last executing test programs:

5m41.853946049s ago: executing program 32 (id=27):
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[], 0x48)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000040)=0x7db2, 0x4)
sendmmsg$inet6(r5, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback, 0x8}, 0x1c, 0x0}}], 0x1, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x42, &(0x7f0000000000)=0x4, 0x4)
recvmsg(r5, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0, 0x0, 0x0, 0x0, 0xd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x2, 0x300}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYRES8=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r6}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0xa, 0xa, 0x0, 0x1, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000016c0)={0x0, 0xc, &(0x7f0000000880)=ANY=[@ANYRESOCT=0x0, @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)

4m44.940733243s ago: executing program 33 (id=282):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000600)={{{@in6=@empty, @in6=@private0}}, {{@in=@broadcast}, 0x0, @in6=@private1}}, 0x0)
getresgid(&(0x7f0000000740), &(0x7f0000000780), &(0x7f00000007c0))
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000080)='./file2\x00', 0x0, &(0x7f0000000180)={[{@background_gc_on}, {@user_xattr}, {@nolazytime}, {@usrjquota={'usrjquota', 0x3d, '\x00'}}]}, 0x11, 0x5508, &(0x7f0000000a40)="$eJzs3M1rI2UYAPBn2u1+uxbx4G0HFqGFTdh0t4vequ7iB3Ypqx48aZqkIbtJpjRpWnvy4FE8+J+IgieP/g0ePHsTEcWboGRmqq0fIDRt7Pb3g8kz75s3zzxvWBaemZIAzqz59JefkrgWlyJiNiKuRuTnSXnkVorwXERcj4iZA0dSzv8xcT4iLkfEtXHyImdSvvXpzdGN5R/e+PmrSxfOXfnsy2+nt2tg2p6PiN5mcb7TK2LWLuKjcr4+6uSxd2dUxuKN3uNynBVxp7WeZ9ip76+r5/F2u1ifbW4PxnGjW2+MY7uzkc9v9osLDkbt/Tz5Bx7Vt/Jxs7Wex84gy2N7r6hrd6/4v21vMCzyNMt8H+TpYzjcj8V8a7dV7GfzcR4b/WE5X+TNmq3dcRyVsbxcNLJuM69j/Sjf9P/bm53+9m46am0NOlk/Xa7WXqjW7lZqW1mzNWzdqdR7zbt30oV2d7ysMmzVeyvtLGt3W9VG1ltMF9qNRqVWSxfutdY79X5aq1VvV29VlhfLs5vpqw/eSbvNdGEcX+70t4ed7iDdyLbS4hOL6VL19ouL6Y1a+tbqWrr28P791bW337v37oOXVl9/pVz0t7LShaVbS0uV2q3KUm3xDO3/o7LoCe4fjiSZdgEAp89U+v9v9P9w1h1f/7/1MOJg/5/8eBz9f+j/J+JU9b9nvf8/hv3Dkej/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOrO/mPn8tP5kvxlfK+afKqWfKcRIRMxHx2z+YjfOHcs6Weeb+Zf3cX2r4Ook8w/gaF8rjckSslMevTx/3twAAAABPri8+vP5J0a0XL/PTLoiTVNy0mbn6/oTyJRExN//9hLLNjF+enVCy/N/3udidULb8BtbFCSUrbrmdm1S2/2T2ULh4ICRFmDnRcgAAgBNxuBM42S4EAACAk/TxtAtgOpLYf5S5/yw4/8v7Px8IXjo0AgAAAE6hZNoFAAAAAMcu7//9/h8AAAA82Yrf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgN/ZuZucRIIwDMBfN/TA/GXIZPZzldnBMeYILl0aDuAlOIHBK3gBzoA7j2DA0NUSUTTG/ovkeZKmqAZeviL0oqqSBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANp0Wyxn1xd/L+vmbLb1NDMaAAAA4Jh1sZyVTyap/706/7M69bvqZxGRR8SxufsgvhxkDqqc4pX3F89quIkoE3bfMaqObxHxrzruf7X9KwAAAMDpWs0X0zRbTw+TvguiS2nRJv/x/+VLVx/JyyKimNzVrivJd3l/Ggor/9/DOG8orVzAGjcUlpbchk2lvUt5ue9X7cZPmiw1+dufb2zsAABAhwYHTbezEAAAALp01ncB9COLx63M/VbgKDXV9t7Xgx4AAADwCWV9FwAAAAC0rpz/u/8fAAAAnLZ0/z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADatC6Ws9V8Ma2bs9nW08xoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHtifdxQIgTAIg73rO5O5/2GlQVNTkyoQPv7GYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYn9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYud+XuOo4gCAv5nZ2dqquEbZQ0QUPOjFbre1tTfxoAQP/glCSLc1duuPNgdbirAXb5JzL6JHEUGJt/4PPbfQS73lsIcInpX5lUx+QNZfM5vk84E377vDMO/7ZiHkO+8lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGX67k6cZIdeEcfluYdbd1ey/tGePnN//fFi1rI4ajLpo+Hl+oeo314iAAAAnBxJVd+HEJ6kG0tZH/fy+j+trslq/u+eLeKqnt9b91d9Vftn7ddfNl/cHqhXjJPd9OrqeHRufyqd/2+W8+25Q6/o5E8+f/eS5F9I/MHkhWmaP8/omwcP3uvm4akmsgUA/omzVV8G1e9DWT9sMzEAToxOrfCu6v+k125OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE2YTsLTVRyFEBY7O3Hm0dbdlYP6++uPF6t26d699fo9s1ukIYSrq+PRuQbnMu9u3b5zfXk8Ht1sPnglhNDW6O+U07/+0QwXh9DK8xH8R0Fcftnzks/RCFr8oQQAwLGUli2r65+kG0vZuWghhD+/313/v16Lw4z1/+bHlx7Wx6rX/8PGZjj/Bms3Ph/cun3nzdUby9dG10afvnV++PbwwuWLFy8P8nclA29MAAAA+He6ZavX//HC/vX/M7U4HFb/T4r6/4tvh1/Vx0rU/wfaWfRrOxMAAICT7flX//g9OuB81O2GL5fX1m4Oi+P25/PFsYVU/7ZTZavX/8lC21kBAAAATZhOol3r/1dqcZhx//8zP7z0U/2eSQjhdLn+f3bls/GV5qYz15r4c+K25wgAAEC7Tpetvv6f5vv/4+0tD3EI4Y3Xirj8N4Az1f/J+1//WB+rvv//QnNTnEtxv3geed8PodNvOyMAAACOs6fKlhX7v6UbS5/8fObDrv3/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE37KwAA//+Rlz8k")

4m44.23964229s ago: executing program 6 (id=283):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
timerfd_create(0x8, 0x80800)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2160, 0x0)
bind$inet6(r0, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000008, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x64}}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/syz0\x00', 0x1ff) (fail_nth: 1)

4m43.997390789s ago: executing program 34 (id=283):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
timerfd_create(0x8, 0x80800)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2160, 0x0)
bind$inet6(r0, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000008, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x64}}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/syz0\x00', 0x1ff) (fail_nth: 1)

4m43.870994098s ago: executing program 7 (id=286):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
syz_mount_image$f2fs(&(0x7f00000002c0), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="6e6f646973636172642c6163746976655f6c6f67733d362c646973636172645f756e69743d73656374696f6e2c616c6c6f635f6d6f64653d72657573652c696e6c696e655f78617474722c6661756c745f747970653d30303030303030303030303030303030303030372c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c626172726965722c6167655f657874656e745f63616368652c757365725f78617474722c71756f74612c0089e5afa1e5917778089d53bf1e7976b8101ed131cec59926dc45294c5c18206d0a669306b1d0cc8e4f7753c03396a2734f10a3d75d435a08eff937580007aaad0ec81f842b74c22ac48ca4fbfd6fc3a509f51ebd287101d13d198d9a644e3d8216f29bc51a3a607656666d4d54e20072d115c3f57de32b7eb4964b4a45b355bb9d1a8cb6259ad2a4a5ef3e291451b10a28707e7964398a2d7a8a8d2b9e2ada5657"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)

4m43.828981778s ago: executing program 35 (id=286):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
syz_mount_image$f2fs(&(0x7f00000002c0), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="6e6f646973636172642c6163746976655f6c6f67733d362c646973636172645f756e69743d73656374696f6e2c616c6c6f635f6d6f64653d72657573652c696e6c696e655f78617474722c6661756c745f747970653d30303030303030303030303030303030303030372c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c626172726965722c6167655f657874656e745f63616368652c757365725f78617474722c71756f74612c0089e5afa1e5917778089d53bf1e7976b8101ed131cec59926dc45294c5c18206d0a669306b1d0cc8e4f7753c03396a2734f10a3d75d435a08eff937580007aaad0ec81f842b74c22ac48ca4fbfd6fc3a509f51ebd287101d13d198d9a644e3d8216f29bc51a3a607656666d4d54e20072d115c3f57de32b7eb4964b4a45b355bb9d1a8cb6259ad2a4a5ef3e291451b10a28707e7964398a2d7a8a8d2b9e2ada5657"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)

4m43.700679377s ago: executing program 8 (id=288):
socket$can_raw(0x1d, 0x3, 0x1)
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt(r0, 0x65, 0x1, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000001100)={'vcan0\x00', <r1=>0x0})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
bind$can_raw(r0, &(0x7f0000000000)={0x1d, r1}, 0x10)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x2, &(0x7f0000001040)=0x7, 0x4)
syz_usb_connect(0x0, 0x81, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000a7420040ab0501030001010203010902240001000000000904000002aad45c0009058e02000000000009050a06"], 0x0)

4m43.619161897s ago: executing program 36 (id=288):
socket$can_raw(0x1d, 0x3, 0x1)
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt(r0, 0x65, 0x1, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000001100)={'vcan0\x00', <r1=>0x0})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
bind$can_raw(r0, &(0x7f0000000000)={0x1d, r1}, 0x10)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x2, &(0x7f0000001040)=0x7, 0x4)
syz_usb_connect(0x0, 0x81, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000a7420040ab0501030001010203010902240001000000000904000002aad45c0009058e02000000000009050a06"], 0x0)

3m22.43749559s ago: executing program 0 (id=648):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@index_off}]})
mknodat$loop(0xffffffffffffffff, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)

3m22.35172057s ago: executing program 0 (id=649):
r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x77, 0x101401)
ioctl$USBDEVFS_CONNECTINFO(r0, 0x40085511, 0x0)

3m22.35015971s ago: executing program 0 (id=650):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
syz_open_procfs$pagemap(0x0, &(0x7f0000000040))
ioctl$FS_IOC_GETFSLABEL(r0, 0x800452d2, &(0x7f0000000100))

3m22.307252079s ago: executing program 0 (id=652):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x2000480, &(0x7f0000000100), 0x5, 0x75b, &(0x7f0000000800)="$eJzs3c9rHFUcAPDvbJKmTauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnr2R7159cdV/wsP0lI1LVY8SGQ2s+m22U03aZJF9/OB1743M5s333kz897uDDMB9KzR9J9cxOGI+DCJGM6mJxExUM/1R5xcW+72ynIxTUmsrr7+e1Jf5tbKcjGaPpM6mBUej4gf3os4kttYb3VxaaZQLpfms/J4bfbCeHVx6ej52cJ0abo0d3xicvLYiedOHN+5QP/8eenQ9Y9eefrrk3+/+9jVD35M4mQcymY3x7FTRmM02yYD6Sa8y8s7XVmXJd1eAbYlPTT71o7yOBzD0VfPAQD/Z29HxCoA0GMS/T8A9JjG7wC3VpaLjdTdXyT21o2XImL/WvyN65trc/qza3b769dBh24ld10ZSSJiZAfqH42Iz79988s0xS5dhwRo5Z3LEXF2ZHTj+T/ZcM/CVj3TwTKj95Sd/2DvfJeOf55vNf7LrY9/osX4Z7DFsbsd9z/+c9d2oJq20vHfi033tt1uij8z0peVHqqP+QaSc+fLpfTc9nBEjMXAYFqe2KSOsZv/3Gw3r3n898fHb32R1p/+f2eJ3LX+wbs/M1WoFR4k5mY3Lkc80d8q/mS9/ZM249/THdbx6gvvf9ZuXhp/Gm8jbYx/d61eiXiqZfvfuaMt2fT+xPH67jDe2Cla+OaXT4fa1d/c/mlK6298F9gLafsPbR7/SNJ8v2Z163X8dGX4+3bz7h9/6/1/X/JGPb8vm3apUKvNT0TsS17bOP3Ync9m5QORLZ/GP/Zk6+N/s/0//U54tsP4+6//9tX2499dafxTW2r/rWeu3p7pa1d/Z+0/Wc+NZVM6Of91uoIPsu0AAAAAAAAAAAAAAAAAAAAAAAAAoFO5iDgUSS6/ns/l8vm1d3g/GkO5cqVaO3KusjA3FfV3ZY/EQK7xqMvhpuehTmTPw2+Uj91TfjYiHomITwYP1Mv5YqU81e3gAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBzsM37/1O/DnZ77QCAXbO/2ysAAOw5/T8A9B79PwD0Hv0/APQe/T8A9B79PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALvs9KlTaVr9a2W5mJanLi4uzFQuHp0qVWfyswvFfLEyfyE/XalMl0v5YmX2fn+vXKlcmIy5hUvjtVK1Nl5dXDozW1mYq505P1uYLp0pDexJVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwNdXFpZlCuVyal5GRkVnPdPvMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf8G8AAAD//7WFKeA=")
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00')
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000100)={0x80002005})
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)

3m22.121180069s ago: executing program 0 (id=655):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x10f501, 0x32)
r1 = syz_open_dev$vcsa(&(0x7f00000002c0), 0x3, 0x200)
linkat(r0, &(0x7f0000000280)='./file0\x00', r1, &(0x7f0000000340)='./file0\x00', 0x400)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000", 0x36}], 0x1)
writev(r3, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}, [@printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
close(0xffffffffffffffff)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="040000000000000008003f006563060008001b"], 0x30}}, 0x0)

3m21.647678677s ago: executing program 0 (id=656):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r2}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])

3m21.086881045s ago: executing program 37 (id=656):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r2}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])

2m16.824225358s ago: executing program 5 (id=912):
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000004000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000005c0)='kfree\x00', r0}, 0x18)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])

2m16.734821258s ago: executing program 5 (id=915):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000)
r2 = dup2(r1, r1)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x5)
read$FUSE(r2, &(0x7f0000001600)={0x2020}, 0x2020)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ff7fffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='sys_enter\x00', r4}, 0x10)
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140))

2m14.082727097s ago: executing program 5 (id=920):
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000040), 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
read(r1, &(0x7f0000000080)=""/155, 0x9b)
write$binfmt_script(r0, &(0x7f00000036c0)={'#! ', './file0'}, 0xb)
r2 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
mprotect(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x14cb84fb0918cdfe)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x2)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000540)={0x50, 0x0, &(0x7f00000004c0)=[@increfs={0x40046304, 0x2}, @exit_looper, @reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000380)={@ptr={0x70742a85, 0x0, &(0x7f0000000180)=""/70, 0x46, 0x2, 0x8}, @ptr={0x70742a85, 0x0, &(0x7f0000000200)=""/254, 0xfe, 0x0, 0xa}, @ptr={0x70742a85, 0x0, &(0x7f0000000300)=""/96, 0x60, 0x0, 0x14}}, &(0x7f0000000400)={0x0, 0x28, 0x50}}}], 0x0, 0x0, 0x0})
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x2880, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r3, 0x400448dd, &(0x7f0000000100))
r5 = syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff034}]}, 0x10)
syz_usb_ep_write$ath9k_ep2(r5, 0x83, 0x8, &(0x7f0000000080)=ANY=[])
syz_usb_connect$printer(0x3, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201100100"], 0x0)
syz_usb_ep_write$ath9k_ep2(r5, 0x83, 0x8, &(0x7f00000000c0)=ANY=[])

2m10.242589551s ago: executing program 5 (id=939):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x2000480, &(0x7f0000000100), 0x5, 0x75b, &(0x7f0000000800)="$eJzs3c9rHFUcAPDvbJKmTauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnr2R7159cdV/wsP0lI1LVY8SGQ2s+m22U03aZJF9/OB1743M5s333kz897uDDMB9KzR9J9cxOGI+DCJGM6mJxExUM/1R5xcW+72ynIxTUmsrr7+e1Jf5tbKcjGaPpM6mBUej4gf3os4kttYb3VxaaZQLpfms/J4bfbCeHVx6ej52cJ0abo0d3xicvLYiedOHN+5QP/8eenQ9Y9eefrrk3+/+9jVD35M4mQcymY3x7FTRmM02yYD6Sa8y8s7XVmXJd1eAbYlPTT71o7yOBzD0VfPAQD/Z29HxCoA0GMS/T8A9JjG7wC3VpaLjdTdXyT21o2XImL/WvyN65trc/qza3b769dBh24ld10ZSSJiZAfqH42Iz79988s0xS5dhwRo5Z3LEXF2ZHTj+T/ZcM/CVj3TwTKj95Sd/2DvfJeOf55vNf7LrY9/osX4Z7DFsbsd9z/+c9d2oJq20vHfi033tt1uij8z0peVHqqP+QaSc+fLpfTc9nBEjMXAYFqe2KSOsZv/3Gw3r3n898fHb32R1p/+f2eJ3LX+wbs/M1WoFR4k5mY3Lkc80d8q/mS9/ZM249/THdbx6gvvf9ZuXhp/Gm8jbYx/d61eiXiqZfvfuaMt2fT+xPH67jDe2Cla+OaXT4fa1d/c/mlK6298F9gLafsPbR7/SNJ8v2Z163X8dGX4+3bz7h9/6/1/X/JGPb8vm3apUKvNT0TsS17bOP3Ync9m5QORLZ/GP/Zk6+N/s/0//U54tsP4+6//9tX2499dafxTW2r/rWeu3p7pa1d/Z+0/Wc+NZVM6Of91uoIPsu0AAAAAAAAAAAAAAAAAAAAAAAAAoFO5iDgUSS6/ns/l8vm1d3g/GkO5cqVaO3KusjA3FfV3ZY/EQK7xqMvhpuehTmTPw2+Uj91TfjYiHomITwYP1Mv5YqU81e3gAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBzsM37/1O/DnZ77QCAXbO/2ysAAOw5/T8A9B79PwD0Hv0/APQe/T8A9B79PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALvs9KlTaVr9a2W5mJanLi4uzFQuHp0qVWfyswvFfLEyfyE/XalMl0v5YmX2fn+vXKlcmIy5hUvjtVK1Nl5dXDozW1mYq505P1uYLp0pDexJVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwNdXFpZlCuVyal5GRkVnPdPvMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDf8G8AAAD//7WFKeA=")
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00')
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000100)={0x80002005})
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)

2m9.447477117s ago: executing program 5 (id=945):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000032500000000000000000018110000", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000850000000f000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})

2m9.319649907s ago: executing program 5 (id=948):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ff7fffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b6000000"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='sys_enter\x00', r1}, 0x10)
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140))

2m9.292439597s ago: executing program 38 (id=948):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ff7fffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b6000000"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='sys_enter\x00', r1}, 0x10)
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140))

20.419085314s ago: executing program 3 (id=1377):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = openat$zero(0xffffffffffffff9c, 0x0, 0x480304, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b70800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x4ace457a, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000000001000004000000000000000002"], &(0x7f0000000240)=""/199, 0x3e, 0xc7, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xb6, 0x0)
timerfd_gettime(0xffffffffffffffff, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0x400003, &(0x7f0000000200)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@noblock_validity}, {@usrquota}, {@resgid}, {@nogrpid}, {@errors_remount}, {@noinit_itable}, {@dioread_lock}, {@journal_dev={'journal_dev', 0x3d, 0x4}, 0x32}]}, 0x1b, 0x4f5, &(0x7f0000000340)="$eJzs3V1rHGsdAPD/TLJtk6YmRS9qwVpsJSna3aSxbfCiVhG9Kqj12hqTTQjZZEN20zahaIofQBBRQRC88kbwAwjSjyBCQe9FRRFtPRe9OKd72Le+JLvJ9nSz25P8fjCZ55mX/P/PLjszz8wwE8CRdT4iLkTE80qlcikiRhvT08Zws1rZri/39MmDueqQRKVy+79JRFKfVl1k4pX/ebK+SpyIiO98M+IHye64pc2t5dlCIb/eqOfKK2u50ubW5aWV2cX8Yn51enrq2sz1maszk11p50hE3Pj6P3/+k99+48Yfv3jvb3f+PfHDpDE94mU7uq3e9Ezts2gajIj1gwjWBzcb7cn0OxEAADrSPM7/XERcitEYqB3NAQAAAIdJ5Ssj8X4SUQEAAAAOrbR2D2ySZhv3AYxEmmaz9Xt4PxXDaaFYKn9hobixOl+/V3YsMunCUiE/2bhXeCwySbU+VSu/rF/ZUZ+OiNMR8bPRoVo9O1cszPf75AcAAAAcESd39P/fG633/wEAAIBDZqzfCQAAAAAHTv8fAAAADj/9fwAAADjUvnXrVnWoNN9/PX93c2O5ePfyfL60nF3ZmMvOFdfXsovF4mLtmX0r+/2/QrG49qVY3bifK+dL5Vxpc+vOSnFjtXxn6bVXYAMAAAA9dPqzj/6aRMT2l4dqQ9WxficF9MTgmyz8j4PLA+i9gX4nAPTNrv3/Gx0QAB9nmX4nAPRdEhG/3mN+25t3/nQw+QAAAN03/unW1/+Tfc8NbKc9ShE4IM7/wdH1Ea//D3c7D6D3XO6HoysTA9F5R37oQHMB+iPZZ/7bX/+vVN4oIQAAoOtGakOSZiNq5wFGIk2z2YhTtdcCZJKFpUJ+MiI+ERF/Gc0cr9anamsm+/YZAAAAAAAAAAAAAAAAAAAAAAAAAIC6SiWJCgAAAHCoRaT/Shrv/xofvTiy8/zAseTZaG0cEfd+dfsX92fL5fWp6vT/vZhe/mVj+pV+nMEAAAAAdmr205v9eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADopqdPHsw1h17G/c9XI2KsVfzBOFEbn4hMRAz/P4nBV9ZLImKgC/G3H0bE177XIn5STSvGGlm0ij/UrfhnWrV/7/hpRJzsQnw4yh5Vtz83W/3+0jhfG+/8/R1/se5gF+K33/6lL7Z/A222P6c6jHH28e9zbeM/jDg72Hr704yftIl/ocP43//u1la7eZXfRIy33P8kr8XKlVfWcqXNrctLK7OL+cX86vT01LWZ6zNXZyZzC0uFfONvyxg//cwfnu/V/uE28cf2af/FDtv/weP7Tz5ZL2ZaxZ+40Pr7P9MmftrY932+Ua7OH2+Wt+vlV5373Z/P7dX++Tbt3+/7n+iw/Ze+/eO/d7goANADpc2t5dlCIb9+pAtv9WlUD4s6WzhthHkXmqyQXy/96N1I450sNH8Tz/qyXQIAALpvdx8YAAAAAAAAAAAAAAAAAAAA6LXuPDOs+UzsvZ+u17RdH+16FjIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQD99GAAA//+GWc+t")

15.817598725s ago: executing program 3 (id=1387):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x30dd3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

11.768916119s ago: executing program 4 (id=1398):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = io_uring_setup(0x36a3, &(0x7f0000000340))
close(r2)
clock_nanosleep(0x2, 0x0, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)

11.767931149s ago: executing program 3 (id=1400):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = openat$zero(0xffffffffffffff9c, 0x0, 0x480304, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b70800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x4ace457a, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000000001000004000000000000000002"], &(0x7f0000000240)=""/199, 0x3e, 0xc7, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xb6, 0x0)
timerfd_gettime(0xffffffffffffffff, &(0x7f0000000000))
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r8}, 0x10)
r9 = creat(&(0x7f00000000c0)='./file0\x00', 0x8b)
close(r9)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0x400003, &(0x7f0000000200)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@noblock_validity}, {@usrquota}, {@resgid}, {@nogrpid}, {@errors_remount}, {@noinit_itable}, {@dioread_lock}, {@journal_dev={'journal_dev', 0x3d, 0x4}, 0x32}]}, 0x1b, 0x4f5, &(0x7f0000000340)="$eJzs3V1rHGsdAPD/TLJtk6YmRS9qwVpsJSna3aSxbfCiVhG9Kqj12hqTTQjZZEN20zahaIofQBBRQRC88kbwAwjSjyBCQe9FRRFtPRe9OKd72Le+JLvJ9nSz25P8fjCZ55mX/P/PLjszz8wwE8CRdT4iLkTE80qlcikiRhvT08Zws1rZri/39MmDueqQRKVy+79JRFKfVl1k4pX/ebK+SpyIiO98M+IHye64pc2t5dlCIb/eqOfKK2u50ubW5aWV2cX8Yn51enrq2sz1maszk11p50hE3Pj6P3/+k99+48Yfv3jvb3f+PfHDpDE94mU7uq3e9Ezts2gajIj1gwjWBzcb7cn0OxEAADrSPM7/XERcitEYqB3NAQAAAIdJ5Ssj8X4SUQEAAAAOrbR2D2ySZhv3AYxEmmaz9Xt4PxXDaaFYKn9hobixOl+/V3YsMunCUiE/2bhXeCwySbU+VSu/rF/ZUZ+OiNMR8bPRoVo9O1cszPf75AcAAAAcESd39P/fG633/wEAAIBDZqzfCQAAAAAHTv8fAAAADj/9fwAAADjUvnXrVnWoNN9/PX93c2O5ePfyfL60nF3ZmMvOFdfXsovF4mLtmX0r+/2/QrG49qVY3bifK+dL5Vxpc+vOSnFjtXxn6bVXYAMAAAA9dPqzj/6aRMT2l4dqQ9WxficF9MTgmyz8j4PLA+i9gX4nAPTNrv3/Gx0QAB9nmX4nAPRdEhG/3mN+25t3/nQw+QAAAN03/unW1/+Tfc8NbKc9ShE4IM7/wdH1Ea//D3c7D6D3XO6HoysTA9F5R37oQHMB+iPZZ/7bX/+vVN4oIQAAoOtGakOSZiNq5wFGIk2z2YhTtdcCZJKFpUJ+MiI+ERF/Gc0cr9anamsm+/YZAAAAAAAAAAAAAAAAAAAAAAAAAIC6SiWJCgAAAHCoRaT/Shrv/xofvTiy8/zAseTZaG0cEfd+dfsX92fL5fWp6vT/vZhe/mVj+pV+nMEAAAAAdmr205v9eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADopqdPHsw1h17G/c9XI2KsVfzBOFEbn4hMRAz/P4nBV9ZLImKgC/G3H0bE177XIn5STSvGGlm0ij/UrfhnWrV/7/hpRJzsQnw4yh5Vtz83W/3+0jhfG+/8/R1/se5gF+K33/6lL7Z/A222P6c6jHH28e9zbeM/jDg72Hr704yftIl/ocP43//u1la7eZXfRIy33P8kr8XKlVfWcqXNrctLK7OL+cX86vT01LWZ6zNXZyZzC0uFfONvyxg//cwfnu/V/uE28cf2af/FDtv/weP7Tz5ZL2ZaxZ+40Pr7P9MmftrY932+Ua7OH2+Wt+vlV5373Z/P7dX++Tbt3+/7n+iw/Ze+/eO/d7goANADpc2t5dlCIb9+pAtv9WlUD4s6WzhthHkXmqyQXy/96N1I450sNH8Tz/qyXQIAALpvdx8YAAAAAAAAAAAAAAAAAAAA6LXuPDOs+UzsvZ+u17RdH+16FjIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQD99GAAA//+GWc+t")

11.763655448s ago: executing program 4 (id=1401):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000280)="db", 0x1}], 0x1}, 0x41)
recvmsg(r0, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x40012002)
sendmsg$inet(r1, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000180)}, 0x1)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r2}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)

8.835117837s ago: executing program 1 (id=1402):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x6, 0x4, 0x9, 0x8, 0x0, 0xffffffffffffffff, 0xfffffffe, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="190000000400000004000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000002c7b0af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
kcmp(0x0, 0xffffffffffffffff, 0x5, r0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
r4 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r4, 0x0)
lseek(r4, 0x5, 0x1)
close(0xffffffffffffffff)

8.813333106s ago: executing program 1 (id=1404):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000002c7b0af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
kcmp(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
r3 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r3, 0x0)
lseek(r3, 0x5, 0x1)
close(0xffffffffffffffff)

8.793996796s ago: executing program 1 (id=1405):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = openat$zero(0xffffffffffffff9c, 0x0, 0x480304, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b70800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x4ace457a, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000000001000004000000000000000002"], &(0x7f0000000240)=""/199, 0x3e, 0xc7, 0x1, 0x0, 0x0, @void, @value}, 0x28)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xb6, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0x400003, &(0x7f0000000200)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@noblock_validity}, {@usrquota}, {@resgid}, {@nogrpid}, {@errors_remount}, {@noinit_itable}, {@dioread_lock}, {@journal_dev={'journal_dev', 0x3d, 0x4}, 0x32}]}, 0x1b, 0x4f5, &(0x7f0000000340)="$eJzs3V1rHGsdAPD/TLJtk6YmRS9qwVpsJSna3aSxbfCiVhG9Kqj12hqTTQjZZEN20zahaIofQBBRQRC88kbwAwjSjyBCQe9FRRFtPRe9OKd72Le+JLvJ9nSz25P8fjCZ55mX/P/PLjszz8wwE8CRdT4iLkTE80qlcikiRhvT08Zws1rZri/39MmDueqQRKVy+79JRFKfVl1k4pX/ebK+SpyIiO98M+IHye64pc2t5dlCIb/eqOfKK2u50ubW5aWV2cX8Yn51enrq2sz1maszk11p50hE3Pj6P3/+k99+48Yfv3jvb3f+PfHDpDE94mU7uq3e9Ezts2gajIj1gwjWBzcb7cn0OxEAADrSPM7/XERcitEYqB3NAQAAAIdJ5Ssj8X4SUQEAAAAOrbR2D2ySZhv3AYxEmmaz9Xt4PxXDaaFYKn9hobixOl+/V3YsMunCUiE/2bhXeCwySbU+VSu/rF/ZUZ+OiNMR8bPRoVo9O1cszPf75AcAAAAcESd39P/fG633/wEAAIBDZqzfCQAAAAAHTv8fAAAADj/9fwAAADjUvnXrVnWoNN9/PX93c2O5ePfyfL60nF3ZmMvOFdfXsovF4mLtmX0r+/2/QrG49qVY3bifK+dL5Vxpc+vOSnFjtXxn6bVXYAMAAAA9dPqzj/6aRMT2l4dqQ9WxficF9MTgmyz8j4PLA+i9gX4nAPTNrv3/Gx0QAB9nmX4nAPRdEhG/3mN+25t3/nQw+QAAAN03/unW1/+Tfc8NbKc9ShE4IM7/wdH1Ea//D3c7D6D3XO6HoysTA9F5R37oQHMB+iPZZ/7bX/+vVN4oIQAAoOtGakOSZiNq5wFGIk2z2YhTtdcCZJKFpUJ+MiI+ERF/Gc0cr9anamsm+/YZAAAAAAAAAAAAAAAAAAAAAAAAAIC6SiWJCgAAAHCoRaT/Shrv/xofvTiy8/zAseTZaG0cEfd+dfsX92fL5fWp6vT/vZhe/mVj+pV+nMEAAAAAdmr205v9eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADopqdPHsw1h17G/c9XI2KsVfzBOFEbn4hMRAz/P4nBV9ZLImKgC/G3H0bE177XIn5STSvGGlm0ij/UrfhnWrV/7/hpRJzsQnw4yh5Vtz83W/3+0jhfG+/8/R1/se5gF+K33/6lL7Z/A222P6c6jHH28e9zbeM/jDg72Hr704yftIl/ocP43//u1la7eZXfRIy33P8kr8XKlVfWcqXNrctLK7OL+cX86vT01LWZ6zNXZyZzC0uFfONvyxg//cwfnu/V/uE28cf2af/FDtv/weP7Tz5ZL2ZaxZ+40Pr7P9MmftrY932+Ua7OH2+Wt+vlV5373Z/P7dX++Tbt3+/7n+iw/Ze+/eO/d7goANADpc2t5dlCIb9+pAtv9WlUD4s6WzhthHkXmqyQXy/96N1I450sNH8Tz/qyXQIAALpvdx8YAAAAAAAAAAAAAAAAAAAA6LXuPDOs+UzsvZ+u17RdH+16FjIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQD99GAAA//+GWc+t")

5.424739202s ago: executing program 9 (id=1408):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000012c0)=ANY=[@ANYBLOB="b0"], 0xb0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r5}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

5.424038432s ago: executing program 3 (id=1409):
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004cb], 0x0, 0x200})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

5.423219583s ago: executing program 1 (id=1410):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x83})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240))
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
openat$rtc(0xffffffffffffff9c, &(0x7f0000000280), 0x20000, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x20c006, &(0x7f0000000200)={[{@i_version}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@data_err_abort}], [{@seclabel}]}, 0x1, 0x43d, &(0x7f0000000900)="$eJzs281vG0UbAPBn7SR9+/FSU5WPpgUCBRHxkTRpKT1wAYHEASQkOJRjSNIq1G1QEyRaRRAQKkdUiTviiMRfwAkuCDghcYU7qlShXFrgYrTZ3cR27LQOTlzw7ydtMrM7zszj3bFnZ7IB9K2R9EcSsS8ifomI/Vm2scBI9uvmytL0HytL00nUaq//nqyWu7GyNF0ULV63t8gMRJQ+TuJwi3oXLl0+N1Wtzl7M8+OL598ZX7h0+em581NnZ8/OXpg8derE8YlnT04+05U407huDL8/f+TQy29efXX69NW3fvgqKeJviqNLRjY7+Fit1uXqeuv/delkoIcNoSPlrJvG4Gr/3x/lWD95++Olj3raOGBb1Wq12r3tDy/XgP+wJHrdAqA3ii/69P632HZo6HFHuP58dgOUxn0z37IjA1HKyww23d9200hEnF7+8/N0i+2ZhwAAaPBNOv55Kh//NSz8lKJ+XuiufA2lEhF3R8SBiDgZEQcj4p6I1bL3RcT9HdbfvEiycfxTutbhn+xIOv57Ll/bahz/FaO/qJQj/iqGy5UYTM7MVWeP5e/JaAzuSvMTm9Tx7Ys/f9ruWP34L93S+ouxYN6OawO7Gl8zM7U49U9irnf9w4jhgVbxJ2srAellcSgihrdYx9wTXx5pd+zW8Tcaqs90YZ2p9kXE49n5X46m+AvJ5uuT4/+L6uyx8eKq2OjHn6681q7+TuPvtvT872l5/a/FX0nq12sXOq/jyq+ftL2n2er1P5S80bDvvanFxYsTEUPJK1mj6/dPNpWbXC+fxj96tHX/PxDr78ThiEgv4gci4sGIeChv+8MR8UhEHN0k/u9fePTtxj1JB/FvrzT+mY7O/3piKJr3tE6Uz333dUOllegg/vT8n1hNjeZ7bufz73batbWrGQAAAP59ShGxL5LS2Fq6VBoby/6H/2DsKVXnFxafPDP/7oWZ7BmBSgyWipmubD44mw+dyG/ri/xkU/54Pm/8WXn3an5ser460+vgoc/tbdP/U7+Ve906YNt5Xgv6l/4P/Uv/h/6l/0P/atH/d/eiHcDOa/X9/0EP2gHsvKb+b9kP+oj7f+hf+j/0L/0f+tLC7rj1Q/ISEhsSUbojmiGxTYlefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0x98BAAD///1B6is=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
timerfd_create(0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000700)={[{@grpquota}, {@noload}, {@resuid}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x2}}, {@resgid}, {@usrquota}, {@data_err_abort}, {@errors_remount}]}, 0x0, 0x5e5, &(0x7f00000007c0)="$eJzs3c9vFFUcAPDvbLelpWgLMSoepIkxkCgtLWCI8QBXQxr8ES9erLQgUqChNVo0oSR4MTFejDHx5EH8L5TIlZOePHjxZEiIGo4mrtntTOm2s/3dncp8PsnSmXk7vO90++17+/rebAClNVD/pxKxPyKmkoi+ZG6hrBpp4cD88x78/cnZ+iOJWu2NP5NI0mPZ85P0a296cndE/PxTEvs6ltc7PXvt4tjk5MTVdH9o5tLU0PTstcMXLo2dnzg/cXnkpZETx48dPzF8ZEPXdT3n2Omb73/Y99no2999808y/P1vo0mcjFfTJy6+jq0yEAON70myvKj3xFZXVpCO9Odk8UucVAsMiHXJXr/OiHgq+qIjHr54ffHpa4UGB2yrWhJRA0oqkf9QUlk/IHtvv/R9cKWQXgnQDvdPzQ8ALM//6vzYYHQ3xgZ2P0hi8bBOEhEbG5lrtici7t4ZvXnuzujN2KZxOCDf3I2IeDov/5NG/vdHd/Q38r/SlP/1fsGZ9Gv9+OsbrH/pULH8h/aZz//uFfM/WuT/O4vy/90N1j/wcPO9nqb879noJQEAAAAAAEBp3T4VES/m/f2/sjD/J3Lm//RGxMktqH9gyf7yv/9X7m1BNUCO+6ciXsmd/1vJZv/2d6RbjzXmA3Qm5y5MThyJiMcj4lB07qrvD69Qx+HP933dqmwgnf+XPer1303nAqZx3Kvuaj5nfGxmbLPXDUTcvxHxTO7832Sh/U9y2v/674OpNdax7/lbZ1qVrZ7/wHapfRtxMLf9f3jXimTl+3MMNfoDQ1mvYLlnP/7ih1b1bzT/3WICNq/e/u9eOf/7k8X365lefx1HZ6u1VmUb7f93JW82bjnTlR77aGxm5upwRFdyuqN+tOn4yPpjhkdRlg9ZvtTz/9BzK4//5fX/eyJibsn/nfzVvKY48+S/vb+3ikf/H4pTz//xdbX/698YudX/Y6v619b+H2u09YfSI8b/YN5XWZp2NR/PScdqXlG74wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAR0ElIvZEUhlc2K5UBgcjeiPiidhdmbwyPfPCuSsfXB6vlzU+/7+SfdJv3/x+kn3+f/+i/ZEl+0cjYm9EfNnR09gfPHtlcrzoiwcAAAAAAAAAAAAAAAAAAIAdorfF+v+6PzqKjg7YdtWiAwAKk5P/vxQRB9B+2n8or2rsWtPzurY9EqDdtP9QXvIfymut+Z9scxxA+2n/obzkP5SX/AcAAAAAgEfK3gO3f00iYu7lnsYjFk3z7yw0MmC7VYoOACiMW/xAeZn6A+XlPT6w2tK+7pYnbWZR4NTZTZwMAAAAAAAAAAAAAKVzcL/1/1BW1v9DeVn/D+WVrf8/UHAcQPt5jw/EKiv5c9f/r3oWAAAAAAAAAAAAALCVpmevXRybnJy4auOtnRFGOzdqtdr1+k/BTonnf76RTYXfKfEs2cjW+q3trOJ+JwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM3+CwAA//8uVSTT")
r6 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=ANY=[@ANYBLOB="140000ffff000000040000000600000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r6, &(0x7f0000000280), &(0x7f0000000a80)=@udp6}, 0x20)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})

5.423042532s ago: executing program 4 (id=1411):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = io_uring_setup(0x36a3, &(0x7f0000000340))
close(r2)
clock_nanosleep(0x2, 0x0, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)

5.411706222s ago: executing program 4 (id=1412):
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000040), 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
read(r1, &(0x7f0000000080)=""/155, 0x9b)
write$binfmt_script(r0, &(0x7f00000036c0)={'#! ', './file0'}, 0xb)
r2 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
mprotect(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x14cb84fb0918cdfe)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000540)={0x50, 0x0, &(0x7f00000004c0)=[@increfs={0x40046304, 0x2}, @exit_looper, @reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000380)={@ptr={0x70742a85, 0x0, &(0x7f0000000180)=""/70, 0x46, 0x2, 0x8}, @ptr={0x70742a85, 0x0, &(0x7f0000000200)=""/254, 0xfe, 0x0, 0xa}, @ptr={0x70742a85, 0x0, &(0x7f0000000300)=""/96, 0x60, 0x0, 0x14}}, &(0x7f0000000400)={0x0, 0x28, 0x50}}}], 0x0, 0x0, 0x0})
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x2880, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r3, 0x400448dd, &(0x7f0000000100))
r5 = syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff034}]}, 0x10)
syz_usb_ep_write$ath9k_ep2(r5, 0x83, 0x8, &(0x7f0000000080)=ANY=[])
syz_usb_connect$printer(0x3, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201100100"], 0x0)
syz_usb_ep_write$ath9k_ep2(r5, 0x83, 0x8, &(0x7f00000000c0)=ANY=[])

5.392210482s ago: executing program 9 (id=1413):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = openat$zero(0xffffffffffffff9c, 0x0, 0x480304, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b70800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x4ace457a, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000000001000004000000000000000002"], &(0x7f0000000240)=""/199, 0x3e, 0xc7, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
timerfd_gettime(0xffffffffffffffff, &(0x7f0000000000))
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
close(0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0x400003, &(0x7f0000000200)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@noblock_validity}, {@usrquota}, {@resgid}, {@nogrpid}, {@errors_remount}, {@noinit_itable}, {@dioread_lock}, {@journal_dev={'journal_dev', 0x3d, 0x4}, 0x32}]}, 0x1b, 0x4f5, &(0x7f0000000340)="$eJzs3V1rHGsdAPD/TLJtk6YmRS9qwVpsJSna3aSxbfCiVhG9Kqj12hqTTQjZZEN20zahaIofQBBRQRC88kbwAwjSjyBCQe9FRRFtPRe9OKd72Le+JLvJ9nSz25P8fjCZ55mX/P/PLjszz8wwE8CRdT4iLkTE80qlcikiRhvT08Zws1rZri/39MmDueqQRKVy+79JRFKfVl1k4pX/ebK+SpyIiO98M+IHye64pc2t5dlCIb/eqOfKK2u50ubW5aWV2cX8Yn51enrq2sz1maszk11p50hE3Pj6P3/+k99+48Yfv3jvb3f+PfHDpDE94mU7uq3e9Ezts2gajIj1gwjWBzcb7cn0OxEAADrSPM7/XERcitEYqB3NAQAAAIdJ5Ssj8X4SUQEAAAAOrbR2D2ySZhv3AYxEmmaz9Xt4PxXDaaFYKn9hobixOl+/V3YsMunCUiE/2bhXeCwySbU+VSu/rF/ZUZ+OiNMR8bPRoVo9O1cszPf75AcAAAAcESd39P/fG633/wEAAIBDZqzfCQAAAAAHTv8fAAAADj/9fwAAADjUvnXrVnWoNN9/PX93c2O5ePfyfL60nF3ZmMvOFdfXsovF4mLtmX0r+/2/QrG49qVY3bifK+dL5Vxpc+vOSnFjtXxn6bVXYAMAAAA9dPqzj/6aRMT2l4dqQ9WxficF9MTgmyz8j4PLA+i9gX4nAPTNrv3/Gx0QAB9nmX4nAPRdEhG/3mN+25t3/nQw+QAAAN03/unW1/+Tfc8NbKc9ShE4IM7/wdH1Ea//D3c7D6D3XO6HoysTA9F5R37oQHMB+iPZZ/7bX/+vVN4oIQAAoOtGakOSZiNq5wFGIk2z2YhTtdcCZJKFpUJ+MiI+ERF/Gc0cr9anamsm+/YZAAAAAAAAAAAAAAAAAAAAAAAAAIC6SiWJCgAAAHCoRaT/Shrv/xofvTiy8/zAseTZaG0cEfd+dfsX92fL5fWp6vT/vZhe/mVj+pV+nMEAAAAAdmr205v9eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADopqdPHsw1h17G/c9XI2KsVfzBOFEbn4hMRAz/P4nBV9ZLImKgC/G3H0bE177XIn5STSvGGlm0ij/UrfhnWrV/7/hpRJzsQnw4yh5Vtz83W/3+0jhfG+/8/R1/se5gF+K33/6lL7Z/A222P6c6jHH28e9zbeM/jDg72Hr704yftIl/ocP43//u1la7eZXfRIy33P8kr8XKlVfWcqXNrctLK7OL+cX86vT01LWZ6zNXZyZzC0uFfONvyxg//cwfnu/V/uE28cf2af/FDtv/weP7Tz5ZL2ZaxZ+40Pr7P9MmftrY932+Ua7OH2+Wt+vlV5373Z/P7dX++Tbt3+/7n+iw/Ze+/eO/d7goANADpc2t5dlCIb9+pAtv9WlUD4s6WzhthHkXmqyQXy/96N1I450sNH8Tz/qyXQIAALpvdx8YAAAAAAAAAAAAAAAAAAAA6LXuPDOs+UzsvZ+u17RdH+16FjIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQD99GAAA//+GWc+t")

4.615498619s ago: executing program 2 (id=1416):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x83})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240))
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
openat$rtc(0xffffffffffffff9c, &(0x7f0000000280), 0x20000, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x20c006, &(0x7f0000000200)={[{@i_version}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@data_err_abort}], [{@seclabel}]}, 0x1, 0x43d, &(0x7f0000000900)="$eJzs281vG0UbAPBn7SR9+/FSU5WPpgUCBRHxkTRpKT1wAYHEASQkOJRjSNIq1G1QEyRaRRAQKkdUiTviiMRfwAkuCDghcYU7qlShXFrgYrTZ3cR27LQOTlzw7ydtMrM7zszj3bFnZ7IB9K2R9EcSsS8ifomI/Vm2scBI9uvmytL0HytL00nUaq//nqyWu7GyNF0ULV63t8gMRJQ+TuJwi3oXLl0+N1Wtzl7M8+OL598ZX7h0+em581NnZ8/OXpg8derE8YlnT04+05U407huDL8/f+TQy29efXX69NW3fvgqKeJviqNLRjY7+Fit1uXqeuv/delkoIcNoSPlrJvG4Gr/3x/lWD95++Olj3raOGBb1Wq12r3tDy/XgP+wJHrdAqA3ii/69P632HZo6HFHuP58dgOUxn0z37IjA1HKyww23d9200hEnF7+8/N0i+2ZhwAAaPBNOv55Kh//NSz8lKJ+XuiufA2lEhF3R8SBiDgZEQcj4p6I1bL3RcT9HdbfvEiycfxTutbhn+xIOv57Ll/bahz/FaO/qJQj/iqGy5UYTM7MVWeP5e/JaAzuSvMTm9Tx7Ys/f9ruWP34L93S+ouxYN6OawO7Gl8zM7U49U9irnf9w4jhgVbxJ2srAellcSgihrdYx9wTXx5pd+zW8Tcaqs90YZ2p9kXE49n5X46m+AvJ5uuT4/+L6uyx8eKq2OjHn6681q7+TuPvtvT872l5/a/FX0nq12sXOq/jyq+ftL2n2er1P5S80bDvvanFxYsTEUPJK1mj6/dPNpWbXC+fxj96tHX/PxDr78ThiEgv4gci4sGIeChv+8MR8UhEHN0k/u9fePTtxj1JB/FvrzT+mY7O/3piKJr3tE6Uz333dUOllegg/vT8n1hNjeZ7bufz73batbWrGQAAAP59ShGxL5LS2Fq6VBoby/6H/2DsKVXnFxafPDP/7oWZ7BmBSgyWipmubD44mw+dyG/ri/xkU/54Pm/8WXn3an5ser460+vgoc/tbdP/U7+Ve906YNt5Xgv6l/4P/Uv/h/6l/0P/atH/d/eiHcDOa/X9/0EP2gHsvKb+b9kP+oj7f+hf+j/0L/0f+tLC7rj1Q/ISEhsSUbojmiGxTYlefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0x98BAAD///1B6is=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
timerfd_create(0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000700)={[{@grpquota}, {@noload}, {@resuid}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x2}}, {@resgid}, {@usrquota}, {@data_err_abort}, {@errors_remount}]}, 0x0, 0x5e5, &(0x7f00000007c0)="$eJzs3c9vFFUcAPDvbLelpWgLMSoepIkxkCgtLWCI8QBXQxr8ES9erLQgUqChNVo0oSR4MTFejDHx5EH8L5TIlZOePHjxZEiIGo4mrtntTOm2s/3dncp8PsnSmXk7vO90++17+/rebAClNVD/pxKxPyKmkoi+ZG6hrBpp4cD88x78/cnZ+iOJWu2NP5NI0mPZ85P0a296cndE/PxTEvs6ltc7PXvt4tjk5MTVdH9o5tLU0PTstcMXLo2dnzg/cXnkpZETx48dPzF8ZEPXdT3n2Omb73/Y99no2999808y/P1vo0mcjFfTJy6+jq0yEAON70myvKj3xFZXVpCO9Odk8UucVAsMiHXJXr/OiHgq+qIjHr54ffHpa4UGB2yrWhJRA0oqkf9QUlk/IHtvv/R9cKWQXgnQDvdPzQ8ALM//6vzYYHQ3xgZ2P0hi8bBOEhEbG5lrtici7t4ZvXnuzujN2KZxOCDf3I2IeDov/5NG/vdHd/Q38r/SlP/1fsGZ9Gv9+OsbrH/pULH8h/aZz//uFfM/WuT/O4vy/90N1j/wcPO9nqb879noJQEAAAAAAEBp3T4VES/m/f2/sjD/J3Lm//RGxMktqH9gyf7yv/9X7m1BNUCO+6ciXsmd/1vJZv/2d6RbjzXmA3Qm5y5MThyJiMcj4lB07qrvD69Qx+HP933dqmwgnf+XPer1303nAqZx3Kvuaj5nfGxmbLPXDUTcvxHxTO7832Sh/U9y2v/674OpNdax7/lbZ1qVrZ7/wHapfRtxMLf9f3jXimTl+3MMNfoDQ1mvYLlnP/7ih1b1bzT/3WICNq/e/u9eOf/7k8X365lefx1HZ6u1VmUb7f93JW82bjnTlR77aGxm5upwRFdyuqN+tOn4yPpjhkdRlg9ZvtTz/9BzK4//5fX/eyJibsn/nfzVvKY48+S/vb+3ikf/H4pTz//xdbX/698YudX/Y6v619b+H2u09YfSI8b/YN5XWZp2NR/PScdqXlG74wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAR0ElIvZEUhlc2K5UBgcjeiPiidhdmbwyPfPCuSsfXB6vlzU+/7+SfdJv3/x+kn3+f/+i/ZEl+0cjYm9EfNnR09gfPHtlcrzoiwcAAAAAAAAAAAAAAAAAAIAdorfF+v+6PzqKjg7YdtWiAwAKk5P/vxQRB9B+2n8or2rsWtPzurY9EqDdtP9QXvIfymut+Z9scxxA+2n/obzkP5SX/AcAAAAAgEfK3gO3f00iYu7lnsYjFk3z7yw0MmC7VYoOACiMW/xAeZn6A+XlPT6w2tK+7pYnbWZR4NTZTZwMAAAAAAAAAAAAAKVzcL/1/1BW1v9DeVn/D+WVrf8/UHAcQPt5jw/EKiv5c9f/r3oWAAAAAAAAAAAAALCVpmevXRybnJy4auOtnRFGOzdqtdr1+k/BTonnf76RTYXfKfEs2cjW+q3trOJ+JwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM3+CwAA//8uVSTT")
r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=ANY=[@ANYBLOB="140000ffff000000040000000600000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r5, &(0x7f0000000280), &(0x7f0000000a80)=@udp6}, 0x20)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})

4.202244797s ago: executing program 1 (id=1417):
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000040), 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
read(r1, &(0x7f0000000080)=""/155, 0x9b)
write$binfmt_script(r0, &(0x7f00000036c0)={'#! ', './file0'}, 0xb)
r2 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
mprotect(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x14cb84fb0918cdfe)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x2)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000540)={0x50, 0x0, &(0x7f00000004c0)=[@increfs={0x40046304, 0x2}, @exit_looper, @reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000380)={@ptr={0x70742a85, 0x0, &(0x7f0000000180)=""/70, 0x46, 0x2, 0x8}, @ptr={0x70742a85, 0x0, &(0x7f0000000200)=""/254, 0xfe, 0x0, 0xa}, @ptr={0x70742a85, 0x0, &(0x7f0000000300)=""/96, 0x60, 0x0, 0x14}}, &(0x7f0000000400)={0x0, 0x28, 0x50}}}], 0x2b, 0x0, &(0x7f0000000440)="7baf69d829ab644989dfd779f04f85ac91c8015ff885b60ed928064d13520f904f177a5301f4fd3c04d120"})
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x2880, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r3, 0x400448dd, &(0x7f0000000100))
r5 = syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x0, &(0x7f00000000c0)}, 0x10)
syz_usb_ep_write$ath9k_ep2(r5, 0x83, 0x8, &(0x7f0000000080)=ANY=[])
syz_usb_connect$printer(0x3, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201100100"], 0x0)
syz_usb_ep_write$ath9k_ep2(r5, 0x83, 0x8, &(0x7f00000000c0)=ANY=[])

4.201437337s ago: executing program 3 (id=1418):
chdir(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x80001, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
io_submit(0x0, 0x1, &(0x7f0000001d00)=[&(0x7f0000001a80)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}])
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00"/13], 0x48)
socket$inet6(0x10, 0x3, 0x0)
syz_mount_image$exfat(&(0x7f0000006c00), &(0x7f0000001b40)='./file0\x00', 0x208008de, &(0x7f0000001b80)=ANY=[@ANYBLOB='utf8,errors=continue,namecase=1,utf8,gid=', @ANYRESHEX=0x0, @ANYBLOB=',umask=000+0000000000000000077,umask=00000000000000000005676,uid=', @ANYRESHEX=0x0, @ANYBLOB=',gid=', @ANYRESHEX=0x0, @ANYBLOB="2c000ca8768ddddc191573cbd33da79641936c9de64e264f331d1b50f4c4f54702f51dcbddb39c14c19175f07a639bb65ea608fbf6fadf5d8da30ace1281bed3e61b084526e10dbe921dad84fbcabc5791f52445cb76b789ed377aa0cd17309c4df04d525e8af05fb246b33836d90656cd2daa991b916be40df3bd607ae5672e1bb90730d0ff03000000000000c5f0cf287ea707c1fc66165f74e7d8a78c37a4b86907cec1df06da3611f616718d88770a2520ceb039bc06ef4d1183"], 0x1, 0x1503, &(0x7f0000000580)="$eJzs3AuYj1XXMPC99t43Y5L+TXIY9trr5p8G2yRJDgk5JEmSJDklJCZJEhJDTklDEnKcJIchJIdpTBrn8yHnpMkjTZKE5BT2d+np/Tzv0/O+fe9X3+e93lm/69qXvdz/tf7rnjXX3Pf9v66Z73uOqtu8Xq2mRCT+FPj7P8lCiBghxDAhxA1CiEAIUTGuYtyV4/kUJP+5N2F/rUfTrnUH7Fri+eduPP/cjeefu/H8czeef+7G88/deP65G8+fsdxs+5yiN/LKvYs//8/N+Pr/P0hOuclfbyx3c6//QgrPP3fj+eduPP/cjeefu/H8czee//98Nf+TYzz/3I3nz1hudq0/f+Z1bde1/v5jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZY7nPNXaSHEv+2vdV+MMcYYY4wxxhj76/i817oDxhhjjDHGGGOM/b8HQgoltAhEHpFXxIh8IlZcJ/KL60UBcYOIiBtFnLhJFBQ3i0KisCgiiop4UUwUF0agsIJEKEqIkiIqbhGlxK0iQZQWZURZ4UQ5kShuE+XF7aKCuENUFHeKSuIuUVlUEVVFNXG3qC7uETVETVFL3Ctqizqirqgn7hP1xf2igXhANBQPikbiIdFYPCyaiEdEU/GoaCYeE83F46KFeEK0FK1Ea9FGtP2/yn9Z9BWviH6iv0gWA8RA8aoYJAaLIWKoGCZeE8PF62KEeEOkiJFilHhTjBZviTHibTFWjBPjxTtigpgoJonJYoqYKlLFu2KaeE9MF++LGWKmmCVmizQxR8wVH4h5Yr5YID4UC8VHYpFYLJaIpSJdfCwyxDKRKT4Ry8WnIkusECvFKrFarBFrxTqxXmwQG8UmsVlsEVvFNrFdfCZ2iJ1il9gt9oi9Yp/4XOwXX4gD4kuRLb76L+af/af8XiBAgAQJGjTkgTwQAzEQC7GQH/JDASgAEYhAHMRBQSgIhaAQFIEiEA/xUByKAwICAUEJKAFRiEIpKAUJkABloAw4cJAIiVAebocKUAEqQkWoBJWgMlSBKlANqkF1qA41oAbUglpQG2pDXagL98F9cD80gAbQEBpCI2gEjaExNIEm0BSaQjNoBs2hObSAFtASWkJraA1toS20g3bQHtpDR+gInaATdIbOkARJ0BW6QjfoBt2hO/SAHtATekIv6A294WV4GV6BV6A/1JYDYCAMhEEwCIbAUBgKr8FweB1ehzcgBUbCKHgT3oS3YAycgbEwDsbDeKguJ8IkmAwkp0IqpMI0mAbTYTrMgJkwE2ZDGsyBuTAX5sF8mA8fwkL4CD6CxbAYlkI6pEMGLINMyITlcBayYAWshFWwGtbAalgH62EdbIRNsBG2wBbYBtvgM/gMdsJO2A27YS/shc/hc/gCvoAUyIZsOAgH4RAcgsNwGHIgB47AETgKR+EYHIPjcBxOwEk4BSfhNJyGM3AWzsE5uAAX4CK8GP9ts72lN6QIeYWWWuaReWSMjJGxMlbml/llAVlARmRExsk4WVAWlIVkIVlEFpHxMl4Wl8UlSpQkQ1lClogRQshSspRMkAmyjCwjnXQyUSbK8rK8rCAryIryTllJ3iUryyqyg6smq8nqsqOrIWvKWrKWrC3ryLqynqwn68v6soFsIBvKhrKRbCQby4dlEzkAhsCj8spkmsuR0EKOgpaylWwt28i34EnZTo6B9rKD7CifluNgLHSW7VySfFZ2lZOgm3xeToYXZA85FXrKl2Qv2Vv2kS/LvrK96yf7yxkwQA6Us2GQHCyHyKFyHtSRVyZWV74hU+RIOUq+KZfCW3KMfFuOlePkePmOnCAnyklyspwip8pU+a6cJt+T0+X7coacKWfJ2TJNzpFz5QdynpwvF8gP5UL5kVwkF8slcqlMlx/LDLlMZspP5HL5qcySK+RKuUqulmvkWrlOrpcb5Ea5SW6WW+RWuU1ul5/JHXKn3CV3yz1yr9wnP5f75RfygPxSZsuv5EH5N3lIfi0Py29kjvxWHpHfyaPye3lM/iCPyx/lCXlSnpI/ydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaDyqLwqRuVTseo6lV9drwqoG1RE3aji1E2qoLpZFVKFVRFVVMWrYqq4MgqVVaRCVUKVVFF1iyqlblUJqrQqo8oqp8qpRHWbKq9uVxXUHaqiulNVUnepyqqKqqqqqbtVdXWPqqFqqlrqXlVb1VF1VT11n6qv7lcN1AOqoXpQNVIPqcbqYdVEPaKaqkdVM/WYaq4eVy3UE6qlaqVaqzaqrXpStVNPqfaqg+qonlad1DOqs+qiktSzqqt6TnVTz6vu6gXVQ72oeqqXVC/VW/VRl9Rl5VU/1V8lqwFqoHpVDVKD1RA1VA1Tr6nh6nU1Qr2hUtRINUq9qUart9QY9bYaq8ap8eodNUFNVJPUZDVFTVWp6l01Tb2npqv31Qw1U81Ss1WamqOG/FZpwT/lD/jtqvuP+e/9i/wRv777NrVdfaZ2qJ1ql9qt9qi9ap/ap/ar/eqAOqCyVbY6qA6qQ+qQOqwOqxyVo46oI+qoOqqOqWPquDquTqiT6rz6SZ1WP6sz6qw6q86rC+qCuvjb10Bo0FIrrXWg8+i8Okbn07H6Op1fX68L6Bt0RN+o4/RNuqC+WRfShXURXVTH62K6uDYatdWkQ11Cl9RRfYsupW/VCbq0LqPLaqfL6UR925/O/6P+2uq2up1up9vr9rqj7qg76U66s+6sk3SS7qq76m66m+6uu+seuofuqXvqXrqX7qP76L66r+6n++lknawH6lf1ID1YD9FD9TD9mh6uh+sReoRO0Sl6lB6lR+vReoweo8fqsXq8Hq8n6Al6kp6kp+gpOlWn6ml6mp6up+sZeoaepWfpNJ2m5+q5ep6epxfoBXqhXqgX6UV6iV6i03W6ztAZOlNn6uV6uc7SK/QKvUqv0mv0Gr1Or9Mb9Aa9SW/SW/QWnaW36+16h96hd+ldeo/eo/fpfXq/3q8P6AM6W2frg/qgPqQP6cP6sM7ROfqIPqKP6qP6mD424Lg+rk/oE/qUPqVP69P6jD6jz+lz+oK+oC/qi/qyvnzlti+QgQx0oIM8QZ4gJogJYoPYIH+QPygQFAgiQSSIC+KCgsHNQaGgcFAkKBrEB8WC4oEJMLABBWFQIigZRINbglLBrUFCUDooE5QNXFAuSAxuC8oHtwcVgjuCisGdQaXgrqByUCWoGlQL7g6qB/cENYKaQa3g3qB2UCeoG9QL7gvqB/cHDYIHgobBg0Gj4KGgcfBw0CR4JGgaPBo0Cx4LmgePBy2CJ4KWQaugddAmaPuX1vf+TOGnXD/T3ySbAWagedUMMoPNEDPUDDOvmeHmdTPCvGFSzEgzyrxpRpu3zBjzthlrxpnx5h0zwUw0k8xkM8VMNanmXTPNvGemm/fNDDPTzDKzTZqZY+aaD8w8M98sMB+aheYjs8gsNkvMUpNuPjYZZpnJNJ+Y5eZTk2VWmJVmlVlt1py/UQiz3mwwG80ms9lsMVvNNrPdfGZ2mJ1ml9lt9pi9Zp/53Ow3X5gD5kuTbb4yB83fzCHztTlsvjE55ltzxHxnjprvzTHzgzlufjQnzElzyvxkTpufzRlz1pwz580F84u5aC6Zy8Zfubm/cnlHjRrzYB6MwRiMxVjMj/mxABbACEYwDuOwIBbEQlgIi2ARjMd4LI7F8QpCwhJYAqMYxVJYChMwActgGXToMBETsTyWxwpYAStiRayElbAyVsaqWBXvxrvxHrwHa2JNvBfvxTpYB+thPayP9bEBNsCG2BAbYSNsjI2xCTbBptgUm2EzbI7NsQW2wJbYEltja2yLbbEdtsP22B47YkfshJ2wM3bGJEzCrtgVu2E37I7dsQf2wJ7YE3thL+yDfbAv9sV+2A+TMRkH4kAchINwCA7BYTgMh+NwHIEjMAVTcBSOwtE4GsfgGByL43A8voMTcCJOwsk4BadiKqbiNJyG03E6zsAZOAtnYRqm4Vyci/NwHi7ABbgQF+IiXIRLcAmmYzpmYAZmYiYux+WYhVm4ElfialyNa3Etrsf1uBE34mbcjFtxK27H7bgDd+Au3IV7cA/uw324H/fjATyA2ZiNB/EgHsJDeBgPYw7m4BE8gkfxKB7DY3gcj+MJPIGn8BSextN4Bs/gOTyHF/AXvIiX8DJ6jLFSxNrrbH57vS1gb7AxNp/9x7iILWrjbTFb3BpbyBb+dzFaaxNsaVvGlrXOlrOJ9rbfxZVtFVvVVrN32+r2Hlvjd3F9e79tYB+wDe2Dtp6977c4769xI/uQbWwft03sE7apbWWb2Ta2uX3ctrBP2Ja2lW1t29hO9hnb2XaxSfZZ29U+97s4wy6z6+0Gu9FusvvtF/acPW+P2u/tBfuL7Wf722H2NTvcvm5H2Ddsih35u3i8fcdOsBPtJDvZTrFTfxfPsrNtmp1j59oP7Dw7/3dxuv3YLrSZdpFdbJfYpb/GV3rKtJ/Y5fZTm2VX2JV2lV1t19i1dt3/7nWV3WK32m12n/3c7rA77S672+6xe3+Nr5zHAfulzbZf2SP2O3vIfm0P22M2x377a3zl/I7ZH+xx+6M9YU/aU/Yne9r+bM/Ys7+e/5Vz/8lespett4KAJCnSFFAeyksxlI9i6TrKT9dTAbqBInQjxdFNVJBupkJUmIpQUYqnYlScDCFZIgqpBJWkKN1CpehWSqDSVIbKkqNylEi3UXm6nSrQHVSR7qRKdBdVpipUlarR3VSd7qEaVJNq0b1Um+pQXapH91F9up8a0APUkB6kRvQQNaaHqQk9Qk3pUWpGj1Fzepxa0BPUklpRa2pDbelJakdPUXvqQB3paepEz1Bn6kJJ9Cx1peeoGz1P3ekF6kEvUk96iXpRb+pDL1NfeoX6UX9KpgE0kF6lQTSYhtBQGkav0XB6nUbQG5RCI2kUvUmj6S0aQ2/TWBpH4+kdmkATaRJNpik0lVLpXTqb3qXIlXu9GTSTZtFsSqM5NJc+oHk0nxbQh7SQPqJFtJiW0FJKp48pg5ZRJn1Cy+lTyqIVtJJW0WpaQ2tpHa2nDbSRNtFm2kJbaRttp89oB+2kXbSb9tBe2kef0376gg7Ql5RNX9FB+hsdoq/pMH1DOfQtHaHv6Ch9T8foBzpOP9IJOkmn6Cc6TT/TGTpL5+g8XaBf6CJdosvkSYQQylCFOgzCPGHeMCbMF8aG14X5w+vDAuENYSS8MYwLbwoLhjeHhcLCYZGwaBgfFguLhybE0IYUhmGJsGQYDW8JS4W3hglh6bBMWDZ0YbkwMbwtLB/eHlYI7wgrhneGlcK7wsphlfDxB6uFd4fVw3vCGmHNsFZ4b1g7rBPWDeuF94X1w/vDBuEDYcPwwbBC+FDYOHw4bBI+EjYNHw2bhY+FzcPHwxbhE2HLsFXYOmwTtg2fDNuFT4Xtww5hx/DpsFP4TNg57BImhc+GXcPn/vB4cjggHBi+Gr4aev+AWhJdGk2PfhzNiC6LZkY/iS6PfhrNiq6Iroyuiq6Oromuja6Lro9uiG6Mbopujm6Jbo1ui3pfL69w4KRTTrvA5XF5XYzL52LddS6/u94VcDe4iLvRxbmbXEF3syvkCrsirqiLd8VccWccOuvIha6EK+mi7hZXyt3qElxpV8aVdc6Vc4mujWvr2rp27inX3nVwHd3T7mn3jHvGdXFd3LOuq3vOdXPPu+7uBdfDvehedC+5Xq636+Nedn3dK66f6++SXbIb6Aa6QW6QG+KGuGFumBvuhrsRboRLcSlulBvlRrvRbowb48a6sW68G+8muAlukpvkprgpLtWlumlumpvuprsZboab5Wa5NJfm5rq5bp6b5xa4BW5hwkK3yC1yS9wSl+7SXYbLcJku0y13y12Wy3Ir3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt8vtcnvcHrfP7XP73X53wB1w2S7bHXQH3SF3yB1237gc96074r5zR9337pj7wR13P7oT7qQ75X5yp93P7ow768658+6C+8VddJfcZeddauTdyLTIe5HpkfcjMyIzI7MisyNpkTmRuZEPIvMi8yMLIh9GFkY+iiyKLI4siSyNpEc+jmRElkUyI59Elkc+jWRFVkRWRlZFVkfWRLwvtiP0JXxJH/W3+FL+Vp/gS/syvqx3vpxP9Lf58v52X8Hf4Sv6O30lf5ev7Kv4qv4J39K38q19G9/WP+nb+ad8e9/Bd/RP+07+Gd/Zd/FJ/lnf1T/nu/nnfXf/gu/hX/Q9/Uu+l+/t+/iXfV//iu/n+/tkP8AP9K/6QX6wH+KH+mH+NT/cv+5H+Dd8ih/pR/k3/Wj/lh/j3/Zj/Tg/3r/jJ/iJfpKf7Kf4qT7Vv+un+ff8dP++n+Fn+ll+tk/zc/xc/4Gf5+f7Bf5Dv9B/5Bf5xX6JX+rT/cc+wy/zmf4Tv9x/6rP8Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/Wd+h9/pd/ndfo/f6/f5z/1+/4U/4L/02f4rf9D/zR/yX/vD/huf47/1R/x3/qj/3h/zP/jj/kd/wp/0p/xP/rT/2Z/xZ/05f95f8L/4i/6Sv8y/s8YYY4wx9n9E/cHxAf/i/+Rv64qBQojrdxbN+eeamwv9fT9YxneKCCGe7d/z0X9btWsnJyf/9tosJYKSi4UQkav5ecTVeIXoKJ4RSaKDKP8v+xsse1+gP6gfvVOI2KuVfxUr/rn+7f9B/SefHp9RKTwX95/UXyxEQsmrOfnE1fhq/Qr/Qf3C7f6g/3xfpwrR/h9y8our8dX6ieIp8ZxI+nevZIwxxhhjjDHG/m6wrNr9j56frzyfx+urOXnF1fiPns8ZY4wxxhhjjDF27b3Qu0+XJ5OSOnTnzZ/Y1Pjv0QZvePOXba71TybGGGOMMcbYX+3qTf+17oQxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMu9/n/8ObFrfY6MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYtfa/AgAA///mJjhh")
mlock(&(0x7f0000ff9000/0x4000)=nil, 0x4000)

4.010230006s ago: executing program 9 (id=1419):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = openat$zero(0xffffffffffffff9c, 0x0, 0x480304, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b70800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x4ace457a, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000000001000004000000000000000002"], &(0x7f0000000240)=""/199, 0x3e, 0xc7, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xb6, 0x0)
timerfd_gettime(0xffffffffffffffff, &(0x7f0000000000))
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0x400003, &(0x7f0000000200)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@noblock_validity}, {@usrquota}, {@resgid}, {@nogrpid}, {@errors_remount}, {@noinit_itable}, {@dioread_lock}, {@journal_dev={'journal_dev', 0x3d, 0x4}, 0x32}]}, 0x1b, 0x4f5, &(0x7f0000000340)="$eJzs3V1rHGsdAPD/TLJtk6YmRS9qwVpsJSna3aSxbfCiVhG9Kqj12hqTTQjZZEN20zahaIofQBBRQRC88kbwAwjSjyBCQe9FRRFtPRe9OKd72Le+JLvJ9nSz25P8fjCZ55mX/P/PLjszz8wwE8CRdT4iLkTE80qlcikiRhvT08Zws1rZri/39MmDueqQRKVy+79JRFKfVl1k4pX/ebK+SpyIiO98M+IHye64pc2t5dlCIb/eqOfKK2u50ubW5aWV2cX8Yn51enrq2sz1maszk11p50hE3Pj6P3/+k99+48Yfv3jvb3f+PfHDpDE94mU7uq3e9Ezts2gajIj1gwjWBzcb7cn0OxEAADrSPM7/XERcitEYqB3NAQAAAIdJ5Ssj8X4SUQEAAAAOrbR2D2ySZhv3AYxEmmaz9Xt4PxXDaaFYKn9hobixOl+/V3YsMunCUiE/2bhXeCwySbU+VSu/rF/ZUZ+OiNMR8bPRoVo9O1cszPf75AcAAAAcESd39P/fG633/wEAAIBDZqzfCQAAAAAHTv8fAAAADj/9fwAAADjUvnXrVnWoNN9/PX93c2O5ePfyfL60nF3ZmMvOFdfXsovF4mLtmX0r+/2/QrG49qVY3bifK+dL5Vxpc+vOSnFjtXxn6bVXYAMAAAA9dPqzj/6aRMT2l4dqQ9WxficF9MTgmyz8j4PLA+i9gX4nAPTNrv3/Gx0QAB9nmX4nAPRdEhG/3mN+25t3/nQw+QAAAN03/unW1/+Tfc8NbKc9ShE4IM7/wdH1Ea//D3c7D6D3XO6HoysTA9F5R37oQHMB+iPZZ/7bX/+vVN4oIQAAoOtGakOSZiNq5wFGIk2z2YhTtdcCZJKFpUJ+MiI+ERF/Gc0cr9anamsm+/YZAAAAAAAAAAAAAAAAAAAAAAAAAIC6SiWJCgAAAHCoRaT/Shrv/xofvTiy8/zAseTZaG0cEfd+dfsX92fL5fWp6vT/vZhe/mVj+pV+nMEAAAAAdmr205v9eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADopqdPHsw1h17G/c9XI2KsVfzBOFEbn4hMRAz/P4nBV9ZLImKgC/G3H0bE177XIn5STSvGGlm0ij/UrfhnWrV/7/hpRJzsQnw4yh5Vtz83W/3+0jhfG+/8/R1/se5gF+K33/6lL7Z/A222P6c6jHH28e9zbeM/jDg72Hr704yftIl/ocP43//u1la7eZXfRIy33P8kr8XKlVfWcqXNrctLK7OL+cX86vT01LWZ6zNXZyZzC0uFfONvyxg//cwfnu/V/uE28cf2af/FDtv/weP7Tz5ZL2ZaxZ+40Pr7P9MmftrY932+Ua7OH2+Wt+vlV5373Z/P7dX++Tbt3+/7n+iw/Ze+/eO/d7goANADpc2t5dlCIb9+pAtv9WlUD4s6WzhthHkXmqyQXy/96N1I450sNH8Tz/qyXQIAALpvdx8YAAAAAAAAAAAAAAAAAAAA6LXuPDOs+UzsvZ+u17RdH+16FjIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQD99GAAA//+GWc+t")

2.764586931s ago: executing program 2 (id=1420):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000012c0)=ANY=[@ANYBLOB="b0"], 0xb0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r5}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

2.625071601s ago: executing program 2 (id=1421):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = openat$zero(0xffffffffffffff9c, 0x0, 0x480304, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b70800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x4ace457a, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000000001000004000000000000000002"], &(0x7f0000000240)=""/199, 0x3e, 0xc7, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xb6, 0x0)
timerfd_gettime(0xffffffffffffffff, &(0x7f0000000000))
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
r8 = creat(&(0x7f00000000c0)='./file0\x00', 0x8b)
close(r8)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0x400003, &(0x7f0000000200)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@noblock_validity}, {@usrquota}, {@resgid}, {@nogrpid}, {@errors_remount}, {@noinit_itable}, {@dioread_lock}, {@journal_dev={'journal_dev', 0x3d, 0x4}, 0x32}]}, 0x1b, 0x4f5, &(0x7f0000000340)="$eJzs3V1rHGsdAPD/TLJtk6YmRS9qwVpsJSna3aSxbfCiVhG9Kqj12hqTTQjZZEN20zahaIofQBBRQRC88kbwAwjSjyBCQe9FRRFtPRe9OKd72Le+JLvJ9nSz25P8fjCZ55mX/P/PLjszz8wwE8CRdT4iLkTE80qlcikiRhvT08Zws1rZri/39MmDueqQRKVy+79JRFKfVl1k4pX/ebK+SpyIiO98M+IHye64pc2t5dlCIb/eqOfKK2u50ubW5aWV2cX8Yn51enrq2sz1maszk11p50hE3Pj6P3/+k99+48Yfv3jvb3f+PfHDpDE94mU7uq3e9Ezts2gajIj1gwjWBzcb7cn0OxEAADrSPM7/XERcitEYqB3NAQAAAIdJ5Ssj8X4SUQEAAAAOrbR2D2ySZhv3AYxEmmaz9Xt4PxXDaaFYKn9hobixOl+/V3YsMunCUiE/2bhXeCwySbU+VSu/rF/ZUZ+OiNMR8bPRoVo9O1cszPf75AcAAAAcESd39P/fG633/wEAAIBDZqzfCQAAAAAHTv8fAAAADj/9fwAAADjUvnXrVnWoNN9/PX93c2O5ePfyfL60nF3ZmMvOFdfXsovF4mLtmX0r+/2/QrG49qVY3bifK+dL5Vxpc+vOSnFjtXxn6bVXYAMAAAA9dPqzj/6aRMT2l4dqQ9WxficF9MTgmyz8j4PLA+i9gX4nAPTNrv3/Gx0QAB9nmX4nAPRdEhG/3mN+25t3/nQw+QAAAN03/unW1/+Tfc8NbKc9ShE4IM7/wdH1Ea//D3c7D6D3XO6HoysTA9F5R37oQHMB+iPZZ/7bX/+vVN4oIQAAoOtGakOSZiNq5wFGIk2z2YhTtdcCZJKFpUJ+MiI+ERF/Gc0cr9anamsm+/YZAAAAAAAAAAAAAAAAAAAAAAAAAIC6SiWJCgAAAHCoRaT/Shrv/xofvTiy8/zAseTZaG0cEfd+dfsX92fL5fWp6vT/vZhe/mVj+pV+nMEAAAAAdmr205v9eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADopqdPHsw1h17G/c9XI2KsVfzBOFEbn4hMRAz/P4nBV9ZLImKgC/G3H0bE177XIn5STSvGGlm0ij/UrfhnWrV/7/hpRJzsQnw4yh5Vtz83W/3+0jhfG+/8/R1/se5gF+K33/6lL7Z/A222P6c6jHH28e9zbeM/jDg72Hr704yftIl/ocP43//u1la7eZXfRIy33P8kr8XKlVfWcqXNrctLK7OL+cX86vT01LWZ6zNXZyZzC0uFfONvyxg//cwfnu/V/uE28cf2af/FDtv/weP7Tz5ZL2ZaxZ+40Pr7P9MmftrY932+Ua7OH2+Wt+vlV5373Z/P7dX++Tbt3+/7n+iw/Ze+/eO/d7goANADpc2t5dlCIb9+pAtv9WlUD4s6WzhthHkXmqyQXy/96N1I450sNH8Tz/qyXQIAALpvdx8YAAAAAAAAAAAAAAAAAAAA6LXuPDOs+UzsvZ+u17RdH+16FjIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQD99GAAA//+GWc+t")

2.5036151s ago: executing program 9 (id=1422):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000280)="db", 0x1}], 0x1}, 0x41)
recvmsg(r0, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x40012002)
sendmsg$inet(r1, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000180)}, 0x1)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r2}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)

1.179267465s ago: executing program 9 (id=1423):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = io_uring_setup(0x36a3, &(0x7f0000000340))
close(r2)
clock_nanosleep(0x2, 0x0, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)

1.094237084s ago: executing program 9 (id=1424):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = openat$zero(0xffffffffffffff9c, 0x0, 0x480304, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b70800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x4ace457a, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000000001000004000000000000000002"], &(0x7f0000000240)=""/199, 0x3e, 0xc7, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xb6, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
r9 = creat(&(0x7f00000000c0)='./file0\x00', 0x8b)
close(r9)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0x400003, &(0x7f0000000200)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@noblock_validity}, {@usrquota}, {@resgid}, {@nogrpid}, {@errors_remount}, {@noinit_itable}, {@dioread_lock}, {@journal_dev={'journal_dev', 0x3d, 0x4}, 0x32}]}, 0x1b, 0x4f5, &(0x7f0000000340)="$eJzs3V1rHGsdAPD/TLJtk6YmRS9qwVpsJSna3aSxbfCiVhG9Kqj12hqTTQjZZEN20zahaIofQBBRQRC88kbwAwjSjyBCQe9FRRFtPRe9OKd72Le+JLvJ9nSz25P8fjCZ55mX/P/PLjszz8wwE8CRdT4iLkTE80qlcikiRhvT08Zws1rZri/39MmDueqQRKVy+79JRFKfVl1k4pX/ebK+SpyIiO98M+IHye64pc2t5dlCIb/eqOfKK2u50ubW5aWV2cX8Yn51enrq2sz1maszk11p50hE3Pj6P3/+k99+48Yfv3jvb3f+PfHDpDE94mU7uq3e9Ezts2gajIj1gwjWBzcb7cn0OxEAADrSPM7/XERcitEYqB3NAQAAAIdJ5Ssj8X4SUQEAAAAOrbR2D2ySZhv3AYxEmmaz9Xt4PxXDaaFYKn9hobixOl+/V3YsMunCUiE/2bhXeCwySbU+VSu/rF/ZUZ+OiNMR8bPRoVo9O1cszPf75AcAAAAcESd39P/fG633/wEAAIBDZqzfCQAAAAAHTv8fAAAADj/9fwAAADjUvnXrVnWoNN9/PX93c2O5ePfyfL60nF3ZmMvOFdfXsovF4mLtmX0r+/2/QrG49qVY3bifK+dL5Vxpc+vOSnFjtXxn6bVXYAMAAAA9dPqzj/6aRMT2l4dqQ9WxficF9MTgmyz8j4PLA+i9gX4nAPTNrv3/Gx0QAB9nmX4nAPRdEhG/3mN+25t3/nQw+QAAAN03/unW1/+Tfc8NbKc9ShE4IM7/wdH1Ea//D3c7D6D3XO6HoysTA9F5R37oQHMB+iPZZ/7bX/+vVN4oIQAAoOtGakOSZiNq5wFGIk2z2YhTtdcCZJKFpUJ+MiI+ERF/Gc0cr9anamsm+/YZAAAAAAAAAAAAAAAAAAAAAAAAAIC6SiWJCgAAAHCoRaT/Shrv/xofvTiy8/zAseTZaG0cEfd+dfsX92fL5fWp6vT/vZhe/mVj+pV+nMEAAAAAdmr205v9eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADopqdPHsw1h17G/c9XI2KsVfzBOFEbn4hMRAz/P4nBV9ZLImKgC/G3H0bE177XIn5STSvGGlm0ij/UrfhnWrV/7/hpRJzsQnw4yh5Vtz83W/3+0jhfG+/8/R1/se5gF+K33/6lL7Z/A222P6c6jHH28e9zbeM/jDg72Hr704yftIl/ocP43//u1la7eZXfRIy33P8kr8XKlVfWcqXNrctLK7OL+cX86vT01LWZ6zNXZyZzC0uFfONvyxg//cwfnu/V/uE28cf2af/FDtv/weP7Tz5ZL2ZaxZ+40Pr7P9MmftrY932+Ua7OH2+Wt+vlV5373Z/P7dX++Tbt3+/7n+iw/Ze+/eO/d7goANADpc2t5dlCIb9+pAtv9WlUD4s6WzhthHkXmqyQXy/96N1I450sNH8Tz/qyXQIAALpvdx8YAAAAAAAAAAAAAAAAAAAA6LXuPDOs+UzsvZ+u17RdH+16FjIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQD99GAAA//+GWc+t")
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000900)=ANY=[@ANYBLOB="68000000140001", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRESOCT=r0, @ANYRESDEC=r8, @ANYRES64=r6], 0x68}}, 0x4004040)

74.45661ms ago: executing program 2 (id=1425):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
add_key$keyring(&(0x7f00000000c0), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
rmdir(&(0x7f0000000080)='./cgroup/../file0\x00')
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_subtree(r1, &(0x7f00000001c0), 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000100)={[{0x2d, 'pids'}]}, 0x6)

73.67255ms ago: executing program 4 (id=1426):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x6, 0x4, 0x9, 0x8, 0x0, 0xffffffffffffffff, 0xfffffffe, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
kcmp(0x0, 0xffffffffffffffff, 0x5, r0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
r4 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r4, 0x0)
lseek(r4, 0x5, 0x1)
close(0xffffffffffffffff)

73.10229ms ago: executing program 4 (id=1427):
munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000040), 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
read(r1, &(0x7f0000000080)=""/155, 0x9b)
r2 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
mprotect(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x14cb84fb0918cdfe)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x2)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000540)={0x50, 0x0, &(0x7f00000004c0)=[@increfs={0x40046304, 0x2}, @exit_looper, @reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000380)={@ptr={0x70742a85, 0x0, &(0x7f0000000180)=""/70, 0x46, 0x2, 0x8}, @ptr={0x70742a85, 0x0, &(0x7f0000000200)=""/254, 0xfe, 0x0, 0xa}, @ptr={0x70742a85, 0x0, &(0x7f0000000300)=""/96, 0x60, 0x0, 0x14}}, &(0x7f0000000400)={0x0, 0x28, 0x50}}}], 0x0, 0x0, 0x0})
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x2880, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r3, 0x400448dd, &(0x7f0000000100))
r5 = syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff034}]}, 0x10)
syz_usb_ep_write$ath9k_ep2(r5, 0x83, 0x8, &(0x7f0000000080)=ANY=[])
syz_usb_connect$printer(0x3, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201100100"], 0x0)
syz_usb_ep_write$ath9k_ep2(r5, 0x83, 0x8, &(0x7f00000000c0)=ANY=[])

72.65038ms ago: executing program 2 (id=1428):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x10f501, 0x32)
r1 = syz_open_dev$vcsa(&(0x7f00000002c0), 0x3, 0x200)
linkat(r0, &(0x7f0000000280)='./file0\x00', r1, &(0x7f0000000340)='./file0\x00', 0x400)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r3, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
close(0xffffffffffffffff)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="040000000000000008003f006563060008001b"], 0x30}}, 0x0)

23.51768ms ago: executing program 1 (id=1429):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = openat$zero(0xffffffffffffff9c, 0x0, 0x480304, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b70800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x4ace457a, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000000001000004000000000000000002"], &(0x7f0000000240)=""/199, 0x3e, 0xc7, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xb6, 0x0)
timerfd_gettime(0xffffffffffffffff, &(0x7f0000000000))
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
creat(&(0x7f00000000c0)='./file0\x00', 0x8b)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0x400003, &(0x7f0000000200)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@noblock_validity}, {@usrquota}, {@resgid}, {@nogrpid}, {@errors_remount}, {@noinit_itable}, {@dioread_lock}, {@journal_dev={'journal_dev', 0x3d, 0x4}, 0x32}]}, 0x1b, 0x4f5, &(0x7f0000000340)="$eJzs3V1rHGsdAPD/TLJtk6YmRS9qwVpsJSna3aSxbfCiVhG9Kqj12hqTTQjZZEN20zahaIofQBBRQRC88kbwAwjSjyBCQe9FRRFtPRe9OKd72Le+JLvJ9nSz25P8fjCZ55mX/P/PLjszz8wwE8CRdT4iLkTE80qlcikiRhvT08Zws1rZri/39MmDueqQRKVy+79JRFKfVl1k4pX/ebK+SpyIiO98M+IHye64pc2t5dlCIb/eqOfKK2u50ubW5aWV2cX8Yn51enrq2sz1maszk11p50hE3Pj6P3/+k99+48Yfv3jvb3f+PfHDpDE94mU7uq3e9Ezts2gajIj1gwjWBzcb7cn0OxEAADrSPM7/XERcitEYqB3NAQAAAIdJ5Ssj8X4SUQEAAAAOrbR2D2ySZhv3AYxEmmaz9Xt4PxXDaaFYKn9hobixOl+/V3YsMunCUiE/2bhXeCwySbU+VSu/rF/ZUZ+OiNMR8bPRoVo9O1cszPf75AcAAAAcESd39P/fG633/wEAAIBDZqzfCQAAAAAHTv8fAAAADj/9fwAAADjUvnXrVnWoNN9/PX93c2O5ePfyfL60nF3ZmMvOFdfXsovF4mLtmX0r+/2/QrG49qVY3bifK+dL5Vxpc+vOSnFjtXxn6bVXYAMAAAA9dPqzj/6aRMT2l4dqQ9WxficF9MTgmyz8j4PLA+i9gX4nAPTNrv3/Gx0QAB9nmX4nAPRdEhG/3mN+25t3/nQw+QAAAN03/unW1/+Tfc8NbKc9ShE4IM7/wdH1Ea//D3c7D6D3XO6HoysTA9F5R37oQHMB+iPZZ/7bX/+vVN4oIQAAoOtGakOSZiNq5wFGIk2z2YhTtdcCZJKFpUJ+MiI+ERF/Gc0cr9anamsm+/YZAAAAAAAAAAAAAAAAAAAAAAAAAIC6SiWJCgAAAHCoRaT/Shrv/xofvTiy8/zAseTZaG0cEfd+dfsX92fL5fWp6vT/vZhe/mVj+pV+nMEAAAAAdmr205v9eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADopqdPHsw1h17G/c9XI2KsVfzBOFEbn4hMRAz/P4nBV9ZLImKgC/G3H0bE177XIn5STSvGGlm0ij/UrfhnWrV/7/hpRJzsQnw4yh5Vtz83W/3+0jhfG+/8/R1/se5gF+K33/6lL7Z/A222P6c6jHH28e9zbeM/jDg72Hr704yftIl/ocP43//u1la7eZXfRIy33P8kr8XKlVfWcqXNrctLK7OL+cX86vT01LWZ6zNXZyZzC0uFfONvyxg//cwfnu/V/uE28cf2af/FDtv/weP7Tz5ZL2ZaxZ+40Pr7P9MmftrY932+Ua7OH2+Wt+vlV5373Z/P7dX++Tbt3+/7n+iw/Ze+/eO/d7goANADpc2t5dlCIb9+pAtv9WlUD4s6WzhthHkXmqyQXy/96N1I450sNH8Tz/qyXQIAALpvdx8YAAAAAAAAAAAAAAAAAAAA6LXuPDOs+UzsvZ+u17RdH+16FjIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQD99GAAA//+GWc+t")
socket$vsock_stream(0x28, 0x1, 0x0)

825.24µs ago: executing program 2 (id=1430):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x30dd3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

0s ago: executing program 3 (id=1431):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = openat$zero(0xffffffffffffff9c, 0x0, 0x480304, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b70800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x4ace457a, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000000001000004000000000000000002"], &(0x7f0000000240)=""/199, 0x3e, 0xc7, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xb6, 0x0)
timerfd_gettime(0xffffffffffffffff, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0x400003, &(0x7f0000000200)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@noblock_validity}, {@usrquota}, {@resgid}, {@nogrpid}, {@errors_remount}, {@noinit_itable}, {@dioread_lock}, {@journal_dev={'journal_dev', 0x3d, 0x4}, 0x32}]}, 0x1b, 0x4f5, &(0x7f0000000340)="$eJzs3V1rHGsdAPD/TLJtk6YmRS9qwVpsJSna3aSxbfCiVhG9Kqj12hqTTQjZZEN20zahaIofQBBRQRC88kbwAwjSjyBCQe9FRRFtPRe9OKd72Le+JLvJ9nSz25P8fjCZ55mX/P/PLjszz8wwE8CRdT4iLkTE80qlcikiRhvT08Zws1rZri/39MmDueqQRKVy+79JRFKfVl1k4pX/ebK+SpyIiO98M+IHye64pc2t5dlCIb/eqOfKK2u50ubW5aWV2cX8Yn51enrq2sz1maszk11p50hE3Pj6P3/+k99+48Yfv3jvb3f+PfHDpDE94mU7uq3e9Ezts2gajIj1gwjWBzcb7cn0OxEAADrSPM7/XERcitEYqB3NAQAAAIdJ5Ssj8X4SUQEAAAAOrbR2D2ySZhv3AYxEmmaz9Xt4PxXDaaFYKn9hobixOl+/V3YsMunCUiE/2bhXeCwySbU+VSu/rF/ZUZ+OiNMR8bPRoVo9O1cszPf75AcAAAAcESd39P/fG633/wEAAIBDZqzfCQAAAAAHTv8fAAAADj/9fwAAADjUvnXrVnWoNN9/PX93c2O5ePfyfL60nF3ZmMvOFdfXsovF4mLtmX0r+/2/QrG49qVY3bifK+dL5Vxpc+vOSnFjtXxn6bVXYAMAAAA9dPqzj/6aRMT2l4dqQ9WxficF9MTgmyz8j4PLA+i9gX4nAPTNrv3/Gx0QAB9nmX4nAPRdEhG/3mN+25t3/nQw+QAAAN03/unW1/+Tfc8NbKc9ShE4IM7/wdH1Ea//D3c7D6D3XO6HoysTA9F5R37oQHMB+iPZZ/7bX/+vVN4oIQAAoOtGakOSZiNq5wFGIk2z2YhTtdcCZJKFpUJ+MiI+ERF/Gc0cr9anamsm+/YZAAAAAAAAAAAAAAAAAAAAAAAAAIC6SiWJCgAAAHCoRaT/Shrv/xofvTiy8/zAseTZaG0cEfd+dfsX92fL5fWp6vT/vZhe/mVj+pV+nMEAAAAAdmr205v9eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADopqdPHsw1h17G/c9XI2KsVfzBOFEbn4hMRAz/P4nBV9ZLImKgC/G3H0bE177XIn5STSvGGlm0ij/UrfhnWrV/7/hpRJzsQnw4yh5Vtz83W/3+0jhfG+/8/R1/se5gF+K33/6lL7Z/A222P6c6jHH28e9zbeM/jDg72Hr704yftIl/ocP43//u1la7eZXfRIy33P8kr8XKlVfWcqXNrctLK7OL+cX86vT01LWZ6zNXZyZzC0uFfONvyxg//cwfnu/V/uE28cf2af/FDtv/weP7Tz5ZL2ZaxZ+40Pr7P9MmftrY932+Ua7OH2+Wt+vlV5373Z/P7dX++Tbt3+/7n+iw/Ze+/eO/d7goANADpc2t5dlCIb9+pAtv9WlUD4s6WzhthHkXmqyQXy/96N1I450sNH8Tz/qyXQIAALpvdx8YAAAAAAAAAAAAAAAAAAAA6LXuPDOs+UzsvZ+u17RdH+16FjIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQD99GAAA//+GWc+t")

kernel console output (not intermixed with test programs):

lNumber=3
[  252.144312][    T6] usb 4-1: Product: syz
[  252.148348][    T6] usb 4-1: Manufacturer: syz
[  252.152727][    T6] usb 4-1: SerialNumber: syz
[  252.157868][    T6] usb 4-1: config 0 descriptor??
[  252.164591][    T6] usb 4-1: bad CDC descriptors
[  252.169400][    T6] cdc_acm 4-1:0.0: Zero length descriptor references
[  252.175919][    T6] cdc_acm: probe of 4-1:0.0 failed with error -22
[  252.232366][  T312] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  252.371316][  T422] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  252.397782][    T6] usb 4-1: USB disconnect, device number 9
[  252.425846][  T312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  252.436662][  T312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  252.446577][  T508] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  252.454165][  T312] usb 3-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  252.463111][  T312] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.472174][  T312] usb 3-1: config 0 descriptor??
[  252.563730][  T422] usb 10-1: Using ep0 maxpacket: 8
[  252.569971][  T422] usb 10-1: config 179 has an invalid interface number: 65 but max is 0
[  252.578325][  T422] usb 10-1: config 179 has no interface number 0
[  252.584501][  T422] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  252.595480][  T422] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  252.606555][  T422] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  252.617795][  T422] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  252.629112][  T422] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  252.660000][  T508] usb 2-1: Using ep0 maxpacket: 8
[  252.666176][  T508] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  252.674591][  T508] usb 2-1: config 179 has no interface number 0
[  252.677371][  T422] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  252.681230][  T508] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  252.689948][  T422] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.702490][  T508] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  252.709796][ T3661] raw-gadget.2 gadget.9: fail, usb_ep_enable returned -22
[  252.739320][  T508] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  252.754224][  T508] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  252.767764][  T508] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  252.776552][  T508] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.788639][ T3663] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[  252.837440][ T3672] loop4: detected capacity change from 0 to 512
[  252.844777][ T3672] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  252.855341][ T3672] EXT4-fs (loop4): orphan cleanup on readonly fs
[  252.861496][ T3672] EXT4-fs error (device loop4): ext4_quota_enable:6975: comm syz.4.985: Bad quota inum: 64, type: 0
[  252.872614][ T3672] EXT4-fs (loop4): Remounting filesystem read-only
[  252.879094][ T3672] EXT4-fs warning (device loop4): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  252.893795][ T3672] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  252.900664][ T3672] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  252.918090][  T312] magicmouse 0003:05AC:0265.0010: unknown main item tag 0x0
[  252.925493][  T312] magicmouse 0003:05AC:0265.0010: unknown main item tag 0x0
[  252.926178][  T294] EXT4-fs (loop4): unmounting filesystem.
[  252.932913][  T312] magicmouse 0003:05AC:0265.0010: unknown main item tag 0x0
[  252.951202][  T312] magicmouse 0003:05AC:0265.0010: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.2-1/input0
[  252.959068][ T3675] netlink: 'syz.4.986': attribute type 4 has an invalid length.
[  252.968523][  T312] magicmouse 0003:05AC:0265.0010: magicmouse input not registered
[  252.978486][  T312] magicmouse: probe of 0003:05AC:0265.0010 failed with error -12
[  253.043418][ T3679] netlink: 'syz.3.988': attribute type 4 has an invalid length.
[  253.052963][ T3663] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  253.067614][ T3663] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  253.139296][  T205] usb 3-1: USB disconnect, device number 10
[  253.147698][ T3682] loop4: detected capacity change from 0 to 256
[  253.171579][ T3682] exfat: Deprecated parameter 'utf8'
[  253.201462][ T3682] exfat: Deprecated parameter 'namecase'
[  253.233633][ T3684] loop3: detected capacity change from 0 to 512
[  253.241879][ T3684] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  253.303341][ T3684] EXT4-fs (loop3): orphan cleanup on readonly fs
[  253.309632][ T3684] EXT4-fs error (device loop3): ext4_quota_enable:6975: comm syz.3.989: Bad quota inum: 64, type: 0
[  253.321574][ T3684] EXT4-fs (loop3): Remounting filesystem read-only
[  253.328060][ T3684] EXT4-fs warning (device loop3): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  253.342818][ T3684] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  253.349420][ T3684] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  253.362102][ T3684] EXT4-fs (loop3): unmounting filesystem.
[  253.408813][ T3682] exfat: Deprecated parameter 'utf8'
[  253.421445][ T3661] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  253.478020][ T3661] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  253.505375][ T3682] exfat: Bad value for 'umask'
[  254.178105][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  254.222554][ T3688] loop2: detected capacity change from 0 to 512
[  254.252911][  T392] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  254.263731][  T392] Bluetooth: hci1: command 0x1003 tx timeout
[  254.263757][ T1522] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  254.285271][ T3658] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  254.336039][ T3662] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  254.337527][ T3688] EXT4-fs: Ignoring removed i_version option
[  254.349105][ T3688] EXT4-fs: Ignoring removed mblk_io_submit option
[  254.355710][ T3688] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  254.393647][ T3688] EXT4-fs (loop2): 1 truncate cleaned up
[  254.399192][ T3688] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  255.194029][ T3552] EXT4-fs (loop2): unmounting filesystem.
[  255.275209][ T3713] netlink: 'syz.2.997': attribute type 4 has an invalid length.
[  255.343479][ T3713] bridge0: port 3(gretap0) entered disabled state
[  255.431879][ T3713] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.439104][ T3713] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.470431][    C0] xpad 10-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  255.478700][    C0] xpad 10-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  255.480963][  T508] usb 2-1: USB disconnect, device number 31
[  255.488372][  T205] usb 10-1: USB disconnect, device number 15
[  258.745511][ T3734] loop4: detected capacity change from 0 to 512
[  259.926801][ T3734] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  259.986866][ T3734] EXT4-fs (loop4): orphan cleanup on readonly fs
[  259.993088][ T3734] EXT4-fs error (device loop4): ext4_quota_enable:6975: comm syz.4.1003: Bad quota inum: 64, type: 0
[  260.005628][ T3734] EXT4-fs (loop4): Remounting filesystem read-only
[  260.011989][ T3734] EXT4-fs warning (device loop4): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  260.026534][ T3734] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  260.033004][ T3734] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  260.044584][ T3734] EXT4-fs (loop4): unmounting filesystem.
[  260.516267][ T3732] loop2: detected capacity change from 0 to 512
[  260.532988][ T3732] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  260.694698][ T3732] EXT4-fs (loop2): orphan cleanup on readonly fs
[  260.700910][ T3732] EXT4-fs error (device loop2): ext4_quota_enable:6975: comm syz.2.1000: Bad quota inum: 64, type: 0
[  260.713783][ T3732] EXT4-fs (loop2): Remounting filesystem read-only
[  260.720144][ T3732] EXT4-fs warning (device loop2): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  260.734690][ T3732] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  260.741151][ T3732] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  260.752402][ T3732] EXT4-fs (loop2): unmounting filesystem.
[  261.282822][ T3759] netlink: 'syz.2.1011': attribute type 4 has an invalid length.
[  262.001860][  T508] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  262.072192][ T3774] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1016'.
[  262.081060][ T3774] device gretap0 left promiscuous mode
[  262.092213][ T3774] bridge0: port 3(gretap0) entered disabled state
[  262.099078][ T3774] device bridge_slave_1 left promiscuous mode
[  262.106347][ T3774] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.114004][ T3774] device bridge_slave_0 left promiscuous mode
[  262.120078][ T3774] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.200150][  T508] usb 3-1: Using ep0 maxpacket: 8
[  262.206389][  T508] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  262.214519][  T508] usb 3-1: config 179 has no interface number 0
[  262.220590][  T508] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  262.231397][  T508] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  262.238794][  T422] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  262.242413][  T508] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  262.242444][  T508] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  262.242473][  T508] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  262.285537][  T508] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  262.296244][  T508] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.356701][ T3783] loop9: detected capacity change from 0 to 256
[  262.364165][ T3783] exfat: Deprecated parameter 'utf8'
[  262.369468][ T3783] exfat: Deprecated parameter 'namecase'
[  262.375097][ T3783] exfat: Deprecated parameter 'utf8'
[  262.380315][ T3783] exfat: Bad value for 'umask'
[  262.413206][ T3766] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  262.462649][  T354] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  262.522851][  T422] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  263.518896][ T3766] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  263.536506][  T422] usb 4-1: New USB device found, idVendor=0421, idProduct=0007, bcdDevice=b8.51
[  263.549456][ T3789] netlink: 'syz.4.1023': attribute type 4 has an invalid length.
[  263.566886][ T3766] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  263.576906][  T422] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  263.586023][ T3764] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  263.592194][    T8] Bluetooth: hci0: Frame reassembly failed (-84)
[  263.608888][  T422] usb 4-1: Product: syz
[  263.613694][  T422] usb 4-1: Manufacturer: syz
[  263.618588][  T422] usb 4-1: SerialNumber: syz
[  263.632412][  T422] usb 4-1: config 0 descriptor??
[  263.639809][  T422] usb 4-1: bad CDC descriptors
[  263.644668][  T422] cdc_acm 4-1:0.0: Zero length descriptor references
[  263.651461][  T422] cdc_acm: probe of 4-1:0.0 failed with error -22
[  263.670756][ T3797] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  263.687344][ T3797] kvm: pic: non byte read
[  263.691925][ T3797] kvm: pic: level sensitive irq not supported
[  263.691982][ T3797] kvm: pic: non byte read
[  263.702803][ T3797] kvm: pic: level sensitive irq not supported
[  263.702867][ T3797] kvm: pic: non byte read
[  263.713488][ T3797] kvm: pic: level sensitive irq not supported
[  263.713541][ T3797] kvm: pic: non byte read
[  263.859324][  T422] usb 4-1: USB disconnect, device number 10
[  264.701262][ T3816] loop3: detected capacity change from 0 to 512
[  264.732336][ T3816] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  265.384807][ T3816] EXT4-fs (loop3): orphan cleanup on readonly fs
[  265.391106][ T3816] EXT4-fs error (device loop3): ext4_quota_enable:6975: comm syz.3.1029: Bad quota inum: 64, type: 0
[  265.499688][ T3816] EXT4-fs (loop3): Remounting filesystem read-only
[  265.506062][ T3816] EXT4-fs warning (device loop3): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  265.520756][ T3816] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  265.527239][ T3816] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  265.633855][  T422] usb 3-1: USB disconnect, device number 11
[  265.633855][    C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  265.633891][    C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  266.239949][  T392] Bluetooth: hci0: command 0x0c1a tx timeout
[  266.240209][ T1522] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  266.275406][ T2627] EXT4-fs (loop3): unmounting filesystem.
[  266.488076][ T3830] loop3: detected capacity change from 0 to 2048
[  266.530927][ T3830] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  266.861027][ T3825] loop9: detected capacity change from 0 to 512
[  266.870355][ T3825] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  267.202883][ T3825] EXT4-fs (loop9): orphan cleanup on readonly fs
[  267.209140][ T3825] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1032: Bad quota inum: 64, type: 0
[  267.230963][ T3825] EXT4-fs (loop9): Remounting filesystem read-only
[  267.237425][ T3825] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  267.252003][ T3825] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  267.258538][ T3825] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  267.296580][ T3825] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1032'.
[  268.169805][ T2627] EXT4-fs (loop3): unmounting filesystem.
[  268.184960][ T3845] netlink: 'syz.1.1037': attribute type 4 has an invalid length.
[  268.199503][ T1405] EXT4-fs (loop9): unmounting filesystem.
[  268.355771][ T3853] loop4: detected capacity change from 0 to 512
[  268.363607][ T3853] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  269.093945][ T3853] EXT4-fs (loop4): orphan cleanup on readonly fs
[  269.100356][ T3853] EXT4-fs error (device loop4): ext4_quota_enable:6975: comm syz.4.1036: Bad quota inum: 64, type: 0
[  269.724213][ T3853] EXT4-fs (loop4): Remounting filesystem read-only
[  269.730603][ T3853] EXT4-fs warning (device loop4): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  269.745206][ T3853] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  269.751712][ T3853] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  269.763080][ T3853] EXT4-fs (loop4): unmounting filesystem.
[  270.816300][ T3869] loop9: detected capacity change from 0 to 512
[  270.924966][ T3851] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1036'.
[  270.936393][ T3869] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  271.025549][ T3869] EXT4-fs (loop9): orphan cleanup on readonly fs
[  271.031867][ T3869] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1044: Bad quota inum: 64, type: 0
[  271.093524][ T3869] EXT4-fs (loop9): Remounting filesystem read-only
[  271.099904][ T3869] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  271.114630][ T3869] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  271.121282][ T3869] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  271.208263][  T422] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  271.422013][  T422] usb 2-1: Using ep0 maxpacket: 8
[  271.428844][  T422] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  271.438401][  T422] usb 2-1: config 179 has no interface number 0
[  271.445112][  T422] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  271.456809][  T422] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  271.468874][  T422] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  271.480864][  T422] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  271.493204][  T422] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  271.507292][  T422] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  271.516826][  T422] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.544838][ T3876] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  271.970979][  T508] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  271.979217][ T1405] EXT4-fs (loop9): unmounting filesystem.
[  272.003143][ T3876] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  272.014795][ T3876] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  272.035972][ T3885] loop9: detected capacity change from 0 to 2048
[  272.071592][ T3885] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  272.106564][ T1405] EXT4-fs (loop9): unmounting filesystem.
[  272.223156][  T508] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  272.232820][  T508] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[  272.245224][  T508] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  272.254752][  T508] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[  272.265981][  T508] usb 4-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  272.275185][  T508] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.283401][  T508] usb 4-1: Product: syz
[  272.287416][  T508] usb 4-1: Manufacturer: syz
[  272.291872][  T508] usb 4-1: SerialNumber: syz
[  272.297154][  T508] usb 4-1: config 0 descriptor??
[  272.302752][  T508] ums-isd200 4-1:0.0: USB Mass Storage device detected
[  272.524274][  T508] scsi host1: usb-storage 4-1:0.0
[  272.571017][  T508] usb 4-1: USB disconnect, device number 11
[  272.660831][ T3902] netlink: 'syz.4.1053': attribute type 4 has an invalid length.
[  272.668682][ T3902] netlink: 'syz.4.1053': attribute type 4 has an invalid length.
[  272.700595][ T3904] 9pnet_fd: Insufficient options for proto=fd
[  272.907964][ T3875] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  272.914377][  T314] Bluetooth: hci0: Frame reassembly failed (-84)
[  272.975711][ T3913] loop4: detected capacity change from 0 to 256
[  272.982644][ T3913] exfat: Deprecated parameter 'utf8'
[  272.987837][ T3913] exfat: Deprecated parameter 'namecase'
[  272.993364][ T3913] exfat: Deprecated parameter 'utf8'
[  272.998592][ T3913] exfat: Bad value for 'umask'
[  273.189198][  T354] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  273.415903][ T3919] loop2: detected capacity change from 0 to 512
[  273.429098][ T3919] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  273.460785][ T3919] EXT4-fs (loop2): orphan cleanup on readonly fs
[  273.467090][ T3919] EXT4-fs error (device loop2): ext4_quota_enable:6975: comm syz.2.1059: Bad quota inum: 64, type: 0
[  273.481544][ T3919] EXT4-fs (loop2): Remounting filesystem read-only
[  273.488038][ T3919] EXT4-fs warning (device loop2): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  273.502620][ T3919] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  273.509256][ T3919] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  273.520745][ T3919] EXT4-fs (loop2): unmounting filesystem.
[  273.606289][ T3919] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1059'.
[  274.418691][  T312] usb 2-1: USB disconnect, device number 32
[  274.418769][    C0] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  274.432751][    C0] dummy_hcd dummy_hcd.1: timer fired with no URBs pending?
[  274.834664][ T3935] netlink: 'syz.2.1065': attribute type 4 has an invalid length.
[  274.842480][ T3935] netlink: 'syz.2.1065': attribute type 4 has an invalid length.
[  274.866198][ T3937] 9pnet_fd: Insufficient options for proto=fd
[  274.898291][ T3941] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1068'.
[  274.971267][  T508] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  275.131617][  T392] Bluetooth: hci0: command 0x0c1a tx timeout
[  275.131647][ T1522] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  275.137622][  T392] Bluetooth: hci0: sending frame failed (-49)
[  275.175702][  T508] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  275.188417][  T508] usb 10-1: New USB device found, idVendor=0421, idProduct=0007, bcdDevice=b8.51
[  275.197596][  T508] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  275.205494][  T508] usb 10-1: Product: syz
[  275.209733][  T508] usb 10-1: Manufacturer: syz
[  275.214391][  T508] usb 10-1: SerialNumber: syz
[  275.220403][  T508] usb 10-1: config 0 descriptor??
[  275.226035][  T508] usb 10-1: bad CDC descriptors
[  275.227815][  T422] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  275.230914][  T508] cdc_acm 10-1:0.0: Zero length descriptor references
[  275.244729][  T508] cdc_acm: probe of 10-1:0.0 failed with error -22
[  275.442793][  T422] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  275.453666][  T422] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  275.467282][  T508] usb 10-1: USB disconnect, device number 16
[  275.469475][  T422] usb 3-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  275.935277][  T422] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.945454][  T422] usb 3-1: config 0 descriptor??
[  276.042725][ T3956] loop9: detected capacity change from 0 to 512
[  276.049690][ T3956] EXT4-fs: Ignoring removed i_version option
[  276.055950][ T3956] EXT4-fs: Ignoring removed mblk_io_submit option
[  276.063412][ T3956] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  276.077739][ T3956] EXT4-fs (loop9): 1 truncate cleaned up
[  276.083484][ T3956] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  276.788794][  T508] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  277.287548][ T3972] loop4: detected capacity change from 0 to 512
[  277.304320][ T3972] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  277.324092][  T422] magicmouse 0003:05AC:0265.0011: unknown main item tag 0x0
[  277.397185][ T1405] EXT4-fs (loop9): unmounting filesystem.
[  277.420867][ T3972] EXT4-fs (loop4): orphan cleanup on readonly fs
[  277.427107][ T3972] EXT4-fs error (device loop4): ext4_quota_enable:6975: comm syz.4.1076: Bad quota inum: 64, type: 0
[  277.439043][ T3972] EXT4-fs (loop4): Remounting filesystem read-only
[  277.445507][ T3972] EXT4-fs warning (device loop4): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  277.460140][ T3972] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  277.466637][ T3972] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  277.479108][ T3972] EXT4-fs (loop4): unmounting filesystem.
[  277.502663][  T422] magicmouse 0003:05AC:0265.0011: unknown main item tag 0x0
[  277.578788][  T422] magicmouse 0003:05AC:0265.0011: unknown main item tag 0x0
[  277.646347][  T422] magicmouse 0003:05AC:0265.0011: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.2-1/input0
[  277.719650][  T422] magicmouse 0003:05AC:0265.0011: magicmouse input not registered
[  277.742256][  T422] magicmouse: probe of 0003:05AC:0265.0011 failed with error -12
[  277.854964][  T422] usb 3-1: USB disconnect, device number 12
[  278.157411][ T3972] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1076'.
[  278.267010][ T3984] netlink: 'syz.9.1077': attribute type 4 has an invalid length.
[  278.384176][ T3987] netlink: 'syz.9.1077': attribute type 4 has an invalid length.
[  278.579941][  T508] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  278.592135][  T508] usb 2-1: New USB device found, idVendor=0421, idProduct=0007, bcdDevice=b8.51
[  278.601085][  T508] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.608954][  T508] usb 2-1: Product: syz
[  278.612959][  T508] usb 2-1: Manufacturer: syz
[  278.617408][  T508] usb 2-1: SerialNumber: syz
[  278.623276][  T508] usb 2-1: config 0 descriptor??
[  278.629509][  T508] usb 2-1: bad CDC descriptors
[  278.710123][ T3994] loop9: detected capacity change from 0 to 256
[  278.717700][ T3994] exfat: Deprecated parameter 'utf8'
[  278.722949][ T3994] exfat: Deprecated parameter 'namecase'
[  278.728489][ T3994] exfat: Deprecated parameter 'utf8'
[  278.733611][ T3994] exfat: Bad value for 'umask'
[  279.272284][  T508] cdc_acm 2-1:0.0: Zero length descriptor references
[  279.300279][  T508] cdc_acm: probe of 2-1:0.0 failed with error -22
[  279.896077][  T508] usb 2-1: USB disconnect, device number 33
[  280.093679][ T4014] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1091'.
[  280.244061][ T4023] loop3: detected capacity change from 0 to 512
[  280.260995][ T4023] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  280.310233][ T4020] loop4: detected capacity change from 0 to 512
[  280.335297][ T4020] EXT4-fs: Ignoring removed i_version option
[  280.355660][ T4023] EXT4-fs (loop3): orphan cleanup on readonly fs
[  280.361906][ T4023] EXT4-fs error (device loop3): ext4_quota_enable:6975: comm syz.3.1093: Bad quota inum: 64, type: 0
[  280.402146][  T205] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[  280.457851][ T4023] EXT4-fs (loop3): Remounting filesystem read-only
[  280.464269][ T4023] EXT4-fs warning (device loop3): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  280.478779][ T4023] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  280.485241][ T4023] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  280.515947][ T4020] EXT4-fs: Ignoring removed mblk_io_submit option
[  280.589041][ T4020] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  280.719688][ T4020] EXT4-fs (loop4): 1 truncate cleaned up
[  280.741714][ T4020] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  280.752890][  T205] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  280.778875][  T205] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  280.873423][  T205] usb 10-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  280.929700][  T205] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.989595][  T205] usb 10-1: config 0 descriptor??
[  282.515479][  T205] magicmouse 0003:05AC:0265.0012: unknown main item tag 0x0
[  282.618128][  T294] EXT4-fs (loop4): unmounting filesystem.
[  282.820764][ T4042] loop1: detected capacity change from 0 to 512
[  282.837887][ T4042] EXT4-fs: Ignoring removed i_version option
[  282.844033][ T4042] EXT4-fs: Ignoring removed mblk_io_submit option
[  282.861455][ T4042] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  282.889262][ T4042] EXT4-fs (loop1): 1 truncate cleaned up
[  282.894854][ T4042] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  283.071674][  T205] magicmouse 0003:05AC:0265.0012: unknown main item tag 0x0
[  283.078940][  T205] magicmouse 0003:05AC:0265.0012: unknown main item tag 0x0
[  283.080855][ T2627] EXT4-fs (loop3): unmounting filesystem.
[  283.086851][  T205] magicmouse 0003:05AC:0265.0012: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.9-1/input0
[  283.103075][  T205] magicmouse 0003:05AC:0265.0012: magicmouse input not registered
[  283.111840][  T205] magicmouse: probe of 0003:05AC:0265.0012 failed with error -12
[  283.129375][  T205] usb 10-1: USB disconnect, device number 17
[  283.521886][ T4075] loop9: detected capacity change from 0 to 512
[  283.530581][ T4073] loop4: detected capacity change from 0 to 2048
[  283.542653][ T4075] EXT4-fs: Ignoring removed i_version option
[  283.556500][ T4075] EXT4-fs: Ignoring removed mblk_io_submit option
[  283.567455][ T4075] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  283.579107][ T4075] EXT4-fs (loop9): 1 truncate cleaned up
[  283.584617][ T4075] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  283.618363][ T4073] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  283.646175][ T4073] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  283.705789][  T508] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  283.714287][  T294] EXT4-fs (loop4): unmounting filesystem.
[  283.744883][  T296] EXT4-fs (loop1): unmounting filesystem.
[  284.028027][  T508] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  285.005390][ T4096] loop2: detected capacity change from 0 to 512
[  285.034133][ T4096] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  285.112864][ T1405] EXT4-fs (loop9): unmounting filesystem.
[  285.278940][ T4096] EXT4-fs (loop2): orphan cleanup on readonly fs
[  285.285241][ T4096] EXT4-fs error (device loop2): ext4_quota_enable:6975: comm syz.2.1118: Bad quota inum: 64, type: 0
[  285.297398][ T4096] EXT4-fs (loop2): Remounting filesystem read-only
[  285.303766][ T4096] EXT4-fs warning (device loop2): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  285.318302][ T4096] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  285.324827][ T4096] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  285.909765][ T3552] EXT4-fs (loop2): unmounting filesystem.
[  285.916444][ T4108] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1122'.
[  285.918867][  T508] usb 4-1: New USB device found, idVendor=0421, idProduct=0007, bcdDevice=b8.51
[  285.937277][  T508] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.945231][  T508] usb 4-1: Product: syz
[  285.949249][  T508] usb 4-1: Manufacturer: syz
[  285.953713][  T508] usb 4-1: SerialNumber: syz
[  286.025076][  T508] usb 4-1: config 0 descriptor??
[  286.050225][  T508] usb 4-1: bad CDC descriptors
[  286.054976][  T508] cdc_acm 4-1:0.0: Zero length descriptor references
[  286.061954][  T508] cdc_acm: probe of 4-1:0.0 failed with error -22
[  287.743925][  T508] usb 4-1: USB disconnect, device number 12
[  287.960350][  T205] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  290.488023][ T4166] loop3: detected capacity change from 0 to 512
[  290.819274][ T4165] loop2: detected capacity change from 0 to 512
[  291.098856][ T4165] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  291.110131][ T4166] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  291.262585][ T4166] EXT4-fs (loop3): orphan cleanup on readonly fs
[  291.268828][ T4166] EXT4-fs error (device loop3): ext4_quota_enable:6975: comm syz.3.1142: Bad quota inum: 64, type: 0
[  291.280518][ T4166] EXT4-fs (loop3): Remounting filesystem read-only
[  291.286882][ T4166] EXT4-fs warning (device loop3): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  291.301405][ T4166] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  291.307911][ T4166] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  291.331370][ T4165] EXT4-fs (loop2): orphan cleanup on readonly fs
[  291.337586][ T4165] EXT4-fs error (device loop2): ext4_quota_enable:6975: comm syz.2.1139: Bad quota inum: 64, type: 0
[  291.349165][ T4165] EXT4-fs (loop2): Remounting filesystem read-only
[  291.355541][ T4165] EXT4-fs warning (device loop2): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  291.370061][ T4165] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  291.376660][ T4165] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  291.777198][ T4170] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  292.014663][ T4170] kvm: pic: non byte read
[  292.022676][ T4170] kvm: pic: non byte read
[  292.030690][ T4170] kvm: pic: single mode not supported
[  292.030803][ T4170] kvm: pic: non byte read
[  292.048391][ T4170] kvm: pic: non byte read
[  292.056366][ T4170] kvm: pic: level sensitive irq not supported
[  292.056492][ T4170] kvm: pic: non byte read
[  292.076236][  T422] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  292.086779][ T4170] kvm: pic: non byte read
[  292.091988][ T4170] kvm: pic: non byte read
[  292.096497][ T4170] kvm: pic: non byte read
[  292.101162][ T4170] kvm: pic: single mode not supported
[  292.101177][ T4170] kvm: pic: level sensitive irq not supported
[  292.106516][ T4170] kvm: pic: non byte read
[  292.128803][ T4170] kvm: pic: non byte read
[  292.194175][ T4170] kvm: pic: single mode not supported
[  292.194192][ T4170] kvm: pic: level sensitive irq not supported
[  292.199702][ T4170] kvm: pic: single mode not supported
[  292.205660][ T4170] kvm: pic: level sensitive irq not supported
[  292.211995][ T3552] EXT4-fs (loop2): unmounting filesystem.
[  292.393242][ T4185] loop1: detected capacity change from 0 to 512
[  292.402072][ T4185] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  292.426104][ T2627] EXT4-fs (loop3): unmounting filesystem.
[  292.433809][  T422] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  292.527973][ T4185] EXT4-fs (loop1): orphan cleanup on readonly fs
[  292.534186][ T4185] EXT4-fs error (device loop1): ext4_quota_enable:6975: comm syz.1.1145: Bad quota inum: 64, type: 0
[  292.545743][ T4185] EXT4-fs (loop1): Remounting filesystem read-only
[  292.552140][ T4185] EXT4-fs warning (device loop1): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  292.566629][ T4185] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  292.573139][ T4185] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  292.584454][ T4185] EXT4-fs (loop1): unmounting filesystem.
[  292.627323][  T422] usb 5-1: New USB device found, idVendor=0421, idProduct=0007, bcdDevice=b8.51
[  292.672055][  T422] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.672304][ T4191] loop2: detected capacity change from 0 to 512
[  293.681765][ T4191] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  293.695527][ T4191] EXT4-fs (loop2): orphan cleanup on readonly fs
[  293.701774][ T4191] EXT4-fs error (device loop2): ext4_quota_enable:6975: comm syz.2.1146: Bad quota inum: 64, type: 0
[  293.713891][ T4191] EXT4-fs (loop2): Remounting filesystem read-only
[  293.720242][ T4191] EXT4-fs warning (device loop2): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  293.734809][ T4191] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  293.741274][ T4191] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  293.752669][ T4191] EXT4-fs (loop2): unmounting filesystem.
[  293.800774][  T422] usb 5-1: Product: syz
[  293.841454][ T4195] loop3: detected capacity change from 0 to 512
[  293.848990][ T4195] EXT4-fs: Ignoring removed i_version option
[  293.868197][  T422] usb 5-1: Manufacturer: syz
[  293.934698][ T4195] EXT4-fs: Ignoring removed mblk_io_submit option
[  293.943882][  T422] usb 5-1: SerialNumber: syz
[  293.962552][ T4195] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  293.981707][ T4195] EXT4-fs (loop3): 1 truncate cleaned up
[  293.987577][ T4195] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  294.034210][  T422] usb 5-1: config 0 descriptor??
[  294.041458][  T422] usb 5-1: bad CDC descriptors
[  294.061618][  T422] cdc_acm 5-1:0.0: Zero length descriptor references
[  294.092373][  T422] cdc_acm: probe of 5-1:0.0 failed with error -22
[  294.534488][  T422] usb 5-1: USB disconnect, device number 29
[  294.695478][    T6] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  294.909271][    T6] usb 10-1: Using ep0 maxpacket: 8
[  294.915869][    T6] usb 10-1: config 179 has an invalid interface number: 65 but max is 0
[  294.925488][    T6] usb 10-1: config 179 has no interface number 0
[  294.932315][    T6] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  294.945069][    T6] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  294.961841][    T6] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  294.972675][    T6] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  294.986882][    T6] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  295.044820][    T6] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.057105][ T4201] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[  295.254252][ T4216] netlink: 'syz.1.1153': attribute type 4 has an invalid length.
[  295.278485][ T4216] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1153'.
[  295.461286][ T4201] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  295.537531][ T4201] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  295.742909][ T2627] EXT4-fs (loop3): unmounting filesystem.
[  297.757395][ T4234] loop2: detected capacity change from 0 to 512
[  297.905765][ T4235] loop3: detected capacity change from 0 to 512
[  297.914983][ T4235] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  297.924516][ T4234] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  297.933864][ T4198] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  297.991406][  T350] Bluetooth: hci0: Frame reassembly failed (-84)
[  298.000737][  T350] Bluetooth: hci0: Frame reassembly failed (-84)
[  298.035118][ T4234] EXT4-fs (loop2): orphan cleanup on readonly fs
[  298.041332][ T4234] EXT4-fs error (device loop2): ext4_quota_enable:6975: comm syz.2.1157: Bad quota inum: 64, type: 0
[  298.053052][ T4234] EXT4-fs (loop2): Remounting filesystem read-only
[  298.059398][ T4234] EXT4-fs warning (device loop2): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  298.074036][ T4234] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  298.080571][ T4234] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  298.145191][ T4235] EXT4-fs (loop3): orphan cleanup on readonly fs
[  298.151435][ T4235] EXT4-fs error (device loop3): ext4_quota_enable:6975: comm syz.3.1158: Bad quota inum: 64, type: 0
[  298.162930][ T4235] EXT4-fs (loop3): Remounting filesystem read-only
[  298.169288][ T4235] EXT4-fs warning (device loop3): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  298.183818][ T4235] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  298.190318][ T4235] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  298.467462][ T3552] EXT4-fs (loop2): unmounting filesystem.
[  298.510273][    T6] usb 10-1: USB disconnect, device number 18
[  298.752456][ T4242] loop4: detected capacity change from 0 to 256
[  298.761073][ T4242] exfat: Deprecated parameter 'utf8'
[  298.766201][ T4242] exfat: Deprecated parameter 'namecase'
[  298.811958][ T4242] exfat: Deprecated parameter 'utf8'
[  298.821395][ T4242] exfat: Bad value for 'umask'
[  298.874581][ T2627] EXT4-fs (loop3): unmounting filesystem.
[  298.975412][  T962] Bluetooth: hci1: Frame reassembly failed (-84)
[  299.111837][ T4264] binder: 4261:4264 ioctl c0306201 0 returned -14
[  299.120341][  T508] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  299.158603][ T4265] loop1: detected capacity change from 0 to 512
[  299.167804][ T4265] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  299.226938][ T4265] EXT4-fs (loop1): orphan cleanup on readonly fs
[  299.233265][ T4265] EXT4-fs error (device loop1): ext4_quota_enable:6975: comm syz.1.1164: Bad quota inum: 64, type: 0
[  299.245284][ T4265] EXT4-fs (loop1): Remounting filesystem read-only
[  299.251677][ T4265] EXT4-fs warning (device loop1): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  299.266180][ T4265] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  299.272812][ T4265] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  299.283957][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  299.289738][  T422] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  299.463442][    T6] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  299.495626][  T422] usb 4-1: Using ep0 maxpacket: 8
[  299.502146][  T422] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  299.511498][  T422] usb 4-1: config 179 has no interface number 0
[  299.518154][  T422] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  299.529818][  T422] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  299.541589][  T422] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  299.553659][  T422] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  299.565555][  T422] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  299.580297][  T422] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  299.590034][  T422] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.636468][ T4254] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  299.655954][    T6] usb 5-1: Using ep0 maxpacket: 8
[  299.662544][    T6] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  299.694448][    T6] usb 5-1: config 179 has no interface number 0
[  299.710992][    T6] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  299.723434][    T6] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  299.735963][    T6] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  299.747890][    T6] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  299.760570][    T6] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  299.775077][    T6] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  299.784749][    T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.823688][ T4264] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  300.109398][ T4254] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  300.120644][ T4254] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  300.190452][   T45] Bluetooth: hci0: command 0x0c1a tx timeout
[  300.190460][ T1522] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  300.213790][ T4269] netlink: 'syz.9.1167': attribute type 4 has an invalid length.
[  300.222341][ T4269] netlink: 16 bytes leftover after parsing attributes in process `syz.9.1167'.
[  300.345143][ T4264] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  300.356873][ T4264] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  300.373252][  T508] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  300.386715][  T508] usb 3-1: New USB device found, idVendor=0421, idProduct=0007, bcdDevice=b8.51
[  300.395626][  T508] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.403908][  T508] usb 3-1: Product: syz
[  300.407954][  T508] usb 3-1: Manufacturer: syz
[  300.412317][  T508] usb 3-1: SerialNumber: syz
[  300.417484][  T508] usb 3-1: config 0 descriptor??
[  300.423069][  T508] usb 3-1: bad CDC descriptors
[  300.427995][  T508] cdc_acm 3-1:0.0: Zero length descriptor references
[  300.434719][  T508] cdc_acm: probe of 3-1:0.0 failed with error -22
[  300.639876][  T312] usb 3-1: USB disconnect, device number 13
[  300.756991][  T508] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  300.970792][  T508] usb 2-1: Using ep0 maxpacket: 8
[  300.976945][  T508] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  300.985230][  T508] usb 2-1: config 179 has no interface number 0
[  300.991400][  T508] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  301.002312][  T508] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  301.013316][  T508] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  301.024266][  T508] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  301.034006][  T508] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  301.047086][  T508] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  301.055893][  T508] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.064999][ T4279] raw-gadget.5 gadget.1: fail, usb_ep_enable returned -22
[  301.073257][  T508] xpad: probe of 2-1:179.65 failed with error -5
[  301.131190][  T392] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  302.450219][ T4284] loop9: detected capacity change from 0 to 512
[  302.462041][ T4287] loop2: detected capacity change from 0 to 512
[  302.471305][ T4287] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  302.483741][ T4284] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  302.581129][ T4284] EXT4-fs (loop9): orphan cleanup on readonly fs
[  302.587498][ T4284] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1171: Bad quota inum: 64, type: 0
[  302.600455][ T4284] EXT4-fs (loop9): Remounting filesystem read-only
[  302.606893][ T4284] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  302.621503][ T4284] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  302.628024][ T4284] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  302.639670][ T4284] EXT4-fs (loop9): unmounting filesystem.
[  302.684645][ T4277] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  302.723111][ T4287] EXT4-fs (loop2): orphan cleanup on readonly fs
[  302.729712][ T4287] EXT4-fs error (device loop2): ext4_quota_enable:6975: comm syz.2.1172: Bad quota inum: 64, type: 0
[  302.741708][ T4287] EXT4-fs (loop2): Remounting filesystem read-only
[  302.748138][ T4287] EXT4-fs warning (device loop2): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  302.762769][ T4287] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  302.769291][ T4287] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  302.782352][ T4287] EXT4-fs (loop2): unmounting filesystem.
[  302.970519][  T962] Bluetooth: hci0: Frame reassembly failed (-84)
[  302.982742][  T962] Bluetooth: hci0: Frame reassembly failed (-84)
[  303.028194][ T4277] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  303.044581][    C0] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  303.052679][    C0] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  303.062869][    T6] usb 5-1: USB disconnect, device number 30
[  303.073111][  T422] usb 4-1: USB disconnect, device number 13
[  303.073151][    C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  303.086963][    C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  303.233066][ T4277] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  303.759210][ T4284] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1171'.
[  303.827127][ T4301] loop3: detected capacity change from 0 to 512
[  303.838645][ T4301] EXT4-fs: Ignoring removed i_version option
[  303.846431][ T4301] EXT4-fs: Ignoring removed mblk_io_submit option
[  303.853707][ T4301] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  303.865674][ T4301] EXT4-fs (loop3): 1 truncate cleaned up
[  303.871297][ T4301] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  304.003118][ T4308] loop2: detected capacity change from 0 to 512
[  304.038810][ T4308] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  304.063347][ T4308] EXT4-fs (loop2): orphan cleanup on readonly fs
[  304.069529][ T4308] EXT4-fs error (device loop2): ext4_quota_enable:6975: comm syz.2.1176: Bad quota inum: 64, type: 0
[  304.085846][ T4308] EXT4-fs (loop2): Remounting filesystem read-only
[  304.095096][ T4308] EXT4-fs warning (device loop2): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  304.109650][ T4308] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  304.116134][ T4308] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  304.235394][ T4314] loop9: detected capacity change from 0 to 512
[  304.243928][ T4314] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  304.265060][ T4314] EXT4-fs (loop9): orphan cleanup on readonly fs
[  304.271278][ T4314] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1177: Bad quota inum: 64, type: 0
[  304.333104][ T4314] EXT4-fs (loop9): Remounting filesystem read-only
[  304.339613][ T4314] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  304.354297][ T4314] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  304.360832][ T4314] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  304.372309][ T4314] EXT4-fs (loop9): unmounting filesystem.
[  304.681913][  T422] usb 2-1: USB disconnect, device number 35
[  306.631409][  T392] Bluetooth: hci0: command 0x0c1a tx timeout
[  306.637402][  T392] Bluetooth: hci0: sending frame failed (-49)
[  306.650949][ T1522] Bluetooth: hci0: Opcode 0x1003 failed: -49
[  306.736053][ T2627] EXT4-fs (loop3): unmounting filesystem.
[  306.785643][ T4324] netlink: 'syz.3.1178': attribute type 4 has an invalid length.
[  306.803884][ T4324] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1178'.
[  306.921997][ T4326] loop9: detected capacity change from 0 to 512
[  306.934672][ T4326] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  307.079365][ T4326] EXT4-fs (loop9): orphan cleanup on readonly fs
[  307.085596][ T4326] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1180: Bad quota inum: 64, type: 0
[  307.097321][ T4326] EXT4-fs (loop9): Remounting filesystem read-only
[  307.103672][ T4326] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  307.118265][ T4326] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  307.124899][ T4326] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  307.136693][ T4326] EXT4-fs (loop9): unmounting filesystem.
[  307.909073][    T6] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  308.123960][    T6] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  308.145365][    T6] usb 4-1: New USB device found, idVendor=0421, idProduct=0007, bcdDevice=b8.51
[  308.176402][    T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  308.184563][    T6] usb 4-1: Product: syz
[  308.191730][    T6] usb 4-1: Manufacturer: syz
[  308.196408][    T6] usb 4-1: SerialNumber: syz
[  308.338790][ T4335] loop1: detected capacity change from 0 to 256
[  308.345209][ T4335] exfat: Deprecated parameter 'utf8'
[  308.350353][ T4335] exfat: Deprecated parameter 'namecase'
[  308.355874][ T4335] exfat: Deprecated parameter 'utf8'
[  308.361030][ T4335] exfat: Bad value for 'umask'
[  308.501917][    T6] usb 4-1: config 0 descriptor??
[  308.520041][  T317] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  308.522029][    T6] usb 4-1: bad CDC descriptors
[  308.541761][    T6] cdc_acm 4-1:0.0: Zero length descriptor references
[  308.548268][    T6] cdc_acm: probe of 4-1:0.0 failed with error -22
[  308.743205][    T6] usb 4-1: USB disconnect, device number 14
[  308.750969][  T350] Bluetooth: hci0: Frame reassembly failed (-84)
[  308.758359][ T4348] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  308.770871][ T4353] loop1: detected capacity change from 0 to 512
[  308.794989][ T4353] EXT4-fs: Ignoring removed i_version option
[  308.800950][ T4353] EXT4-fs: Ignoring removed mblk_io_submit option
[  308.807913][ T4353] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  308.822171][ T4353] EXT4-fs (loop1): 1 truncate cleaned up
[  308.827682][ T4353] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  308.981463][ T4363] netlink: 'syz.4.1190': attribute type 4 has an invalid length.
[  309.094865][ T4366] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  309.103054][  T422] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[  309.123954][ T4366] picdev_read: 2 callbacks suppressed
[  309.124223][ T4366] kvm: pic: non byte read
[  309.139125][ T4366] kvm: pic: non byte read
[  309.143669][ T4366] kvm: pic: single mode not supported
[  309.143727][ T4366] kvm: pic: non byte read
[  309.143888][ T3552] EXT4-fs (loop2): unmounting filesystem.
[  309.149323][ T4366] kvm: pic: non byte read
[  309.163343][ T4366] kvm: pic: level sensitive irq not supported
[  309.163412][ T4366] kvm: pic: non byte read
[  309.173735][ T4366] kvm: pic: non byte read
[  309.178155][ T4366] kvm: pic: non byte read
[  309.182618][ T4366] kvm: pic: non byte read
[  309.187002][ T4366] kvm: pic: single mode not supported
[  309.187015][ T4366] kvm: pic: level sensitive irq not supported
[  309.188627][ T4370] netlink: 'syz.2.1192': attribute type 4 has an invalid length.
[  309.192746][ T4366] kvm: pic: non byte read
[  309.200018][ T4370] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1192'.
[  309.206249][ T4366] kvm: pic: non byte read
[  309.223315][ T4366] kvm: pic: single mode not supported
[  309.223327][ T4366] kvm: pic: level sensitive irq not supported
[  309.229067][ T4366] kvm: pic: single mode not supported
[  309.235003][ T4366] kvm: pic: level sensitive irq not supported
[  309.298801][  T422] usb 10-1: Using ep0 maxpacket: 8
[  309.317079][  T422] usb 10-1: config 179 has an invalid interface number: 65 but max is 0
[  309.335295][  T422] usb 10-1: config 179 has no interface number 0
[  309.341699][  T422] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  309.360460][  T422] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  309.374268][  T422] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  309.392623][  T422] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  309.404481][  T422] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  309.417952][  T422] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  309.426927][  T422] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  309.454656][ T4357] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  309.525045][  T962] Bluetooth: hci1: Frame reassembly failed (-84)
[  309.676334][ T4399] loop3: detected capacity change from 0 to 512
[  309.718497][ T4399] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  309.734430][  T296] EXT4-fs (loop1): unmounting filesystem.
[  309.788552][ T4357] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  309.811277][ T4399] EXT4-fs (loop3): orphan cleanup on readonly fs
[  309.817565][ T4399] EXT4-fs error (device loop3): ext4_quota_enable:6975: comm syz.3.1202: Bad quota inum: 64, type: 0
[  309.829736][ T4399] EXT4-fs (loop3): Remounting filesystem read-only
[  309.836186][ T4399] EXT4-fs warning (device loop3): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  309.850710][ T4399] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  309.857300][ T4399] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  309.913081][ T4357] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  310.679768][ T2627] EXT4-fs (loop3): unmounting filesystem.
[  310.686465][ T4403] netlink: 'syz.1.1203': attribute type 4 has an invalid length.
[  310.694408][ T4403] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1203'.
[  310.955859][  T508] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  310.963330][  T312] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  310.970701][ T1522] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  310.970821][  T392] Bluetooth: hci0: command 0x1003 tx timeout
[  310.982740][ T4356] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  310.988929][ T4392] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  311.180344][  T422] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  311.181869][  T508] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  311.197494][  T312] usb 5-1: Using ep0 maxpacket: 8
[  311.202693][  T508] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[  311.212233][  T508] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  311.221811][  T508] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[  311.231846][  T312] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  311.240066][  T312] usb 5-1: config 179 has no interface number 0
[  311.246179][  T312] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  311.257093][  T312] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  311.268158][  T312] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  311.277996][  T508] usb 3-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  311.286782][  T508] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.294699][  T312] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  311.307820][  T508] usb 3-1: Product: syz
[  311.311802][  T508] usb 3-1: Manufacturer: syz
[  311.316204][  T508] usb 3-1: SerialNumber: syz
[  311.320668][  T312] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  311.329494][  T312] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.338165][  T508] usb 3-1: config 0 descriptor??
[  311.343793][  T508] ums-isd200 3-1:0.0: USB Mass Storage device detected
[  311.351084][ T4397] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  311.374014][  T422] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  311.385680][  T422] usb 2-1: New USB device found, idVendor=0421, idProduct=0007, bcdDevice=b8.51
[  311.395147][  T422] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.403053][  T422] usb 2-1: Product: syz
[  311.407440][  T422] usb 2-1: Manufacturer: syz
[  311.411929][  T422] usb 2-1: SerialNumber: syz
[  311.417764][  T422] usb 2-1: config 0 descriptor??
[  311.423846][  T422] usb 2-1: bad CDC descriptors
[  311.428758][  T422] cdc_acm 2-1:0.0: Zero length descriptor references
[  311.435404][  T422] cdc_acm: probe of 2-1:0.0 failed with error -22
[  311.562701][  T508] scsi host1: usb-storage 3-1:0.0
[  311.577562][  T508] usb 3-1: USB disconnect, device number 14
[  311.579824][ T4392] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  311.591790][ T4392] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  311.647874][  T422] usb 2-1: USB disconnect, device number 36
[  311.736254][ T1522] Bluetooth: hci1: command 0x1003 tx timeout
[  311.736281][   T45] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  311.964680][ T4432] loop3: detected capacity change from 0 to 512
[  311.971121][ T4432] EXT4-fs: Ignoring removed i_version option
[  311.977134][ T4432] EXT4-fs: Ignoring removed mblk_io_submit option
[  311.984921][ T4432] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  311.997039][ T4432] EXT4-fs (loop3): 1 truncate cleaned up
[  312.002614][ T4432] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  312.086925][  T422] usb 10-1: USB disconnect, device number 19
[  312.086971][    C0] xpad 10-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  312.100978][    C0] xpad 10-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  312.138206][ T2627] EXT4-fs (loop3): unmounting filesystem.
[  312.162937][ T4441] netlink: 'syz.9.1215': attribute type 4 has an invalid length.
[  312.170826][ T4441] netlink: 16 bytes leftover after parsing attributes in process `syz.9.1215'.
[  312.376765][ T4464] loop1: detected capacity change from 0 to 512
[  312.383130][ T4464] EXT4-fs: Ignoring removed i_version option
[  312.399398][ T4464] EXT4-fs: Ignoring removed mblk_io_submit option
[  312.406222][ T4464] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  312.434737][ T4464] EXT4-fs (loop1): 1 truncate cleaned up
[  312.445937][ T4464] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  312.680268][ T4471] netlink: 'syz.2.1226': attribute type 4 has an invalid length.
[  312.694348][  T422] usb 5-1: USB disconnect, device number 31
[  312.701350][ T4471] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1226'.
[  312.713704][  T296] EXT4-fs (loop1): unmounting filesystem.
[  312.719874][  T508] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  312.763081][ T4475] loop2: detected capacity change from 0 to 512
[  312.773615][ T4475] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  312.786622][ T4475] EXT4-fs (loop2): orphan cleanup on readonly fs
[  312.792968][ T4475] EXT4-fs error (device loop2): ext4_quota_enable:6975: comm syz.2.1229: Bad quota inum: 64, type: 0
[  312.806540][ T4475] EXT4-fs (loop2): Remounting filesystem read-only
[  312.812999][ T4475] EXT4-fs warning (device loop2): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  312.828598][ T4475] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  312.835144][ T4475] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  312.984847][ T4486] loop1: detected capacity change from 0 to 512
[  312.999035][ T4486] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  313.089527][ T3552] EXT4-fs (loop2): unmounting filesystem.
[  313.100814][ T4486] EXT4-fs (loop1): orphan cleanup on readonly fs
[  313.107545][ T4486] EXT4-fs error (device loop1): ext4_quota_enable:6975: comm syz.1.1227: Bad quota inum: 64, type: 0
[  313.121487][ T4486] EXT4-fs (loop1): Remounting filesystem read-only
[  313.128014][ T4486] EXT4-fs warning (device loop1): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  313.142712][ T4486] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  313.149215][ T4486] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  313.160841][ T4486] EXT4-fs (loop1): unmounting filesystem.
[  313.329298][  T422] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  313.534402][  T422] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  313.561261][  T422] usb 5-1: New USB device found, idVendor=0421, idProduct=0007, bcdDevice=b8.51
[  313.631594][  T422] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  313.667807][  T422] usb 5-1: Product: syz
[  313.674458][  T422] usb 5-1: Manufacturer: syz
[  313.678921][  T422] usb 5-1: SerialNumber: syz
[  313.726035][  T422] usb 5-1: config 0 descriptor??
[  313.743794][  T422] usb 5-1: bad CDC descriptors
[  313.749567][  T422] cdc_acm 5-1:0.0: Zero length descriptor references
[  313.756545][  T422] cdc_acm: probe of 5-1:0.0 failed with error -22
[  313.907224][ T4496] loop9: detected capacity change from 0 to 512
[  313.974940][  T422] usb 5-1: USB disconnect, device number 32
[  314.016787][ T4496] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  314.064667][ T4496] EXT4-fs (loop9): orphan cleanup on readonly fs
[  314.072237][ T4496] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1236: Bad quota inum: 64, type: 0
[  314.084713][ T4496] EXT4-fs (loop9): Remounting filesystem read-only
[  314.093001][ T4496] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  314.110674][ T4496] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  314.117253][ T4496] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  314.249112][ T1405] EXT4-fs (loop9): unmounting filesystem.
[  314.495564][  T508] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  314.509093][  T508] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  314.519080][  T508] usb 4-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  314.528051][  T508] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.537817][  T508] usb 4-1: config 0 descriptor??
[  315.311648][  T508] magicmouse 0003:05AC:0265.0013: unknown main item tag 0x0
[  315.323331][ T4509] netlink: 'syz.4.1238': attribute type 4 has an invalid length.
[  315.336940][  T508] magicmouse 0003:05AC:0265.0013: unknown main item tag 0x0
[  315.340341][ T4509] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1238'.
[  315.344287][  T508] magicmouse 0003:05AC:0265.0013: unknown main item tag 0x0
[  315.371506][ T4511] loop1: detected capacity change from 0 to 512
[  315.382508][  T508] magicmouse 0003:05AC:0265.0013: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.3-1/input0
[  315.403538][ T4511] EXT4-fs: Ignoring removed i_version option
[  315.414795][  T508] magicmouse 0003:05AC:0265.0013: magicmouse input not registered
[  315.422635][ T4511] EXT4-fs: Ignoring removed mblk_io_submit option
[  315.433590][  T508] magicmouse: probe of 0003:05AC:0265.0013 failed with error -12
[  315.442002][ T4511] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  315.473458][ T4522] netlink: 'syz.2.1244': attribute type 4 has an invalid length.
[  315.515866][ T4511] EXT4-fs (loop1): 1 truncate cleaned up
[  315.521470][ T4511] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  315.617097][ T4525] loop9: detected capacity change from 0 to 512
[  315.634025][ T4525] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  315.739716][  T422] usb 4-1: USB disconnect, device number 15
[  317.338785][ T4529] loop4: detected capacity change from 0 to 512
[  317.352765][ T4525] EXT4-fs (loop9): orphan cleanup on readonly fs
[  317.358999][ T4525] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1242: Bad quota inum: 64, type: 0
[  317.371205][ T4529] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  317.384884][ T4525] EXT4-fs (loop9): Remounting filesystem read-only
[  317.391391][ T4525] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  317.406546][ T4525] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  317.413802][ T4525] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  317.425436][ T4525] EXT4-fs (loop9): unmounting filesystem.
[  317.641828][ T4529] EXT4-fs (loop4): orphan cleanup on readonly fs
[  317.648156][ T4529] EXT4-fs error (device loop4): ext4_quota_enable:6975: comm syz.4.1243: Bad quota inum: 64, type: 0
[  317.660266][ T4529] EXT4-fs (loop4): Remounting filesystem read-only
[  317.666645][ T4529] EXT4-fs warning (device loop4): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  317.681203][ T4529] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  317.687625][ T4529] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  317.791715][ T4529] EXT4-fs (loop4): unmounting filesystem.
[  318.806730][ T4551] loop3: detected capacity change from 0 to 512
[  318.821845][ T4551] EXT4-fs: Ignoring removed i_version option
[  318.828316][ T4551] EXT4-fs: Ignoring removed mblk_io_submit option
[  318.835875][ T4551] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  318.848621][ T4551] EXT4-fs (loop3): 1 truncate cleaned up
[  318.854171][ T4551] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  318.898027][ T4559] netlink: 'syz.2.1251': attribute type 4 has an invalid length.
[  318.902383][  T296] EXT4-fs (loop1): unmounting filesystem.
[  318.909844][ T4559] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1251'.
[  320.019435][ T4579] loop9: detected capacity change from 0 to 512
[  320.025952][ T4579] EXT4-fs: Ignoring removed i_version option
[  320.031862][ T4579] EXT4-fs: Ignoring removed mblk_io_submit option
[  320.038576][ T4579] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  320.049827][ T4579] EXT4-fs (loop9): 1 truncate cleaned up
[  320.055373][ T4579] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  320.162400][ T4584] loop2: detected capacity change from 0 to 512
[  320.169075][  T422] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  320.180104][ T4584] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  320.201792][ T2627] EXT4-fs (loop3): unmounting filesystem.
[  320.237480][ T4584] EXT4-fs (loop2): orphan cleanup on readonly fs
[  320.243682][ T4584] EXT4-fs error (device loop2): ext4_quota_enable:6975: comm syz.2.1256: Bad quota inum: 64, type: 0
[  320.255066][ T4584] EXT4-fs (loop2): Remounting filesystem read-only
[  320.261442][ T4584] EXT4-fs warning (device loop2): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  320.275964][ T4584] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  320.282477][ T4584] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  320.293425][ T4584] EXT4-fs (loop2): unmounting filesystem.
[  320.483467][  T354] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  322.228944][  T422] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  322.239718][ T1405] EXT4-fs (loop9): unmounting filesystem.
[  322.565513][  T422] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[  322.575113][  T422] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  322.584581][  T422] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[  322.609083][  T422] usb 5-1: string descriptor 0 read error: -71
[  322.615107][  T422] usb 5-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  322.624038][  T422] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.634534][  T422] usb 5-1: config 0 descriptor??
[  322.643300][  T422] usb 5-1: can't set config #0, error -71
[  322.650427][  T422] usb 5-1: USB disconnect, device number 33
[  322.668934][ T4599] netlink: 'syz.1.1261': attribute type 4 has an invalid length.
[  322.687534][ T4606] netlink: 'syz.2.1264': attribute type 4 has an invalid length.
[  322.699322][ T4606] netlink: 'syz.2.1264': attribute type 4 has an invalid length.
[  322.699904][ T4601] loop9: detected capacity change from 0 to 512
[  322.723052][ T4601] EXT4-fs: Ignoring removed i_version option
[  322.729580][ T4601] EXT4-fs: Ignoring removed mblk_io_submit option
[  322.851412][ T4611] loop4: detected capacity change from 0 to 512
[  322.956189][ T4601] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  322.976541][ T4611] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  323.028612][ T4611] EXT4-fs (loop4): orphan cleanup on readonly fs
[  323.034817][ T4611] EXT4-fs error (device loop4): ext4_quota_enable:6975: comm syz.4.1265: Bad quota inum: 64, type: 0
[  323.046314][ T4611] EXT4-fs (loop4): Remounting filesystem read-only
[  323.052677][ T4611] EXT4-fs warning (device loop4): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  323.067186][ T4611] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  323.073718][ T4611] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  323.085178][ T4611] EXT4-fs (loop4): unmounting filesystem.
[  323.121401][ T4601] EXT4-fs (loop9): 1 truncate cleaned up
[  323.128287][ T4601] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  324.018871][ T1405] EXT4-fs (loop9): unmounting filesystem.
[  324.078248][   T43] Bluetooth: hci0: Frame reassembly failed (-84)
[  326.120153][ T4635] loop2: detected capacity change from 0 to 512
[  326.131803][ T4636] loop9: detected capacity change from 0 to 512
[  326.140637][ T4635] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  326.151608][ T4636] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  326.243797][ T4635] EXT4-fs (loop2): orphan cleanup on readonly fs
[  326.250078][ T4635] EXT4-fs error (device loop2): ext4_quota_enable:6975: comm syz.2.1274: Bad quota inum: 64, type: 0
[  326.261885][ T4635] EXT4-fs (loop2): Remounting filesystem read-only
[  326.268245][ T4635] EXT4-fs warning (device loop2): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  326.282782][ T4635] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  326.289256][ T4635] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  326.300408][ T4635] EXT4-fs (loop2): unmounting filesystem.
[  326.306079][  T392] Bluetooth: hci0: command 0x1003 tx timeout
[  326.306120][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  326.318505][ T4629] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  326.330196][ T4636] EXT4-fs (loop9): orphan cleanup on readonly fs
[  326.336375][ T4636] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1271: Bad quota inum: 64, type: 0
[  326.347714][ T4636] EXT4-fs (loop9): Remounting filesystem read-only
[  326.354101][ T4636] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  326.368566][ T4636] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  326.375082][ T4636] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  326.385943][ T4636] EXT4-fs (loop9): unmounting filesystem.
[  327.236616][ T4645] loop4: detected capacity change from 0 to 512
[  327.245019][ T4645] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  327.329890][ T4645] EXT4-fs (loop4): orphan cleanup on readonly fs
[  327.354257][ T4648] netlink: 'syz.1.1276': attribute type 4 has an invalid length.
[  327.362245][ T4648] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1276'.
[  327.408762][ T4645] EXT4-fs error (device loop4): ext4_quota_enable:6975: comm syz.4.1275: Bad quota inum: 64, type: 0
[  327.427243][ T4645] EXT4-fs (loop4): Remounting filesystem read-only
[  327.433719][ T4645] EXT4-fs warning (device loop4): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  327.448527][ T4645] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  327.455160][ T4645] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  327.867603][ T4653] netlink: 'syz.2.1278': attribute type 4 has an invalid length.
[  327.892275][ T4653] netlink: 'syz.2.1278': attribute type 4 has an invalid length.
[  328.310844][ T4660] loop1: detected capacity change from 0 to 512
[  328.318488][ T4660] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  328.351279][ T4660] EXT4-fs (loop1): orphan cleanup on readonly fs
[  328.357466][ T4660] EXT4-fs error (device loop1): ext4_quota_enable:6975: comm syz.1.1277: Bad quota inum: 64, type: 0
[  328.368926][ T4660] EXT4-fs (loop1): Remounting filesystem read-only
[  328.375271][ T4660] EXT4-fs warning (device loop1): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  328.389780][ T4660] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  328.396328][ T4660] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  328.407098][ T4660] EXT4-fs (loop1): unmounting filesystem.
[  328.427890][  T294] EXT4-fs (loop4): unmounting filesystem.
[  329.411786][  T487] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[  329.488028][ T4679] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  329.497927][ T4679] picdev_read: 2 callbacks suppressed
[  329.497945][ T4679] kvm: pic: non byte read
[  329.507818][ T4679] kvm: pic: level sensitive irq not supported
[  329.507880][ T4679] kvm: pic: non byte read
[  329.518338][ T4679] kvm: pic: level sensitive irq not supported
[  329.518419][ T4679] kvm: pic: non byte read
[  329.528822][ T4679] kvm: pic: level sensitive irq not supported
[  329.528896][ T4679] kvm: pic: non byte read
[  329.687284][  T487] usb 10-1: Using ep0 maxpacket: 8
[  329.694882][  T487] usb 10-1: config 179 has an invalid interface number: 65 but max is 0
[  329.703399][  T487] usb 10-1: config 179 has no interface number 0
[  329.710168][  T487] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  329.723101][  T487] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  329.735166][  T487] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  329.747066][  T487] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  329.782686][ T4692] loop2: detected capacity change from 0 to 256
[  329.790288][ T4692] exfat: Deprecated parameter 'utf8'
[  329.795514][ T4692] exfat: Deprecated parameter 'namecase'
[  329.801027][ T4692] exfat: Deprecated parameter 'utf8'
[  329.806253][ T4692] exfat: Bad value for 'umask'
[  329.828744][  T487] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  329.843279][  T487] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  329.985032][  T487] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  330.151961][ T4662] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  330.607538][ T4701] netlink: 'syz.3.1292': attribute type 4 has an invalid length.
[  330.615493][ T4701] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1292'.
[  330.829560][ T4708] loop3: detected capacity change from 0 to 512
[  330.837949][ T4708] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  330.860549][ T4708] EXT4-fs (loop3): orphan cleanup on readonly fs
[  330.866933][ T4708] EXT4-fs error (device loop3): ext4_quota_enable:6975: comm syz.3.1293: Bad quota inum: 64, type: 0
[  330.878862][ T4708] EXT4-fs (loop3): Remounting filesystem read-only
[  330.885239][ T4708] EXT4-fs warning (device loop3): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  330.899746][ T4708] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  330.906273][ T4708] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  330.916566][ T4708] EXT4-fs (loop3): unmounting filesystem.
[  330.984652][ T4662] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  330.995427][    T6] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  331.041319][ T4662] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  331.075915][  T422] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  331.194523][    T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  331.204341][    T6] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[  331.214036][    T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  331.224539][    T6] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[  331.237338][    T6] usb 5-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  331.246436][    T6] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  331.255071][    T6] usb 5-1: Product: syz
[  331.259559][    T6] usb 5-1: Manufacturer: syz
[  331.264054][    T6] usb 5-1: SerialNumber: syz
[  331.278697][  T422] usb 2-1: Using ep0 maxpacket: 8
[  331.285105][  T422] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  331.297139][    T6] usb 5-1: config 0 descriptor??
[  331.305972][  T422] usb 2-1: config 179 has no interface number 0
[  331.314439][    T6] ums-isd200 5-1:0.0: USB Mass Storage device detected
[  331.321545][  T422] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  331.338569][  T422] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  331.350207][  T422] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  331.361745][  T422] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  331.373790][  T422] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  331.388127][  T422] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  331.400805][  T422] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.422530][ T4706] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  331.556853][    T6] scsi host1: usb-storage 5-1:0.0
[  331.591490][    T6] usb 5-1: USB disconnect, device number 34
[  332.216116][ T4726] loop4: detected capacity change from 0 to 512
[  332.222727][ T4726] EXT4-fs: Ignoring removed i_version option
[  332.228619][ T4726] EXT4-fs: Ignoring removed mblk_io_submit option
[  332.235309][ T4726] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  332.254222][ T4726] EXT4-fs (loop4): 1 truncate cleaned up
[  332.259810][ T4726] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  332.416770][ T4707] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1293'.
[  332.588433][    T6] usb 10-1: USB disconnect, device number 20
[  332.588476][    C1] xpad 10-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  332.603851][    C1] dummy_hcd dummy_hcd.9: timer fired with no URBs pending?
[  332.872715][ T4703] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  332.901491][ T4749] loop3: detected capacity change from 0 to 512
[  332.910530][ T4749] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  332.937035][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  332.961809][ T4749] EXT4-fs (loop3): orphan cleanup on readonly fs
[  332.968193][ T4749] EXT4-fs error (device loop3): ext4_quota_enable:6975: comm syz.3.1303: Bad quota inum: 64, type: 0
[  332.981043][ T4749] EXT4-fs (loop3): Remounting filesystem read-only
[  332.987426][ T4749] EXT4-fs warning (device loop3): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  333.002042][ T4749] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  333.008675][ T4749] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  333.341795][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  334.002173][ T4757] loop9: detected capacity change from 0 to 512
[  334.017385][ T4757] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  334.074916][ T2627] EXT4-fs (loop3): unmounting filesystem.
[  334.110544][ T4757] EXT4-fs (loop9): orphan cleanup on readonly fs
[  334.116843][ T4757] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1304: Bad quota inum: 64, type: 0
[  334.129503][ T4757] EXT4-fs (loop9): Remounting filesystem read-only
[  334.135901][ T4757] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  334.150536][ T4757] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  334.157101][ T4757] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  334.168377][ T4757] EXT4-fs (loop9): unmounting filesystem.
[  334.604871][    C0] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  334.613064][    C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  334.622109][    T6] usb 2-1: USB disconnect, device number 37
[  334.798283][ T4760] fuse: Bad value for 'fd'
[  334.860354][  T294] EXT4-fs (loop4): unmounting filesystem.
[  334.949308][  T392] Bluetooth: hci1: sending frame failed (-49)
[  334.955430][   T45] Bluetooth: hci1: Opcode 0x1003 failed: -49
[  335.084663][   T45] Bluetooth: hci0: command 0x0c1a tx timeout
[  335.090572][ T1522] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  335.096627][   T45] Bluetooth: hci0: sending frame failed (-49)
[  335.228966][ T4780] netlink: 'syz.1.1315': attribute type 4 has an invalid length.
[  335.255603][  T422] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  335.330195][  T350] Bluetooth: hci0: Frame reassembly failed (-84)
[  335.597688][  T422] usb 5-1: Using ep0 maxpacket: 8
[  335.604094][  T422] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  335.612223][  T422] usb 5-1: config 179 has no interface number 0
[  335.618316][  T422] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  335.629153][  T422] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  335.640165][  T422] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  335.651107][  T422] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  335.662294][  T422] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  335.675297][  T422] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  335.684137][  T422] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  335.692698][ T4770] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  335.699779][  T508] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  335.736939][ T4792] fuse: Bad value for 'fd'
[  335.902624][ T4799] loop2: detected capacity change from 0 to 512
[  335.915339][ T4799] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  335.950883][ T4799] EXT4-fs (loop2): orphan cleanup on readonly fs
[  335.957091][ T4799] EXT4-fs error (device loop2): ext4_quota_enable:6975: comm syz.2.1320: Bad quota inum: 64, type: 0
[  335.969436][ T4799] EXT4-fs (loop2): Remounting filesystem read-only
[  335.975837][ T4799] EXT4-fs warning (device loop2): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  335.990336][ T4799] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  335.996868][ T4799] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  336.024177][  T508] usb 2-1: Using ep0 maxpacket: 8
[  336.172733][ T4770] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  336.243689][ T4770] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  336.399561][  T422] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  336.592323][  T422] usb 4-1: Using ep0 maxpacket: 8
[  336.599575][  T422] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  336.610179][  T422] usb 4-1: config 179 has no interface number 0
[  336.617486][  T422] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  336.629983][  T422] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  336.743261][  T422] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  336.756035][  T422] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  336.768683][  T422] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  336.783466][  T422] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  336.793842][  T422] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  336.815218][  T508] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  336.817659][ T4802] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  336.860039][ T3552] EXT4-fs (loop2): unmounting filesystem.
[  336.866112][  T508] usb 2-1: config 179 has no interface number 0
[  336.872292][  T508] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  336.890558][  T508] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  336.913263][  T508] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  336.933446][  T508] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  336.945059][  T508] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  336.964159][  T508] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  336.973655][  T508] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  336.997363][ T4787] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  337.263619][ T4818] loop9: detected capacity change from 0 to 512
[  337.306317][ T4818] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  337.321945][ T4818] EXT4-fs (loop9): orphan cleanup on readonly fs
[  337.328259][ T4818] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1325: Bad quota inum: 64, type: 0
[  337.340667][ T4818] EXT4-fs (loop9): Remounting filesystem read-only
[  337.347078][ T4818] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  337.361703][ T4818] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  337.368268][ T4818] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  337.378756][ T4818] EXT4-fs (loop9): unmounting filesystem.
[  337.479276][ T1522] Bluetooth: hci0: command 0x1003 tx timeout
[  337.485474][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  337.597541][ T4786] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  337.604331][ T4798] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  338.108277][ T4786] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  338.156119][    C0] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  338.164232][    C0] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  338.173383][  T422] usb 5-1: USB disconnect, device number 35
[  338.229818][ T4786] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  338.739643][ T4829] loop4: detected capacity change from 0 to 256
[  338.771834][ T4829] exfat: Deprecated parameter 'utf8'
[  338.779192][ T4829] exfat: Deprecated parameter 'namecase'
[  338.784950][ T4829] exfat: Deprecated parameter 'utf8'
[  338.790314][ T4829] exfat: Bad value for 'umask'
[  338.933101][ T4835] loop9: detected capacity change from 0 to 512
[  338.941601][ T4835] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  339.126745][ T4835] EXT4-fs (loop9): orphan cleanup on readonly fs
[  339.132999][ T4835] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1332: Bad quota inum: 64, type: 0
[  339.145302][ T4835] EXT4-fs (loop9): Remounting filesystem read-only
[  339.151793][ T4835] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  339.166309][ T4835] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  339.172806][ T4835] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  339.229351][    C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  339.237442][    C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  339.246290][  T422] usb 4-1: USB disconnect, device number 17
[  342.568208][   T45] Bluetooth: hci0: command 0x0c1a tx timeout
[  342.584051][ T1405] EXT4-fs (loop9): unmounting filesystem.
[  342.600221][ T4842] loop2: detected capacity change from 0 to 512
[  342.601548][  T508] usb 2-1: USB disconnect, device number 38
[  342.606313][    C1] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  342.606343][    C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  342.628335][ T4842] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  342.646399][ T4842] EXT4-fs (loop2): orphan cleanup on readonly fs
[  342.652576][ T4842] EXT4-fs error (device loop2): ext4_quota_enable:6975: comm syz.2.1333: Bad quota inum: 64, type: 0
[  342.663576][ T4842] EXT4-fs (loop2): Remounting filesystem read-only
[  342.669933][ T4842] EXT4-fs warning (device loop2): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  342.684427][ T4842] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  342.690925][ T4842] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  342.804301][ T4853] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  342.853947][ T3552] EXT4-fs (loop2): unmounting filesystem.
[  342.860451][ T4853] kvm: pic: non byte read
[  342.865627][ T4853] kvm: pic: non byte read
[  342.870582][ T4853] kvm: pic: single mode not supported
[  342.870727][ T4853] kvm: pic: non byte read
[  342.883551][ T4853] kvm: pic: non byte read
[  342.887895][ T4853] kvm: pic: level sensitive irq not supported
[  342.887999][ T4853] kvm: pic: non byte read
[  342.898334][ T4853] kvm: pic: non byte read
[  342.902789][ T4853] kvm: pic: non byte read
[  342.907249][ T4853] kvm: pic: non byte read
[  342.920790][ T4853] kvm: pic: single mode not supported
[  342.920803][ T4853] kvm: pic: level sensitive irq not supported
[  342.928061][ T4853] kvm: pic: non byte read
[  344.739419][ T4868] loop9: detected capacity change from 0 to 512
[  344.751995][ T4871] loop2: detected capacity change from 0 to 512
[  344.814044][ T4853] kvm: pic: non byte read
[  344.825550][ T4871] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  344.835977][ T4868] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  344.917455][ T4871] EXT4-fs (loop2): orphan cleanup on readonly fs
[  344.923727][ T4871] EXT4-fs error (device loop2): ext4_quota_enable:6975: comm syz.2.1342: Bad quota inum: 64, type: 0
[  344.935806][ T4871] EXT4-fs (loop2): Remounting filesystem read-only
[  344.942247][ T4871] EXT4-fs warning (device loop2): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  344.956845][ T4871] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  344.963476][ T4871] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  344.975297][ T4871] EXT4-fs (loop2): unmounting filesystem.
[  344.991424][ T4868] EXT4-fs (loop9): orphan cleanup on readonly fs
[  344.997704][ T4868] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1341: Bad quota inum: 64, type: 0
[  345.009326][ T4868] EXT4-fs (loop9): Remounting filesystem read-only
[  345.015697][ T4868] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  345.030338][ T4868] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  345.036973][ T4868] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  345.530241][ T4853] kvm: pic: single mode not supported
[  345.530270][ T4853] kvm: pic: level sensitive irq not supported
[  345.535744][ T4853] kvm: pic: single mode not supported
[  345.541675][ T4853] kvm: pic: level sensitive irq not supported
[  345.557977][ T1405] EXT4-fs (loop9): unmounting filesystem.
[  345.959020][ T4881] loop9: detected capacity change from 0 to 512
[  346.018216][ T4881] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  346.133211][ T4881] EXT4-fs (loop9): orphan cleanup on readonly fs
[  346.139539][ T4881] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1344: Bad quota inum: 64, type: 0
[  346.151743][ T4881] EXT4-fs (loop9): Remounting filesystem read-only
[  346.158115][ T4881] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  346.172636][ T4881] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  346.179128][ T4881] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  348.596721][ T4911] loop4: detected capacity change from 0 to 512
[  348.614396][ T4911] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  348.640395][ T1405] EXT4-fs (loop9): unmounting filesystem.
[  348.728839][ T4911] EXT4-fs (loop4): orphan cleanup on readonly fs
[  348.735064][ T4911] EXT4-fs error (device loop4): ext4_quota_enable:6975: comm syz.4.1354: Bad quota inum: 64, type: 0
[  348.746837][ T4911] EXT4-fs (loop4): Remounting filesystem read-only
[  348.753230][ T4911] EXT4-fs warning (device loop4): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  348.767711][ T4911] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  348.774249][ T4911] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  349.552144][  T508] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  349.609087][ T4915] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  349.618463][ T4915] picdev_read: 2 callbacks suppressed
[  349.618480][ T4915] kvm: pic: non byte read
[  349.628454][ T4915] kvm: pic: non byte read
[  349.632849][ T4915] kvm: pic: single mode not supported
[  349.632906][ T4915] kvm: pic: non byte read
[  349.642620][ T4915] kvm: pic: non byte read
[  349.647109][ T4915] kvm: pic: level sensitive irq not supported
[  349.647173][ T4915] kvm: pic: non byte read
[  349.658350][ T4915] kvm: pic: non byte read
[  351.388633][ T4915] kvm: pic: non byte read
[  351.390914][ T4923] loop9: detected capacity change from 0 to 512
[  351.393063][ T4915] kvm: pic: non byte read
[  351.405866][ T4923] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  351.415496][ T4915] kvm: pic: single mode not supported
[  351.415511][ T4915] kvm: pic: level sensitive irq not supported
[  351.421149][  T294] EXT4-fs (loop4): unmounting filesystem.
[  351.421691][ T4915] kvm: pic: non byte read
[  351.437451][ T4915] kvm: pic: non byte read
[  351.437610][ T4923] EXT4-fs (loop9): orphan cleanup on readonly fs
[  351.442207][ T4915] kvm: pic: single mode not supported
[  351.447780][ T4923] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1355: Bad quota inum: 64, type: 0
[  351.464423][ T4915] kvm: pic: level sensitive irq not supported
[  351.464467][ T4923] EXT4-fs (loop9): Remounting filesystem read-only
[  351.477221][ T4923] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  351.491831][ T4923] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  351.492572][ T4915] kvm: pic: single mode not supported
[  351.498475][ T4923] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  351.499023][ T4923] EXT4-fs (loop9): unmounting filesystem.
[  351.503702][ T4915] kvm: pic: level sensitive irq not supported
[  351.513259][  T508] usb 3-1: device descriptor read/all, error -71
[  351.832902][ T4944] loop4: detected capacity change from 0 to 512
[  351.856474][ T4944] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  351.907543][ T4944] EXT4-fs (loop4): orphan cleanup on readonly fs
[  351.913790][ T4944] EXT4-fs error (device loop4): ext4_quota_enable:6975: comm syz.4.1360: Bad quota inum: 64, type: 0
[  351.925984][ T4944] EXT4-fs (loop4): Remounting filesystem read-only
[  351.932357][ T4944] EXT4-fs warning (device loop4): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  351.946890][ T4944] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  351.953398][ T4944] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  352.853987][ T4942] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  353.186634][ T4976] loop3: detected capacity change from 0 to 512
[  353.194768][ T4976] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  353.208771][  T294] EXT4-fs (loop4): unmounting filesystem.
[  353.223666][ T4976] EXT4-fs (loop3): orphan cleanup on readonly fs
[  353.229941][ T4976] EXT4-fs error (device loop3): ext4_quota_enable:6975: comm syz.3.1372: Bad quota inum: 64, type: 0
[  353.242158][ T4976] EXT4-fs (loop3): Remounting filesystem read-only
[  353.248552][ T4976] EXT4-fs warning (device loop3): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  353.263095][ T4976] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  353.269680][ T4976] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  354.365703][ T4979] loop9: detected capacity change from 0 to 512
[  354.415265][ T4979] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  354.439123][ T2627] EXT4-fs (loop3): unmounting filesystem.
[  354.518294][ T4979] EXT4-fs (loop9): orphan cleanup on readonly fs
[  354.524696][ T4979] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1375: Bad quota inum: 64, type: 0
[  354.536749][ T4979] EXT4-fs (loop9): Remounting filesystem read-only
[  354.543127][ T4979] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  354.557638][ T4979] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  354.564160][ T4979] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  354.575337][ T4979] EXT4-fs (loop9): unmounting filesystem.
[  355.117090][ T4984] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  355.126507][ T4984] picdev_read: 2 callbacks suppressed
[  355.126525][ T4984] kvm: pic: non byte read
[  355.136653][ T4984] kvm: pic: non byte read
[  355.141854][ T4984] kvm: pic: single mode not supported
[  355.141911][ T4984] kvm: pic: non byte read
[  355.151738][ T4984] kvm: pic: non byte read
[  355.156044][ T4984] kvm: pic: level sensitive irq not supported
[  355.156103][ T4984] kvm: pic: non byte read
[  355.166959][ T4984] kvm: pic: non byte read
[  355.172678][ T4984] kvm: pic: non byte read
[  355.177926][ T4984] kvm: pic: non byte read
[  355.182769][ T4984] kvm: pic: single mode not supported
[  355.182795][ T4984] kvm: pic: level sensitive irq not supported
[  355.189356][ T4984] kvm: pic: non byte read
[  355.201328][ T4984] kvm: pic: non byte read
[  357.227651][ T4984] kvm: pic: single mode not supported
[  357.227672][ T4984] kvm: pic: level sensitive irq not supported
[  357.233119][ T4984] kvm: pic: single mode not supported
[  357.239125][ T4984] kvm: pic: level sensitive irq not supported
[  358.585501][ T4997] loop3: detected capacity change from 0 to 512
[  358.608016][ T4995] loop2: detected capacity change from 0 to 512
[  358.647972][ T4996] loop4: detected capacity change from 0 to 512
[  358.671799][ T4997] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  358.684188][ T4995] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  358.693714][ T4996] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  358.790096][ T4996] EXT4-fs (loop4): orphan cleanup on readonly fs
[  358.796346][ T4996] EXT4-fs error (device loop4): ext4_quota_enable:6975: comm syz.4.1376: Bad quota inum: 64, type: 0
[  358.808127][ T4996] EXT4-fs (loop4): Remounting filesystem read-only
[  358.814471][ T4996] EXT4-fs warning (device loop4): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  358.829031][ T4996] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  358.835480][ T4996] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  358.861054][ T4995] EXT4-fs (loop2): orphan cleanup on readonly fs
[  358.867323][ T4995] EXT4-fs error (device loop2): ext4_quota_enable:6975: comm syz.2.1379: Bad quota inum: 64, type: 0
[  358.880300][ T4995] EXT4-fs (loop2): Remounting filesystem read-only
[  358.886720][ T4995] EXT4-fs warning (device loop2): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  358.901216][ T4995] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  358.907699][ T4995] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  358.919380][ T4995] EXT4-fs (loop2): unmounting filesystem.
[  358.951893][ T4997] EXT4-fs (loop3): orphan cleanup on readonly fs
[  358.958140][ T4997] EXT4-fs error (device loop3): ext4_quota_enable:6975: comm syz.3.1377: Bad quota inum: 64, type: 0
[  359.170304][ T4997] EXT4-fs (loop3): Remounting filesystem read-only
[  359.176828][ T4997] EXT4-fs warning (device loop3): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  359.191288][ T4997] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  359.197823][ T4997] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  359.220955][  T294] EXT4-fs (loop4): unmounting filesystem.
[  359.397619][  T354] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  359.433147][ T5022] loop1: detected capacity change from 0 to 512
[  359.439912][ T5022] EXT4-fs: Ignoring removed i_version option
[  359.446507][ T5022] EXT4-fs: Ignoring removed mblk_io_submit option
[  359.453715][ T5022] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  359.465366][ T5022] EXT4-fs (loop1): 1 truncate cleaned up
[  359.471948][ T5022] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  359.665659][ T2627] EXT4-fs (loop3): unmounting filesystem.
[  359.876347][ T5037] loop9: detected capacity change from 0 to 512
[  359.886892][ T5037] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  359.934447][ T5037] EXT4-fs (loop9): orphan cleanup on readonly fs
[  359.940702][ T5037] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1388: Bad quota inum: 64, type: 0
[  359.952351][ T5037] EXT4-fs (loop9): Remounting filesystem read-only
[  359.958714][ T5037] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  359.973260][ T5037] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  359.979760][ T5037] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  359.990853][ T5037] EXT4-fs (loop9): unmounting filesystem.
[  361.255949][ T5042] loop4: detected capacity change from 0 to 512
[  361.752497][ T5042] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  361.851214][ T5048] loop2: detected capacity change from 0 to 512
[  361.861169][ T5048] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  361.876021][  T296] EXT4-fs (loop1): unmounting filesystem.
[  361.941869][ T5042] EXT4-fs (loop4): orphan cleanup on readonly fs
[  361.948152][ T5042] EXT4-fs error (device loop4): ext4_quota_enable:6975: comm syz.4.1390: Bad quota inum: 64, type: 0
[  361.960292][ T5042] EXT4-fs (loop4): Remounting filesystem read-only
[  361.966858][ T5042] EXT4-fs warning (device loop4): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  361.981500][ T5042] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  361.988640][ T5042] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  362.000253][ T5042] EXT4-fs (loop4): unmounting filesystem.
[  362.034742][ T5048] EXT4-fs (loop2): orphan cleanup on readonly fs
[  362.041285][ T5048] EXT4-fs error (device loop2): ext4_quota_enable:6975: comm syz.2.1391: Bad quota inum: 64, type: 0
[  362.054355][ T5048] EXT4-fs (loop2): Remounting filesystem read-only
[  362.061449][ T5048] EXT4-fs warning (device loop2): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  362.076200][ T5048] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  362.083004][ T5048] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  362.856290][ T5055] loop1: detected capacity change from 0 to 512
[  362.883354][ T5055] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  363.004499][ T5041] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1390'.
[  363.019922][ T3552] EXT4-fs (loop2): unmounting filesystem.
[  363.086227][ T5055] EXT4-fs (loop1): orphan cleanup on readonly fs
[  363.092443][ T5055] EXT4-fs error (device loop1): ext4_quota_enable:6975: comm syz.1.1393: Bad quota inum: 64, type: 0
[  363.104109][ T5055] EXT4-fs (loop1): Remounting filesystem read-only
[  363.110475][ T5055] EXT4-fs warning (device loop1): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  363.124976][ T5055] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  363.131495][ T5055] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  363.997323][ T5080] loop9: detected capacity change from 0 to 512
[  365.716776][ T5079] loop3: detected capacity change from 0 to 512
[  365.729187][ T5079] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  365.738512][ T5080] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  365.766642][  T296] EXT4-fs (loop1): unmounting filesystem.
[  365.817970][ T5079] EXT4-fs (loop3): orphan cleanup on readonly fs
[  365.824187][ T5079] EXT4-fs error (device loop3): ext4_quota_enable:6975: comm syz.3.1400: Bad quota inum: 64, type: 0
[  365.835700][ T5079] EXT4-fs (loop3): Remounting filesystem read-only
[  365.842227][ T5079] EXT4-fs warning (device loop3): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  365.856933][ T5079] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  365.863577][ T5079] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  365.875045][ T5079] EXT4-fs (loop3): unmounting filesystem.
[  365.888899][ T5080] EXT4-fs (loop9): orphan cleanup on readonly fs
[  365.895127][ T5080] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1399: Bad quota inum: 64, type: 0
[  365.906436][ T5080] EXT4-fs (loop9): Remounting filesystem read-only
[  365.912773][ T5080] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  365.927302][ T5080] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  365.933806][ T5080] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  368.873232][ T5102] loop2: detected capacity change from 0 to 512
[  368.925015][ T5104] loop1: detected capacity change from 0 to 512
[  369.305111][ T5104] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  369.315326][ T5102] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  369.341895][ T1405] EXT4-fs (loop9): unmounting filesystem.
[  369.410755][ T5104] EXT4-fs (loop1): orphan cleanup on readonly fs
[  369.416970][ T5104] EXT4-fs error (device loop1): ext4_quota_enable:6975: comm syz.1.1405: Bad quota inum: 64, type: 0
[  369.428531][ T5104] EXT4-fs (loop1): Remounting filesystem read-only
[  369.435015][ T5104] EXT4-fs warning (device loop1): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  369.449616][ T5104] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  369.456214][ T5104] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  369.523019][ T5102] EXT4-fs (loop2): orphan cleanup on readonly fs
[  369.529246][ T5102] EXT4-fs error (device loop2): ext4_quota_enable:6975: comm syz.2.1407: Bad quota inum: 64, type: 0
[  369.540737][ T5102] EXT4-fs (loop2): Remounting filesystem read-only
[  369.547097][ T5102] EXT4-fs warning (device loop2): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  369.561622][ T5102] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  369.568139][ T5102] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  369.579236][ T5102] EXT4-fs (loop2): unmounting filesystem.
[  369.825263][  T296] EXT4-fs (loop1): unmounting filesystem.
[  370.084835][ T5110] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  370.113511][ T5120] loop1: detected capacity change from 0 to 512
[  370.120066][ T5120] EXT4-fs: Ignoring removed i_version option
[  370.125964][ T5120] EXT4-fs: Ignoring removed mblk_io_submit option
[  370.133812][ T5110] picdev_read: 2 callbacks suppressed
[  370.133829][ T5110] kvm: pic: non byte read
[  370.144476][ T5110] kvm: pic: non byte read
[  370.150659][ T5120] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  370.152096][ T5110] kvm: pic: single mode not supported
[  370.161115][ T5110] kvm: pic: non byte read
[  370.170724][ T5110] kvm: pic: non byte read
[  370.172588][ T5120] EXT4-fs (loop1): 1 truncate cleaned up
[  370.177382][ T5110] kvm: pic: level sensitive irq not supported
[  370.181224][ T5102] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1407'.
[  370.197599][ T5110] kvm: pic: non byte read
[  370.232373][ T5120] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  370.246538][ T5110] kvm: pic: non byte read
[  370.250923][ T5110] kvm: pic: non byte read
[  370.255307][ T5110] kvm: pic: non byte read
[  370.391913][ T5133] loop9: detected capacity change from 0 to 512
[  370.428578][ T5133] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  370.545756][ T5133] EXT4-fs (loop9): orphan cleanup on readonly fs
[  370.551985][ T5133] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1413: Bad quota inum: 64, type: 0
[  370.563520][ T5133] EXT4-fs (loop9): Remounting filesystem read-only
[  370.569981][ T5133] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  370.584760][ T5133] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  370.591368][ T5133] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  370.657447][ T5110] kvm: pic: single mode not supported
[  370.657463][ T5110] kvm: pic: level sensitive irq not supported
[  370.774636][ T5110] kvm: pic: non byte read
[  370.788221][  T508] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  370.797744][ T5110] kvm: pic: non byte read
[  370.884734][ T5110] kvm: pic: single mode not supported
[  370.884750][ T5110] kvm: pic: level sensitive irq not supported
[  371.059097][  T296] EXT4-fs (loop1): unmounting filesystem.
[  371.077585][ T5141] loop2: detected capacity change from 0 to 512
[  371.098263][ T5141] EXT4-fs: Ignoring removed i_version option
[  371.104195][ T5141] EXT4-fs: Ignoring removed mblk_io_submit option
[  371.110770][ T5141] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  371.122324][ T5141] EXT4-fs (loop2): 1 truncate cleaned up
[  371.128153][ T5141] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  371.304849][  T508] usb 5-1: Using ep0 maxpacket: 8
[  371.411618][   T10] Bluetooth: hci1: Frame reassembly failed (-84)
[  371.434685][  T508] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  371.442814][  T508] usb 5-1: config 179 has no interface number 0
[  371.451844][  T508] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  371.496654][  T508] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  371.497126][ T1405] EXT4-fs (loop9): unmounting filesystem.
[  371.508234][  T508] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  371.532565][  T508] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  371.544924][  T508] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  371.558286][  T508] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  371.567539][  T508] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  371.577479][ T5155] loop3: detected capacity change from 0 to 256
[  371.585061][ T5155] exfat: Deprecated parameter 'utf8'
[  371.587295][ T5130] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  371.590270][ T5155] exfat: Deprecated parameter 'namecase'
[  371.602915][ T5155] exfat: Deprecated parameter 'utf8'
[  371.610146][ T5155] exfat: Bad value for 'umask'
[  371.676058][ T5157] loop9: detected capacity change from 0 to 512
[  371.683546][ T5157] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  371.718383][ T5157] EXT4-fs (loop9): orphan cleanup on readonly fs
[  371.724635][ T5157] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1419: Bad quota inum: 64, type: 0
[  371.736080][ T5157] EXT4-fs (loop9): Remounting filesystem read-only
[  371.742429][ T5157] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  371.756967][ T5157] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  371.763475][ T5157] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  371.783581][  T422] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  372.012204][ T3552] EXT4-fs (loop2): unmounting filesystem.
[  372.031286][  T422] usb 2-1: Using ep0 maxpacket: 8
[  372.037617][  T422] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  372.062764][  T422] usb 2-1: config 179 has no interface number 0
[  372.084123][  T422] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  372.124166][  T422] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  372.161241][ T5130] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  372.191243][ T5130] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  372.201564][  T422] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  372.251918][  T422] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  372.290634][  T422] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  372.335295][  T422] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  372.366448][  T422] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  372.374530][ T5127] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  372.412565][ T5151] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  372.420354][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  372.427089][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  373.002711][ T1405] EXT4-fs (loop9): unmounting filesystem.
[  373.094847][ T5168] loop2: detected capacity change from 0 to 512
[  373.103304][ T5168] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  373.129014][ T5168] EXT4-fs (loop2): orphan cleanup on readonly fs
[  373.135286][ T5168] EXT4-fs error (device loop2): ext4_quota_enable:6975: comm syz.2.1421: Bad quota inum: 64, type: 0
[  373.146929][ T5168] EXT4-fs (loop2): Remounting filesystem read-only
[  373.153310][ T5168] EXT4-fs warning (device loop2): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  373.167839][ T5168] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  373.174335][ T5168] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  373.184533][ T5168] EXT4-fs (loop2): unmounting filesystem.
[  373.265220][ T5151] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  373.301271][ T5151] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  373.570857][ T1522] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  373.576880][  T392] Bluetooth: hci1: command 0x1003 tx timeout
[  373.845957][    C1] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  373.845986][  T422] usb 5-1: USB disconnect, device number 36
[  373.854042][    C1] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  374.528855][ T5177] loop9: detected capacity change from 0 to 512
[  374.537234][ T5177] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  374.812700][ T1522] Bluetooth: hci0: command 0x0c1a tx timeout
[  374.812733][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  374.828591][ T5150] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  374.969735][ T5177] EXT4-fs (loop9): orphan cleanup on readonly fs
[  374.976240][ T5177] EXT4-fs error (device loop9): ext4_quota_enable:6975: comm syz.9.1424: Bad quota inum: 64, type: 0
[  374.988480][ T5177] EXT4-fs (loop9): Remounting filesystem read-only
[  374.994875][ T5177] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  375.009778][ T5177] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  375.016337][ T5177] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  375.027966][ T5177] EXT4-fs (loop9): unmounting filesystem.
[  375.315723][  T422] usb 2-1: USB disconnect, device number 39
[  375.315781][    C0] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  375.315814][    C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  375.443725][ T5187] netlink: 'syz.2.1428': attribute type 4 has an invalid length.
[  375.456963][ T5187] netlink: 'syz.2.1428': attribute type 4 has an invalid length.
[  375.493199][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  375.527252][ T5177] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1424'.
[  376.991727][    C0] ==================================================================
[  376.999611][    C0] BUG: KASAN: use-after-free in __run_timers+0x34a/0xa10
[  377.006466][    C0] Write of size 8 at addr ffff888110108a00 by task syz.1.1429/5189
[  377.014192][    C0] 
[  377.016360][    C0] CPU: 0 PID: 5189 Comm: syz.1.1429 Not tainted 6.1.118-syzkaller-00074-g3e3f2b9e9fca #0
[  377.025994][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  377.035888][    C0] Call Trace:
[  377.039018][    C0]  <IRQ>
[  377.041717][    C0]  dump_stack_lvl+0x151/0x1b7
[  377.046220][    C0]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  377.051514][    C0]  ? _printk+0xd1/0x111
[  377.055507][    C0]  ? __virt_addr_valid+0x242/0x2f0
[  377.060452][    C0]  print_report+0x158/0x4e0
[  377.064794][    C0]  ? __virt_addr_valid+0x242/0x2f0
[  377.069740][    C0]  ? kasan_complete_mode_report_info+0x90/0x1b0
[  377.075815][    C0]  ? __run_timers+0x34a/0xa10
[  377.080327][    C0]  kasan_report+0x13c/0x170
[  377.084675][    C0]  ? __run_timers+0x34a/0xa10
[  377.089184][    C0]  __asan_report_store8_noabort+0x17/0x20
[  377.094738][    C0]  __run_timers+0x34a/0xa10
[  377.099079][    C0]  ? debug_smp_processor_id+0x17/0x20
[  377.104286][    C0]  ? calc_index+0x270/0x270
[  377.108623][    C0]  ? __irq_exit_rcu+0x5e/0xf0
[  377.113137][    C0]  ? asm_sysvec_call_function_single+0x1b/0x20
[  377.119126][    C0]  run_timer_softirq+0x69/0xf0
[  377.123725][    C0]  handle_softirqs+0x1db/0x650
[  377.128322][    C0]  ? irqtime_account_irq+0xdc/0x260
[  377.133358][    C0]  __irq_exit_rcu+0x52/0xf0
[  377.137700][    C0]  irq_exit_rcu+0x9/0x10
[  377.141779][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  377.147243][    C0]  </IRQ>
[  377.150021][    C0]  <TASK>
[  377.152799][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  377.158614][    C0] RIP: 0010:preempt_count_sub+0x1/0x160
[  377.163999][    C0] Code: a8 f7 92 87 80 e1 07 80 c1 03 38 c1 0f 8c 78 ff ff ff 48 c7 c7 a8 f7 92 87 e8 fb 5b 6d 00 e9 67 ff ff ff 66 0f 1f 44 00 00 55 <48> 89 e5 41 56 53 89 fb 48 c7 c0 60 70 b7 87 48 c1 e8 03 49 be 00
[  377.183444][    C0] RSP: 0018:ffffc9000634f4a0 EFLAGS: 00000246
[  377.189339][    C0] RAX: 2be647c4740e7f00 RBX: 1ffff110239ab000 RCX: 0000000000000002
[  377.197148][    C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: 0000000000000001
[  377.204961][    C0] RBP: ffffc9000634f4d0 R08: dffffc0000000000 R09: ffffed1022a04006
[  377.212772][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88811cd58000
[  377.220584][    C0] R13: 1ffff92000c69ea0 R14: ffff88811cd58950 R15: dffffc0000000000
[  377.228398][    C0]  ? schedule+0xcd/0x180
[  377.232474][    C0]  schedule_timeout+0xa9/0x380
[  377.237075][    C0]  ? console_conditional_schedule+0x10/0x10
[  377.242808][    C0]  ? _raw_spin_unlock_irqrestore+0x5b/0x80
[  377.248447][    C0]  ? prepare_to_wait_exclusive+0x1ac/0x1f0
[  377.254089][    C0]  unix_wait_for_peer+0x24b/0x330
[  377.258954][    C0]  ? unix_find_other+0x8e0/0x8e0
[  377.263722][    C0]  ? wake_bit_function+0x230/0x230
[  377.268668][    C0]  ? _raw_spin_trylock_bh+0x190/0x190
[  377.273877][    C0]  ? security_unix_may_send+0x7b/0xa0
[  377.279084][    C0]  unix_dgram_sendmsg+0x1348/0x2050
[  377.284121][    C0]  ? unix_dgram_poll+0x690/0x690
[  377.288892][    C0]  ? security_socket_sendmsg+0x82/0xb0
[  377.294185][    C0]  ? unix_dgram_poll+0x690/0x690
[  377.298957][    C0]  ____sys_sendmsg+0x5d3/0x9a0
[  377.303562][    C0]  ? __sys_sendmsg_sock+0x40/0x40
[  377.308418][    C0]  ? __sys_sendmmsg+0x4f6/0x6f0
[  377.313107][    C0]  __sys_sendmmsg+0x3b9/0x6f0
[  377.317618][    C0]  ? __ia32_sys_sendmsg+0x90/0x90
[  377.322480][    C0]  ? futex_wait+0x4b7/0x7e0
[  377.326822][    C0]  ? _raw_spin_unlock_irqrestore+0x5b/0x80
[  377.332462][    C0]  ? _raw_spin_trylock_bh+0x190/0x190
[  377.337671][    C0]  ? do_futex+0x55a/0x9a0
[  377.341837][    C0]  ? fpregs_restore_userregs+0x130/0x290
[  377.347301][    C0]  __x64_sys_sendmmsg+0xa0/0xb0
[  377.351988][    C0]  x64_sys_call+0x81d/0x9a0
[  377.356326][    C0]  do_syscall_64+0x3b/0xb0
[  377.360585][    C0]  ? clear_bhb_loop+0x55/0xb0
[  377.365100][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  377.370826][    C0] RIP: 0033:0x7f5043d85d29
[  377.375077][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  377.394520][    C0] RSP: 002b:00007f5044c3e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  377.402763][    C0] RAX: ffffffffffffffda RBX: 00007f5043f75fa0 RCX: 00007f5043d85d29
[  377.410572][    C0] RDX: 0000000000000318 RSI: 00000000200bd000 RDI: 0000000000000004
[  377.418394][    C0] RBP: 00007f5043e01aa8 R08: 0000000000000000 R09: 0000000000000000
[  377.426195][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  377.434013][    C0] R13: 0000000000000000 R14: 00007f5043f75fa0 R15: 00007fffccd3dab8
[  377.441836][    C0]  </TASK>
[  377.444685][    C0] 
[  377.446860][    C0] Allocated by task 5127:
[  377.451023][    C0]  kasan_set_track+0x4b/0x70
[  377.455446][    C0]  kasan_save_alloc_info+0x1f/0x30
[  377.460393][    C0]  __kasan_kmalloc+0x9c/0xb0
[  377.464820][    C0]  __kmalloc+0xb4/0x1e0
[  377.468813][    C0]  hci_alloc_dev_priv+0x27/0x1c00
[  377.473675][    C0]  hci_uart_tty_ioctl+0x401/0xa70
[  377.478533][    C0]  tty_ioctl+0x903/0xc50
[  377.482699][    C0]  __se_sys_ioctl+0x114/0x190
[  377.487211][    C0]  __x64_sys_ioctl+0x7b/0x90
[  377.491640][    C0]  x64_sys_call+0x98/0x9a0
[  377.495892][    C0]  do_syscall_64+0x3b/0xb0
[  377.500147][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  377.505872][    C0] 
[  377.508041][    C0] Freed by task 5122:
[  377.511861][    C0]  kasan_set_track+0x4b/0x70
[  377.516287][    C0]  kasan_save_free_info+0x2b/0x40
[  377.521148][    C0]  ____kasan_slab_free+0x131/0x180
[  377.526183][    C0]  __kasan_slab_free+0x11/0x20
[  377.530786][    C0]  __kmem_cache_free+0x21d/0x410
[  377.535558][    C0]  kfree+0x7a/0xf0
[  377.539115][    C0]  hci_release_dev+0x14d3/0x1640
[  377.543888][    C0]  bt_host_release+0x83/0xa0
[  377.548403][    C0]  device_release+0x95/0x1c0
[  377.552829][    C0]  kobject_put+0x178/0x260
[  377.557082][    C0]  put_device+0x1f/0x30
[  377.561074][    C0]  hci_free_dev+0x1c/0x20
[  377.565242][    C0]  hci_uart_tty_close+0x1b9/0x240
[  377.570100][    C0]  tty_ldisc_kill+0x10b/0x1f0
[  377.574615][    C0]  tty_ldisc_release+0x195/0x1f0
[  377.579388][    C0]  tty_release_struct+0x2a/0xe0
[  377.584073][    C0]  tty_release+0xd14/0xf70
[  377.588421][    C0]  __fput+0x1e5/0x870
[  377.592237][    C0]  ____fput+0x15/0x20
[  377.596061][    C0]  task_work_run+0x24d/0x2e0
[  377.600482][    C0]  do_exit+0xbd5/0x2b80
[  377.604479][    C0]  do_group_exit+0x21a/0x2d0
[  377.608901][    C0]  get_signal+0x169d/0x1820
[  377.613244][    C0]  arch_do_signal_or_restart+0xb0/0x16f0
[  377.618714][    C0]  exit_to_user_mode_loop+0x74/0xa0
[  377.623746][    C0]  exit_to_user_mode_prepare+0x5a/0xa0
[  377.629041][    C0]  syscall_exit_to_user_mode+0x26/0x130
[  377.634421][    C0]  do_syscall_64+0x47/0xb0
[  377.638674][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  377.644404][    C0] 
[  377.646585][    C0] Last potentially related work creation:
[  377.652125][    C0]  kasan_save_stack+0x3b/0x60
[  377.656658][    C0]  __kasan_record_aux_stack+0xb4/0xc0
[  377.661848][    C0]  kasan_record_aux_stack_noalloc+0xb/0x10
[  377.667487][    C0]  insert_work+0x56/0x310
[  377.671654][    C0]  __queue_work+0x9b6/0xd70
[  377.675992][    C0]  queue_work_on+0x105/0x170
[  377.680419][    C0]  __hci_cmd_sync_sk+0xc2a/0xf70
[  377.685195][    C0]  hci_cmd_sync_status+0x52/0x130
[  377.690054][    C0]  hci_dev_cmd+0x39e/0x9b0
[  377.694307][    C0]  hci_sock_ioctl+0x415/0x7f0
[  377.698822][    C0]  sock_do_ioctl+0x152/0x450
[  377.703247][    C0]  sock_ioctl+0x455/0x740
[  377.707414][    C0]  __se_sys_ioctl+0x114/0x190
[  377.711925][    C0]  __x64_sys_ioctl+0x7b/0x90
[  377.716354][    C0]  x64_sys_call+0x98/0x9a0
[  377.720607][    C0]  do_syscall_64+0x3b/0xb0
[  377.724858][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  377.730586][    C0] 
[  377.732755][    C0] Second to last potentially related work creation:
[  377.739180][    C0]  kasan_save_stack+0x3b/0x60
[  377.743694][    C0]  __kasan_record_aux_stack+0xb4/0xc0
[  377.748901][    C0]  kasan_record_aux_stack_noalloc+0xb/0x10
[  377.754541][    C0]  insert_work+0x56/0x310
[  377.758706][    C0]  __queue_work+0x9b6/0xd70
[  377.763049][    C0]  queue_work_on+0x105/0x170
[  377.767476][    C0]  hci_cmd_timeout+0x199/0x200
[  377.772072][    C0]  process_one_work+0x73d/0xcb0
[  377.776759][    C0]  worker_thread+0xa60/0x1260
[  377.781271][    C0]  kthread+0x26d/0x300
[  377.785178][    C0]  ret_from_fork+0x1f/0x30
[  377.789430][    C0] 
[  377.791603][    C0] The buggy address belongs to the object at ffff888110108000
[  377.791603][    C0]  which belongs to the cache kmalloc-8k of size 8192
[  377.805491][    C0] The buggy address is located 2560 bytes inside of
[  377.805491][    C0]  8192-byte region [ffff888110108000, ffff88811010a000)
[  377.818769][    C0] 
[  377.820940][    C0] The buggy address belongs to the physical page:
[  377.827190][    C0] page:ffffea0004404200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x110108
[  377.837256][    C0] head:ffffea0004404200 order:3 compound_mapcount:0 compound_pincount:0
[  377.845415][    C0] flags: 0x4000000000010200(slab|head|zone=1)
[  377.851327][    C0] raw: 4000000000010200 ffffea0004a8f000 dead000000000002 ffff888100043500
[  377.859740][    C0] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[  377.868154][    C0] page dumped because: kasan: bad access detected
[  377.874415][    C0] page_owner tracks the page as allocated
[  377.879958][    C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 4635, tgid 4631 (syz.2.1274), ts 326150552071, free_ts 324132193346
[  377.902523][    C0]  post_alloc_hook+0x213/0x220
[  377.907122][    C0]  prep_new_page+0x1b/0x110
[  377.911462][    C0]  get_page_from_freelist+0x2f41/0x2fc0
[  377.916841][    C0]  __alloc_pages+0x234/0x610
[  377.921270][    C0]  alloc_slab_page+0x6c/0xf0
[  377.925693][    C0]  new_slab+0x90/0x3e0
[  377.929599][    C0]  ___slab_alloc+0x6f9/0xb80
[  377.934032][    C0]  __slab_alloc+0x5d/0xa0
[  377.938217][    C0]  __kmem_cache_alloc_node+0x207/0x2a0
[  377.943490][    C0]  __kmalloc+0xa3/0x1e0
[  377.947568][    C0]  mb_cache_create+0x171/0x620
[  377.952168][    C0]  ext4_xattr_create_cache+0x13/0x20
[  377.957287][    C0]  ext4_fill_super+0x6543/0x8460
[  377.962061][    C0]  get_tree_bdev+0x440/0x680
[  377.966490][    C0]  ext4_get_tree+0x1c/0x20
[  377.970740][    C0]  vfs_get_tree+0x88/0x290
[  377.975000][    C0] page last free stack trace:
[  377.979507][    C0]  free_unref_page_prepare+0x83d/0x850
[  377.984803][    C0]  free_unref_page+0xb2/0x5c0
[  377.989314][    C0]  __free_pages+0x61/0xf0
[  377.993500][    C0]  __free_slab+0xce/0x1a0
[  377.997648][    C0]  __unfreeze_partials+0x165/0x1a0
[  378.002597][    C0]  put_cpu_partial+0xa9/0x100
[  378.007107][    C0]  __slab_free+0x1c8/0x280
[  378.011361][    C0]  ___cache_free+0xc6/0xd0
[  378.015614][    C0]  qlist_free_all+0xc5/0x140
[  378.020037][    C0]  kasan_quarantine_reduce+0x15a/0x180
[  378.025333][    C0]  __kasan_slab_alloc+0x24/0x80
[  378.030019][    C0]  slab_post_alloc_hook+0x53/0x2c0
[  378.034967][    C0]  kmem_cache_alloc+0x175/0x320
[  378.039654][    C0]  mas_alloc_nodes+0x267/0x7d0
[  378.044257][    C0]  mas_preallocate+0xef2/0x1bd0
[  378.048939][    C0]  vma_expand+0x2f2/0xa10
[  378.053111][    C0] 
[  378.055279][    C0] Memory state around the buggy address:
[  378.060759][    C0]  ffff888110108900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  378.068643][    C0]  ffff888110108980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  378.076545][    C0] >ffff888110108a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  378.084439][    C0]                    ^
[  378.088348][    C0]  ffff888110108a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  378.096248][    C0]  ffff888110108b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  378.104145][    C0] ==================================================================
[  378.112040][    C0] Disabling lock debugging due to kernel taint
[  378.118074][    C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  378.129571][    C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  378.137827][    C0] CPU: 0 PID: 5189 Comm: syz.1.1429 Tainted: G    B              6.1.118-syzkaller-00074-g3e3f2b9e9fca #0
[  378.149035][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  378.158911][    C0] RIP: 0010:__queue_work+0x4f1/0xd70
[  378.164032][    C0] Code: 39 03 0f 84 40 01 00 00 e8 fc 6b 2a 00 4c 89 e7 e8 e4 d3 d6 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 30 df 71 00 49 8b 3e e8 98 cc d6
[  378.183479][    C0] RSP: 0018:ffffc90000007c78 EFLAGS: 00010046
[  378.189373][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff88811cd58000
[  378.197271][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  378.205176][    C0] RBP: ffffc90000007d00 R08: ffffffff814b186b R09: 0000000000000007
[  378.212978][    C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881101089c8
[  378.220791][    C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8881101089e0
[  378.228601][    C0] FS:  00007f5044c3e6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  378.237374][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  378.243794][    C0] CR2: 0000000020d7e030 CR3: 000000012a9fb000 CR4: 00000000003506b0
[  378.251606][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  378.259413][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  378.267227][    C0] Call Trace:
[  378.270355][    C0]  <IRQ>
[  378.273043][    C0]  ? __die_body+0x62/0xb0
[  378.277207][    C0]  ? die_addr+0x9f/0xd0
[  378.281288][    C0]  ? exc_general_protection+0x317/0x4c0
[  378.286670][    C0]  ? asm_exc_general_protection+0x27/0x30
[  378.292309][    C0]  ? __queue_work+0x28b/0xd70
[  378.296822][    C0]  ? __queue_work+0x4f1/0xd70
[  378.301335][    C0]  ? __queue_work+0x29c/0xd70
[  378.305853][    C0]  delayed_work_timer_fn+0x61/0x80
[  378.310794][    C0]  ? queue_work_node+0x1d0/0x1d0
[  378.315569][    C0]  call_timer_fn+0x3b/0x2d0
[  378.319908][    C0]  ? queue_work_node+0x1d0/0x1d0
[  378.324681][    C0]  __run_timers+0x756/0xa10
[  378.329028][    C0]  ? calc_index+0x270/0x270
[  378.333361][    C0]  ? __irq_exit_rcu+0x5e/0xf0
[  378.337878][    C0]  ? asm_sysvec_call_function_single+0x1b/0x20
[  378.343867][    C0]  run_timer_softirq+0x69/0xf0
[  378.348464][    C0]  handle_softirqs+0x1db/0x650
[  378.353066][    C0]  ? irqtime_account_irq+0xdc/0x260
[  378.358111][    C0]  __irq_exit_rcu+0x52/0xf0
[  378.362440][    C0]  irq_exit_rcu+0x9/0x10
[  378.366515][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  378.371984][    C0]  </IRQ>
[  378.374762][    C0]  <TASK>
[  378.377542][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  378.383374][    C0] RIP: 0010:preempt_count_sub+0x1/0x160
[  378.388738][    C0] Code: a8 f7 92 87 80 e1 07 80 c1 03 38 c1 0f 8c 78 ff ff ff 48 c7 c7 a8 f7 92 87 e8 fb 5b 6d 00 e9 67 ff ff ff 66 0f 1f 44 00 00 55 <48> 89 e5 41 56 53 89 fb 48 c7 c0 60 70 b7 87 48 c1 e8 03 49 be 00
[  378.408180][    C0] RSP: 0018:ffffc9000634f4a0 EFLAGS: 00000246
[  378.414079][    C0] RAX: 2be647c4740e7f00 RBX: 1ffff110239ab000 RCX: 0000000000000002
[  378.421888][    C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: 0000000000000001
[  378.429700][    C0] RBP: ffffc9000634f4d0 R08: dffffc0000000000 R09: ffffed1022a04006
[  378.437518][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88811cd58000
[  378.445325][    C0] R13: 1ffff92000c69ea0 R14: ffff88811cd58950 R15: dffffc0000000000
[  378.453140][    C0]  ? schedule+0xcd/0x180
[  378.457222][    C0]  schedule_timeout+0xa9/0x380
[  378.461817][    C0]  ? console_conditional_schedule+0x10/0x10
[  378.467549][    C0]  ? _raw_spin_unlock_irqrestore+0x5b/0x80
[  378.473186][    C0]  ? prepare_to_wait_exclusive+0x1ac/0x1f0
[  378.478831][    C0]  unix_wait_for_peer+0x24b/0x330
[  378.483690][    C0]  ? unix_find_other+0x8e0/0x8e0
[  378.488462][    C0]  ? wake_bit_function+0x230/0x230
[  378.493423][    C0]  ? _raw_spin_trylock_bh+0x190/0x190
[  378.498623][    C0]  ? security_unix_may_send+0x7b/0xa0
[  378.503827][    C0]  unix_dgram_sendmsg+0x1348/0x2050
[  378.508859][    C0]  ? unix_dgram_poll+0x690/0x690
[  378.513633][    C0]  ? security_socket_sendmsg+0x82/0xb0
[  378.518925][    C0]  ? unix_dgram_poll+0x690/0x690
[  378.523701][    C0]  ____sys_sendmsg+0x5d3/0x9a0
[  378.528297][    C0]  ? __sys_sendmsg_sock+0x40/0x40
[  378.533158][    C0]  ? __sys_sendmmsg+0x4f6/0x6f0
[  378.537845][    C0]  __sys_sendmmsg+0x3b9/0x6f0
[  378.542359][    C0]  ? __ia32_sys_sendmsg+0x90/0x90
[  378.547220][    C0]  ? futex_wait+0x4b7/0x7e0
[  378.551562][    C0]  ? _raw_spin_unlock_irqrestore+0x5b/0x80
[  378.557201][    C0]  ? _raw_spin_trylock_bh+0x190/0x190
[  378.562416][    C0]  ? do_futex+0x55a/0x9a0
[  378.566591][    C0]  ? fpregs_restore_userregs+0x130/0x290
[  378.572045][    C0]  __x64_sys_sendmmsg+0xa0/0xb0
[  378.576730][    C0]  x64_sys_call+0x81d/0x9a0
[  378.581068][    C0]  do_syscall_64+0x3b/0xb0
[  378.585320][    C0]  ? clear_bhb_loop+0x55/0xb0
[  378.589834][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  378.595566][    C0] RIP: 0033:0x7f5043d85d29
[  378.599818][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  378.619268][    C0] RSP: 002b:00007f5044c3e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  378.627505][    C0] RAX: ffffffffffffffda RBX: 00007f5043f75fa0 RCX: 00007f5043d85d29
[  378.635314][    C0] RDX: 0000000000000318 RSI: 00000000200bd000 RDI: 0000000000000004
[  378.643128][    C0] RBP: 00007f5043e01aa8 R08: 0000000000000000 R09: 0000000000000000
[  378.650936][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  378.658751][    C0] R13: 0000000000000000 R14: 00007f5043f75fa0 R15: 00007fffccd3dab8
[  378.666563][    C0]  </TASK>
[  378.669427][    C0] Modules linked in:
[  378.673160][    C0] ---[ end trace 0000000000000000 ]---
[  378.678451][    C0] RIP: 0010:__queue_work+0x4f1/0xd70
[  378.683573][    C0] Code: 39 03 0f 84 40 01 00 00 e8 fc 6b 2a 00 4c 89 e7 e8 e4 d3 d6 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 30 df 71 00 49 8b 3e e8 98 cc d6
[  378.703015][    C0] RSP: 0018:ffffc90000007c78 EFLAGS: 00010046
[  378.708925][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff88811cd58000
[  378.716726][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  378.724538][    C0] RBP: ffffc90000007d00 R08: ffffffff814b186b R09: 0000000000000007
[  378.732349][    C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881101089c8
[  378.740162][    C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8881101089e0
[  378.747969][    C0] FS:  00007f5044c3e6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  378.756737][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  378.763159][    C0] CR2: 0000000020d7e030 CR3: 000000012a9fb000 CR4: 00000000003506b0
[  378.770971][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  378.778781][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  378.786593][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[  378.793893][    C0] Kernel Offset: disabled
[  378.798016][    C0] Rebooting in 86400 seconds..