628][ T4908] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  227.585520][ T4908] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  227.593336][ T4908] Kernel panic - not syncing: Fatal exception
[  227.600385][ T4908] Kernel Offset: disabled
[  227.604548][ T4908] Rebooting in 86400 seconds..