last executing test programs:

6.082192575s ago: executing program 0 (id=827):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a500000008000000"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)

6.074399825s ago: executing program 0 (id=828):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000c80)=ANY=[@ANYBLOB="12010000000000406d0422c2000000000001090224000100000000090400000103000000092100000001220b0009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_usb_control_io(r0, &(0x7f0000000100)={0x2c, &(0x7f0000000680)=ANY=[@ANYBLOB='\x00\x00\v\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0}, 0x0)

5.591196795s ago: executing program 1 (id=829):
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) (fail_nth: 5)

5.227855074s ago: executing program 1 (id=832):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b70300000000008085000000040000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000019c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
prlimit64(0x0, 0x3, &(0x7f0000000140), 0x0)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)=[&(0x7f0000000340)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\f\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00', &(0x7f0000002300)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cd\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\x120\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00\xd2\x06\x11r+h&\xd3\xc2\xbc\x1ba', &(0x7f0000000c40)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00', &(0x7f00000010c0)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00', &(0x7f0000001540)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00'], &(0x7f0000000180)=[&(0x7f0000001e80)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00', &(0x7f0000002780)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\f\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00'])
r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, r4, 0x0)
sendmsg$TIPC_NL_PEER_REMOVE(r4, &(0x7f0000000a00)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000009c0)={&(0x7f00000007c0)={0x1e0, 0x0, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8001}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}]}, @TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_BEARER={0x1c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xf0}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x101}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x10}]}, @TIPC_NLA_BEARER={0x4}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x80}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xc13}, @TIPC_NLA_NET_ID={0x8}]}, @TIPC_NLA_PUBL={0x4}, @TIPC_NLA_SOCK={0x68, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x9}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}]}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8000}]}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8001}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfff}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfff}]}, @TIPC_NLA_LINK={0x98, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}]}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}]}, 0x1e0}, 0x1, 0x0, 0x0, 0x20000010}, 0x90)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000001140)={[{@abort}]}, 0x25, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_WANTACK(r5, 0x0, 0x0, &(0x7f0000000240), 0x4)

4.314188098s ago: executing program 1 (id=838):
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff)
socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x0, 0xfaa3, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x34}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
connect$netlink(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x9, 0x3, 0x9, 0x408, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x9}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
setrlimit(0xf, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prlimit64(r1, 0x2, &(0x7f0000000000)={0x64, 0x6}, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000080)=0x4)

3.644328423s ago: executing program 3 (id=844):
r0 = syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000540)='./bus/file0\x00', 0x10, &(0x7f0000000400)={[{@data_ordered}]}, 0x1, 0x7b9, &(0x7f00000029c0)="$eJzs3c1rXOUaAPDnTD5v2nuTCxdue1eBCxoonZgaWwUXFRciWCjo2jZMpqFmkimZSWlCIC0iuBG0uBB007UfdefWj63+C+pCRFqqpsWKCxk5k5lm0kySaT4mrfn94Ezed8578pxnzpn3vDPnMCeAfWswfchEHI6It5OI/trzSUR0VUudESeX291dWsilUxKVysu/JNU2d5YWctGwTOpArXIoIr58I+JIsjZuaW5+cqxQyM/U6sPlqQvDpbn5o+enxibyE/np4yOjo8dOPHWiZ+dy/e2b+YM333nh8U9O/vH6f6+/9VUSJ+NgbV5jHjtlMAZrr0lX+hKu8vxOB9tjTTYxj4BMRHQsv8vjcPRHR7XUmtZbAgAPk8WIqAAA+0zi+A8A+0z9e4A7Swu5dKos7u33Ee1267mI6F3Ov35+c3lOZ+2cXW/1PGjfnWTV+Y4kIgZ2IP5gRHzw2asfpVPs0nlIgGYuX4mIswOD9f5/pf9J1lyzsKz1CzKeaKHN4H31WvzvWw4CbNnn6fjn6ZXx38r7P3Nv/BNNxj89Td67WzEY0d1YXzv+ydzYgTDrSsd/z3ZFd6Rjv8piw/gvU28y0FGr/bM65utKzp0v5NO+7V8RMRRdPWl9ZIMYQ7f/vL3qiY6VYuP479err32Yxk//rrTI3Oi8r8sdHyuPbTfvultXIv7XuXJt3901/X9vdazbbPx7usUYLz7z5vvrzUvzT/OtT6vz3/2ryirXIh6L5vnXJRtdn3h8uLo7DNd3iiY+/eG9vvXiN27/dErj1z8LtEO6/fs2zn8gabxes/TgMb6+1v/FevM2z7/5/t+dvFIt1zuPS2Pl8sxIRHfy0trnj60sW6/X26f5D/2/Wf6ZDff/9DPh2Rbz77z588dbz393pfmPP9D2f/DC9buTHevFb237j1ZLQ9XHtNfdvP9rdQW39+oBAAAAAAAAAAAAAAAAAAAAAAAAQGsyEXEwkkz2XjmTyWaX7+H9n+jLFIql8pFzxdnp8ajeK3sgujL1n7rsb/g91JHa7+HX68fuqz8ZEf+OiHd7/lGtZ3PFwvheJw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANQfWuf9/6qeevV47AGDX9G7a4na+LSsCALTN5sd/AODvZqvH/8s7vB4AQPtsfvyvVCqLbVkVAKBNfP8PAPuP4z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC77PSpU+lU+X1pIZfWxy/OzU4WLx4dz5cms1OzuWyuOHMhO1EsThTy2VxxqmHRb5v9v0KxeGE0pmcvDZfzpfJwaW7+zFRxdrp85vzU2ET+TL6rbZkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOtKc/OTY4VCfmZLhWR7iytspVDpX950D8v67H7hx6PfHdqozdVt7sYKTQp73TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBr+CgAA//8miyuY")
r1 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000001c0)={'team_slave_1\x00', &(0x7f00000000c0)=@ethtool_drvinfo={0x23, "d4b9ecf53baff2954a9bd852c567b6e40a24e61fd5c4c152d589dd9c4198287f", "cf37e66d77260be3cf72b29e66f34694b39987739f509a1ee60640054785ff14", "5e4d2b1cb5512bbc6886dbc5ba606f4e325ab26400ce196f29c83ecc769b1d63", "c945f5a959732c70d0bb6a001f1496c9fca8230d9fe805bbb9454ef5cba3d376", "f95f163f2685cf8423b7fab56b8f388f63ad2f17ded6064bdb0cdce432750ba0", "b130d1198c7e42d05543c737"}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open(&(0x7f0000007fc0)='./bus\x00', 0x60142, 0x0)
open(&(0x7f0000000380)='./file1\x00', 0x42042, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001740)={0x9c02}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x4, 0x0, &(0x7f0000000180)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x90)
openat$full(0xffffffffffffff9c, &(0x7f0000001780), 0x20100, 0x0)
r5 = socket(0x10, 0x80002, 0x4)
sendmsg$nl_route_sched(r5, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newtaction={0x70, 0x13, 0x53b, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0xe80}}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x11}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)
r6 = socket(0x10, 0x80002, 0x4)
sendmsg$nl_route_sched(r6, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000a40)}, {0x0}, {&(0x7f0000000b00)="6455089ab9075e64c4bedb2b941533bc71ec4be38eeb5e2e6c9ecdda0c6ed7bd4706c3fb85575d0034077bb770e214219d50542e7e671050c17a8022b175ce074558fe4e94f15f588cb4a56928bae16bd7f992b843c5011456ed86b60133edc2903c9f6bdf9a3620f7577841abe2e06fef85eb3ee0091a527f0977e3ba534f7fa31caf7465d30df85587b36f219c23d089bbff7e259bffa1157b2393f0a3cd0a5bd97fadc821f659", 0xa8}, {&(0x7f0000000bc0)="148187735e85181ef5b798e0e0df3f67ae40874566271a94a4c5672cb6b12c53f6d38fb1e5b243e0fa875e9e3d66ab33a3f9738fb48c072d1f50e59e4dbc9e920775d2900835f91f3629cd853370b1f5ac1978d3d610b0a8332a25389244c9c5165173bf18e89b7e8be9507774d8824a1a61b29a1b8081c0ea1dd6a0d3d4e8e8a11debfa97f12b69736819fffc7f3b", 0x8f}], 0x5, &(0x7f00000012c0)=ANY=[@ANYBLOB="28000000000000000100000001000000b5376e51ab324160b1445009bfc3f82936bb8364a6e2f1156c4edfa76c8fd8a62c975d37d61c58094e0f4f8a9c48d4e621360d15ca9ab3e8ffa4ab41ed51e8cda603426f09bdeed81216d158e19abc17785c9854077c81c9", @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRESHEX, @ANYRES16, @ANYBLOB="000012001c000000000400fa0000", @ANYRESHEX, @ANYBLOB="00000000280000000100cc8d26e9ce24e5c36be347000001000000", @ANYRESOCT=r2, @ANYRES32=r5, @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32=r6], 0xa8, 0x40040}}], 0x1, 0x4000)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/kernel/fscaps', 0x200, 0x54)
r7 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c0000001200010000000000000000000a000000000000000101000004000000000000000000000000000000001d0346a7c0f7fafa62090100000000000080000000", @ANYRES32=0x0, @ANYBLOB="01000000fcffffff0000000000000000"], 0x4c}}, 0x0)
ioctl$sock_SIOCSIFBR(r5, 0x8941, &(0x7f0000000680)=@get={0x1, &(0x7f0000000000)=""/12, 0x9})
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x0, 0x168, 0x10, 0x190, 0xb, 0x388, 0x250, 0x250, 0x388, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [], [], 'veth1_to_batadv\x00', 'veth1_to_hsr\x00', {}, {}, 0x3a}, 0x6000000, 0x128, 0x190, 0x0, {0x0, 0x28e}, [@common=@icmp6={{0x28}, {0x0, 'K\r'}}, @common=@inet=@hashlimit1={{0x58}, {'netdevsim0\x00', {0x0, 0x0, 0x9, 0x1, 0x0, 0x10000, 0x80000001}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x1f8, 0x0, {}, [@common=@inet=@set2={{0x28}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:usb_device_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8)

3.606720726s ago: executing program 0 (id=846):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@bloom_filter={0x1e, 0x80, 0x0, 0x6, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x2}, 0x48)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
nanosleep(&(0x7f0000000080), 0x0)
r5 = socket$inet6(0xa, 0x3, 0x2)
setsockopt$inet6_buf(r5, 0x29, 0x39, &(0x7f00000001c0)="0022040000ffffebfffffffeffffff0706000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e", 0x116)
setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x8)
write$binfmt_aout(r5, 0x0, 0x0)
inotify_init1(0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000001a80)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa011eee65624aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006e0400000000000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83c6e613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038d0100a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b17680100969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06de269e97fbb0776bf56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105cfdf8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f01000080000000004febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60133641a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df745986d96cc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f6"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r6}, 0x10)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@clear_death, @request_death], 0x0, 0x0, 0x0})
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000080)='./file0\x00', 0x800090, &(0x7f0000008740)={[{@shortname_winnt}, {@uni_xlate}, {@shortname_win95}, {@numtail}, {@shortname_mixed}, {@utf8no}, {@uni_xlate}, {@fat=@uid}, {@fat=@check_strict}, {@uni_xlate}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@fat=@codepage={'codepage', 0x3d, '869'}}, {@rodir}, {@utf8}, {@fat=@dmask={'dmask', 0x3d, 0x40}}, {@uni_xlateno}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@shortname_lower}, {@nonumtail}, {@shortname_win95}, {@rodir}, {@utf8no}, {@nonumtail}, {@shortname_lower}, {@shortname_mixed}, {@utf8}], [{@appraise}, {@context={'context', 0x3d, 'system_u'}}]}, 0x6, 0x2d3, &(0x7f0000000a40)="$eJzs3b1rJGUYAPBnNrMfarFbWInggBZWx+Vamw1yB2Iqjy1OCw3eHUh2ES4Q8QPXq8TOxtK/QBD8Q2zsLAVbwc4IgZGZncl+ZNhsJBvx8vsVyZuZ55n3ed+ZJNPkyQcvTw4fZvH46Re/Ra+XRGvYjThJYhCtqH0VS4bfBgDwf3aS5/FnPtNw+tdv1uT2tlgXALA9F/z+r6TlxwdFxE/XVxsAsB33H7z79t7+/t13sqwX9yZfH4+SiCg+z87vPY6PYhyP4nb04zSifFFoR/m2UAzv5Xk+TbPCIF6bTI9HRebk/Z+r6+/9EVHm70Y/BuWhs7eNMv+t/bu72cxC/rSo4/lq/mGRfyf68eJZ8lL+nYb8GHXi9VcX6r8V/fjlw/g4xvGwLGKe/+Vulr2Zf/fX5+8V5RX5yfR41C3j5vKdevLpNd8jAAAAAAAAAAAAAAAAAAAAAACePbeq3jndKPv3FIeq/js7p8UX7chqg+X+PLP8pL7QvD9QtPI8n+bxfd1f53aWZXkVOM9P46W0aiwIAAAAAAAAAAAAAAAAAAAAN9zRp58dHozHj55cyaDuBpBGxN/3I/7tdYYLR16J9cHdas6D8bhVDZdj0sUjsVPHJBFryygWcUXbctHguXM1V4MffmzMKlZ0lEbTqd7Fk7ab57rk4JP2bB8bY+qn6/Agad7D7lnxveLGxeqN60Tz7O1YOdKp7+dqcP0obracTuOp/qW3pfNCOZiuiYlk3ffFG78vLSeJleBO2XGjMb1dDZp2Y/ZsbPQ8R2+Wfv5nRaJbBwAAAAAAAAAAAAAAAAAAbNX8r38bTj5dm9rKu1srCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACu1fz//28ySJeTN8jqxJOj/2ptAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3Bz/BAAA//8a6VGq")
r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
copy_file_range(r7, 0x0, 0xffffffffffffffff, &(0x7f00000000c0)=0x10000, 0x0, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r7, 0x4068aea3, &(0x7f00000004c0)={0x79, 0x0, 0x1})
creat(&(0x7f0000000300)='./file0\x00', 0x0)

3.525012683s ago: executing program 2 (id=849):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000680)='./file2\x00', 0x800000, &(0x7f00000007c0)=ANY=[@ANYBLOB="6e6f757365725f78617474722c666c7573685f6d657267652c6673796e635f6d6f64653d706f7369782c64697361626c655f6578745f6964656e746966792c6261636b67726f756e645f67633d73796e632c6673796e635f6d6f64653d7374726963742c6e6f626172726965722c6e6f696e6c696e655f646174612c6e6f626172726965722c71756f74612c6261636b67726f756e645f67633d6f66662c6e6f61636c2c6e6f657874656e745f63616368652c6e6f646973636172642c6163746976655f6c6f67733d342c00e62bc03000c35169ed09803fa1bee488c680f339e530b5e8ad120a2b4f078093a8e0ba2b3d1b5fe99356b80a454c1ec2f8e12392bbffe9fae2fa05e18a6b61f5eded2e484f574d2757a5fe762c770477aa3460313ee54451c6a6159eca600d6c85a8c09cef9996dc851a5f5edf1a4a22576c6dfe6b9e8dade2d3a8e6a8c7710733c1f69aabd8880291"], 0x1, 0x5504, &(0x7f000000c0c0)="$eJzs3M1rI2UYAPB32u1+uxbx4G0HFqGFTWj6seit6i5+YJey6sGTpsk0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJl3qls/QGma2O3vB5Nn5p03zzxvKIVnJiQA59Z8+vOPSbgRroQQZkMI10Mo9pNyK6zH8Fx5buaxLSnHfx+4GEK4GkK4MUoecyblqU9vD2+t/fDGT199c+nCtc++/HZ6qwam7fkQQncn7u93Y8xbMT4sx+vDdhG7q8MyxhPdR+VxHuN+tlVk2K8fzasXcaUV5+c7e/1R3O7UG6PYam8X4zu9eMH+sHWUp3jDw/pucdzMtorY7udFbB3Gug4O4/+2w/4g5mmW+T4o0ofB4CjG8ewgi+vZeVTERm9Qjse8eTM7GMVhGcvLhUbeaRZ1bJ3kk/5/e7Pd2ztIh9luv5330rVq7YVq7U6ltps3s0G2Wql3m3dW04VWZzStMsjq3fVWnrc6WbWRdxfThVajUanV0oW72Va73ktrtepKdamytlju3U5fvf9O2mmmC6P4cru3N2h3+ul2vpvGdyymy9WVFxfTW7X0rY3NdPPBvXsbm2+/d/fd+y9tvP5KOekvZaULy0vLy5XaUmW5tniO1v9RWfQY1w8nkky7AICz57/2/zf1/8AYnF7/v/sghNPv/4P+fyzOVP973vv/U1g/nIj+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg3Ppu7vPXip35eHytHH+qHHqmPE5CCDMhhF//xmy4eCznbJln7h/mz/2phq+TUGQYXeNSuV0NIayX2y9Pn/anAAAAAE+uLz68+Uns1uPL/LQLYpLiTZuZ6++PKV8SQpib/35M2WZGL8+OKVnx930hHIwpW3ED6/KYksVbbhfGle1fmT0WLj8WkhhmJloOAAAwEcc7gcl2IQAAAEzSx9MugOlIwtGjzKNnwcU37/94IHjl2BEAAABwBiXTLgAAAAA4dUX/7/f/AAAA4MkWf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5j535yUgfiOID/WuiD9y+PvLj3Ku7gGB7BpUvDAbwER8AreAHPgDuPYMDQqUQU3XRKI/l8kjJMQ77MELqY3yQDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTpsVrO7m7Ob9vmrDft5JkNAAAAcMiqWs7qN5PU/93c/9vc+t/0i4goI+LQ2n0QP/YyB01O9cnnq3djuI+oE7bfMWquXxFx0VzP/7r+FQAAAOB0PcwX07RaTy+TvgfEMaWiTfnnMlNeERHV5ClTWrnNO8sUVv+/h3GdKa0uYI0zhaWS2zBX2kcHouvHfVe1G79pitSUX0dmmzsAAHBEg72mw1UIAAAAPbvqewD0o4jXrczdVuAoNc323s+9HgAAAPANFX0PAAAAAOhcvf53/h8AAACctnT+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF1aVctZNV9M2+asN+3kmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALywP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/uzs7WVsUYJYeIKHjQi023tbU38aAED/4JQki3NXbrjzYHW4qQizfJuRfRo4igxFv/h55b6KXeesihghcvlTc/kmkMuFo7s20+H3jzvjsZ3vu+GQj5zkwWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNr2u7txljZzZdyv9t28d3U19bf29Mn1zduLqaW412bSj4eXmx96C90lAgAAwMGR1fV9RNzJt5ZT358r6v+8PibV/N89W8Z1Pb+37q/7uvZP7ddf7r64M9FcOU8a9OzaZHzs76kMHt0qZ9tz/3jEoDjzxb2XrLgg/Q82XtjOi/PZ++bGjfeGRXiojWwBgP/iaN1XQf33UOpHXSYGwIExaBTedf2fzXWbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAbtjfi6TruRcTiYDdObt27urpff33z9mLdTl27ttkcMw2RR8TZtcn4WItrmXWXLl85vzKZjC+2H7wSEV3N/k61/PMfTXFwRCfnR/A/Bf3qYs9KPg8T5NVaHv1cHf1CAgDgiZVXLdX1d/Kt5bSvNx9x//sH6//XG3FMWf/f/fjUzeZczfp/1NoKZ9/S+oXPly5dvvLm2oWVc+Nz40/fOj56e3Ti9MmTp5eKeyVL7pgAAADwcIZVa9b/wz3HpJ8dacQxZf3/xbejr5rjZOr/fe0+9Os6EwAAgIPt+Vf/+L23z/7ecBhfrqyvXxyV253Px8ttB6n+a4eq1qz/s/muswIAAADasL3Re+D9/zONOKZ8/v/MDy/91Bwzi4jD1fP/o6ufTc60t5yZ1sa/Lne9RgAAALp1uGrN5//5fKr/+zuvPPQj4o3Xyrj6GsCp6v/s/a9/bM7VfP//RHtLnEn9hfJ8FP1CxGCh64wAAAB4Uv15P+KpKFsq9n/Lt5Y/+fnIh0Pv/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC07a8AAAD//3npOno=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r0, 0x0, 0x800003d, 0x7ff)
write$binfmt_script(r0, &(0x7f00000000c0), 0xb)
lseek(r0, 0x0, 0x3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180800000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
write$cgroup_int(r6, &(0x7f0000000100), 0x1001)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4000000000b00007910000000000000c310000951000000950074000000000031fb0d3a4231020004399d17d34e075fdcda533ab1aa71ab1d764152e6cb25dadc7ded5dbe11b62ac5ea9fca11027d19e93adb604a7d3deb92de3141e8ed7ac5b8902070213cdfdc5d6c4890cdeb50347c32060581172b94c6ba22a2b58eb6cbad46ed6e7965a2ba103b0b36f790bb41931f9a3d4dd127c1b4e49f7468f5e603950c4f67581c92ef8a7e8ece17d5f5b169391ef409c39c263895739e3d702c128b35d5fc23469240c61e150e2bae385f9ac9b03c22b0f7050c166b835298c5911f1053a723aee89051c24e1900ab97fa52d2e06dce0248a829ed46a520db4c1432080bbf707ad2f8af8118ee7d434a960ed6be4455ba57cb06459b64689e77ce95823a5533f5b11118906fd2fc29b3697c637d3693d4b4aade6f9202e6cfa6d7507f88af38b6109ad8f82b1d600a5447831df835d7000000218b0222004f98a7a0caddc397d8414be912b4e7536fefd951fe23a56fbf9fc643c6604268b5ccc13b996aaed0a6f6470566c8f534e5d486b2141646b35fd4472be8195fd917446a8abb1c2cd5dc09e2d75ec00ede2841e497d5178cf9445c7bb11f3c5cfdcae8c476d3fb75cac727143f92798a44864b49366b6cf228d9bc1d99ab2104e3c2e17ec46fbce102c158ff3748f1eb90b83d8be0dfcefbeed222009b41ad34d8656daf41e23322e58d91811feffc39ec11b11cc611f6fbfd999c3bef10caa2e8692259d40d69ed3d85ec2813b007b8ce6384a28798f445ad7fc451865fe45a06977f7a785f8e97544aad1f844f2a4799944e0daf6d4c3a7d30b7d89781ca607048c50945c45d5a6f2c5145416176fd64c559e6a272b92c92052a9005aaa25d09613aba2e7d429ae40c249e7996e4bc213c24699889ea320c40f32dcdaa19893e17c57d7e8c51d5f320d99e8c2521c339c33bf6c41fde029061c088"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$SIOCSIFHWADDR(r6, 0x4030582b, 0x0)

3.244381916s ago: executing program 1 (id=851):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_usb_control_io(r0, &(0x7f0000000540)={0x2c, &(0x7f0000000200)={0x0, 0x0, 0x5, {0x5, 0x0, "a8c6df"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000001780)={0x2c, 0x0, &(0x7f00000014c0)={0x0, 0x3, 0x4, @lang_id={0x4}}, 0x0, 0x0, 0x0}, 0x0)

2.765614014s ago: executing program 3 (id=852):
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='mm_page_alloc\x00', r0}, 0x10)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000002180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000700)=ANY=[@ANYBLOB="3801"], 0x138)
mount$9p_fd(0xfeff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})

2.70400802s ago: executing program 3 (id=853):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='leases_conflict\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = memfd_create(&(0x7f0000000200)='\f\x8b\x8a\xa9\x16\x11O\xdd\xdfk(F\x99\xdf\x9a\xd5>oJ\x02u\x9b\x94a\xac\xfe6A\xc4\a\x9e\xbd\xa2\xfb\rD\xefq\x1f!\x01\xc3\xa5U\x98\xee\xcd;A\xe8\x00~V\xbf\xd4\x00\xd2,7\xa0\xfd7\xe8\xf9M\x02\xec\f3\xd4\xb8\xc3\x85\xda\xeb\xce7y%S\x1e\xa9\xe9\x92!\x95\xf1Ek\x95\x9bQ\x1d\xa4\xc2\xbb\xfa\x96\x14\x7f\xb9\x90\x9cn\xb5\x10\xd2\x84\xe9\x9e1\x9a\x9e\xa7\x9e\xcd\x1a\x86\x14%\xbaS\x90\xb1j\xf9\x00\xd7@D\x04\xaa\xb55\xd8x?z\xff\x85j3\xbe\axo\x05)\xcc\xcd\x9b\xb3\xe7w\x0e\x9f\xd3\aU\xf0M\xc1\xad\x17t\xeb\x1b\x11m\xec\x00\x00\x00\x00R\xb6v\x88\a\x82\x9e\x00\x00\x00\x10\x00\x00\x00\xa6!\xb3\xa8\xe7[&\x165\x84\xce\xa5\xc4wT\xf2E\tj\x92G\x14\x04\x93\xa4\xba\xcb\xce\"Y\xd68\xeb\x01\xc9/\x19\x85\xc6\x8do\xcb\x17\xb5\xffW\xe6\x8a\xfb\a\xf6', 0x2)
r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0)
syz_usb_control_io$hid(r8, 0x0, 0x0)
syz_usb_control_io$hid(r8, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="00220f000000079b4d3948b30577f5d20b6d1fa40d90f253ae9b32baf5fb52b7da4bb97c928a095c48025801c5209c4b657395bdc0ef65f0821b0db516818e4cb498b6635f61a262ea432f24a3318825e7709c8cdc1260290f895c7192c821c61cf12ab1743321e12622ed1ee87ced4a96311543484be194003f851ad47609ac9c4a46d7a9e677f94b39cf932b0ed31a5fc7a7b340a9d3cb5abb6e00005776719733f70a4690e937a928f95f8061c2e85d1b829926b5b3d70583047cfbbe774362d40a0e295d45f5840b48a0e72909d2ec68fca9f280cd2837abd3fa28a165bd28e3c7875f906f0077f1a89003"], 0x0}, 0x0)
sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xffffffffffffffa3, &(0x7f00000009c0)={&(0x7f0000000a00)={0x38, 0x0, 0x100, 0x70bdaa, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xfffa}, @NL80211_ATTR_STA_PLINK_STATE={0x5, 0x74, 0x5}, @NL80211_ATTR_STA_FLAGS2={0xc, 0x43, {0x1, 0x695}}, @NL80211_ATTR_STA_WME={0x0, 0x81, [@NL80211_STA_WME_MAX_SP={0x0, 0x2, 0x7}, @NL80211_STA_WME_MAX_SP={0x0, 0x2, 0x7f}, @NL80211_STA_WME_MAX_SP={0x0, 0x2, 0x38}, @NL80211_STA_WME_UAPSD_QUEUES={0x0, 0x1, 0x1}, @NL80211_STA_WME_MAX_SP={0x0, 0x2, 0x1f}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4044050}, 0x40010)
sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000800)=ANY=[@ANYBLOB="980000000b060101000000000000000002000009100008800c000780060005404e24000064ffffffff00028008000900ffffffff06001df9ce40000400000800064000000004060005404e200000eaff1c40000000070900130073797a32000000001400170070696d3672656730000000000000bf20cc76460877ac947b14001700626f6e645f736c6176655f3100000000100007360c00194000000000000000090601dfd7365053a686dd467fd7fc2cc7b22bb7614176b6d64d39463ad9ce6a64a3566e264d3ee9da2d4bef7308190737128b3418805d643f0000000000000000000000b9b753d578057b258a79b7c1b2a3ee0b6c86d78c253f470eca2bad508735696f190601e3b27bc1183eed8c17c0fc1667af00b33a4758d1afcfa01988a9d663dca17cf8b8c99df6fb0463e473d7dad4f05811cda47e"], 0x98}, 0x1, 0x0, 0x0, 0x80}, 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@getnetconf={0x14, 0x52, 0x0, 0x2, 0x25dfdbfc, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x40000000)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xffffffef, &(0x7f0000000300)={&(0x7f0000001bc0)=ANY=[@ANYBLOB="8400000010001fff000002ee0000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000885203005c0012800b000100697036746e6c00004c00028006000f000000000014000300fc0000000000000000000000000000000400130008000100", @ANYRES32=r9, @ANYBLOB="0400130014000200fe8000000000000000090000200010bb050009002900000008000a00", @ANYRES32=r9, @ANYBLOB], 0x84}}, 0x4000080)
sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, 0x0, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @loopback}, @FOU_ATTR_IFINDEX={0x8, 0xb, r9}]}, 0x24}, 0x1, 0x0, 0x0, 0x40080a1}, 0xc000)
write$binfmt_misc(r7, &(0x7f0000000340)=ANY=[@ANYRESDEC=r4, @ANYRESDEC=r6, @ANYRES8=r8, @ANYRES8=r1], 0xff9d)
sendfile(r5, r7, &(0x7f0000000100), 0x2)
fcntl$addseals(r7, 0x409, 0x8)
fchown(r7, 0x0, 0x0)
socket$packet(0x11, 0x0, 0x300)
socket$packet(0x11, 0xa, 0x300)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r10, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r10, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r10, &(0x7f0000007fc0), 0x800001d, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)=ANY=[], 0x0)

2.69549046s ago: executing program 0 (id=854):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)

2.675952992s ago: executing program 2 (id=855):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="060000005ed2b8346a8f450018cee4d3b7f083205199e111b7da", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000300)={&(0x7f0000000400)=@deltclass={0x30, 0x29, 0x10, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x1, 0xa}, {0x6, 0x10}, {0x9, 0xffe0}}, [@tclass_kind_options=@c_skbprio={0xc}]}, 0x30}}, 0x0)
r3 = getpid()
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x10, 0x0, 0x2}]})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
r7 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r7, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbfb, 0x80000}, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000500)='mm_lru_insertion\x00'}, 0x10)
capget(&(0x7f0000000200)={0x20080522}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)

2.659805993s ago: executing program 0 (id=856):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000640), 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00'}, 0x10)
getrusage(0x0, &(0x7f00000006c0))

2.516220745s ago: executing program 0 (id=857):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000c80)=ANY=[@ANYBLOB="12010000000000406d0422c2000000000001090224000100000000090400000103000000092100000001220b0009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
syz_usb_control_io(r0, &(0x7f0000000100)={0x2c, &(0x7f0000000680)=ANY=[@ANYBLOB='\x00\x00\v\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0}, 0x0)

2.100277889s ago: executing program 4 (id=861):
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='mm_page_alloc\x00', r0}, 0x10)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000002180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000700)=ANY=[@ANYBLOB="3801"], 0x138)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) (fail_nth: 9)

1.799880333s ago: executing program 4 (id=862):
r0 = syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000540)='./bus/file0\x00', 0x10, &(0x7f0000000400)={[{@data_ordered}]}, 0x1, 0x7b9, &(0x7f00000029c0)="$eJzs3c1rXOUaAPDnTD5v2nuTCxdue1eBCxoonZgaWwUXFRciWCjo2jZMpqFmkimZSWlCIC0iuBG0uBB007UfdefWj63+C+pCRFqqpsWKCxk5k5lm0kySaT4mrfn94Ezed8578pxnzpn3vDPnMCeAfWswfchEHI6It5OI/trzSUR0VUudESeX291dWsilUxKVysu/JNU2d5YWctGwTOpArXIoIr58I+JIsjZuaW5+cqxQyM/U6sPlqQvDpbn5o+enxibyE/np4yOjo8dOPHWiZ+dy/e2b+YM333nh8U9O/vH6f6+/9VUSJ+NgbV5jHjtlMAZrr0lX+hKu8vxOB9tjTTYxj4BMRHQsv8vjcPRHR7XUmtZbAgAPk8WIqAAA+0zi+A8A+0z9e4A7Swu5dKos7u33Ee1267mI6F3Ov35+c3lOZ+2cXW/1PGjfnWTV+Y4kIgZ2IP5gRHzw2asfpVPs0nlIgGYuX4mIswOD9f5/pf9J1lyzsKz1CzKeaKHN4H31WvzvWw4CbNnn6fjn6ZXx38r7P3Nv/BNNxj89Td67WzEY0d1YXzv+ydzYgTDrSsd/z3ZFd6Rjv8piw/gvU28y0FGr/bM65utKzp0v5NO+7V8RMRRdPWl9ZIMYQ7f/vL3qiY6VYuP479err32Yxk//rrTI3Oi8r8sdHyuPbTfvultXIv7XuXJt3901/X9vdazbbPx7usUYLz7z5vvrzUvzT/OtT6vz3/2ryirXIh6L5vnXJRtdn3h8uLo7DNd3iiY+/eG9vvXiN27/dErj1z8LtEO6/fs2zn8gabxes/TgMb6+1v/FevM2z7/5/t+dvFIt1zuPS2Pl8sxIRHfy0trnj60sW6/X26f5D/2/Wf6ZDff/9DPh2Rbz77z588dbz393pfmPP9D2f/DC9buTHevFb237j1ZLQ9XHtNfdvP9rdQW39+oBAAAAAAAAAAAAAAAAAAAAAAAAQGsyEXEwkkz2XjmTyWaX7+H9n+jLFIql8pFzxdnp8ajeK3sgujL1n7rsb/g91JHa7+HX68fuqz8ZEf+OiHd7/lGtZ3PFwvheJw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANQfWuf9/6qeevV47AGDX9G7a4na+LSsCALTN5sd/AODvZqvH/8s7vB4AQPtsfvyvVCqLbVkVAKBNfP8PAPuP4z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC77PSpU+lU+X1pIZfWxy/OzU4WLx4dz5cms1OzuWyuOHMhO1EsThTy2VxxqmHRb5v9v0KxeGE0pmcvDZfzpfJwaW7+zFRxdrp85vzU2ET+TL6rbZkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOtKc/OTY4VCfmZLhWR7iytspVDpX950D8v67H7hx6PfHdqozdVt7sYKTQp73TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBr+CgAA//8miyuY")
r1 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000001c0)={'team_slave_1\x00', &(0x7f00000000c0)=@ethtool_drvinfo={0x23, "d4b9ecf53baff2954a9bd852c567b6e40a24e61fd5c4c152d589dd9c4198287f", "cf37e66d77260be3cf72b29e66f34694b39987739f509a1ee60640054785ff14", "5e4d2b1cb5512bbc6886dbc5ba606f4e325ab26400ce196f29c83ecc769b1d63", "c945f5a959732c70d0bb6a001f1496c9fca8230d9fe805bbb9454ef5cba3d376", "f95f163f2685cf8423b7fab56b8f388f63ad2f17ded6064bdb0cdce432750ba0", "b130d1198c7e42d05543c737"}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open(&(0x7f0000007fc0)='./bus\x00', 0x60142, 0x0)
open(&(0x7f0000000380)='./file1\x00', 0x42042, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001740)={0x9c02}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x4, 0x0, &(0x7f0000000180)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x90)
openat$full(0xffffffffffffff9c, &(0x7f0000001780), 0x20100, 0x0)
r5 = socket(0x10, 0x80002, 0x4)
sendmsg$nl_route_sched(r5, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newtaction={0x70, 0x13, 0x53b, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0xe80}}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x11}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)
r6 = socket(0x10, 0x80002, 0x4)
sendmsg$nl_route_sched(r6, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000a40)}, {0x0}, {&(0x7f0000000b00)="6455089ab9075e64c4bedb2b941533bc71ec4be38eeb5e2e6c9ecdda0c6ed7bd4706c3fb85575d0034077bb770e214219d50542e7e671050c17a8022b175ce074558fe4e94f15f588cb4a56928bae16bd7f992b843c5011456ed86b60133edc2903c9f6bdf9a3620f7577841abe2e06fef85eb3ee0091a527f0977e3ba534f7fa31caf7465d30df85587b36f219c23d089bbff7e259bffa1157b2393f0a3cd0a5bd97fadc821f659", 0xa8}, {&(0x7f0000000bc0)="148187735e85181ef5b798e0e0df3f67ae40874566271a94a4c5672cb6b12c53f6d38fb1e5b243e0fa875e9e3d66ab33a3f9738fb48c072d1f50e59e4dbc9e920775d2900835f91f3629cd853370b1f5ac1978d3d610b0a8332a25389244c9c5165173bf18e89b7e8be9507774d8824a1a61b29a1b8081c0ea1dd6a0d3d4e8e8a11debfa97f12b69736819fffc7f3b", 0x8f}], 0x5, &(0x7f00000012c0)=ANY=[@ANYBLOB="28000000000000000100000001000000b5376e51ab324160b1445009bfc3f82936bb8364a6e2f1156c4edfa76c8fd8a62c975d37d61c58094e0f4f8a9c48d4e621360d15ca9ab3e8ffa4ab41ed51e8cda603426f09bdeed81216d158e19abc17785c9854077c81c9", @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRESHEX, @ANYRES16, @ANYBLOB="000012001c000000000400fa0000", @ANYRESHEX, @ANYBLOB="00000000280000000100cc8d26e9ce24e5c36be347000001000000", @ANYRESOCT=r2, @ANYRES32=r5, @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32=r6], 0xa8, 0x40040}}], 0x1, 0x4000)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/kernel/fscaps', 0x200, 0x54)
r7 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c0000001200010000000000000000000a000000000000000101000004000000000000000000000000000000001d0346a7c0f7fafa62090100000000000080000000", @ANYRES32=0x0, @ANYBLOB="01000000fcffffff0000000000000000"], 0x4c}}, 0x0)
ioctl$sock_SIOCSIFBR(r5, 0x8941, &(0x7f0000000680)=@get={0x1, &(0x7f0000000000)=""/12, 0x9})
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x0, 0x168, 0x10, 0x190, 0xb, 0x388, 0x250, 0x250, 0x388, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [], [], 'veth1_to_batadv\x00', 'veth1_to_hsr\x00', {}, {}, 0x3a}, 0x6000000, 0x128, 0x190, 0x0, {0x0, 0x28e}, [@common=@icmp6={{0x28}, {0x0, 'K\r'}}, @common=@inet=@hashlimit1={{0x58}, {'netdevsim0\x00', {0x0, 0x0, 0x9, 0x1, 0x0, 0x10000, 0x80000001}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x1f8, 0x0, {}, [@common=@inet=@set2={{0x28}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:usb_device_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8)

1.799039413s ago: executing program 2 (id=863):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
socket$packet(0x11, 0x0, 0x300)
socket$packet(0x11, 0xa, 0x300)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)=ANY=[], 0x0) (fail_nth: 3)

1.417018434s ago: executing program 2 (id=864):
openat$selinux_checkreqprot(0xffffffffffffff9c, 0x0, 0x80400, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x3804c80, &(0x7f0000000000)={[{@orlov}, {@errors_remount}]}, 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='ext4_allocate_inode\x00'}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='ext4_allocate_inode\x00', r3}, 0x10)
mkdir(0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_int(r6, &(0x7f0000000040)='cpuset.cpus\x00', 0x2, 0x0)
sendfile(r7, r7, 0x0, 0x9c)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x400, &(0x7f0000000340)=ANY=[@ANYBLOB="4e69643d4807dc4a5330283702c7362626a9f3ef9c714dbbae1ed5c954e97dc2151a795cb1a0897fa292d5b6eff1ad916323b3221fa41f10e0c57ee02729bb67dd64670b0100301363fffba80344250c992cc92ca8ca4e188e5f820a4431c4c87f7d92ac02df2719cf8dc0", @ANYRESHEX=0xee01, @ANYBLOB=',shortname=win9H,uni_xlate=1,showexec,utf8=1,nonumtail=0,rodir,nfs,uni_xlate=1,\x00'], 0x0, 0x23f, &(0x7f0000000f80)="$eJzs3EGLG2UYB/DHbe1ut7TZgwgK4ote9DJ04ycI0oIYUNZG1IMwdScaMiZLJqxExPbm1c9RPHoT1C+wF2/eve1F8NKDGGmSbTc1Iop13Ob3g/A+w5s/PEMm4ZlAcvzOlx/3u1XWzcexsZViI+J23I3YuVctPLFYN2b1hfnB5ny5HS9f+uXH5956973XW+32tb2UrrduvNJMKV15/ttPPvvqhe/Hl97++so3m3G08/7xz82fjp4+eub4txsf9arUq9JgOE55ujkcjvObZZH2e1U/S+nNssirIvUGVTFa2u+Ww4ODScoH+5e3D0ZFVaV8MEn9YpLGwzQeTVL+Yd4bpCzL0uXt4K907uzt5a26u+DRGo1a+bmIuPiHnc6dWhoCAGr1j+f/BfP/WWb+Xwf35v/txft3mfkfAAAAAAAAAAAAAADOgrvTaWM6nTZO1pPHZkRsRcTJcd198mh4/dfbqR/ubUWUXxx2Djvzdb7f6kYvyijiajTi19n1sDCvr7/WvnY1zezEd+WtRf7WYefccn43GrGzOr87z6fl/JOxfTrfjEY8tTrfXJm/EC+9eCqfRSN++CCGUcb+7Lp+kP98N6VX32g/lL84ex4AAAA8DrJ038r79yz7s/15/m98P/DQ/fX5ePZ8vecOAAAA66KafNrPy7IYKRQKxf2i7k8mAADg3/Zg6K+7EwAAAAAAAAAAAAAAAAAAAFhf/8XfidV9jgAAAAAAAAAAAAAAAAAAAAAAAPB/8XsAAAD//+25MAc=")
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000300), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r8, 0x0)

1.403310815s ago: executing program 4 (id=865):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@bloom_filter={0x1e, 0x80, 0x0, 0x6, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x2}, 0x48)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
nanosleep(&(0x7f0000000080), 0x0)
r5 = socket$inet6(0xa, 0x3, 0x2)
setsockopt$inet6_buf(r5, 0x29, 0x39, &(0x7f00000001c0)="0022040000ffffebfffffffeffffff0706000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e", 0x116)
setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x8)
write$binfmt_aout(r5, 0x0, 0x0)
inotify_init1(0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000001a80)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa011eee65624aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006e0400000000000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83c6e613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038d0100a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b17680100969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06de269e97fbb0776bf56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105cfdf8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f01000080000000004febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60133641a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df745986d96cc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f6"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r6}, 0x10)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@clear_death, @request_death], 0x0, 0x0, 0x0})
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000080)='./file0\x00', 0x800090, &(0x7f0000008740)={[{@shortname_winnt}, {@uni_xlate}, {@shortname_win95}, {@numtail}, {@shortname_mixed}, {@utf8no}, {@uni_xlate}, {@fat=@uid}, {@fat=@check_strict}, {@uni_xlate}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@fat=@codepage={'codepage', 0x3d, '869'}}, {@rodir}, {@utf8}, {@fat=@dmask={'dmask', 0x3d, 0x40}}, {@uni_xlateno}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@shortname_lower}, {@nonumtail}, {@shortname_win95}, {@rodir}, {@utf8no}, {@nonumtail}, {@shortname_lower}, {@shortname_mixed}, {@utf8}], [{@appraise}, {@context={'context', 0x3d, 'system_u'}}]}, 0x6, 0x2d3, &(0x7f0000000a40)="$eJzs3b1rJGUYAPBnNrMfarFbWInggBZWx+Vamw1yB2Iqjy1OCw3eHUh2ES4Q8QPXq8TOxtK/QBD8Q2zsLAVbwc4IgZGZncl+ZNhsJBvx8vsVyZuZ55n3ed+ZJNPkyQcvTw4fZvH46Re/Ra+XRGvYjThJYhCtqH0VS4bfBgDwf3aS5/FnPtNw+tdv1uT2tlgXALA9F/z+r6TlxwdFxE/XVxsAsB33H7z79t7+/t13sqwX9yZfH4+SiCg+z87vPY6PYhyP4nb04zSifFFoR/m2UAzv5Xk+TbPCIF6bTI9HRebk/Z+r6+/9EVHm70Y/BuWhs7eNMv+t/bu72cxC/rSo4/lq/mGRfyf68eJZ8lL+nYb8GHXi9VcX6r8V/fjlw/g4xvGwLGKe/+Vulr2Zf/fX5+8V5RX5yfR41C3j5vKdevLpNd8jAAAAAAAAAAAAAAAAAAAAAACePbeq3jndKPv3FIeq/js7p8UX7chqg+X+PLP8pL7QvD9QtPI8n+bxfd1f53aWZXkVOM9P46W0aiwIAAAAAAAAAAAAAAAAAAAAN9zRp58dHozHj55cyaDuBpBGxN/3I/7tdYYLR16J9cHdas6D8bhVDZdj0sUjsVPHJBFryygWcUXbctHguXM1V4MffmzMKlZ0lEbTqd7Fk7ab57rk4JP2bB8bY+qn6/Agad7D7lnxveLGxeqN60Tz7O1YOdKp7+dqcP0obracTuOp/qW3pfNCOZiuiYlk3ffFG78vLSeJleBO2XGjMb1dDZp2Y/ZsbPQ8R2+Wfv5nRaJbBwAAAAAAAAAAAAAAAAAAbNX8r38bTj5dm9rKu1srCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACu1fz//28ySJeTN8jqxJOj/2ptAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3Bz/BAAA//8a6VGq")
r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
copy_file_range(r7, 0x0, 0xffffffffffffffff, &(0x7f00000000c0)=0x10000, 0x0, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r7, 0x4068aea3, &(0x7f00000004c0)={0x79, 0x0, 0x1})
creat(&(0x7f0000000300)='./file0\x00', 0x0)

529.719417ms ago: executing program 2 (id=866):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000680)='./file2\x00', 0x800000, &(0x7f00000007c0)=ANY=[@ANYBLOB="6e6f757365725f78617474722c666c7573685f6d657267652c6673796e635f6d6f64653d706f7369782c64697361626c655f6578745f6964656e746966792c6261636b67726f756e645f67633d73796e632c6673796e635f6d6f64653d7374726963742c6e6f626172726965722c6e6f696e6c696e655f646174612c6e6f626172726965722c71756f74612c6261636b67726f756e645f67633d6f66662c6e6f61636c2c6e6f657874656e745f63616368652c6e6f646973636172642c6163746976655f6c6f67733d342c00e62bc03000c35169ed09803fa1bee488c680f339e530b5e8ad120a2b4f078093a8e0ba2b3d1b5fe99356b80a454c1ec2f8e12392bbffe9fae2fa05e18a6b61f5eded2e484f574d2757a5fe762c770477aa3460313ee54451c6a6159eca600d6c85a8c09cef9996dc851a5f5edf1a4a22576c6dfe6b9e8dade2d3a8e6a8c7710733c1f69aabd8880291"], 0x1, 0x5504, &(0x7f000000c0c0)="$eJzs3M1rI2UYAPB32u1+uxbx4G0HFqGFTWj6seit6i5+YJey6sGTpsk0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJl3qls/QGma2O3vB5Nn5p03zzxvKIVnJiQA59Z8+vOPSbgRroQQZkMI10Mo9pNyK6zH8Fx5buaxLSnHfx+4GEK4GkK4MUoecyblqU9vD2+t/fDGT199c+nCtc++/HZ6qwam7fkQQncn7u93Y8xbMT4sx+vDdhG7q8MyxhPdR+VxHuN+tlVk2K8fzasXcaUV5+c7e/1R3O7UG6PYam8X4zu9eMH+sHWUp3jDw/pucdzMtorY7udFbB3Gug4O4/+2w/4g5mmW+T4o0ofB4CjG8ewgi+vZeVTERm9Qjse8eTM7GMVhGcvLhUbeaRZ1bJ3kk/5/e7Pd2ztIh9luv5330rVq7YVq7U6ltps3s0G2Wql3m3dW04VWZzStMsjq3fVWnrc6WbWRdxfThVajUanV0oW72Va73ktrtepKdamytlju3U5fvf9O2mmmC6P4cru3N2h3+ul2vpvGdyymy9WVFxfTW7X0rY3NdPPBvXsbm2+/d/fd+y9tvP5KOekvZaULy0vLy5XaUmW5tniO1v9RWfQY1w8nkky7AICz57/2/zf1/8AYnF7/v/sghNPv/4P+fyzOVP973vv/U1g/nIj+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg3Ppu7vPXip35eHytHH+qHHqmPE5CCDMhhF//xmy4eCznbJln7h/mz/2phq+TUGQYXeNSuV0NIayX2y9Pn/anAAAAAE+uLz68+Uns1uPL/LQLYpLiTZuZ6++PKV8SQpib/35M2WZGL8+OKVnx930hHIwpW3ED6/KYksVbbhfGle1fmT0WLj8WkhhmJloOAAAwEcc7gcl2IQAAAEzSx9MugOlIwtGjzKNnwcU37/94IHjl2BEAAABwBiXTLgAAAAA4dUX/7/f/AAAA4MkWf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5j535yUgfiOID/WuiD9y+PvLj3Ku7gGB7BpUvDAbwER8AreAHPgDuPYMDQqUQU3XRKI/l8kjJMQ77MELqY3yQDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTpsVrO7m7Ob9vmrDft5JkNAAAAcMiqWs7qN5PU/93c/9vc+t/0i4goI+LQ2n0QP/YyB01O9cnnq3djuI+oE7bfMWquXxFx0VzP/7r+FQAAAOB0PcwX07RaTy+TvgfEMaWiTfnnMlNeERHV5ClTWrnNO8sUVv+/h3GdKa0uYI0zhaWS2zBX2kcHouvHfVe1G79pitSUX0dmmzsAAHBEg72mw1UIAAAAPbvqewD0o4jXrczdVuAoNc323s+9HgAAAPANFX0PAAAAAOhcvf53/h8AAACctnT+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF1aVctZNV9M2+asN+3kmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALywP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/uzs7WVsUYJYeIKHjQi023tbU38aAED/4JQki3NXbrjzYHW4qQizfJuRfRo4igxFv/h55b6KXeesihghcvlTc/kmkMuFo7s20+H3jzvjsZ3vu+GQj5zkwWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNr2u7txljZzZdyv9t28d3U19bf29Mn1zduLqaW412bSj4eXmx96C90lAgAAwMGR1fV9RNzJt5ZT358r6v+8PibV/N89W8Z1Pb+37q/7uvZP7ddf7r64M9FcOU8a9OzaZHzs76kMHt0qZ9tz/3jEoDjzxb2XrLgg/Q82XtjOi/PZ++bGjfeGRXiojWwBgP/iaN1XQf33UOpHXSYGwIExaBTedf2fzXWbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAbtjfi6TruRcTiYDdObt27urpff33z9mLdTl27ttkcMw2RR8TZtcn4WItrmXWXLl85vzKZjC+2H7wSEV3N/k61/PMfTXFwRCfnR/A/Bf3qYs9KPg8T5NVaHv1cHf1CAgDgiZVXLdX1d/Kt5bSvNx9x//sH6//XG3FMWf/f/fjUzeZczfp/1NoKZ9/S+oXPly5dvvLm2oWVc+Nz40/fOj56e3Ti9MmTp5eKeyVL7pgAAADwcIZVa9b/wz3HpJ8dacQxZf3/xbejr5rjZOr/fe0+9Os6EwAAgIPt+Vf/+L23z/7ecBhfrqyvXxyV253Px8ttB6n+a4eq1qz/s/muswIAAADasL3Re+D9/zONOKZ8/v/MDy/91Bwzi4jD1fP/o6ufTc60t5yZ1sa/Lne9RgAAALp1uGrN5//5fKr/+zuvPPQj4o3Xyrj6GsCp6v/s/a9/bM7VfP//RHtLnEn9hfJ8FP1CxGCh64wAAAB4Uv15P+KpKFsq9n/Lt5Y/+fnIh0Pv/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC07a8AAAD//3npOno=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r0, 0x0, 0x800003d, 0x7ff)
write$binfmt_script(r0, &(0x7f00000000c0), 0xb)
lseek(r0, 0x0, 0x3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180800000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
write$cgroup_int(r6, &(0x7f0000000100), 0x1001)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4000000000b00007910000000000000c310000951000000950074000000000031fb0d3a4231020004399d17d34e075fdcda533ab1aa71ab1d764152e6cb25dadc7ded5dbe11b62ac5ea9fca11027d19e93adb604a7d3deb92de3141e8ed7ac5b8902070213cdfdc5d6c4890cdeb50347c32060581172b94c6ba22a2b58eb6cbad46ed6e7965a2ba103b0b36f790bb41931f9a3d4dd127c1b4e49f7468f5e603950c4f67581c92ef8a7e8ece17d5f5b169391ef409c39c263895739e3d702c128b35d5fc23469240c61e150e2bae385f9ac9b03c22b0f7050c166b835298c5911f1053a723aee89051c24e1900ab97fa52d2e06dce0248a829ed46a520db4c1432080bbf707ad2f8af8118ee7d434a960ed6be4455ba57cb06459b64689e77ce95823a5533f5b11118906fd2fc29b3697c637d3693d4b4aade6f9202e6cfa6d7507f88af38b6109ad8f82b1d600a5447831df835d7000000218b0222004f98a7a0caddc397d8414be912b4e7536fefd951fe23a56fbf9fc643c6604268b5ccc13b996aaed0a6f6470566c8f534e5d486b2141646b35fd4472be8195fd917446a8abb1c2cd5dc09e2d75ec00ede2841e497d5178cf9445c7bb11f3c5cfdcae8c476d3fb75cac727143f92798a44864b49366b6cf228d9bc1d99ab2104e3c2e17ec46fbce102c158ff3748f1eb90b83d8be0dfcefbeed222009b41ad34d8656daf41e23322e58d91811feffc39ec11b11cc611f6fbfd999c3bef10caa2e8692259d40d69ed3d85ec2813b007b8ce6384a28798f445ad7fc451865fe45a06977f7a785f8e97544aad1f844f2a4799944e0daf6d4c3a7d30b7d89781ca607048c50945c45d5a6f2c5145416176fd64c559e6a272b92c92052a9005aaa25d09613aba2e7d429ae40c249e7996e4bc213c24699889ea320c40f32dcdaa19893e17c57d7e8c51d5f320d99e8c2521c339c33bf6c41fde029061c088"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$SIOCSIFHWADDR(r6, 0x4030582b, 0x0)

529.146697ms ago: executing program 4 (id=867):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)

479.445571ms ago: executing program 4 (id=868):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000640), 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00'}, 0x10)
getrusage(0x0, &(0x7f00000006c0))

360.223631ms ago: executing program 4 (id=869):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000680)='./file2\x00', 0x800000, &(0x7f00000007c0)=ANY=[@ANYBLOB="6e6f757365725f78617474722c666c7573685f6d657267652c6673796e635f6d6f64653d706f7369782c64697361626c655f6578745f6964656e746966792c6261636b67726f756e645f67633d73796e632c6673796e635f6d6f64653d7374726963742c6e6f626172726965722c6e6f696e6c696e655f646174612c6e6f626172726965722c71756f74612c6261636b67726f756e645f67633d6f66662c6e6f61636c2c6e6f657874656e745f63616368652c6e6f646973636172642c6163746976655f6c6f67733d342c00e62bc03000c35169ed09803fa1bee488c680f339e530b5e8ad120a2b4f078093a8e0ba2b3d1b5fe99356b80a454c1ec2f8e12392bbffe9fae2fa05e18a6b61f5eded2e484f574d2757a5fe762c770477aa3460313ee54451c6a6159eca600d6c85a8c09cef9996dc851a5f5edf1a4a22576c6dfe6b9e8dade2d3a8e6a8c7710733c1f69aabd8880291"], 0x1, 0x5504, &(0x7f000000c0c0)="$eJzs3M1rI2UYAPB32u1+uxbx4G0HFqGFTWj6seit6i5+YJey6sGTpsk0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJl3qls/QGma2O3vB5Nn5p03zzxvKIVnJiQA59Z8+vOPSbgRroQQZkMI10Mo9pNyK6zH8Fx5buaxLSnHfx+4GEK4GkK4MUoecyblqU9vD2+t/fDGT199c+nCtc++/HZ6qwam7fkQQncn7u93Y8xbMT4sx+vDdhG7q8MyxhPdR+VxHuN+tlVk2K8fzasXcaUV5+c7e/1R3O7UG6PYam8X4zu9eMH+sHWUp3jDw/pucdzMtorY7udFbB3Gug4O4/+2w/4g5mmW+T4o0ofB4CjG8ewgi+vZeVTERm9Qjse8eTM7GMVhGcvLhUbeaRZ1bJ3kk/5/e7Pd2ztIh9luv5330rVq7YVq7U6ltps3s0G2Wql3m3dW04VWZzStMsjq3fVWnrc6WbWRdxfThVajUanV0oW72Va73ktrtepKdamytlju3U5fvf9O2mmmC6P4cru3N2h3+ul2vpvGdyymy9WVFxfTW7X0rY3NdPPBvXsbm2+/d/fd+y9tvP5KOekvZaULy0vLy5XaUmW5tniO1v9RWfQY1w8nkky7AICz57/2/zf1/8AYnF7/v/sghNPv/4P+fyzOVP973vv/U1g/nIj+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg3Ppu7vPXip35eHytHH+qHHqmPE5CCDMhhF//xmy4eCznbJln7h/mz/2phq+TUGQYXeNSuV0NIayX2y9Pn/anAAAAAE+uLz68+Uns1uPL/LQLYpLiTZuZ6++PKV8SQpib/35M2WZGL8+OKVnx930hHIwpW3ED6/KYksVbbhfGle1fmT0WLj8WkhhmJloOAAAwEcc7gcl2IQAAAEzSx9MugOlIwtGjzKNnwcU37/94IHjl2BEAAABwBiXTLgAAAAA4dUX/7/f/AAAA4MkWf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5j535yUgfiOID/WuiD9y+PvLj3Ku7gGB7BpUvDAbwER8AreAHPgDuPYMDQqUQU3XRKI/l8kjJMQ77MELqY3yQDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTpsVrO7m7Ob9vmrDft5JkNAAAAcMiqWs7qN5PU/93c/9vc+t/0i4goI+LQ2n0QP/YyB01O9cnnq3djuI+oE7bfMWquXxFx0VzP/7r+FQAAAOB0PcwX07RaTy+TvgfEMaWiTfnnMlNeERHV5ClTWrnNO8sUVv+/h3GdKa0uYI0zhaWS2zBX2kcHouvHfVe1G79pitSUX0dmmzsAAHBEg72mw1UIAAAAPbvqewD0o4jXrczdVuAoNc323s+9HgAAAPANFX0PAAAAAOhcvf53/h8AAACctnT+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF1aVctZNV9M2+asN+3kmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALywP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/uzs7WVsUYJYeIKHjQi023tbU38aAED/4JQki3NXbrjzYHW4qQizfJuRfRo4igxFv/h55b6KXeesihghcvlTc/kmkMuFo7s20+H3jzvjsZ3vu+GQj5zkwWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNr2u7txljZzZdyv9t28d3U19bf29Mn1zduLqaW412bSj4eXmx96C90lAgAAwMGR1fV9RNzJt5ZT358r6v+8PibV/N89W8Z1Pb+37q/7uvZP7ddf7r64M9FcOU8a9OzaZHzs76kMHt0qZ9tz/3jEoDjzxb2XrLgg/Q82XtjOi/PZ++bGjfeGRXiojWwBgP/iaN1XQf33UOpHXSYGwIExaBTedf2fzXWbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAbtjfi6TruRcTiYDdObt27urpff33z9mLdTl27ttkcMw2RR8TZtcn4WItrmXWXLl85vzKZjC+2H7wSEV3N/k61/PMfTXFwRCfnR/A/Bf3qYs9KPg8T5NVaHv1cHf1CAgDgiZVXLdX1d/Kt5bSvNx9x//sH6//XG3FMWf/f/fjUzeZczfp/1NoKZ9/S+oXPly5dvvLm2oWVc+Nz40/fOj56e3Ti9MmTp5eKeyVL7pgAAADwcIZVa9b/wz3HpJ8dacQxZf3/xbejr5rjZOr/fe0+9Os6EwAAgIPt+Vf/+L23z/7ecBhfrqyvXxyV253Px8ttB6n+a4eq1qz/s/muswIAAADasL3Re+D9/zONOKZ8/v/MDy/91Bwzi4jD1fP/o6ufTc60t5yZ1sa/Lne9RgAAALp1uGrN5//5fKr/+zuvPPQj4o3Xyrj6GsCp6v/s/a9/bM7VfP//RHtLnEn9hfJ8FP1CxGCh64wAAAB4Uv15P+KpKFsq9n/Lt5Y/+fnIh0Pv/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC07a8AAAD//3npOno=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r0, 0x0, 0x800003d, 0x7ff)
write$binfmt_script(r0, &(0x7f00000000c0), 0xb)
lseek(r0, 0x0, 0x3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180800000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
write$cgroup_int(r6, &(0x7f0000000100), 0x1001)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4000000000b00007910000000000000c310000951000000950074000000000031fb0d3a4231020004399d17d34e075fdcda533ab1aa71ab1d764152e6cb25dadc7ded5dbe11b62ac5ea9fca11027d19e93adb604a7d3deb92de3141e8ed7ac5b8902070213cdfdc5d6c4890cdeb50347c32060581172b94c6ba22a2b58eb6cbad46ed6e7965a2ba103b0b36f790bb41931f9a3d4dd127c1b4e49f7468f5e603950c4f67581c92ef8a7e8ece17d5f5b169391ef409c39c263895739e3d702c128b35d5fc23469240c61e150e2bae385f9ac9b03c22b0f7050c166b835298c5911f1053a723aee89051c24e1900ab97fa52d2e06dce0248a829ed46a520db4c1432080bbf707ad2f8af8118ee7d434a960ed6be4455ba57cb06459b64689e77ce95823a5533f5b11118906fd2fc29b3697c637d3693d4b4aade6f9202e6cfa6d7507f88af38b6109ad8f82b1d600a5447831df835d7000000218b0222004f98a7a0caddc397d8414be912b4e7536fefd951fe23a56fbf9fc643c6604268b5ccc13b996aaed0a6f6470566c8f534e5d486b2141646b35fd4472be8195fd917446a8abb1c2cd5dc09e2d75ec00ede2841e497d5178cf9445c7bb11f3c5cfdcae8c476d3fb75cac727143f92798a44864b49366b6cf228d9bc1d99ab2104e3c2e17ec46fbce102c158ff3748f1eb90b83d8be0dfcefbeed222009b41ad34d8656daf41e23322e58d91811feffc39ec11b11cc611f6fbfd999c3bef10caa2e8692259d40d69ed3d85ec2813b007b8ce6384a28798f445ad7fc451865fe45a06977f7a785f8e97544aad1f844f2a4799944e0daf6d4c3a7d30b7d89781ca607048c50945c45d5a6f2c5145416176fd64c559e6a272b92c92052a9005aaa25d09613aba2e7d429ae40c249e7996e4bc213c24699889ea320c40f32dcdaa19893e17c57d7e8c51d5f320d99e8c2521c339c33bf6c41fde029061c088"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$SIOCSIFHWADDR(r6, 0x4030582b, 0x0)

359.900091ms ago: executing program 3 (id=870):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
getrusage(0x0, 0x0)

345.744282ms ago: executing program 3 (id=871):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0}, 0x90)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00'}, 0x10)
getrusage(0x0, &(0x7f00000006c0))

260.090989ms ago: executing program 1 (id=872):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000200)}, 0x20)
r2 = openat2(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480)={0x41000, 0x1, 0x1}, 0x18)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="1809000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0xa, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xe}, [@exit, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @jmp={0x5, 0x1, 0xc, 0x5, 0x0, 0x1, 0x1a}]}, &(0x7f0000000340)='syzkaller\x00', 0x0, 0xb2, &(0x7f0000000380)=""/178, 0x40f00, 0x60, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f00000004c0)={0x6, 0x5}, 0x8, 0x10, &(0x7f0000000500)={0x0, 0x6, 0x3, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000540)=[r0, r0, r0, r0, r3, r0, r0, r0, r0], 0x0, 0x10, 0x7}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
inotify_init1(0x0)

194.081324ms ago: executing program 1 (id=873):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYRESOCT], &(0x7f0000000200)='GPL\x00', 0x100000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f00000000c0)={[{@grpid}, {@grpquota}, {@grpid}, {@errors_remount}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x6, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
fchdir(r6)
close(r6)
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r6, 0x7, 0x0, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r7}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r8}, 0x10)
write$cgroup_subtree(r3, &(0x7f00000003c0)=ANY=[], 0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
syz_usb_connect$cdc_ncm(0x0, 0x86, &(0x7f00000006c0)=ANY=[@ANYBLOB="1201100302000010"], 0x0)
r9 = syz_open_dev$usbfs(&(0x7f0000000000), 0x71, 0x2081)
ioctl$USBDEVFS_CONTROL(r9, 0xc0185500, &(0x7f0000000340)={0x80, 0x6, 0x301, 0x0, 0x0, 0x0, 0x0})
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})

193.761734ms ago: executing program 3 (id=874):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x0, &(0x7f0000000000/0x400000)=nil)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r7}, 0x10)
r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r9 = dup(r8)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"])
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000200)='kmem_cache_free\x00', r10}, 0x10)
r11 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r11, &(0x7f0000002800)=[{&(0x7f0000002500)='\f7', 0x2}], 0x1)
write$cgroup_pid(r11, &(0x7f00000031c0), 0x12)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2000f4ff680000040000000000000000000000000700000008000a0000000000"], 0x20}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r12, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)

0s ago: executing program 2 (id=875):
r0 = syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000540)='./bus/file0\x00', 0x10, &(0x7f0000000400)={[{@data_ordered}]}, 0x1, 0x7b9, &(0x7f00000029c0)="$eJzs3c1rXOUaAPDnTD5v2nuTCxdue1eBCxoonZgaWwUXFRciWCjo2jZMpqFmkimZSWlCIC0iuBG0uBB007UfdefWj63+C+pCRFqqpsWKCxk5k5lm0kySaT4mrfn94Ezed8578pxnzpn3vDPnMCeAfWswfchEHI6It5OI/trzSUR0VUudESeX291dWsilUxKVysu/JNU2d5YWctGwTOpArXIoIr58I+JIsjZuaW5+cqxQyM/U6sPlqQvDpbn5o+enxibyE/np4yOjo8dOPHWiZ+dy/e2b+YM333nh8U9O/vH6f6+/9VUSJ+NgbV5jHjtlMAZrr0lX+hKu8vxOB9tjTTYxj4BMRHQsv8vjcPRHR7XUmtZbAgAPk8WIqAAA+0zi+A8A+0z9e4A7Swu5dKos7u33Ee1267mI6F3Ov35+c3lOZ+2cXW/1PGjfnWTV+Y4kIgZ2IP5gRHzw2asfpVPs0nlIgGYuX4mIswOD9f5/pf9J1lyzsKz1CzKeaKHN4H31WvzvWw4CbNnn6fjn6ZXx38r7P3Nv/BNNxj89Td67WzEY0d1YXzv+ydzYgTDrSsd/z3ZFd6Rjv8piw/gvU28y0FGr/bM65utKzp0v5NO+7V8RMRRdPWl9ZIMYQ7f/vL3qiY6VYuP479err32Yxk//rrTI3Oi8r8sdHyuPbTfvultXIv7XuXJt3901/X9vdazbbPx7usUYLz7z5vvrzUvzT/OtT6vz3/2ryirXIh6L5vnXJRtdn3h8uLo7DNd3iiY+/eG9vvXiN27/dErj1z8LtEO6/fs2zn8gabxes/TgMb6+1v/FevM2z7/5/t+dvFIt1zuPS2Pl8sxIRHfy0trnj60sW6/X26f5D/2/Wf6ZDff/9DPh2Rbz77z588dbz393pfmPP9D2f/DC9buTHevFb237j1ZLQ9XHtNfdvP9rdQW39+oBAAAAAAAAAAAAAAAAAAAAAAAAQGsyEXEwkkz2XjmTyWaX7+H9n+jLFIql8pFzxdnp8ajeK3sgujL1n7rsb/g91JHa7+HX68fuqz8ZEf+OiHd7/lGtZ3PFwvheJw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANQfWuf9/6qeevV47AGDX9G7a4na+LSsCALTN5sd/AODvZqvH/8s7vB4AQPtsfvyvVCqLbVkVAKBNfP8PAPuP4z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC77PSpU+lU+X1pIZfWxy/OzU4WLx4dz5cms1OzuWyuOHMhO1EsThTy2VxxqmHRb5v9v0KxeGE0pmcvDZfzpfJwaW7+zFRxdrp85vzU2ET+TL6rbZkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOtKc/OTY4VCfmZLhWR7iytspVDpX950D8v67H7hx6PfHdqozdVt7sYKTQp73TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBr+CgAA//8miyuY")
r1 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000001c0)={'team_slave_1\x00', &(0x7f00000000c0)=@ethtool_drvinfo={0x23, "d4b9ecf53baff2954a9bd852c567b6e40a24e61fd5c4c152d589dd9c4198287f", "cf37e66d77260be3cf72b29e66f34694b39987739f509a1ee60640054785ff14", "5e4d2b1cb5512bbc6886dbc5ba606f4e325ab26400ce196f29c83ecc769b1d63", "c945f5a959732c70d0bb6a001f1496c9fca8230d9fe805bbb9454ef5cba3d376", "f95f163f2685cf8423b7fab56b8f388f63ad2f17ded6064bdb0cdce432750ba0", "b130d1198c7e42d05543c737"}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open(&(0x7f0000007fc0)='./bus\x00', 0x60142, 0x0)
open(&(0x7f0000000380)='./file1\x00', 0x42042, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001740)={0x9c02}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x4, 0x0, &(0x7f0000000180)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x90)
openat$full(0xffffffffffffff9c, &(0x7f0000001780), 0x20100, 0x0)
r5 = socket(0x10, 0x80002, 0x4)
sendmsg$nl_route_sched(r5, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newtaction={0x70, 0x13, 0x53b, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0xe80}}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x11}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)
r6 = socket(0x10, 0x80002, 0x4)
sendmsg$nl_route_sched(r6, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000a40)}, {0x0}, {&(0x7f0000000b00)="6455089ab9075e64c4bedb2b941533bc71ec4be38eeb5e2e6c9ecdda0c6ed7bd4706c3fb85575d0034077bb770e214219d50542e7e671050c17a8022b175ce074558fe4e94f15f588cb4a56928bae16bd7f992b843c5011456ed86b60133edc2903c9f6bdf9a3620f7577841abe2e06fef85eb3ee0091a527f0977e3ba534f7fa31caf7465d30df85587b36f219c23d089bbff7e259bffa1157b2393f0a3cd0a5bd97fadc821f659", 0xa8}, {&(0x7f0000000bc0)="148187735e85181ef5b798e0e0df3f67ae40874566271a94a4c5672cb6b12c53f6d38fb1e5b243e0fa875e9e3d66ab33a3f9738fb48c072d1f50e59e4dbc9e920775d2900835f91f3629cd853370b1f5ac1978d3d610b0a8332a25389244c9c5165173bf18e89b7e8be9507774d8824a1a61b29a1b8081c0ea1dd6a0d3d4e8e8a11debfa97f12b69736819fffc7f3b", 0x8f}], 0x5, &(0x7f00000012c0)=ANY=[@ANYBLOB="28000000000000000100000001000000b5376e51ab324160b1445009bfc3f82936bb8364a6e2f1156c4edfa76c8fd8a62c975d37d61c58094e0f4f8a9c48d4e621360d15ca9ab3e8ffa4ab41ed51e8cda603426f09bdeed81216d158e19abc17785c9854077c81c9", @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRESHEX, @ANYBLOB="000012001c000000000400fa000000", @ANYRESHEX, @ANYBLOB="00000000280000000100cc8d26e9ce24e5c36be347000001000000", @ANYRESOCT=r2, @ANYRES32=r5, @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32=r6], 0xa8, 0x40040}}], 0x1, 0x4000)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/kernel/fscaps', 0x200, 0x54)
r7 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c0000001200010000000000000000000a000000000000000101000004000000000000000000000000000000001d0346a7c0f7fafa62090100000000000080000000", @ANYRES32=0x0, @ANYBLOB="01000000fcffffff0000000000000000"], 0x4c}}, 0x0)
ioctl$sock_SIOCSIFBR(r5, 0x8941, &(0x7f0000000680)=@get={0x1, &(0x7f0000000000)=""/12, 0x9})
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x0, 0x168, 0x10, 0x190, 0xb, 0x388, 0x250, 0x250, 0x388, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [], [], 'veth1_to_batadv\x00', 'veth1_to_hsr\x00', {}, {}, 0x3a}, 0x6000000, 0x128, 0x190, 0x0, {0x0, 0x28e}, [@common=@icmp6={{0x28}, {0x0, 'K\r'}}, @common=@inet=@hashlimit1={{0x58}, {'netdevsim0\x00', {0x0, 0x0, 0x9, 0x1, 0x0, 0x10000, 0x80000001}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x1f8, 0x0, {}, [@common=@inet=@set2={{0x28}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:usb_device_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8)

kernel console output (not intermixed with test programs):

ifferent from the descriptor's value: 0
[  114.064906][  T519] usb 4-1: config 250 has no interface number 0
[  114.071090][  T519] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  114.082530][  T519] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  114.092774][  T519] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid maxpacket 12592, setting to 1024
[  114.104241][  T519] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 1024
[  114.114557][  T519] usb 4-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  114.127847][  T519] usb 4-1: config 250 interface 228 has no altsetting 0
[  114.295933][ T2115] loop0: detected capacity change from 0 to 128
[  114.304061][ T2115] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  114.314600][  T519] usb 4-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  114.314644][ T2115] ext4 filesystem being mounted at /112/mnt supports timestamps until 2038 (0x7fffffff)
[  114.323503][  T519] usb 4-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  114.342450][  T519] usb 4-1: Product: syz
[  114.346562][  T519] usb 4-1: SerialNumber: syz
[  114.390006][  T519] hub 4-1:250.228: bad descriptor, ignoring hub
[  114.396266][  T519] hub: probe of 4-1:250.228 failed with error -5
[  114.424253][ T1647] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  114.431912][   T39] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  114.586784][ T2128] loop0: detected capacity change from 0 to 2048
[  114.600331][  T519] usblp 4-1:250.228: usblp0: USB Bidirectional printer dev 11 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  114.700301][ T2130] loop4: detected capacity change from 0 to 512
[  114.800670][ T2130] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  114.809258][ T1647] usb 3-1: Using ep0 maxpacket: 8
[  114.812094][ T2130] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038 (0x7fffffff)
[  114.902223][ T2135] xt_CT: No such helper "pptp"
[  114.929619][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  114.941093][ T1647] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  114.953014][   T39] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  114.969248][    C1] usblp0: nonzero read bulk status received: -71
[  114.977032][ T1647] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  114.987961][ T1647] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  114.996943][   T39] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  115.006980][ T1647] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.014831][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.019308][  T432] usb 4-1: USB disconnect, device number 11
[  115.029545][ T1647] usb 3-1: config 0 descriptor??
[  115.034368][   T39] usb 2-1: config 0 descriptor??
[  115.037014][  T432] usblp0: removed
[  115.406362][   T30] kauditd_printk_skb: 103 callbacks suppressed
[  115.406377][   T30] audit: type=1326 audit(2000000068.489:1139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  115.436032][   T30] audit: type=1326 audit(2000000068.489:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  115.460331][   T30] audit: type=1326 audit(2000000068.499:1141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  115.484078][   T30] audit: type=1326 audit(2000000068.499:1142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  115.520044][ T1647] kone 0003:1E7D:2CED.0015: collection stack underflow
[  115.529786][ T1647] kone 0003:1E7D:2CED.0015: item 0 1 0 12 parsing failed
[  115.533014][   T30] audit: type=1326 audit(2000000068.499:1143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  115.540086][   T39] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  115.571959][ T1647] kone 0003:1E7D:2CED.0015: parse failed
[  115.587923][ T1647] kone: probe of 0003:1E7D:2CED.0015 failed with error -22
[  115.598006][   T39] plantronics 0003:047F:FFFF.0016: No inputs registered, leaving
[  115.610517][   T30] audit: type=1326 audit(2000000068.499:1144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  115.639887][   T39] plantronics 0003:047F:FFFF.0016: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  115.659320][   T30] audit: type=1326 audit(2000000068.499:1145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  115.694855][ T2148] loop4: detected capacity change from 0 to 512
[  115.709405][   T30] audit: type=1326 audit(2000000068.499:1146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  115.740436][  T432] usb 3-1: USB disconnect, device number 16
[  115.754066][   T30] audit: type=1326 audit(2000000068.499:1147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  115.786515][  T519] usb 2-1: USB disconnect, device number 14
[  115.795724][ T2143] loop0: detected capacity change from 0 to 40427
[  115.803372][ T2148] EXT4-fs (loop4): 1 truncate cleaned up
[  115.803928][   T30] audit: type=1326 audit(2000000068.549:1148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2139 comm="syz.4.468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  115.808922][ T2148] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,. Quota mode: none.
[  115.883178][ T2143] F2FS-fs (loop0): Small segment_count (9 < 1 * 24)
[  115.891203][ T2143] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  115.901617][ T2143] F2FS-fs (loop0): Found nat_bits in checkpoint
[  115.923551][ T2143] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  115.930476][ T2143] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  117.300688][ T2154] EXT4-fs (loop4): shut down requested (0)
[  117.328849][  T289] attempt to access beyond end of device
[  117.328849][  T289] loop0: rw=2049, want=45112, limit=40427
[  117.474022][ T2164] loop3: detected capacity change from 0 to 512
[  117.524184][ T2170] loop4: detected capacity change from 0 to 2048
[  117.554296][ T2164] EXT4-fs (loop3): 1 truncate cleaned up
[  117.561112][ T2164] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  117.981969][ T1647] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  118.013637][ T2175] xt_CT: No such helper "pptp"
[  118.279848][ T1647] usb 2-1: Using ep0 maxpacket: 8
[  118.451821][ T2192] FAULT_INJECTION: forcing a failure.
[  118.451821][ T2192] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  118.455661][ T1647] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  118.475367][ T2192] CPU: 0 PID: 2192 Comm: syz.0.483 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0
[  118.475561][ T1647] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  118.485344][ T2192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  118.485360][ T2192] Call Trace:
[  118.485366][ T2192]  <TASK>
[  118.485373][ T2192]  dump_stack_lvl+0x151/0x1b7
[  118.485396][ T2192]  ? io_uring_drop_tctx_refs+0x190/0x190
[  118.485413][ T2192]  ? kstrtouint_from_user+0x20a/0x2a0
[  118.485431][ T2192]  dump_stack+0x15/0x17
[  118.485444][ T2192]  should_fail+0x3c6/0x510
[  118.495333][ T1647] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  118.504792][ T2192]  should_fail_usercopy+0x1a/0x20
[  118.504823][ T2192]  _copy_to_user+0x20/0x90
[  118.504835][ T2192]  simple_read_from_buffer+0xc7/0x150
[  118.504850][ T2192]  proc_fail_nth_read+0x1a3/0x210
[  118.504866][ T2192]  ? proc_fault_inject_write+0x390/0x390
[  118.508857][ T1647] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.510770][ T2192]  ? fsnotify_perm+0x470/0x5d0
[  118.510795][ T2192]  ? security_file_permission+0x86/0xb0
[  118.510810][ T2192]  ? proc_fault_inject_write+0x390/0x390
[  118.591236][ T2192]  vfs_read+0x27d/0xd40
[  118.595220][ T2192]  ? kernel_read+0x1f0/0x1f0
[  118.599732][ T2192]  ? __kasan_check_write+0x14/0x20
[  118.604679][ T2192]  ? mutex_lock+0xb6/0x1e0
[  118.608935][ T2192]  ? wait_for_completion_killable_timeout+0x10/0x10
[  118.615354][ T2192]  ? __fdget_pos+0x2e7/0x3a0
[  118.619780][ T2192]  ? ksys_read+0x77/0x2c0
[  118.623950][ T2192]  ksys_read+0x199/0x2c0
[  118.628038][ T2192]  ? vfs_write+0x1110/0x1110
[  118.632468][ T2192]  ? debug_smp_processor_id+0x17/0x20
[  118.637660][ T2192]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  118.643561][ T2192]  __x64_sys_read+0x7b/0x90
[  118.647900][ T2192]  do_syscall_64+0x3d/0xb0
[  118.652153][ T2192]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  118.657918][ T2192] RIP: 0033:0x7f731b6fa43c
[  118.662134][ T2192] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48
[  118.681575][ T2192] RSP: 002b:00007f731a37b040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  118.689829][ T2192] RAX: ffffffffffffffda RBX: 00007f731b889f80 RCX: 00007f731b6fa43c
[  118.697724][ T2192] RDX: 000000000000000f RSI: 00007f731a37b0b0 RDI: 0000000000000004
[  118.705541][ T2192] RBP: 00007f731a37b0a0 R08: 0000000000000000 R09: 0000000000000000
[  118.713345][ T2192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.721163][ T2192] R13: 000000000000000b R14: 00007f731b889f80 R15: 00007ffd10f5df18
[  118.728983][ T2192]  </TASK>
[  118.807747][ T1647] usb 2-1: config 0 descriptor??
[  118.894146][ T2198] loop0: detected capacity change from 0 to 256
[  119.380146][ T1647] kone 0003:1E7D:2CED.0017: collection stack underflow
[  119.387722][ T1647] kone 0003:1E7D:2CED.0017: item 0 1 0 12 parsing failed
[  119.394919][ T1647] kone 0003:1E7D:2CED.0017: parse failed
[  119.409173][ T1647] kone: probe of 0003:1E7D:2CED.0017 failed with error -22
[  119.602849][ T2203] loop3: detected capacity change from 0 to 40427
[  119.728356][  T519] usb 2-1: USB disconnect, device number 15
[  119.773934][ T2207] loop4: detected capacity change from 0 to 40427
[  119.793794][ T2214] loop0: detected capacity change from 0 to 512
[  119.802585][ T2203] F2FS-fs (loop3): Small segment_count (9 < 1 * 24)
[  119.809173][ T2203] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  119.819924][ T2203] F2FS-fs (loop3): Found nat_bits in checkpoint
[  119.827253][ T2207] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[  119.833943][ T2207] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  119.860072][ T2207] F2FS-fs (loop4): Found nat_bits in checkpoint
[  119.897354][ T2214] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  119.908031][ T2207] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  119.908938][ T2214] ext4 filesystem being mounted at /121/file0 supports timestamps until 2038 (0x7fffffff)
[  119.919664][ T2203] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  119.936567][ T2207] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  119.944461][ T2203] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  120.744450][  T291] attempt to access beyond end of device
[  120.744450][  T291] loop4: rw=2049, want=45112, limit=40427
[  120.793148][   T30] kauditd_printk_skb: 48 callbacks suppressed
[  120.793162][   T30] audit: type=1326 audit(2000000073.879:1197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000
[  120.908548][   T30] audit: type=1326 audit(2000000073.939:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000
[  121.009205][   T30] audit: type=1326 audit(2000000073.939:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000
[  121.105984][ T2239] loop1: detected capacity change from 0 to 512
[  121.269804][   T30] audit: type=1326 audit(2000000073.939:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000
[  121.300313][ T2239] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  121.311728][ T2239] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038 (0x7fffffff)
[  121.386351][   T30] audit: type=1326 audit(2000000073.939:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000
[  121.413314][  T293] attempt to access beyond end of device
[  121.413314][  T293] loop3: rw=2049, want=45112, limit=40427
[  121.455489][ T2229] loop0: detected capacity change from 0 to 40427
[  121.463221][   T30] audit: type=1326 audit(2000000073.939:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000
[  121.486392][   T30] audit: type=1326 audit(2000000073.939:1203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000
[  121.509652][   T30] audit: type=1326 audit(2000000073.939:1204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000
[  121.536264][ T2229] F2FS-fs (loop0): Small segment_count (9 < 1 * 24)
[  121.543068][ T2229] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  121.551283][   T30] audit: type=1326 audit(2000000073.939:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000
[  121.574842][   T30] audit: type=1326 audit(2000000073.939:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2230 comm="syz.1.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f067a29d9f9 code=0x7ffc0000
[  121.604668][ T2243] loop4: detected capacity change from 0 to 8192
[  121.627397][ T2229] F2FS-fs (loop0): Found nat_bits in checkpoint
[  121.649647][ T2229] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  121.656527][ T2229] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  122.195609][  T289] attempt to access beyond end of device
[  122.195609][  T289] loop0: rw=2049, want=45112, limit=40427
[  122.552717][ T2256] loop3: detected capacity change from 0 to 40427
[  122.590327][ T2273] netlink: 4 bytes leftover after parsing attributes in process `syz.4.509'.
[  122.603464][ T2256] F2FS-fs (loop3): Small segment_count (9 < 1 * 24)
[  122.621085][ T2256] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  122.646737][ T2256] F2FS-fs (loop3): Found nat_bits in checkpoint
[  122.691226][ T2283] loop1: detected capacity change from 0 to 512
[  122.695859][ T2256] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  122.705186][ T2256] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  122.769203][  T297] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  122.811103][ T2283] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  122.822591][ T2283] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038 (0x7fffffff)
[  122.832848][ T2285] loop4: detected capacity change from 0 to 40427
[  122.952266][   T39] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  122.964610][ T2285] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[  123.023235][ T2285] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  123.059873][ T2285] F2FS-fs (loop4): Found nat_bits in checkpoint
[  123.106560][  T293] attempt to access beyond end of device
[  123.106560][  T293] loop3: rw=2049, want=45112, limit=40427
[  123.109743][ T2285] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  123.134715][ T2285] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  123.152944][  T297] usb 3-1: Using ep0 maxpacket: 8
[  123.369471][   T39] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  123.380376][   T39] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  123.389622][   T39] usb 1-1: New USB device found, idVendor=056a, idProduct=0319, bcdDevice= 0.00
[  123.398899][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.429367][ T2302] loop3: detected capacity change from 0 to 256
[  123.447503][  T297] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  123.447791][   T39] usb 1-1: config 0 descriptor??
[  123.458261][  T297] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  123.472556][  T297] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  123.481398][  T297] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.489933][  T297] usb 3-1: config 0 descriptor??
[  123.550029][  T291] attempt to access beyond end of device
[  123.550029][  T291] loop4: rw=2049, want=45112, limit=40427
[  123.824390][ T2313] loop3: detected capacity change from 0 to 512
[  124.409515][ T2313] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  124.420962][ T2313] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038 (0x7fffffff)
[  124.494069][  T297] kone 0003:1E7D:2CED.0018: collection stack underflow
[  124.502978][  T297] kone 0003:1E7D:2CED.0018: item 0 1 0 12 parsing failed
[  124.510352][  T297] kone 0003:1E7D:2CED.0018: parse failed
[  124.515919][  T297] kone: probe of 0003:1E7D:2CED.0018 failed with error -22
[  124.804577][ T2325] loop1: detected capacity change from 0 to 256
[  124.997246][  T297] usb 3-1: USB disconnect, device number 17
[  125.205514][ T2331] loop3: detected capacity change from 0 to 512
[  125.381012][ T2331] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  125.383679][  T519] usb 1-1: USB disconnect, device number 15
[  125.392532][ T2331] ext4 filesystem being mounted at /91/file0 supports timestamps until 2038 (0x7fffffff)
[  125.523557][ T2348] loop4: detected capacity change from 0 to 512
[  125.581285][ T2348] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  125.590556][ T2352] loop0: detected capacity change from 0 to 40427
[  125.592735][ T2348] ext4 filesystem being mounted at /101/file0 supports timestamps until 2038 (0x7fffffff)
[  125.630499][ T2352] F2FS-fs (loop0): Small segment_count (9 < 1 * 24)
[  125.641106][ T2352] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  125.666340][ T2352] F2FS-fs (loop0): Found nat_bits in checkpoint
[  125.709951][ T2352] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  125.716873][ T2352] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  126.414454][   T39] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  126.817298][  T289] attempt to access beyond end of device
[  126.817298][  T289] loop0: rw=2049, want=45112, limit=40427
[  126.869374][   T30] kauditd_printk_skb: 88 callbacks suppressed
[  126.869388][   T30] audit: type=1326 audit(2000000079.959:1295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000
[  126.908171][   T30] audit: type=1326 audit(2000000079.989:1296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000
[  126.931791][   T30] audit: type=1326 audit(2000000079.989:1297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000
[  126.989618][   T39] usb 2-1: Using ep0 maxpacket: 8
[  126.995386][   T30] audit: type=1326 audit(2000000079.989:1298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000
[  127.056630][ T2377] loop4: detected capacity change from 0 to 256
[  127.132774][ T2378] loop3: detected capacity change from 0 to 512
[  127.303409][   T30] audit: type=1326 audit(2000000079.989:1299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000
[  127.379999][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.382087][   T30] audit: type=1326 audit(2000000079.989:1300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000
[  127.407832][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  127.433712][   T39] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  127.446583][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.456230][ T2378] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  127.466253][   T39] usb 2-1: config 0 descriptor??
[  127.467666][ T2378] ext4 filesystem being mounted at /92/file0 supports timestamps until 2038 (0x7fffffff)
[  127.496936][   T30] audit: type=1326 audit(2000000079.989:1301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000
[  127.520793][   T30] audit: type=1326 audit(2000000079.989:1302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000
[  127.544099][   T30] audit: type=1326 audit(2000000079.989:1303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000
[  127.567768][   T30] audit: type=1326 audit(2000000080.519:1304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2371 comm="syz.2.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000
[  127.616504][ T2391] loop0: detected capacity change from 0 to 512
[  127.661984][ T2391] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  127.714600][ T2391] EXT4-fs (loop0): journaled quota format not specified
[  128.083142][ T2408] loop4: detected capacity change from 0 to 512
[  128.130181][   T39] kone 0003:1E7D:2CED.0019: collection stack underflow
[  128.159244][  T372] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  128.198492][   T39] kone 0003:1E7D:2CED.0019: item 0 1 0 12 parsing failed
[  128.226581][ T2408] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  128.238477][ T2408] ext4 filesystem being mounted at /104/file0 supports timestamps until 2038 (0x7fffffff)
[  128.266528][   T39] kone 0003:1E7D:2CED.0019: parse failed
[  128.272313][   T39] kone: probe of 0003:1E7D:2CED.0019 failed with error -22
[  128.330778][  T310] usb 2-1: USB disconnect, device number 16
[  128.333509][ T2403] loop3: detected capacity change from 0 to 40427
[  128.429558][ T2403] F2FS-fs (loop3): Small segment_count (9 < 1 * 24)
[  128.436085][ T2403] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  128.459319][ T2403] F2FS-fs (loop3): Found nat_bits in checkpoint
[  128.483320][ T2414] loop0: detected capacity change from 0 to 256
[  128.506624][ T2403] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  128.513640][ T2403] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  129.204209][  T372] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  129.226567][  T372] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  129.236035][  T372] usb 3-1: New USB device found, idVendor=056a, idProduct=0319, bcdDevice= 0.00
[  129.245170][  T372] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.418274][ T2421] device syzkaller0 entered promiscuous mode
[  129.447407][  T372] usb 3-1: config 0 descriptor??
[  129.454135][  T293] attempt to access beyond end of device
[  129.454135][  T293] loop3: rw=2049, want=45112, limit=40427
[  129.676833][ T2447] loop1: detected capacity change from 0 to 512
[  129.739389][ T2449] loop4: detected capacity change from 0 to 256
[  129.860555][ T2450] loop0: detected capacity change from 0 to 512
[  130.014620][ T2447] EXT4-fs (loop1): Test dummy encryption mode enabled
[  130.063534][ T1647] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  130.079183][ T2450] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  130.090618][ T2450] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038 (0x7fffffff)
[  130.093290][ T2447] EXT4-fs error (device loop1): __ext4_iget:4892: inode #11: block 1: comm syz.1.557: invalid block
[  130.111236][ T2447] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.557: couldn't read orphan inode 11 (err -117)
[  130.123664][ T2447] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  130.171544][ T2447] 9pnet: Insufficient options for proto=fd
[  130.217215][ T2457] loop1: detected capacity change from 0 to 256
[  130.339241][ T1647] usb 4-1: device descriptor read/64, error -71
[  130.640228][ T2464] loop0: detected capacity change from 0 to 40427
[  130.719522][ T2464] F2FS-fs (loop0): Small segment_count (9 < 1 * 24)
[  130.726076][ T2464] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  130.734291][ T1647] usb 4-1: device descriptor read/64, error -71
[  130.736369][ T2464] F2FS-fs (loop0): Found nat_bits in checkpoint
[  130.740432][   T39] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  130.765958][ T2464] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  130.772894][ T2464] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  131.019218][   T39] usb 5-1: Using ep0 maxpacket: 8
[  131.029229][ T1647] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  131.179311][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  131.191477][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  131.201346][   T39] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  131.210719][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.222545][   T39] usb 5-1: config 0 descriptor??
[  131.260427][ T2485] loop1: detected capacity change from 0 to 256
[  131.365706][ T1647] usb 4-1: device descriptor read/64, error -71
[  131.409003][  T289] attempt to access beyond end of device
[  131.409003][  T289] loop0: rw=2049, want=45112, limit=40427
[  131.644736][  T297] usb 3-1: USB disconnect, device number 18
[  131.750230][   T39] kone 0003:1E7D:2CED.001A: collection stack underflow
[  131.756965][   T39] kone 0003:1E7D:2CED.001A: item 0 1 0 12 parsing failed
[  131.763970][   T39] kone 0003:1E7D:2CED.001A: parse failed
[  131.769538][   T39] kone: probe of 0003:1E7D:2CED.001A failed with error -22
[  131.806795][ T2493] loop0: detected capacity change from 0 to 256
[  131.819259][ T1647] usb 4-1: device descriptor read/64, error -71
[  131.939291][ T1647] usb usb4-port1: attempt power cycle
[  131.951891][  T297] usb 5-1: USB disconnect, device number 13
[  132.312403][ T2497] loop1: detected capacity change from 0 to 512
[  132.400930][ T2497] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  132.412611][ T2497] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038 (0x7fffffff)
[  132.537651][   T30] kauditd_printk_skb: 155 callbacks suppressed
[  132.537666][   T30] audit: type=1326 audit(2000000085.619:1460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  132.554614][ T1647] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  132.574469][   T30] audit: type=1326 audit(2000000085.659:1461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  132.597959][   T30] audit: type=1326 audit(2000000085.659:1462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  132.621750][   T30] audit: type=1326 audit(2000000085.659:1463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  132.645526][   T30] audit: type=1326 audit(2000000085.659:1464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  132.756483][   T30] audit: type=1326 audit(2000000085.659:1465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  132.780112][   T30] audit: type=1326 audit(2000000085.669:1466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  132.803970][ T1647] usb 4-1: device descriptor read/8, error -71
[  132.810234][   T30] audit: type=1326 audit(2000000085.669:1467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  132.833917][   T30] audit: type=1326 audit(2000000085.759:1468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  132.857726][   T30] audit: type=1326 audit(2000000085.759:1469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2503 comm="syz.4.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  132.861958][ T2526] loop3: detected capacity change from 0 to 256
[  132.984680][ T2529] loop0: detected capacity change from 0 to 512
[  133.039212][ T1647] usb 4-1: device descriptor read/8, error -71
[  133.241600][ T2529] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  133.253075][ T2529] ext4 filesystem being mounted at /137/file0 supports timestamps until 2038 (0x7fffffff)
[  133.299249][  T297] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  133.533301][ T2558] loop1: detected capacity change from 0 to 512
[  133.619193][  T310] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  133.640433][ T2558] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  133.652027][ T2558] ext4 filesystem being mounted at /72/file0 supports timestamps until 2038 (0x7fffffff)
[  133.669233][  T297] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  133.682089][  T297] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  133.691095][  T297] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.728829][  T297] usb 5-1: config 0 descriptor??
[  133.771257][  T297] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  133.788413][ T2568] loop3: detected capacity change from 0 to 512
[  133.860753][ T2568] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  133.872188][ T2568] ext4 filesystem being mounted at /98/file0 supports timestamps until 2038 (0x7fffffff)
[  133.889194][  T310] usb 1-1: Using ep0 maxpacket: 8
[  134.019252][  T310] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.030474][  T310] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.040053][  T310] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  134.049152][  T310] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.057694][  T310] usb 1-1: config 0 descriptor??
[  134.317652][ T2580] bridge: RTM_NEWNEIGH with invalid ether address
[  134.395450][ T2585] loop1: detected capacity change from 0 to 256
[  134.409905][ T2587] FAULT_INJECTION: forcing a failure.
[  134.409905][ T2587] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  134.423556][ T2587] CPU: 0 PID: 2587 Comm: syz.2.601 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0
[  134.433198][ T2587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  134.443080][ T2587] Call Trace:
[  134.446197][ T2587]  <TASK>
[  134.448980][ T2587]  dump_stack_lvl+0x151/0x1b7
[  134.453491][ T2587]  ? io_uring_drop_tctx_refs+0x190/0x190
[  134.458958][ T2587]  dump_stack+0x15/0x17
[  134.462947][ T2587]  should_fail+0x3c6/0x510
[  134.467199][ T2587]  should_fail_alloc_page+0x5a/0x80
[  134.472235][ T2587]  prepare_alloc_pages+0x15c/0x700
[  134.477178][ T2587]  ? __alloc_pages+0x8f0/0x8f0
[  134.481779][ T2587]  ? __alloc_pages_bulk+0xe40/0xe40
[  134.486827][ T2587]  __alloc_pages+0x18c/0x8f0
[  134.491260][ T2587]  ? prep_new_page+0x110/0x110
[  134.495845][ T2587]  ? __kasan_kmalloc+0x9/0x10
[  134.500354][ T2587]  ? __kmalloc_track_caller+0x139/0x260
[  134.505741][ T2587]  ? __kasan_check_write+0x14/0x20
[  134.510680][ T2587]  ? __alloc_skb+0x355/0x550
[  134.515196][ T2587]  alloc_skb_with_frags+0x1fe/0x680
[  134.520318][ T2587]  sock_alloc_send_pskb+0x915/0xa50
[  134.525355][ T2587]  ? sock_kzfree_s+0x60/0x60
[  134.529951][ T2587]  ? iov_iter_advance+0x213/0x390
[  134.534898][ T2587]  tun_get_user+0xf1b/0x3aa0
[  134.539325][ T2587]  ? queue_map_pop_elem+0x1da/0x3b0
[  134.544357][ T2587]  ? _kstrtoull+0x3a0/0x4a0
[  134.548827][ T2587]  ? tun_do_read+0x1ef0/0x1ef0
[  134.553422][ T2587]  ? kstrtouint_from_user+0x20a/0x2a0
[  134.558719][ T2587]  ? kstrtol_from_user+0x310/0x310
[  134.563663][ T2587]  ? bpf_probe_read_compat_str+0x131/0x180
[  134.569314][ T2587]  ? bpf_trace_run3+0x123/0x250
[  134.573995][ T2587]  ? avc_policy_seqno+0x1b/0x70
[  134.578683][ T2587]  ? selinux_file_permission+0x2c4/0x570
[  134.584151][ T2587]  tun_chr_write_iter+0x1e1/0x2e0
[  134.589119][ T2587]  vfs_write+0xd5d/0x1110
[  134.593291][ T2587]  ? kmem_cache_free+0x2c3/0x2e0
[  134.598055][ T2587]  ? file_end_write+0x1c0/0x1c0
[  134.602738][ T2587]  ? __fdget_pos+0x209/0x3a0
[  134.607164][ T2587]  ? ksys_write+0x77/0x2c0
[  134.611854][ T2587]  ksys_write+0x199/0x2c0
[  134.616019][ T2587]  ? __ia32_sys_read+0x90/0x90
[  134.620630][ T2587]  ? debug_smp_processor_id+0x17/0x20
[  134.625827][ T2587]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  134.631726][ T2587]  __x64_sys_write+0x7b/0x90
[  134.636165][ T2587]  do_syscall_64+0x3d/0xb0
[  134.640405][ T2587]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  134.646133][ T2587] RIP: 0033:0x7f2abaab39f9
[  134.650387][ T2587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.669919][ T2587] RSP: 002b:00007f2ab9733048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  134.678164][ T2587] RAX: ffffffffffffffda RBX: 00007f2abac41f80 RCX: 00007f2abaab39f9
[  134.685970][ T2587] RDX: 000000000000ffdd RSI: 00000000200000c0 RDI: 0000000000000008
[  134.693783][ T2587] RBP: 00007f2ab97330a0 R08: 0000000000000000 R09: 0000000000000000
[  134.701599][ T2587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  134.709402][ T2587] R13: 000000000000000b R14: 00007f2abac41f80 R15: 00007ffcef0668f8
[  134.717219][ T2587]  </TASK>
[  134.721573][  T310] kone 0003:1E7D:2CED.001B: collection stack underflow
[  134.728289][  T310] kone 0003:1E7D:2CED.001B: item 0 1 0 12 parsing failed
[  134.735351][  T310] kone 0003:1E7D:2CED.001B: parse failed
[  134.740872][  T310] kone: probe of 0003:1E7D:2CED.001B failed with error -22
[  134.929256][ T1647] usb 1-1: USB disconnect, device number 16
[  135.159729][  T310] usb 5-1: USB disconnect, device number 14
[  135.177934][ T2603] loop4: detected capacity change from 0 to 256
[  135.721052][ T2613] loop1: detected capacity change from 0 to 512
[  135.810890][ T2613] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  135.822933][ T2613] ext4 filesystem being mounted at /77/file0 supports timestamps until 2038 (0x7fffffff)
[  136.084749][ T2620] loop0: detected capacity change from 0 to 512
[  136.235810][ T2620] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  136.247667][ T2620] ext4 filesystem being mounted at /139/file0 supports timestamps until 2038 (0x7fffffff)
[  136.642513][ T2636] loop1: detected capacity change from 0 to 256
[  137.202667][ T2651] loop4: detected capacity change from 0 to 512
[  137.219251][   T39] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  137.338395][ T2651] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  137.349981][ T2651] ext4 filesystem being mounted at /115/file0 supports timestamps until 2038 (0x7fffffff)
[  137.365271][ T2655] loop3: detected capacity change from 0 to 256
[  137.504835][ T2657] loop1: detected capacity change from 0 to 40427
[  137.519242][   T39] usb 1-1: Using ep0 maxpacket: 8
[  137.633283][ T2657] F2FS-fs (loop1): Small segment_count (9 < 1 * 24)
[  137.649627][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.724468][ T2657] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  137.741371][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.743917][ T2657] F2FS-fs (loop1): Found nat_bits in checkpoint
[  137.751139][   T39] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  137.767144][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.797438][ T2657] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  137.812278][ T2657] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  137.820983][   T39] usb 1-1: config 0 descriptor??
[  138.345840][ T1251] attempt to access beyond end of device
[  138.345840][ T1251] loop1: rw=2049, want=45112, limit=40427
[  138.361694][   T39] kone 0003:1E7D:2CED.001C: collection stack underflow
[  138.371637][   T39] kone 0003:1E7D:2CED.001C: item 0 1 0 12 parsing failed
[  138.386225][   T39] kone 0003:1E7D:2CED.001C: parse failed
[  138.393196][   T39] kone: probe of 0003:1E7D:2CED.001C failed with error -22
[  138.431024][ T2679] kvm: apic: phys broadcast and lowest prio
[  138.462084][ T2681] loop4: detected capacity change from 0 to 512
[  138.562651][   T39] usb 1-1: USB disconnect, device number 17
[  138.589878][ T2681] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  138.621223][ T2681] ext4 filesystem being mounted at /116/file0 supports timestamps until 2038 (0x7fffffff)
[  138.653345][ T2691] loop3: detected capacity change from 0 to 512
[  138.731114][ T2691] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  138.742891][ T2691] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038 (0x7fffffff)
[  139.101964][ T2703] loop0: detected capacity change from 0 to 256
[  139.403950][ T2709] loop4: detected capacity change from 0 to 512
[  139.610342][ T2709] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  139.622183][ T2709] ext4 filesystem being mounted at /117/file0 supports timestamps until 2038 (0x7fffffff)
[  139.929247][  T519] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  139.937244][  T297] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  140.121167][ T2718] loop0: detected capacity change from 0 to 40427
[  140.156622][   T30] kauditd_printk_skb: 104 callbacks suppressed
[  140.156636][   T30] audit: type=1400 audit(2000000093.239:1574): avc:  denied  { create } for  pid=2727 comm="syz.4.641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  140.182450][ T2728] loop4: detected capacity change from 0 to 512
[  140.183131][   T30] audit: type=1400 audit(2000000093.239:1575): avc:  denied  { setopt } for  pid=2727 comm="syz.4.641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  140.189547][  T297] usb 3-1: Using ep0 maxpacket: 16
[  140.207919][   T30] audit: type=1400 audit(2000000093.239:1576): avc:  denied  { bind } for  pid=2727 comm="syz.4.641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  140.207948][   T30] audit: type=1400 audit(2000000093.239:1577): avc:  denied  { name_bind } for  pid=2727 comm="syz.4.641" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  140.212929][  T519] usb 4-1: Using ep0 maxpacket: 16
[  140.233006][   T30] audit: type=1400 audit(2000000093.239:1578): avc:  denied  { node_bind } for  pid=2727 comm="syz.4.641" saddr=fe80::aa src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  140.280202][ T2718] F2FS-fs (loop0): Small segment_count (9 < 1 * 24)
[  140.286614][ T2718] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  140.297929][ T2718] F2FS-fs (loop0): Found nat_bits in checkpoint
[  140.311578][ T2728] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  140.322711][ T2728] ext4 filesystem being mounted at /122/file0 supports timestamps until 2038 (0x7fffffff)
[  140.335787][ T2728] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #2: comm syz.4.641: corrupted inode contents
[  140.338364][ T2718] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  140.348101][ T2728] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #2: comm syz.4.641: mark_inode_dirty error
[  140.355373][ T2718] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  140.366493][ T2728] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #2: comm syz.4.641: corrupted inode contents
[  140.384592][ T2728] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #2: comm syz.4.641: mark_inode_dirty error
[  140.429319][  T297] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.440270][  T519] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  140.451381][  T297] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.461320][  T519] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  140.470497][  T519] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.801072][  T297] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  140.894042][  T297] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  140.903090][  T297] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.911892][  T519] usb 4-1: config 0 descriptor??
[  140.916988][  T297] usb 3-1: config 0 descriptor??
[  140.937144][  T289] attempt to access beyond end of device
[  140.937144][  T289] loop0: rw=2049, want=45112, limit=40427
[  141.067164][   T30] audit: type=1400 audit(2000000094.149:1579): avc:  denied  { ioctl } for  pid=2740 comm="syz.0.642" path="socket:[23487]" dev="sockfs" ino=23487 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  141.241446][ T2745] loop0: detected capacity change from 0 to 512
[  141.309225][   T26] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  141.361077][ T2745] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  141.372597][ T2745] ext4 filesystem being mounted at /144/file0 supports timestamps until 2038 (0x7fffffff)
[  141.386274][ T2715] UDC core: couldn't find an available UDC or it's busy: -16
[  141.393555][ T2715] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  141.411067][  T519] hid (null): unknown global tag 0x83
[  141.416480][  T519] hid (null): unknown global tag 0xc
[  141.421552][  T519] hid (null): global environment stack underflow
[  141.429002][  T519] hid-generic 0003:0158:0100.001D: unknown main item tag 0x0
[  141.436276][  T519] hid-generic 0003:0158:0100.001D: unknown main item tag 0x0
[  141.443456][  T519] hid-generic 0003:0158:0100.001D: unexpected long global item
[  141.451020][  T519] hid-generic: probe of 0003:0158:0100.001D failed with error -22
[  141.549187][   T26] usb 5-1: Using ep0 maxpacket: 8
[  141.614721][  T519] usb 4-1: USB disconnect, device number 16
[  141.629221][  T297] usbhid 3-1:0.0: can't add hid device: -71
[  141.635047][  T297] usbhid: probe of 3-1:0.0 failed with error -71
[  141.643253][  T297] usb 3-1: USB disconnect, device number 19
[  141.689316][   T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  141.700112][   T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  141.709588][   T26] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  141.718588][   T26] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.731561][   T26] usb 5-1: config 0 descriptor??
[  141.899914][ T2751] loop1: detected capacity change from 0 to 256
[  142.190268][ T2754] loop0: detected capacity change from 0 to 40427
[  142.229967][   T26] kone 0003:1E7D:2CED.001E: collection stack underflow
[  142.236660][   T26] kone 0003:1E7D:2CED.001E: item 0 1 0 12 parsing failed
[  142.243701][   T26] kone 0003:1E7D:2CED.001E: parse failed
[  142.249296][   T26] kone: probe of 0003:1E7D:2CED.001E failed with error -22
[  142.319982][ T2758] loop3: detected capacity change from 0 to 512
[  142.362018][ T2754] F2FS-fs (loop0): Small segment_count (9 < 1 * 24)
[  142.368537][ T2754] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  142.461687][  T297] usb 5-1: USB disconnect, device number 15
[  142.478338][ T2754] F2FS-fs (loop0): Found nat_bits in checkpoint
[  142.487688][ T2758] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  142.499214][ T2758] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038 (0x7fffffff)
[  142.528053][ T2754] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  142.535209][ T2754] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  142.580316][   T30] audit: type=1400 audit(2000000095.669:1580): avc:  denied  { add_name } for  pid=2772 comm="syz.2.652" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  142.611832][   T30] audit: type=1400 audit(2000000095.689:1581): avc:  denied  { create } for  pid=2772 comm="syz.2.652" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  142.647776][   T30] audit: type=1400 audit(2000000095.689:1582): avc:  denied  { associate } for  pid=2772 comm="syz.2.652" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  142.696279][   T30] audit: type=1400 audit(2000000095.779:1583): avc:  denied  { ioctl } for  pid=2776 comm="syz.1.654" path="socket:[23539]" dev="sockfs" ino=23539 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  143.061603][  T289] attempt to access beyond end of device
[  143.061603][  T289] loop0: rw=2049, want=45112, limit=40427
[  143.187665][ T2795] loop4: detected capacity change from 0 to 512
[  143.222945][ T2799] 9pnet: Insufficient options for proto=fd
[  143.246856][ T2799] 9pnet: Insufficient options for proto=fd
[  143.298416][ T2799] fuse: Bad value for 'fd'
[  143.490215][ T2795] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  143.529673][ T2795] ext4 filesystem being mounted at /124/file0 supports timestamps until 2038 (0x7fffffff)
[  143.581679][ T2816] FAULT_INJECTION: forcing a failure.
[  143.581679][ T2816] name failslab, interval 1, probability 0, space 0, times 0
[  143.594942][ T2816] CPU: 1 PID: 2816 Comm: syz.0.658 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0
[  143.604568][ T2816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  143.614461][ T2816] Call Trace:
[  143.617581][ T2816]  <TASK>
[  143.620386][ T2816]  dump_stack_lvl+0x151/0x1b7
[  143.624874][ T2816]  ? io_uring_drop_tctx_refs+0x190/0x190
[  143.631121][ T2816]  ? __kasan_check_write+0x14/0x20
[  143.636068][ T2816]  ? mutex_unlock+0xb2/0x260
[  143.640495][ T2816]  dump_stack+0x15/0x17
[  143.644662][ T2816]  should_fail+0x3c6/0x510
[  143.648911][ T2816]  __should_failslab+0xa4/0xe0
[  143.653512][ T2816]  ? getname_flags+0xba/0x520
[  143.658023][ T2816]  should_failslab+0x9/0x20
[  143.662368][ T2816]  slab_pre_alloc_hook+0x37/0xd0
[  143.667232][ T2816]  ? getname_flags+0xba/0x520
[  143.671738][ T2816]  kmem_cache_alloc+0x44/0x200
[  143.676515][ T2816]  getname_flags+0xba/0x520
[  143.680866][ T2816]  __x64_sys_symlinkat+0x7c/0xb0
[  143.685623][ T2816]  do_syscall_64+0x3d/0xb0
[  143.689965][ T2816]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  143.695694][ T2816] RIP: 0033:0x7f731b6fb9f9
[  143.699952][ T2816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.719388][ T2816] RSP: 002b:00007f731a37b048 EFLAGS: 00000246 ORIG_RAX: 000000000000010a
[  143.727636][ T2816] RAX: ffffffffffffffda RBX: 00007f731b889f80 RCX: 00007f731b6fb9f9
[  143.735450][ T2816] RDX: 0000000020000080 RSI: 0000000000000009 RDI: 0000000020000040
[  143.743255][ T2816] RBP: 00007f731a37b0a0 R08: 0000000000000000 R09: 0000000000000000
[  143.751065][ T2816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  143.758963][ T2816] R13: 000000000000000b R14: 00007f731b889f80 R15: 00007ffd10f5df18
[  143.766987][ T2816]  </TASK>
[  143.959170][ T2829] loop1: detected capacity change from 0 to 512
[  144.093389][  T297] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  144.096449][ T2829] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  144.100872][  T432] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  144.112216][ T2829] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038 (0x7fffffff)
[  144.269171][  T519] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  144.519477][  T432] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.530384][  T297] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.540997][  T519] usb 1-1: Using ep0 maxpacket: 8
[  144.545909][  T297] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.555850][  T432] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.565549][  T432] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  144.574377][  T297] usb 3-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  144.583324][  T432] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.591249][  T297] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.599752][  T432] usb 4-1: config 0 descriptor??
[  144.604724][  T297] usb 3-1: config 0 descriptor??
[  144.689233][  T519] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.700059][  T519] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.709725][  T519] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  144.718667][  T519] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.730099][  T519] usb 1-1: config 0 descriptor??
[  145.090271][  T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0
[  145.097185][  T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0
[  145.105020][  T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0
[  145.111952][  T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0
[  145.118902][  T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0
[  145.125868][  T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0
[  145.132823][  T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0
[  145.139671][  T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0
[  145.146373][  T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0
[  145.153221][  T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0
[  145.159926][  T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0
[  145.166679][  T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0
[  145.173521][  T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0
[  145.180462][  T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0
[  145.187220][  T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0
[  145.194058][  T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0
[  145.200778][  T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0
[  145.207506][  T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0
[  145.215241][  T519] kone 0003:1E7D:2CED.0021: collection stack underflow
[  145.222126][  T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0
[  145.229022][  T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0
[  145.235923][  T519] kone 0003:1E7D:2CED.0021: item 0 1 0 12 parsing failed
[  145.242827][  T519] kone 0003:1E7D:2CED.0021: parse failed
[  145.248264][  T519] kone: probe of 0003:1E7D:2CED.0021 failed with error -22
[  145.255350][  T297] lg-g15 0003:046D:C222.001F: unknown main item tag 0x0
[  145.262109][  T432] lg-g15 0003:046D:C222.0020: unknown main item tag 0x0
[  145.270423][  T432] lg-g15 0003:046D:C222.0020: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.3-1/input0
[  145.281911][  T297] lg-g15 0003:046D:C222.001F: hidraw1: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.2-1/input0
[  145.294548][  T432] usb 4-1: USB disconnect, device number 17
[  145.301416][  T297] usb 3-1: USB disconnect, device number 20
[  145.309800][   T26] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  145.415792][   T20] usb 1-1: USB disconnect, device number 18
[  145.579245][   T26] usb 5-1: device descriptor read/64, error -71
[  145.645313][ T2847] loop1: detected capacity change from 0 to 40427
[  145.739591][ T2847] F2FS-fs (loop1): Small segment_count (9 < 1 * 24)
[  145.746128][ T2847] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  145.756190][ T2847] F2FS-fs (loop1): Found nat_bits in checkpoint
[  145.777882][ T2847] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  145.784832][ T2847] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  145.999295][   T26] usb 5-1: device descriptor read/64, error -71
[  146.066391][   T30] kauditd_printk_skb: 38 callbacks suppressed
[  146.066414][   T30] audit: type=1326 audit(2000000099.149:1622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2862 comm="syz.0.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000
[  146.104613][   T30] audit: type=1326 audit(2000000099.189:1623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2862 comm="syz.0.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000
[  146.229192][  T432] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  146.458485][ T2871] loop0: detected capacity change from 0 to 512
[  146.683264][ T1251] attempt to access beyond end of device
[  146.683264][ T1251] loop1: rw=2049, want=45112, limit=40427
[  146.694443][   T26] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  146.718317][ T2871] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  146.730038][ T2871] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038 (0x7fffffff)
[  146.909247][  T432] usb 4-1: Using ep0 maxpacket: 16
[  146.989956][   T26] usb 5-1: device descriptor read/64, error -71
[  147.005645][ T2881] loop1: detected capacity change from 0 to 512
[  147.044824][ T2881] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  147.069318][  T432] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  147.089167][  T432] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  147.091390][ T2881] ext4 filesystem being mounted at /92/file0 supports timestamps until 2038 (0x7fffffff)
[  147.098874][  T432] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  147.121118][  T432] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  147.130253][  T432] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.138888][  T432] usb 4-1: config 0 descriptor??
[  147.249905][   T30] audit: type=1326 audit(2000000100.339:1624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2896 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000
[  147.273215][   T30] audit: type=1326 audit(2000000100.339:1625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2896 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000
[  147.296716][   T30] audit: type=1326 audit(2000000100.339:1626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2896 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000
[  147.320136][   T30] audit: type=1326 audit(2000000100.339:1627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2896 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000
[  147.343324][   T30] audit: type=1326 audit(2000000100.339:1628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2896 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2abaab39f9 code=0x7ffc0000
[  147.366655][   T30] audit: type=1326 audit(2000000100.339:1629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2896 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2abaab2390 code=0x7ffc0000
[  147.390036][   T39] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  147.390103][   T30] audit: type=1326 audit(2000000100.339:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2896 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2abaab35fb code=0x7ffc0000
[  147.420532][   T30] audit: type=1326 audit(2000000100.339:1631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2896 comm="syz.2.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2abaab35fb code=0x7ffc0000
[  147.475780][   T26] usb 5-1: device descriptor read/64, error -71
[  147.559353][  T372] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  147.599367][   T26] usb usb5-port1: attempt power cycle
[  147.726436][ T2900] loop1: detected capacity change from 0 to 512
[  147.799593][ T2900] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  147.810915][ T2900] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  147.825467][ T2900] EXT4-fs (loop1): 1 truncate cleaned up
[  147.829233][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  147.831310][ T2900] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodelalloc,block_validity,sysvgroups,,errors=continue. Quota mode: writeback.
[  147.842178][   T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  147.900307][   T39] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  147.909289][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.917727][   T39] usb 1-1: config 0 descriptor??
[  147.979452][  T372] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  147.991718][  T372] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  148.000967][  T372] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.016089][   T26] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  148.117846][  T372] usb 3-1: config 0 descriptor??
[  148.209242][   T26] usb 5-1: device descriptor read/8, error -71
[  148.390330][   T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0
[  148.397264][   T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0
[  148.404121][   T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0
[  148.410913][   T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0
[  148.417720][   T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0
[  148.424597][   T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0
[  148.431374][   T26] usb 5-1: device descriptor read/8, error -71
[  148.437333][   T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0
[  148.444099][   T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0
[  148.450891][   T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0
[  148.457631][   T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0
[  148.464402][   T39] lg-g15 0003:046D:C222.0022: unknown main item tag 0x0
[  148.471601][   T39] lg-g15 0003:046D:C222.0022: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.0-1/input0
[  148.578658][ T1251] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  148.597070][ T1251] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  148.599906][  T372] keytouch 0003:0926:3333.0023: fixing up Keytouch IEC report descriptor
[  148.625006][  T372] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0023/input/input12
[  148.629532][   T20] usb 1-1: USB disconnect, device number 19
[  148.701930][  T372] keytouch 0003:0926:3333.0023: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[  148.785772][ T2909] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.792784][ T2909] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.800203][ T2909] device bridge_slave_0 entered promiscuous mode
[  148.808708][ T2909] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.816036][ T2909] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.824504][ T2909] device bridge_slave_1 entered promiscuous mode
[  148.870114][ T2909] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.877066][ T2909] bridge0: port 2(bridge_slave_1) entered forwarding state
[  148.884204][ T2909] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.890971][ T2909] bridge0: port 1(bridge_slave_0) entered forwarding state
[  148.919515][   T26] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  148.932935][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  148.941051][   T20] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.951902][   T20] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.970572][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  148.979091][   T20] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.985976][   T20] bridge0: port 1(bridge_slave_0) entered forwarding state
[  148.995384][  T432] usbhid 4-1:0.0: can't add hid device: -71
[  149.001747][  T432] usbhid: probe of 4-1:0.0 failed with error -71
[  149.010614][  T432] usb 4-1: USB disconnect, device number 18
[  149.017302][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  149.027034][   T20] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.033900][   T20] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.058208][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  149.071745][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  149.145461][ T2916] loop3: detected capacity change from 0 to 512
[  149.169511][   T26] usb 5-1: Using ep0 maxpacket: 8
[  149.187033][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  149.248883][ T2916] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  149.260635][ T2916] ext4 filesystem being mounted at /116/file0 supports timestamps until 2038 (0x7fffffff)
[  149.270631][ T2909] device veth0_vlan entered promiscuous mode
[  149.288583][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  149.297331][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  149.306821][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  149.314437][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  149.326751][ T2909] device veth1_macvtap entered promiscuous mode
[  149.343210][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  149.351954][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  149.360424][   T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  149.405048][   T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  149.431453][   T26] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  149.440532][   T26] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.449908][   T26] usb 5-1: config 0 descriptor??
[  149.460531][   T10] device bridge_slave_1 left promiscuous mode
[  149.466587][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.474099][   T10] device bridge_slave_0 left promiscuous mode
[  149.495397][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.544239][ T2932] loop0: detected capacity change from 0 to 256
[  149.572969][   T10] device veth1_macvtap left promiscuous mode
[  149.579056][   T10] device veth0_vlan left promiscuous mode
[  149.860745][   T20] usb 3-1: USB disconnect, device number 21
[  149.923857][ T2936] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=2936 comm=syz.3.699
[  150.023435][ T2943] loop1: detected capacity change from 0 to 256
[  150.298171][ T2951] loop1: detected capacity change from 0 to 256
[  150.314210][   T26] kone 0003:1E7D:2CED.0024: collection stack underflow
[  150.347546][   T26] kone 0003:1E7D:2CED.0024: item 0 1 0 12 parsing failed
[  150.373143][   T26] kone 0003:1E7D:2CED.0024: parse failed
[  150.379115][   T26] kone: probe of 0003:1E7D:2CED.0024 failed with error -22
[  150.514206][  T432] usb 5-1: USB disconnect, device number 19
[  150.599184][   T26] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  150.759206][   T39] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  150.963408][ T2962] loop3: detected capacity change from 0 to 512
[  151.119817][   T30] kauditd_printk_skb: 90 callbacks suppressed
[  151.119832][   T30] audit: type=1326 audit(2000000104.189:1722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  151.153415][   T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  151.162540][   T30] audit: type=1326 audit(2000000104.189:1723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  151.164334][   T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  151.187926][   T30] audit: type=1326 audit(2000000104.189:1724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  151.197125][   T26] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  151.229779][   T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.236958][   T30] audit: type=1326 audit(2000000104.189:1725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  151.250713][ T2962] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  151.261272][   T30] audit: type=1326 audit(2000000104.189:1726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  151.272334][ T2962] ext4 filesystem being mounted at /121/file0 supports timestamps until 2038 (0x7fffffff)
[  151.296379][   T30] audit: type=1326 audit(2000000104.189:1727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  151.305716][   T26] usb 1-1: config 0 descriptor??
[  151.333916][   T30] audit: type=1326 audit(2000000104.189:1728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  151.357239][   T30] audit: type=1326 audit(2000000104.189:1729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  151.384704][   T30] audit: type=1326 audit(2000000104.189:1730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  151.409451][   T30] audit: type=1326 audit(2000000104.199:1731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2963 comm="syz.4.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6447089f9 code=0x7ffc0000
[  151.432743][   T39] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[  151.439548][ T2977] loop1: detected capacity change from 0 to 2048
[  151.444136][   T39] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[  151.461246][   T39] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  151.470167][   T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.489229][ T2958] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  151.689737][ T2980] xt_CT: No such helper "pptp"
[  151.815142][   T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0
[  151.867032][   T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0
[  151.874662][   T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0
[  151.881413][ T2984] loop3: detected capacity change from 0 to 256
[  151.888343][   T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0
[  151.896447][   T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0
[  151.903655][   T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0
[  151.910806][   T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0
[  151.917711][   T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0
[  151.924663][   T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0
[  151.933575][   T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0
[  151.940622][   T26] lg-g15 0003:046D:C222.0025: unknown main item tag 0x0
[  151.948994][   T26] lg-g15 0003:046D:C222.0025: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.0-1/input0
[  151.999253][   T39] aiptek 3-1:17.0: Aiptek using 400 ms programming speed
[  152.024765][   T20] usb 1-1: USB disconnect, device number 20
[  152.058337][   T39] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input13
[  152.080369][   T39] usb 3-1: USB disconnect, device number 22
[  152.181994][ T2990] loop3: detected capacity change from 0 to 256
[  152.220818][ T2990] exfat: Deprecated parameter 'utf8'
[  152.372187][ T2990] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d)
[  152.401450][ T2986] loop4: detected capacity change from 0 to 40427
[  152.444727][ T2986] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  152.453241][ T2986] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  152.463223][ T2986] F2FS-fs (loop4): invalid crc value
[  152.469915][ T2986] F2FS-fs (loop4): Found nat_bits in checkpoint
[  152.500909][ T2986] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  152.507853][ T2986] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  152.522732][ T2986] netlink: 36 bytes leftover after parsing attributes in process `syz.4.716'.
[  152.535729][  T291] attempt to access beyond end of device
[  152.535729][  T291] loop4: rw=2049, want=45112, limit=40427
[  152.854310][ T3014] loop0: detected capacity change from 0 to 512
[  152.978735][   T20] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  153.034835][ T3014] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  153.046582][ T3014] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038 (0x7fffffff)
[  153.063156][ T3019] loop4: detected capacity change from 0 to 512
[  153.080398][ T3021] loop3: detected capacity change from 0 to 256
[  153.157404][ T3019] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  153.168895][ T3019] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038 (0x7fffffff)
[  153.218159][ T3030] loop3: detected capacity change from 0 to 2048
[  153.229193][   T20] usb 3-1: Using ep0 maxpacket: 8
[  153.349277][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  153.370381][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  153.382966][   T20] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  153.392006][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.408709][   T20] usb 3-1: config 0 descriptor??
[  153.518299][ T3050] xt_CT: No such helper "pptp"
[  153.752967][ T3054] loop0: detected capacity change from 0 to 256
[  153.780146][ T3054] FAT-fs (loop0): Unrecognized mount option "ioclarset=iso8859-2" or missing value
[  153.787414][ T3056] loop4: detected capacity change from 0 to 256
[  153.869194][  T432] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  153.879998][   T20] kone 0003:1E7D:2CED.0026: collection stack underflow
[  153.890880][   T20] kone 0003:1E7D:2CED.0026: item 0 1 0 12 parsing failed
[  153.899846][   T20] kone 0003:1E7D:2CED.0026: parse failed
[  153.905424][   T20] kone: probe of 0003:1E7D:2CED.0026 failed with error -22
[  154.083511][ T3066] loop0: detected capacity change from 0 to 512
[  154.222711][   T39] usb 3-1: USB disconnect, device number 23
[  154.235009][ T3066] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  154.246579][ T3066] ext4 filesystem being mounted at /161/file0 supports timestamps until 2038 (0x7fffffff)
[  154.329229][  T432] usb 2-1: Using ep0 maxpacket: 32
[  154.407343][ T3072] loop3: detected capacity change from 0 to 512
[  154.527957][ T3072] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  154.539374][ T3072] ext4 filesystem being mounted at /130/file0 supports timestamps until 2038 (0x7fffffff)
[  154.599241][  T432] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  154.610273][  T432] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  154.621315][  T432] usb 2-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00
[  154.630137][  T432] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.638479][  T432] usb 2-1: config 0 descriptor??
[  154.659326][ T3047] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  155.090235][ T3094] loop4: detected capacity change from 0 to 512
[  155.157422][ T3099] loop0: detected capacity change from 0 to 2048
[  155.175434][ T3101] loop3: detected capacity change from 0 to 512
[  155.191939][ T3047] loop1: detected capacity change from 0 to 256
[  155.203627][ T3101] EXT4-fs (loop3): Test dummy encryption mode enabled
[  155.215517][ T3101] EXT4-fs error (device loop3): __ext4_iget:4892: inode #11: block 1: comm syz.3.749: invalid block
[  155.226981][ T3101] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.749: couldn't read orphan inode 11 (err -117)
[  155.240127][ T3101] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  155.244555][ T3094] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  155.280018][ T3094] ext4 filesystem being mounted at /138/file0 supports timestamps until 2038 (0x7fffffff)
[  155.314297][ T3047] attempt to access beyond end of device
[  155.314297][ T3047] loop1: rw=2049, want=260, limit=256
[  155.325292][ T3101] overlayfs: failed to resolve './file2/file0': -2
[  155.360132][  T432] hid-led 0003:1294:1320.0027: unbalanced delimiter at end of report description
[  155.369841][  T432] hid-led: probe of 0003:1294:1320.0027 failed with error -22
[  155.462005][ T3108] xt_CT: No such helper "pptp"
[  155.682513][  T432] usb 2-1: USB disconnect, device number 17
[  155.813430][ T3107] loop3: detected capacity change from 0 to 40427
[  155.901174][ T3107] F2FS-fs (loop3): Small segment_count (9 < 1 * 24)
[  155.907867][ T3107] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  155.918011][ T3107] F2FS-fs (loop3): Found nat_bits in checkpoint
[  155.940442][ T3107] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  155.947665][ T3107] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  156.101223][  T372] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  157.660076][  T293] attempt to access beyond end of device
[  157.660076][  T293] loop3: rw=2049, want=45112, limit=40427
[  159.075145][ T3134] loop1: detected capacity change from 0 to 512
[  159.123246][ T3139] netlink: 'syz.2.762': attribute type 4 has an invalid length.
[  159.130958][  T372] usb 5-1: Using ep0 maxpacket: 8
[  159.160852][ T3134] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  159.172393][ T3134] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038 (0x7fffffff)
[  159.351259][ T3150] loop0: detected capacity change from 0 to 512
[  159.382900][  T372] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.519288][ T3150] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  159.530769][ T3150] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038 (0x7fffffff)
[  159.532891][  T372] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  159.571986][  T372] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  159.584898][   T30] kauditd_printk_skb: 36 callbacks suppressed
[  159.584912][   T30] audit: type=1326 audit(2000000112.669:1768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3155 comm="syz.3.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000
[  159.585423][  T372] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.613946][   T30] audit: type=1326 audit(2000000112.679:1769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3155 comm="syz.3.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000
[  159.613973][   T30] audit: type=1326 audit(2000000112.679:1770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3155 comm="syz.3.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000
[  159.622787][  T372] usb 5-1: config 0 descriptor??
[  159.676865][   T30] audit: type=1326 audit(2000000112.739:1771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3155 comm="syz.3.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000
[  159.750703][ T3166] loop1: detected capacity change from 0 to 2048
[  159.950219][ T3173] xt_CT: No such helper "pptp"
[  160.359498][  T372] usbhid 5-1:0.0: can't add hid device: -71
[  160.365509][  T372] usbhid: probe of 5-1:0.0 failed with error -71
[  160.518001][  T372] usb 5-1: USB disconnect, device number 20
[  160.557380][   T30] audit: type=1326 audit(2000000113.639:1772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3177 comm="syz.0.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000
[  160.625431][ T3180] loop1: detected capacity change from 0 to 128
[  160.638323][   T30] audit: type=1326 audit(2000000113.699:1773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3177 comm="syz.0.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000
[  160.678776][   T30] audit: type=1326 audit(2000000113.729:1774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3177 comm="syz.0.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000
[  160.719834][   T30] audit: type=1326 audit(2000000113.729:1775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3177 comm="syz.0.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000
[  160.754309][   T30] audit: type=1326 audit(2000000113.729:1776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3177 comm="syz.0.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000
[  160.777941][   T30] audit: type=1326 audit(2000000113.729:1777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3177 comm="syz.0.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000
[  160.802403][ T3180] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  160.813207][ T3180] ext4 filesystem being mounted at /16/mnt supports timestamps until 2038 (0x7fffffff)
[  160.835961][ T3198] netlink: 24 bytes leftover after parsing attributes in process `syz.2.782'.
[  161.042193][ T3202] loop0: detected capacity change from 0 to 512
[  161.286597][ T3204] loop4: detected capacity change from 0 to 512
[  161.377569][ T3198] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=3198 comm=syz.2.782
[  161.477385][ T3204] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  161.489265][ T3204] ext4 filesystem being mounted at /140/file0 supports timestamps until 2038 (0x7fffffff)
[  161.505794][ T3202] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  161.513168][ T3211] loop1: detected capacity change from 0 to 2048
[  161.517857][ T3202] ext4 filesystem being mounted at /172/file0 supports timestamps until 2038 (0x7fffffff)
[  161.748923][ T3217] xt_CT: No such helper "pptp"
[  161.774274][ T3218] loop3: detected capacity change from 0 to 512
[  161.871861][ T3218] EXT4-fs (loop3): Unrecognized mount option "." or missing value
[  161.966154][ T3210] loop3: detected capacity change from 0 to 16
[  161.986698][ T3228] loop4: detected capacity change from 0 to 1024
[  161.993619][ T3210] erofs: (device loop3): mounted with root inode @ nid 36.
[  162.019445][ T3228] EXT4-fs (loop4): Ignoring removed oldalloc option
[  162.029216][ T3228] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  162.052696][ T3228] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,noauto_da_alloc,jqfmt=vfsold,data_err=ignore,noauto_da_alloc,delalloc,resuid=0x0000000000000000,oldalloc,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  162.087216][  T291] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /143/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  162.119760][  T291] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  162.139730][  T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  162.152038][  T291] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /143/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  162.174379][  T291] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  162.181596][ T3233] loop0: detected capacity change from 0 to 512
[  162.193596][  T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  162.211139][  T291] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /143/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  162.233336][  T291] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  162.252771][  T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  162.269350][  T291] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /143/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  162.296623][  T291] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  162.319003][  T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  162.333263][  T291] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /143/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  162.357963][ T3233] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  162.369824][  T291] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  162.389591][ T3233] ext4 filesystem being mounted at /173/file0 supports timestamps until 2038 (0x7fffffff)
[  162.414278][  T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  162.426171][  T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  162.438245][  T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  162.450242][  T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  162.463051][  T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  162.475116][  T291] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.'
[  162.689220][   T26] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  162.708437][ T3244] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.715345][ T3244] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.722548][ T3244] device bridge_slave_0 entered promiscuous mode
[  162.729679][ T3244] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.736525][ T3244] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.743883][ T3244] device bridge_slave_1 entered promiscuous mode
[  162.790087][ T3244] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.797038][ T3244] bridge0: port 2(bridge_slave_1) entered forwarding state
[  162.804189][ T3244] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.811048][ T3244] bridge0: port 1(bridge_slave_0) entered forwarding state
[  162.855095][  T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  162.862986][  T297] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.870432][  T297] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.905350][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  162.915012][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  162.923083][  T372] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.930016][  T372] bridge0: port 1(bridge_slave_0) entered forwarding state
[  162.937208][   T26] usb 2-1: Using ep0 maxpacket: 8
[  162.943162][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  162.951629][  T372] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.958471][  T372] bridge0: port 2(bridge_slave_1) entered forwarding state
[  162.966365][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  162.974981][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  163.096864][  T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  163.105075][  T297] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  163.111565][   T26] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  163.115603][  T297] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  163.130338][   T26] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.132315][ T3244] device veth0_vlan entered promiscuous mode
[  163.140654][   T26] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  163.152294][  T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  163.155696][   T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.164925][ T3244] device veth1_macvtap entered promiscuous mode
[  163.174638][   T26] usb 2-1: config 0 descriptor??
[  163.186782][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  163.196654][  T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  163.385538][ T3259] loop4: detected capacity change from 0 to 512
[  163.471471][    T8] device bridge_slave_1 left promiscuous mode
[  163.496402][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.504213][    T8] device bridge_slave_0 left promiscuous mode
[  163.505632][ T3259] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  163.510265][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.521721][ T3259] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038 (0x7fffffff)
[  163.544560][    T8] device veth1_macvtap left promiscuous mode
[  163.550477][    T8] device veth0_vlan left promiscuous mode
[  163.691019][   T26] kone 0003:1E7D:2CED.0028: collection stack underflow
[  163.697816][   T26] kone 0003:1E7D:2CED.0028: item 0 1 0 12 parsing failed
[  163.706058][   T26] kone 0003:1E7D:2CED.0028: parse failed
[  163.711576][   T26] kone: probe of 0003:1E7D:2CED.0028 failed with error -22
[  164.006669][  T432] usb 2-1: USB disconnect, device number 18
[  164.060068][ T3272] loop0: detected capacity change from 0 to 2048
[  164.279191][ T3282] xt_CT: No such helper "pptp"
[  164.446973][ T3285] loop4: detected capacity change from 0 to 512
[  164.457243][ T3285] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  164.470468][ T3285] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  164.481577][ T3285] EXT4-fs (loop4): 1 truncate cleaned up
[  164.487058][ T3285] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  164.505996][ T3285] binder: 3284:3285 ioctl 40087708 200007c0 returned -22
[  164.554932][ T3293] FAULT_INJECTION: forcing a failure.
[  164.554932][ T3293] name failslab, interval 1, probability 0, space 0, times 0
[  164.569306][ T3293] CPU: 1 PID: 3293 Comm: syz.4.809 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0
[  164.578939][ T3293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  164.588918][ T3293] Call Trace:
[  164.592043][ T3293]  <TASK>
[  164.594820][ T3293]  dump_stack_lvl+0x151/0x1b7
[  164.599334][ T3293]  ? io_uring_drop_tctx_refs+0x190/0x190
[  164.604889][ T3293]  dump_stack+0x15/0x17
[  164.608877][ T3293]  should_fail+0x3c6/0x510
[  164.613150][ T3293]  __should_failslab+0xa4/0xe0
[  164.617821][ T3293]  ? security_inode_alloc+0x29/0x120
[  164.622940][ T3293]  should_failslab+0x9/0x20
[  164.627280][ T3293]  slab_pre_alloc_hook+0x37/0xd0
[  164.632058][ T3293]  ? security_inode_alloc+0x29/0x120
[  164.637189][ T3293]  kmem_cache_alloc+0x44/0x200
[  164.641775][ T3293]  security_inode_alloc+0x29/0x120
[  164.646807][ T3293]  inode_init_always+0x76d/0x9d0
[  164.651668][ T3293]  ? shmem_match+0x180/0x180
[  164.656093][ T3293]  new_inode_pseudo+0x93/0x220
[  164.660694][ T3293]  new_inode+0x28/0x1c0
[  164.664687][ T3293]  ? _raw_spin_lock+0xa4/0x1b0
[  164.669290][ T3293]  shmem_get_inode+0x328/0x9e0
[  164.674000][ T3293]  ? _raw_spin_unlock+0x4d/0x70
[  164.678863][ T3293]  __shmem_file_setup+0x111/0x2a0
[  164.683722][ T3293]  shmem_file_setup+0x2f/0x40
[  164.688232][ T3293]  __se_sys_memfd_create+0x1e1/0x3e0
[  164.693527][ T3293]  __x64_sys_memfd_create+0x5b/0x70
[  164.698676][ T3293]  do_syscall_64+0x3d/0xb0
[  164.702938][ T3293]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  164.708656][ T3293] RIP: 0033:0x7f6e1f3589f9
[  164.712912][ T3293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.732352][ T3293] RSP: 002b:00007f6e1dfd7e28 EFLAGS: 00000206 ORIG_RAX: 000000000000013f
[  164.740596][ T3293] RAX: ffffffffffffffda RBX: 0000000000000517 RCX: 00007f6e1f3589f9
[  164.748414][ T3293] RDX: 00007f6e1dfd7f00 RSI: 0000000000000000 RDI: 00007f6e1f3c70b3
[  164.756230][ T3293] RBP: 0000000020000e00 R08: 00007f6e1dfd7bc7 R09: 00007f6e1dfd7e50
[  164.764029][ T3293] R10: 000000000000000a R11: 0000000000000206 R12: 0000000020000300
[  164.771927][ T3293] R13: 00007f6e1dfd7f00 R14: 00007f6e1dfd7ec0 R15: 0000000020000080
[  164.780105][ T3293]  </TASK>
[  164.884090][ T3298] loop4: detected capacity change from 0 to 512
[  164.980888][ T3298] EXT4-fs (loop4): inodes count not valid: 204800 vs 64
[  165.663873][ T3311] loop1: detected capacity change from 0 to 512
[  165.672935][ T3313] loop3: detected capacity change from 0 to 512
[  165.745473][   T30] kauditd_printk_skb: 107 callbacks suppressed
[  165.745489][   T30] audit: type=1326 audit(2000000118.829:1885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000
[  165.787355][ T3311] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  165.799267][ T3311] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038 (0x7fffffff)
[  165.807611][ T3322] loop4: detected capacity change from 0 to 2048
[  165.819091][ T3313] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  165.830327][   T30] audit: type=1326 audit(2000000118.829:1886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000
[  165.831349][ T3313] ext4 filesystem being mounted at /142/file0 supports timestamps until 2038 (0x7fffffff)
[  165.870406][   T30] audit: type=1326 audit(2000000118.829:1887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000
[  165.904956][   T30] audit: type=1326 audit(2000000118.829:1888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000
[  165.965174][   T30] audit: type=1326 audit(2000000118.829:1889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000
[  166.160520][   T30] audit: type=1326 audit(2000000118.829:1890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000
[  166.197861][ T3322] EXT4-fs (loop4): mounted filesystem without journal. Opts: stripe=0x0000000000000401,errors=remount-ro,. Quota mode: none.
[  166.242831][   T30] audit: type=1326 audit(2000000118.869:1891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000
[  166.266153][   T30] audit: type=1326 audit(2000000118.869:1892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000
[  166.289377][   T30] audit: type=1326 audit(2000000118.869:1893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000
[  166.312517][   T30] audit: type=1326 audit(2000000118.869:1894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3315 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731b6fb9f9 code=0x7ffc0000
[  166.395408][ T3334] FAULT_INJECTION: forcing a failure.
[  166.395408][ T3334] name failslab, interval 1, probability 0, space 0, times 0
[  166.408167][ T3334] CPU: 0 PID: 3334 Comm: syz.3.823 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0
[  166.417796][ T3334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  166.427687][ T3334] Call Trace:
[  166.430813][ T3334]  <TASK>
[  166.433586][ T3334]  dump_stack_lvl+0x151/0x1b7
[  166.438278][ T3334]  ? io_uring_drop_tctx_refs+0x190/0x190
[  166.444178][ T3334]  ? __kasan_check_write+0x14/0x20
[  166.449130][ T3334]  ? mutex_unlock+0xb2/0x260
[  166.453551][ T3334]  dump_stack+0x15/0x17
[  166.456412][ T3336] loop1: detected capacity change from 0 to 512
[  166.457540][ T3334]  should_fail+0x3c6/0x510
[  166.467969][ T3334]  __should_failslab+0xa4/0xe0
[  166.472555][ T3334]  should_failslab+0x9/0x20
[  166.476892][ T3334]  slab_pre_alloc_hook+0x37/0xd0
[  166.481665][ T3334]  __kmalloc+0x6d/0x270
[  166.485657][ T3334]  ? __se_sys_memfd_create+0xf2/0x3e0
[  166.490866][ T3334]  __se_sys_memfd_create+0xf2/0x3e0
[  166.495899][ T3334]  __x64_sys_memfd_create+0x5b/0x70
[  166.500935][ T3334]  do_syscall_64+0x3d/0xb0
[  166.505192][ T3334]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  166.510999][ T3334] RIP: 0033:0x7f810c6d89f9
[  166.515253][ T3334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.534704][ T3334] RSP: 002b:00007f810b357e28 EFLAGS: 00000206 ORIG_RAX: 000000000000013f
[  166.542940][ T3334] RAX: ffffffffffffffda RBX: 0000000000000784 RCX: 00007f810c6d89f9
[  166.550753][ T3334] RDX: 00007f810b357f00 RSI: 0000000000000000 RDI: 00007f810c7470b3
[  166.558563][ T3334] RBP: 00000000200007c0 R08: 00007f810b357bc7 R09: 00007f810b357e50
[  166.566374][ T3334] R10: 000000000000000a R11: 0000000000000206 R12: 0000000020000240
[  166.574193][ T3334] R13: 00007f810b357f00 R14: 00007f810b357ec0 R15: 0000000020000040
[  166.582001][ T3334]  </TASK>
[  166.631250][ T3336] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  166.642898][ T3336] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038 (0x7fffffff)
[  166.690470][ T3347] loop4: detected capacity change from 0 to 2048
[  166.902621][ T3354] xt_CT: No such helper "pptp"
[  167.004605][  T432] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  167.019234][   T26] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  167.248637][ T3360] FAULT_INJECTION: forcing a failure.
[  167.248637][ T3360] name failslab, interval 1, probability 0, space 0, times 0
[  167.249177][  T432] usb 3-1: Using ep0 maxpacket: 8
[  167.261652][ T3360] CPU: 1 PID: 3360 Comm: syz.1.829 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0
[  167.275648][ T3360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  167.285545][ T3360] Call Trace:
[  167.288655][ T3360]  <TASK>
[  167.291433][ T3360]  dump_stack_lvl+0x151/0x1b7
[  167.296049][ T3360]  ? io_uring_drop_tctx_refs+0x190/0x190
[  167.301499][ T3360]  ? avc_denied+0x1b0/0x1b0
[  167.305857][ T3360]  ? __kasan_slab_alloc+0xc3/0xe0
[  167.310706][ T3360]  dump_stack+0x15/0x17
[  167.314689][ T3360]  should_fail+0x3c6/0x510
[  167.319291][ T3360]  __should_failslab+0xa4/0xe0
[  167.323892][ T3360]  ? __d_alloc+0x2d/0x6c0
[  167.328067][ T3360]  should_failslab+0x9/0x20
[  167.332398][ T3360]  slab_pre_alloc_hook+0x37/0xd0
[  167.337169][ T3360]  ? __d_alloc+0x2d/0x6c0
[  167.341338][ T3360]  kmem_cache_alloc+0x44/0x200
[  167.345937][ T3360]  __d_alloc+0x2d/0x6c0
[  167.349929][ T3360]  d_alloc_parallel+0xe6/0x12e0
[  167.354615][ T3360]  ? inode_permission+0xf8/0x460
[  167.359400][ T3360]  ? link_path_walk+0xb29/0xd90
[  167.364078][ T3360]  ? d_hash_and_lookup+0x1e0/0x1e0
[  167.369022][ T3360]  ? rwsem_mark_wake+0x770/0x770
[  167.373797][ T3360]  ? __mnt_want_write+0x1f6/0x270
[  167.378670][ T3360]  path_openat+0xa02/0x2f40
[  167.383177][ T3360]  ? stack_trace_snprint+0xf0/0xf0
[  167.388121][ T3360]  ? kmem_cache_free+0x116/0x2e0
[  167.392918][ T3360]  ? __kasan_slab_alloc+0xb1/0xe0
[  167.397746][ T3360]  ? kmem_cache_alloc+0xf5/0x200
[  167.402521][ T3360]  ? do_filp_open+0x460/0x460
[  167.407036][ T3360]  do_filp_open+0x21c/0x460
[  167.411375][ T3360]  ? vfs_tmpfile+0x2c0/0x2c0
[  167.415814][ T3360]  do_sys_openat2+0x13f/0x830
[  167.420319][ T3360]  ? __kasan_check_write+0x14/0x20
[  167.425269][ T3360]  ? mutex_unlock+0xb2/0x260
[  167.429686][ T3360]  ? wait_for_completion_killable_timeout+0x10/0x10
[  167.436110][ T3360]  ? do_sys_open+0x220/0x220
[  167.440536][ T3360]  ? __kasan_check_write+0x14/0x20
[  167.445493][ T3360]  ? fput_many+0x160/0x1b0
[  167.449746][ T3360]  ? fput+0x1a/0x20
[  167.453380][ T3360]  __x64_sys_openat+0x243/0x290
[  167.458068][ T3360]  ? __ia32_sys_open+0x270/0x270
[  167.462941][ T3360]  ? debug_smp_processor_id+0x17/0x20
[  167.468139][ T3360]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  167.474066][ T3360]  ? exit_to_user_mode_prepare+0x39/0xa0
[  167.479520][ T3360]  do_syscall_64+0x3d/0xb0
[  167.483763][ T3360]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  167.490005][ T3360] RIP: 0033:0x7f69928919f9
[  167.494271][ T3360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.513715][ T3360] RSP: 002b:00007f6991511048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  167.522051][ T3360] RAX: ffffffffffffffda RBX: 00007f6992a1ff80 RCX: 00007f69928919f9
[  167.530031][ T3360] RDX: 000000000000275a RSI: 0000000020000040 RDI: ffffffffffffff9c
[  167.537849][ T3360] RBP: 00007f69915110a0 R08: 0000000000000000 R09: 0000000000000000
[  167.545664][ T3360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.553800][ T3360] R13: 000000000000000b R14: 00007f6992a1ff80 R15: 00007ffe593c37d8
[  167.561642][ T3360]  </TASK>
[  167.649273][  T432] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  167.669862][  T432] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.689299][   T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  167.689707][  T432] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  167.709165][   T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.730513][   T26] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  167.784180][ T3371] loop1: detected capacity change from 0 to 512
[  167.797001][   T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.852117][   T26] usb 1-1: config 0 descriptor??
[  167.923461][  T432] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.938965][ T3371] EXT4-fs (loop1): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[  167.950825][ T3371] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038 (0x7fffffff)
[  167.960018][  T432] usb 3-1: config 0 descriptor??
[  168.000878][ T3368] loop3: detected capacity change from 0 to 40427
[  168.041464][ T3368] F2FS-fs (loop3): Small segment_count (9 < 1 * 24)
[  168.057230][ T3368] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  168.067977][ T3368] F2FS-fs (loop3): Found nat_bits in checkpoint
[  168.102008][ T3377] loop4: detected capacity change from 0 to 40427
[  168.102445][ T3368] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  168.115196][ T3368] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  168.180076][ T3377] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[  168.186526][ T3377] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  168.196966][ T3377] F2FS-fs (loop4): Found nat_bits in checkpoint
[  168.219177][ T3377] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  168.226041][ T3377] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  168.345202][   T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0
[  168.352497][   T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0
[  168.360786][   T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0
[  168.367822][   T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0
[  168.376165][   T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0
[  168.404851][   T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0
[  168.412661][   T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0
[  168.419871][   T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0
[  168.485402][  T293] attempt to access beyond end of device
[  168.485402][  T293] loop3: rw=2049, want=45112, limit=40427
[  168.496862][   T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0
[  168.505348][   T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0
[  168.512375][   T26] lg-g15 0003:046D:C222.0029: unknown main item tag 0x0
[  168.522621][   T26] lg-g15 0003:046D:C222.0029: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.0-1/input0
[  168.559979][  T432] usbhid 3-1:0.0: can't add hid device: -71
[  168.565849][  T432] usbhid: probe of 3-1:0.0 failed with error -71
[  168.583562][  T432] usb 3-1: USB disconnect, device number 24
[  168.608436][  T297] usb 1-1: USB disconnect, device number 21
[  168.646025][ T3389] netlink: 64 bytes leftover after parsing attributes in process `syz.3.839'.
[  168.655043][ T3389] netlink: 24 bytes leftover after parsing attributes in process `syz.3.839'.
[  168.666330][ T3389] loop3: detected capacity change from 0 to 512
[  168.713193][ T3389] EXT4-fs (loop3): Journaled quota options ignored when QUOTA feature is enabled
[  168.729035][ T3389] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  168.740127][ T3389] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  168.751069][ T3389] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  168.764649][ T3389] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  168.773708][ T3389] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e118, mo2=0000]
[  168.781786][ T3389] EXT4-fs (loop3): failed to initialize system zone (-117)
[  168.789404][ T3389] EXT4-fs (loop3): mount failed
[  168.886041][ T3244] attempt to access beyond end of device
[  168.886041][ T3244] loop4: rw=2049, want=45112, limit=40427
[  168.979678][ T3394] loop3: detected capacity change from 0 to 2048
[  169.030874][ T3394] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  169.174763][ T3407] loop3: detected capacity change from 0 to 2048
[  169.383793][ T3421] loop0: detected capacity change from 0 to 256
[  169.743515][ T3425] xt_CT: No such helper "pptp"
[  169.794658][ T3420] loop4: detected capacity change from 0 to 40427
[  169.829238][   T63] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  169.869802][ T3420] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[  169.908012][ T3420] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  169.919354][ T3420] F2FS-fs (loop4): Found nat_bits in checkpoint
[  169.962084][ T3420] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  169.969027][ T3420] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  170.508168][ T3244] attempt to access beyond end of device
[  170.508168][ T3244] loop4: rw=2049, want=45112, limit=40427
[  170.529386][   T63] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  170.540695][   T63] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  170.550592][   T63] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  170.559773][   T63] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.572426][   T63] usb 2-1: config 0 descriptor??
[  170.649210][   T20] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  170.715337][ T3453] FAULT_INJECTION: forcing a failure.
[  170.715337][ T3453] name failslab, interval 1, probability 0, space 0, times 0
[  170.727932][ T3453] CPU: 1 PID: 3453 Comm: syz.4.861 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0
[  170.737470][ T3453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  170.747415][ T3453] Call Trace:
[  170.750480][ T3453]  <TASK>
[  170.753475][ T3453]  dump_stack_lvl+0x151/0x1b7
[  170.757939][ T3453]  ? io_uring_drop_tctx_refs+0x190/0x190
[  170.763409][ T3453]  dump_stack+0x15/0x17
[  170.767410][ T3453]  should_fail+0x3c6/0x510
[  170.771657][ T3453]  __should_failslab+0xa4/0xe0
[  170.776261][ T3453]  should_failslab+0x9/0x20
[  170.780686][ T3453]  slab_pre_alloc_hook+0x37/0xd0
[  170.785452][ T3453]  kmem_cache_alloc_trace+0x48/0x210
[  170.790583][ T3453]  ? v9fs_mount+0x5f/0x7f0
[  170.794826][ T3453]  v9fs_mount+0x5f/0x7f0
[  170.798912][ T3453]  legacy_get_tree+0xf1/0x190
[  170.803419][ T3453]  ? incfs_get_verity_signature+0x420/0x420
[  170.809150][ T3453]  vfs_get_tree+0x88/0x290
[  170.813401][ T3453]  do_new_mount+0x2ba/0xb30
[  170.817740][ T3453]  ? do_move_mount_old+0x160/0x160
[  170.822687][ T3453]  ? security_capable+0x87/0xb0
[  170.827372][ T3453]  ? ns_capable+0x89/0xe0
[  170.831538][ T3453]  path_mount+0x671/0x1070
[  170.835794][ T3453]  __se_sys_mount+0x2c4/0x3b0
[  170.840311][ T3453]  ? fput+0x1a/0x20
[  170.843960][ T3453]  ? __x64_sys_mount+0xd0/0xd0
[  170.848550][ T3453]  ? debug_smp_processor_id+0x17/0x20
[  170.853760][ T3453]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  170.859665][ T3453]  __x64_sys_mount+0xbf/0xd0
[  170.864086][ T3453]  do_syscall_64+0x3d/0xb0
[  170.868338][ T3453]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  170.874067][ T3453] RIP: 0033:0x7f6e1f3589f9
[  170.878332][ T3453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.897778][ T3453] RSP: 002b:00007f6e1dfd8048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  170.906006][ T3453] RAX: ffffffffffffffda RBX: 00007f6e1f4e6f80 RCX: 00007f6e1f3589f9
[  170.913816][ T3453] RDX: 0000000020000280 RSI: 00000000200002c0 RDI: 0000000000000000
[  170.921627][ T3453] RBP: 00007f6e1dfd80a0 R08: 0000000020000440 R09: 0000000000000000
[  170.929438][ T3453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.937340][ T3453] R13: 000000000000000b R14: 00007f6e1f4e6f80 R15: 00007ffc0655e728
[  170.945159][ T3453]  </TASK>
[  170.949400][   T26] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  170.976058][ T3456] loop4: detected capacity change from 0 to 2048
[  171.045579][ T3458] FAULT_INJECTION: forcing a failure.
[  171.045579][ T3458] name failslab, interval 1, probability 0, space 0, times 0
[  171.058155][ T3458] CPU: 1 PID: 3458 Comm: syz.2.863 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0
[  171.061431][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  171.067782][ T3458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  171.079835][   T20] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  171.088358][ T3458] Call Trace:
[  171.104331][ T3458]  <TASK>
[  171.107107][ T3458]  dump_stack_lvl+0x151/0x1b7
[  171.111626][ T3458]  ? io_uring_drop_tctx_refs+0x190/0x190
[  171.117092][ T3458]  dump_stack+0x15/0x17
[  171.121079][ T3458]  should_fail+0x3c6/0x510
[  171.125333][ T3458]  __should_failslab+0xa4/0xe0
[  171.129933][ T3458]  ? __build_skb+0x2a/0x300
[  171.134272][ T3458]  should_failslab+0x9/0x20
[  171.138612][ T3458]  slab_pre_alloc_hook+0x37/0xd0
[  171.143384][ T3458]  ? __build_skb+0x2a/0x300
[  171.147724][ T3458]  kmem_cache_alloc+0x44/0x200
[  171.152326][ T3458]  __build_skb+0x2a/0x300
[  171.156506][ T3458]  build_skb+0x25/0x1f0
[  171.160502][ T3458]  tun_get_user+0x1c7e/0x3aa0
[  171.164997][ T3458]  ? kasan_set_track+0x4b/0x70
[  171.169593][ T3458]  ? kasan_set_free_info+0x23/0x40
[  171.174557][ T3458]  ? tun_do_read+0x1ef0/0x1ef0
[  171.179240][ T3458]  ? kstrtouint_from_user+0x20a/0x2a0
[  171.184447][ T3458]  ? kstrtol_from_user+0x310/0x310
[  171.189398][ T3458]  ? avc_policy_seqno+0x1b/0x70
[  171.194085][ T3458]  ? selinux_file_permission+0x2c4/0x570
[  171.199638][ T3458]  tun_chr_write_iter+0x1e1/0x2e0
[  171.204496][ T3458]  vfs_write+0xd5d/0x1110
[  171.208661][ T3458]  ? kmem_cache_free+0x2c3/0x2e0
[  171.213439][ T3458]  ? file_end_write+0x1c0/0x1c0
[  171.218128][ T3458]  ? __fdget_pos+0x209/0x3a0
[  171.222552][ T3458]  ? ksys_write+0x77/0x2c0
[  171.226821][ T3458]  ksys_write+0x199/0x2c0
[  171.230969][ T3458]  ? __ia32_sys_read+0x90/0x90
[  171.235568][ T3458]  ? debug_smp_processor_id+0x17/0x20
[  171.240776][ T3458]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  171.246852][ T3458]  __x64_sys_write+0x7b/0x90
[  171.251278][ T3458]  do_syscall_64+0x3d/0xb0
[  171.255530][ T3458]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  171.261259][ T3458] RIP: 0033:0x7f2abaab24df
[  171.265517][ T3458] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48
[  171.284958][ T3458] RSP: 002b:00007f2ab9733010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  171.293206][ T3458] RAX: ffffffffffffffda RBX: 00007f2abac41f80 RCX: 00007f2abaab24df
[  171.301009][ T3458] RDX: 0000000000000036 RSI: 0000000020000080 RDI: 00000000000000c8
[  171.308820][ T3458] RBP: 00007f2ab97330a0 R08: 0000000000000000 R09: 0000000000000000
[  171.316640][ T3458] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[  171.324452][ T3458] R13: 000000000000000b R14: 00007f2abac41f80 R15: 00007ffcef0668f8
[  171.332267][ T3458]  </TASK>
[  171.335741][   T20] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  171.346856][ T3456] xt_CT: No such helper "pptp"
[  171.347346][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.351990][   T63] hid (null): bogus close delimiter
[  171.363056][   T20] usb 4-1: config 0 descriptor??
[  171.596571][ T3468] loop4: detected capacity change from 0 to 256
[  171.689430][   T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  171.738769][   T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  171.768184][   T26] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  171.779822][   T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.812885][   T26] usb 1-1: config 0 descriptor??
[  171.980195][   T20] plantronics 0003:047F:FFFF.002B: No inputs registered, leaving
[  171.989017][   T20] plantronics 0003:047F:FFFF.002B: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  172.029271][   T63] uclogic 0003:256C:006D.002A: failed retrieving Huion firmware version: -71
[  172.037911][   T63] uclogic 0003:256C:006D.002A: failed probing parameters: -71
[  172.045399][   T63] uclogic: probe of 0003:256C:006D.002A failed with error -71
[  172.056510][   T63] usb 2-1: USB disconnect, device number 19
[  172.290480][   T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0
[  172.309577][   T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0
[  172.326659][   T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0
[  172.339234][   T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0
[  172.356174][   T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0
[  172.369256][   T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0
[  172.386303][   T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0
[  172.394133][   T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0
[  172.405705][   T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0
[  172.433028][   T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0
[  172.443110][   T26] lg-g15 0003:046D:C222.002C: unknown main item tag 0x0
[  172.464430][   T63] usb 4-1: USB disconnect, device number 19
[  172.473349][   T26] lg-g15 0003:046D:C222.002C: hidraw1: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.0-1/input0
[  172.492846][   T30] kauditd_printk_skb: 196 callbacks suppressed
[  172.492861][   T30] audit: type=1326 audit(2000000125.579:2091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000
[  172.500022][   T26] usb 1-1: USB disconnect, device number 22
[  172.525045][   T30] audit: type=1326 audit(2000000125.579:2092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000
[  172.597853][ T3488] loop1: detected capacity change from 0 to 512
[  172.612034][   T30] audit: type=1326 audit(2000000125.619:2093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000
[  172.649552][   T30] audit: type=1326 audit(2000000125.619:2094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000
[  172.672943][   T30] audit: type=1326 audit(2000000125.619:2095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000
[  172.696199][   T30] audit: type=1326 audit(2000000125.649:2096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000
[  172.767908][   T30] audit: type=1326 audit(2000000125.649:2097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000
[  172.771784][ T3490] syz.3.874[3490] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  172.797311][   T30] audit: type=1326 audit(2000000125.649:2098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000
[  172.802161][ T3480] loop4: detected capacity change from 0 to 40427
[  172.813151][   T30] audit: type=1326 audit(2000000125.649:2099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000
[  172.839888][ T3490] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  172.862142][   T30] audit: type=1326 audit(2000000125.649:2100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3483 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f810c6d89f9 code=0x7ffc0000
[  172.872686][ T3490] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  172.872702][ T3490] CPU: 1 PID: 3490 Comm: syz.3.874 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0
[  172.872719][ T3490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  172.872730][ T3490] RIP: 0010:bpf_check+0x9514/0x12bf0
[  172.897616][ T3488] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpid,grpquota,grpid,errors=remount-ro,. Quota mode: writeback.
[  172.904206][ T3490] Code: 24 70 80 3c 08 00 74 08 4c 89 ef e8 a6 af 30 00 49 8b 75 00 89 df 41 ff d6 48 89 c3 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 df e8 7e af 30 00 48 8b 1b 48 85 db 0f 84
[  172.904229][ T3490] RSP: 0018:ffffc90000cc7500 EFLAGS: 00010246
[  172.904245][ T3490] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000
[  172.904257][ T3490] RDX: ffffc90003729000 RSI: 000000000003ffff RDI: 0000000000040000
[  172.904268][ T3490] RBP: ffffc90000cc7bd0 R08: ffffffff817c09ad R09: ffffc90000cc6de8
[  172.904281][ T3490] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92000125813
[  172.904292][ T3490] R13: ffff888121684008 R14: ffffffff817bc3d0 R15: ffffc9000092c09c
[  172.904306][ T3490] FS:  00007f810b3586c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  173.015155][ T3490] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  173.015176][ T3490] CR2: 0000000020002800 CR3: 000000010f00c000 CR4: 00000000003526a0
[  173.015191][ T3490] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  173.015201][ T3490] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  173.015212][ T3490] Call Trace:
[  173.015218][ T3490]  <TASK>
[  173.015226][ T3490]  ? __die_body+0x62/0xb0
[  173.015249][ T3490]  ? die_addr+0x9f/0xd0
[  173.015266][ T3490]  ? exc_general_protection+0x311/0x4b0
[  173.015291][ T3490]  ? asm_exc_general_protection+0x27/0x30
[  173.015311][ T3490]  ? tracing_prog_func_proto+0x300/0x300
[  173.015336][ T3490]  ? bpf_tracing_func_proto+0x15d/0x4a0
[  173.015355][ T3490]  ? bpf_check+0x9514/0x12bf0
[  173.015383][ T3490]  ? bpf_get_btf_vmlinux+0x60/0x60
[  173.015399][ T3490]  ? arch_stack_walk+0xf3/0x140
[  173.015419][ T3490]  ? stack_trace_save+0x113/0x1c0
[  173.015436][ T3490]  ? stack_trace_snprint+0xf0/0xf0
[  173.015455][ T3490]  ? ____kasan_kmalloc+0xed/0x110
[  173.015471][ T3490]  ? ____kasan_kmalloc+0xdb/0x110
[  173.015485][ T3490]  ? __kasan_kmalloc+0x9/0x10
[  173.015499][ T3490]  ? kmem_cache_alloc_trace+0x115/0x210
[  173.015517][ T3490]  ? selinux_bpf_prog_alloc+0x51/0x140
[  173.015534][ T3490]  ? security_bpf_prog_alloc+0x62/0x90
[  173.015550][ T3490]  ? bpf_prog_load+0x9ee/0x1b50
[  173.015565][ T3490]  ? __sys_bpf+0x4bc/0x760
[  173.015580][ T3490]  ? __x64_sys_bpf+0x7c/0x90
[  173.015593][ T3490]  ? do_syscall_64+0x3d/0xb0
[  173.015610][ T3490]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  173.015637][ T3490]  ? __kasan_kmalloc+0x9/0x10
[  173.015652][ T3490]  ? memset+0x35/0x40
[  173.015667][ T3490]  ? bpf_obj_name_cpy+0x196/0x1e0
[  173.015683][ T3490]  bpf_prog_load+0x12ac/0x1b50
[  173.015701][ T3490]  ? map_freeze+0x370/0x370
[  173.015719][ T3490]  ? selinux_bpf+0xcb/0x100
[  173.015734][ T3490]  ? security_bpf+0x82/0xb0
[  173.015749][ T3490]  __sys_bpf+0x4bc/0x760
[  173.015764][ T3490]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  173.015782][ T3490]  ? __kasan_check_read+0x11/0x20
[  173.015799][ T3490]  __x64_sys_bpf+0x7c/0x90
[  173.015814][ T3490]  do_syscall_64+0x3d/0xb0
[  173.015831][ T3490]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  173.015849][ T3490] RIP: 0033:0x7f810c6d89f9
[  173.015864][ T3490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.015877][ T3490] RSP: 002b:00007f810b358048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  173.015895][ T3490] RAX: ffffffffffffffda RBX: 00007f810c866f80 RCX: 00007f810c6d89f9
[  173.015907][ T3490] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005
[  173.015917][ T3490] RBP: 00007f810c7468ee R08: 0000000000000000 R09: 0000000000000000
[  173.015927][ T3490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  173.015937][ T3490] R13: 000000000000000b R14: 00007f810c866f80 R15: 00007ffe6d683628
[  173.015951][ T3490]  </TASK>
[  173.015956][ T3490] Modules linked in:
[  173.016855][ T3490] ---[ end trace b9ff0646d423f987 ]---
[  173.016879][ T3490] RIP: 0010:bpf_check+0x9514/0x12bf0
[  173.016903][ T3490] Code: 24 70 80 3c 08 00 74 08 4c 89 ef e8 a6 af 30 00 49 8b 75 00 89 df 41 ff d6 48 89 c3 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 df e8 7e af 30 00 48 8b 1b 48 85 db 0f 84
[  173.016917][ T3490] RSP: 0018:ffffc90000cc7500 EFLAGS: 00010246
[  173.016933][ T3490] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000
[  173.016944][ T3490] RDX: ffffc90003729000 RSI: 000000000003ffff RDI: 0000000000040000
[  173.016957][ T3490] RBP: ffffc90000cc7bd0 R08: ffffffff817c09ad R09: ffffc90000cc6de8
[  173.016969][ T3490] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92000125813
[  173.016981][ T3490] R13: ffff888121684008 R14: ffffffff817bc3d0 R15: ffffc9000092c09c
[  173.016994][ T3490] FS:  00007f810b3586c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  173.017011][ T3490] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  173.017023][ T3490] CR2: 0000000020007fc2 CR3: 000000010f00c000 CR4: 00000000003526b0
[  173.017039][ T3490] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  173.017049][ T3490] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  173.017067][ T3490] Kernel panic - not syncing: Fatal exception
[  173.017284][ T3490] Kernel Offset: disabled
[  173.423171][ T3490] Rebooting in 86400 seconds..