last executing test programs:

2m27.273281265s ago: executing program 0 (id=204):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
munmap(&(0x7f0000e1f000/0x4000)=nil, 0x4000)
r2 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000040)={0x100000001, 0x6ee44000, 0x8, r2})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000900)={0x0, 0x0, 0x1, r2, 0x1})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000080)={0x1000, 0x0, 0x1, r2, 0x1})
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000003600), 0x2, 0x0)
readv(r3, &(0x7f0000003780)=[{&(0x7f0000003640)=""/209, 0xd1}], 0x1)

2m26.650048368s ago: executing program 0 (id=206):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="8801d6921000010000000000000000007f000001000000000000000000000000e000d7517e33f6759d3e000000000000000000000000000000000000000000004dfb368311839fe14795650e484b6c30099d2411a9326edfec125f70ea296e2c1e61efde5ae71b921cc055a970205dcc7a60a728d63efb8d7d69204deae14ec3d5941087fc230987633f0f1ced737a435aeac57dc1c2bd7fae5225e62432d9d83bc9f9a2d192be7e58d4d1148c19af584d62b92d027e9dbc48cc7f54cac5889b8eaf8454638887ac4be43c1708a212ac2a532904a36a70ed3d0f0693", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc0200000000000000000000000000000000000033000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000000000004c0012007266633735333965737028667075286563622d6165732d6e656f6e6273292c626c616b6532732d3235362d78383629000000000000000000000000000000000000000000000000004c0014006362636d6163286165732900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000"], 0x188}}, 0x0)

2m26.23720621s ago: executing program 0 (id=207):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="01f300000600f1b528cdb55cc57cf8d8c6ee359b5000ff00000000000000bea7eddc", @ANYRES8=r1, @ANYRES16=r2, @ANYRES32=r0], 0x48)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r3}, 0x18)
capset(0x0, &(0x7f0000000380)={0x0, 0xfffffff9, 0x6, 0x0, 0x1fd, 0x10001})
syz_open_dev$MSR(&(0x7f00000014c0), 0x7, 0x0)
creat(&(0x7f0000000440)='./file3\x00', 0x12c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000280), 0x1, 0x76a, &(0x7f0000001b00)="$eJzs3d9rW1UcAPDvTdt17aatIOh8KghaGEvtrJuCDxMfRHAw0Ge3kGZlNm1Gk461FNwQwRdBxQdBX/bsj/nmqz9e9b/wQTamdsOJD1K5adJla9KlW5MI+XzgNOfce9Nzvjn3nnuSe0kC6FsT6Z9MxKGI+CiJGKstTyJiqJobjDixud3t9bV8mpLY2Hjzj6S6za31tXw0PCd1oFZ4MiJ+fD/icGZ7veWV1flcsVhYqpWnKgvnp8orq0fOLeTmCnOFxWPTMzNHj79w/NjexfrXL6sHr3/82rPfnPjnvSeufvhTEifiYG1dYxx7ZSImaq/JUPoS3uXVva6sx5JeN4AHkh6aA5tHeRyKsRio5loY6WbLAIBOeTciNgCAPpM4/wNAn6l/DnBrfS1fT739RKK7brwSEfs3469f39xcM1i7Zre/eh109FZy15WRJCLG96D+iYj44ru3v0pTdOg6JEAzly5HxJnxie3jf7LtnoXdeq6NbSbuKRv/oHu+T+c/Lzab/2W25j/RZP4z3OTYfRD3P/4z1/agmpbS+d/LDfe23W6Iv2Z8oFZ6pDrnG0rOnisW0rHt0YiYjKHhtDy9Qx2TN/+92Wpd4/zvz0/e+TKtP328s0Xm2uDw3c+ZzVVyDxNzoxuXI54abBZ/stX/SYv576k263j9pQ8+b7UujT+Nt562x99ZG1cinmna/3fuaEt2vD9xqro7TNV3iia+/fWz0Vb1N/Z/mtL66+8FuiHt/9Gd4x9PGu/XLO++jp+vjP3Qat3942++/+9L3qrm99WWXcxVKkvTEfuSN7YvP3rnufVyffs0/smnmx//O+3/6XvCM23GP3j9968fPP7OSuOf3VX/7z5z9fb8QKv62+v/mWpusraknfGv3QY+zGsHAAAAAAAAAAAAAAAAAAAAAAAAAO3KRMTBSDLZrXwmk81u/ob34zGaKZbKlcNnS8uLs1H9rezxGMrUv+pyrOH7UKdr34dfLx+9p/x8RDwWEZ8Oj1TL2XypONvr4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5kCL3/9P/Tbc69YBAB2zv9cNAAC6zvkfAPrP7s7/Ix1rBwDQPd7/A0D/cf4HgP7j/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECHnTp5Mk0bf6+v5dPy7IWV5fnShSOzhfJ8dmE5n82Xls5n50qluWIhmy8ttPxHlzYfiqXS+ZlYXL44VSmUK1PlldXTC6Xlxcrpcwu5ucLpwlDXIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9pVXVudzxWJhSUZGRmYr0zhKjPRugAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4n/svAAD//9EyKso=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file3\x00', 0x143042, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r6, 0x0, 0x0)
r7 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000100)={0x42}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000140)={0x42}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f00000005c0)=ANY=[])
pwritev2(r4, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file3\x00', 0x147142, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0500000002000000080000000c00000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000e6ffffff000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x10, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='mmap_lock_acquire_returned\x00', r10}, 0x10)

2m25.241115065s ago: executing program 0 (id=212):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000540)={[{@test_dummy_encryption}]}, 0x1, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x20)
preadv(r0, &(0x7f0000001b00)=[{&(0x7f00000009c0)=""/239, 0xef}], 0x1, 0x2, 0x0)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x30)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x10)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r2, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000002040)={r1, 0x0, 0x0}, 0x10)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r3, 0x10e, 0x1, &(0x7f0000000000)=0x1, 0x4)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000580)={0x7, 0x0, [{0x2, 0xf8c3, 0x1, 0x98, 0x1, 0x382, 0x5}, {0x80000000, 0x9, 0x6, 0x1, 0x8001, 0x5, 0x8}, {0xb, 0x74, 0x3, 0x9e14, 0x6, 0x1, 0x4}, {0x80000008, 0x0, 0x2, 0x8, 0x1, 0x3ff}, {0x2, 0x7, 0x2, 0xffffff81, 0x0, 0x0, 0x9}, {0x80000001, 0x400, 0x1, 0x4, 0xb444, 0x227c58f9, 0x4abf}, {0x40000001, 0x2, 0x2, 0x2, 0x200, 0x5e2}]})
r4 = socket$unix(0x1, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x41, &(0x7f00000001c0)=0x44d8, 0x4)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r6, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r5, {0x2, 0x0, @private}, 0x4}}, 0x26)
syz_emit_ethernet(0x8e, &(0x7f0000000800)={@broadcast, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x58, 0x11, 0x0, @remote, @local, {[], {0x0, 0xe22, 0x58, 0x0, @gue={{0x2, 0x0, 0x0, 0x2, 0x0, @val=0x6000000}, "0a790cc55a8e553e7d97f6c6df8c6133e6493e63c8a31993518d1c9b14d58e71572f2027069f55e65d3bbff0ebf374e380bff9a4a02c5b0a882251fcd6504d155008a863ef72ad4a"}}}}}}}, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
close(0x3)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
faccessat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x5)
sendmsg$nl_xfrm(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r9 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r9, &(0x7f0000000040)={0xa, 0xfffd, 0x0, @mcast2={0xff, 0x5}, 0xffff7fff}, 0x1c)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f00000000c0)=0x200000, 0x4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

2m24.833457417s ago: executing program 0 (id=214):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0xffdd)
write$tun(r0, &(0x7f0000000180)={@void, @void, @arp=@generic={0x30a, 0x8100, 0x6, 0x3, 0x2, @broadcast, "d646fa", @empty, "bda6fbfca90037f933a92cf770"}}, 0x24)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x4}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xb5, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000080)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x7}}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000001400), 0x208e24b)
fdatasync(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x28}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xa8}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r3}, 0xc)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setsockopt$MRT6_FLUSH(0xffffffffffffffff, 0x10e, 0xd4, 0x0, 0x0)

2m24.651504217s ago: executing program 0 (id=217):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xfc}}, 0x2}}, 0x2e)
close(r0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000380)='.pending_reads\x00', 0x418000, 0x28)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x1, &(0x7f0000000080)=@raw=[@alu={0x7, 0x1, 0x2, 0x8, 0x6, 0x8, 0xfffffffffffffffc}], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x37, &(0x7f0000000100)=""/55, 0x41100, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000180)={0x5, 0x9, 0x4, 0x2}, 0x10, 0x0, 0x0, 0x6, &(0x7f00000001c0)=[0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{0x0, 0x2, 0xd, 0x1}, {0x5, 0x1}, {0x5, 0x2, 0x6, 0x4}, {0x0, 0x1, 0xd, 0x3}, {0x3, 0x5, 0xc, 0xc}, {0x4, 0x2, 0x0, 0x6}], 0x10, 0x5cfa, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='ext4_unlink_enter\x00', r5, 0x0, 0x4}, 0x18)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='freezer.self_freezing\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r6}, 0x10)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f0000000380)="f30f019b290067f30fb85e920f20c06635000000400f22c066b9e90a000066b80100000066ba000000000f30650f01c266b9d90b00000f32baf80c66b89c151a8866efbafc0cec3e3e0f79370f01b90000b8de078ee8", 0x56}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_NMI(r10, 0xae9a)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$TUNSETOFFLOAD(r7, 0xc004743e, 0x20001400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1502"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x67000000, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$TUNSETOFFLOAD(r7, 0x4010744d, 0x20000000)

2m24.565665708s ago: executing program 32 (id=217):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xfc}}, 0x2}}, 0x2e)
close(r0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000380)='.pending_reads\x00', 0x418000, 0x28)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x1, &(0x7f0000000080)=@raw=[@alu={0x7, 0x1, 0x2, 0x8, 0x6, 0x8, 0xfffffffffffffffc}], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x37, &(0x7f0000000100)=""/55, 0x41100, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000180)={0x5, 0x9, 0x4, 0x2}, 0x10, 0x0, 0x0, 0x6, &(0x7f00000001c0)=[0xffffffffffffffff, 0x1], &(0x7f0000000200)=[{0x0, 0x2, 0xd, 0x1}, {0x5, 0x1}, {0x5, 0x2, 0x6, 0x4}, {0x0, 0x1, 0xd, 0x3}, {0x3, 0x5, 0xc, 0xc}, {0x4, 0x2, 0x0, 0x6}], 0x10, 0x5cfa, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='ext4_unlink_enter\x00', r5, 0x0, 0x4}, 0x18)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='freezer.self_freezing\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r6}, 0x10)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f0000000380)="f30f019b290067f30fb85e920f20c06635000000400f22c066b9e90a000066b80100000066ba000000000f30650f01c266b9d90b00000f32baf80c66b89c151a8866efbafc0cec3e3e0f79370f01b90000b8de078ee8", 0x56}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_NMI(r10, 0xae9a)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$TUNSETOFFLOAD(r7, 0xc004743e, 0x20001400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1502"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x67000000, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$TUNSETOFFLOAD(r7, 0x4010744d, 0x20000000)

8.294125683s ago: executing program 5 (id=815):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000080)=0x8, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'wg2\x00', <r3=>0x0})
sendto$packet(r1, &(0x7f0000000180)='7', 0x2, 0x0, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @random="bf73a9e561c5"}, 0x14)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
lremovexattr(&(0x7f0000000740)='./file0\x00', &(0x7f0000000300)=ANY=[@ANYBLOB])
r6 = socket(0x1e, 0x4, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x3b}}}, 0xb8}}, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000014"], 0xb8}}, 0x0)

7.448265266s ago: executing program 5 (id=817):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB='\x00'/10], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014001100b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
ptrace(0x4207, r4)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(0xffffffffffffffff)

7.364555437s ago: executing program 4 (id=819):
socket$inet6(0xa, 0x80002, 0x0)
r0 = socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r1=>0x0})
sendto$packet(0xffffffffffffffff, &(0x7f0000000180)="10031400e0ff020002004788aa96a13bb100001100007fca1a00", 0x1000a, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14)
r2 = gettid()
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r3, &(0x7f0000001340)=[{0x0}], 0x1)
readv(r3, &(0x7f0000001240)=[{&(0x7f0000000040)=""/65, 0x41}], 0x1)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r4 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c4000000000010902247251000000"], 0x0)
syz_usb_control_io(r4, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$AUTOFS_IOC_READY(r5, 0x9360, 0x1000)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r0, 0x0)

7.109485598s ago: executing program 2 (id=822):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x25c, &(0x7f0000000440)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002064070000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x26, &(0x7f0000000000))

6.56548898s ago: executing program 5 (id=824):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0xffdd)
write$tun(r0, &(0x7f0000000180)={@void, @void, @arp=@generic={0x30a, 0x8100, 0x6, 0x3, 0x2, @broadcast, "d646fa", @empty, "bda6fbfca90037f933a92cf770"}}, 0x24)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x4}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xb5, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000080)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x7}}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000001400), 0x208e24b)
fdatasync(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x28}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xa8}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r3}, 0xc)
memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setsockopt$MRT6_FLUSH(0xffffffffffffffff, 0x10e, 0xd4, 0x0, 0x0)

6.097086013s ago: executing program 2 (id=826):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0200000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000ef7f39c1a4418e7549b38318fb328653d2f6a28560182fe06e632a0040ad683c42437b7f1c3899903a10138985ab380f0b9321702258592f0aa041e1d62d567f9213e5652296b306fd7ebb50e334d54be368c9aaffb08c626cdfbd6c19ee36e6970124b0da047f7d8bbbb4beec6a80766d1f87f6c1fdd3ca8cd22d61ad3999254311039698b59114ac196d809ea93b2f6bc0625c1cf9850d6e924995d1db5e6d014c0203379ab82be4c52380b1c41585f4b28d63fba900767c9ec42b17a26f61aac685586d9aa6992f64f7274bcbc4b009aa1458b6a997b9e744e91659dc787a5f226c7426af0a1ce2a92eb9ddcf13e241aa2a57e7814a804cfc755bf6a63964facca9434a5e49e956e6705c25cbfc91e44730c3382856f1520a7e4d895dab286ece00b8286fbe8dabe59335e65b5867db562eeb880c8bab627a3ea0efac0f0c4a816dcb1ac6b49ef8eee16a3f2ec2bc3864f7191161fa6363f6b95e04a57b05e59b21c9858b58"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000e80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = dup2(r1, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
io_getevents(0x0, 0x3, 0x0, 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="1201000000000040ec13060000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r3}, 0x10)
r4 = syz_usb_connect(0x0, 0x24, &(0x7f0000000a00)=ANY=[@ANYBLOB="120100007856b340da0b53813de201020301090212"], 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@base={0x1f, 0x1, 0x3, 0x7ff, 0x824, r0, 0x101, '\x00', 0x0, r2, 0x3, 0x4, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep2(r4, 0x83, 0x12, &(0x7f0000000040)=@conn_svc_rsp={0x0, 0x0, 0xa, "8aa4a2aa", {0x3, 0x107, 0x0, 0x3, 0xf000, 0xa, 0x9}})
syz_usb_control_io$uac1(r4, 0x0, &(0x7f0000000340)={0x44, &(0x7f0000000100)=ANY=[@ANYBLOB="000004000000228b155e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x12, 0x9, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r9, <r10=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r8}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r9}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r8}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r10}, &(0x7f0000000240), &(0x7f0000000280)=r8}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r9, &(0x7f0000000040)}, 0x20)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000100000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r11}, 0x10)
syz_emit_ethernet(0xde, &(0x7f00000003c0)={@random="e33110495bfd", @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0xa8, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @rand_addr=' \x01\x00', @private1, [{0x4, 0x10, "9595f429ae08a565c9a41d413270a44d2e6f790a3872d50bb14d25344dc5b3a281f175f5ee04aab21301b94d966c72c15a143c69205625466855101cf44d89d9f6ee47d77c0d4e53e34b67c542fc6f6f6c60139c43b78286f5bb8f4f11d164af24e2633a45bf4ed944b0ef6a7b7167f73cf54e78686ac09402659c29eb0c"}]}}}}}}, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="18020000f9ffffff0000000000000000850000004100000095000000000000003d789ade838a5adf0c21f97a9d6f55528c474cb385573d9fd2aff88c497a5d0ab93dbb1df77098cacd277206f0902cf2c1d66e1ef4fe6deeaf8739f048bff4c9d61b5c334ef7384130fd875789e46307b8f29c46149360bea59a42011aabc5001093a06d23b6cf4f033c6000c3ab63ee036fe7023574b86c8964c32f955d410083f7567735a2ca010000871611faba526a3501f1753258c767236f2b3addb04f55cee250cb376879ae14b9e1ab98703bc7db41925c55b0a4141ae3c08d264831d0f6365469c35621850000f6ff0000000000000000000000000000000000317dc59df6de3bfd0d7f785ff1e9606c84574e4b80937ae83516d8201e8c4c3fda81599b7c4bf635910dcb747508404034d9478ff88e1cbfe43f46a1a5d9239e393f2bb309160118a787cb0c64b606ffe744f79c1bba0ca081302b0f04e377f1b6a3646cbe934ef6ad95d4f160a9dcc9550f9777ca5d2daa2b239547f27a221d2eefb2c40ffe95c97ce091b7c2a8c0471b9124af726edb5a3b9aba486b93cb5ea7fff68f53401f8e826d5afbb98ed8b015dc328a507d15260a18a79110e68f1d43dad73121b60ec43e98e3f522b61a4f8fc0ba0257e8fd5ac454e1127e9c76395b5a51c2c75d8c1453771915705bd0925cf573b0a9c01d8e552fe288d3c0433cbe801747f335448deb0e7164f6df7d3554bc66ff51352f912d76519aa6290fe7e72402000000e85552c5c049dde27c5294dc77c8a4490492a6deb8108c14ac9a261e2d990f65ea36f217783759c06e37c3a2f3b0b3c38937"], &(0x7f0000000240)='syzkaller\x00', 0x4, 0xff0, &(0x7f000062b000)=""/4080, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3d)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r12, 0xa0001f98, 0x0, 0x0, 0x0, 0x0, 0xa70a, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)

6.039866333s ago: executing program 5 (id=827):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@bridge_dellink={0x24, 0x13, 0x5, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0x4}]}, 0x24}}, 0x0)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000000000040de28421100000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f00000001c0)={0x2c, &(0x7f0000000000)={0x0, 0x0, 0x5, {0x5, 0x0, "b1a748"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000800)={0x84, &(0x7f00000003c0)={0x0, 0x17, 0x2, '{|'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGFEATURE(r4, 0xc0404807, &(0x7f00000001c0)={0x1, "5fbaf77c49a9e363eed255a8164a43edd3fbf3f53506ab88ceae7536ba00c7498731efa3dafb0258a1a0e6dacafa3ba666a4c94f7af45941f84c2857c71600b2"})
r5 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x881000, &(0x7f0000000580)={[{@resgid={'resgid', 0x3d, 0xee00}}, {@grpquota}, {@grpjquota_path={'grpjquota', 0x3d, './file1'}}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x2e}}, {@nobarrier}, {@sysvgroups}, {@nouser_xattr}, {@noacl}], [{@seclabel}]}, 0x1, 0x4d8, &(0x7f0000000b00)="$eJzs3c9rHG0dAPDvTLJvf+U1edXDa8G22EpatLtJY9vgoVYQPRWs9V5jsgkhm2zIbtomFEnxriCigidPXgT/AEH6J4hQ0LtUUURbPXhQV3Z2trZxNwl0s1OTzwem8zzzJPv9Pg07M8/Mw0wAx9aFiLgdESMRcSUixvPtab60227f7fzcyxeP59tLEq3Wvb8kkeTbup+V5OszEbETEScj4mtfifhm8r9xG1vbK3O1WnUjr1eaq+uVxtb21eXVuaXqUnVtZmb6xuzN2euzUwPp50RE3PrSH37w3Z9++dYvP/vwd/f/dPlb7bTG8vbX+zFIna6Xsv+LrtGI2DiMYAUYydelPu3fGRliMgAA7Kt9jv/RiPhUdv4/HiPZ2SkAAABwlLS+MBb/TCJaAAAAwJGVZnNgk7SczwUYizQtlztzeD8ep9NavdH8zGJ9c22hM1d2Ikrp4nKtOpXPFZ6IUtKuT+dzbLv1a7vqMxHxQUR8f/xUVi/P12sLRV/8AAAAgGPizK7x/9/Hs/H/iaLzAgAAAAZsYs/WVqvVGloqAAAAwCHZe/wPAAAAHAXG/wAAAHCkffXOnfbS6r7/euHB1uZK/cHVhWpjpby6OV+er2+sl5fq9aXsmX2r+31erV5f/1ysbT6qNKuNZqWxtX1/tb651ry//MYrsAEAAIAh+uD8098mEbHz+VPZ0vZe0UkBQ5Hs0569JOR5Xvn9EBIChmak6ASAwowWnQBQmNKuNXD87HcdoO/knV8NPhcAAOBwTH6i//1/1wTgaEuLTgAAGDr3/+H4Kr05A/B6cZkARfnIPu1vf//fS0QBAKBoY9mSpOX8XuBYpGm5HPF+9lqAUrK4XKtO5eOD34yXTrTr09lvJvvOGQYAAAAAAAAAAAAAAAAAAAAAAAAAOlqtJFoAAADAkRaR/jHJnuYfMTl+aWz39YH3kn+MZ+uIePjjez98NNdsbky3t//11fbmj/Lt14q4ggEAAADs1h2nd8fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBIL188nu8uw4z75y9GxETP+OdPZquTUYqI039LYvS130siYmQA8XeeRMSHveIn7bRiIjpZ9Ip/qsD4aUScGUB8OM6etvc/t3t9/9K4kK17f/9G8+Vt9d//pdHd/4302f+8f8AYZ5/9vNI3/pOIs6O99z/d+Emf+BcPGP8bX9/e7tfW+knEZM/jT/JGrEpzdb3S2Nq+urw6t1Rdqq7NzEzfmL05e312qrK4XKvm//aM8b1P/uLfe/X/dJ/4E/v0/9IB+/+vZ49efKxTLPWKf/li7+Pvh33ip/mx79N5ud0+2S3vdMqvO/ezX5/bq/8Lffr/6u/f40Dbjnn5gP2/cvfbzw/4owDAEDS2tlfmarXqxv9jIY13Ig2FgRROvBtpKHQKRe+ZAACAQfvvSX/RmQAAAAAAAAAAAAAAAAAAAMDxdVhPEdvryQI7xXQVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBP/wkAAP//8H7cnQ==")
r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000004c0)=@bpf_ext={0x1c, 0x26, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x6}, {}, {}, [@tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @map_val={0x18, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @map_idx={0x18, 0x2, 0x5, 0x0, 0xd}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x7ff, 0x0, &(0x7f0000000040), 0x41000, 0x43, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000001c0)={0x0, 0x1, 0x81, 0x200}, 0x10, 0x218ec, 0xffffffffffffffff, 0x3, &(0x7f0000000200)=[0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000480)=[{0x1, 0x1, 0x8, 0xc}, {0x5, 0x1, 0xe, 0x2}, {0x1, 0x1, 0xc, 0x3}], 0x10, 0x4, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000032500000000000000000018110000", @ANYRES32, @ANYRESOCT=r5], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r7}, 0x10)
openat(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xb, &(0x7f0000000b00)=@framed={{}, [@printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x20000000}, {0x85, 0x0, 0x0, 0x72}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
listxattr(&(0x7f00000008c0)='./file1\x00', 0x0, 0x0)

4.50124656s ago: executing program 2 (id=830):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000100)={[{@iocharset={'iocharset', 0x3d, 'macgreek'}}, {@umask={'umask', 0x3d, 0x5}}, {@namecase}, {}, {@fmask={'fmask', 0x3d, 0x8}}, {@discard}, {@dmask={'dmask', 0x3d, 0x3}}, {@iocharset={'iocharset', 0x3d, 'euc-jp'}}, {@errors_continue}, {@allow_utime={'allow_utime', 0x3d, 0xce38}}]}, 0x1, 0x1528, &(0x7f00000037c0)="$eJzs3AuYT9X6OPD3XWvtMSS+TXIZ1lrv5ptclkmSXJLkkiRJkuSWkDTJkYTEEJI0JCG5DEkMIblMTBr3+/2SkCRNkoTklqz/M+FxOnX+p/M7/XKe37yf59mP9X73ftd+9/f9XvbeZubbrkNrNaldvRERwX8EL/yTBACxADAQAPICQAAA5ePKx2Wtzykx6T/bCftzPZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/D9/+yMv///D8ksM/bLNWWu6wYQ80dTuP/ZG/f//6zgj2zE/c/euP/ZVeyVLoD9F+D3f3aQ45+u4f5nb9x/xrKzK33/+UovEPkvew6O5LzQmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AaX+ZAoBL4ytdF2OMMcYYY4wxxv48PseVroAxxhhjjDHGGGP/+xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGUiAG6Es3ATl4GYoD7dABbgVKkIlqAxV4DaoCrdDNbgDqsOdUANqQi2oDXdBHbgb6sI9UA/uhfpwHzSA+6EhPACN4EFoDA9BE3gYmsIj0AyaQwtoCa3+R/nPQ094AXpBb0iCPtAXXoR+0B8GwEswEF6GQfAKDIZXIRmGwFB4DYbB6zAc3oARMBJGwZswGt6CMTAWxsF4SIEJMBHehknwDkyGd2EKTIVUmAbT4T2YATNhFrwPs+EDmANzYR7MhzT4EBbAQkiHj2ARfAwZsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EHfAI74VPYBbthD3wGe+HzfzP/1D/kd0NAQIECFSqMwRiMxVjMhbkwN+bGPJgHIxjBOIzDfJgP82N+LIgFMR7jsQgWQYMGCQmLYlGMYhSLY3EsgSWwFJZChw4TMAHL4k1YDstheSyPFbACVsRKWAmrYBWsilWxGlbD6lgda2ANrIW18C68C/tgXayL9bAe1sf6l25PYSNshI2xMTbBJtgUm2IzbIYtsAW2wlbYGltjG2yD7bAdtsf22AE7YCImYkfsiJ2wE3bGztgFu2BX7IrdsDt2z3w+B+AL+AL2xhqiD/bFvtgPk3MMwJfwJXwZB+Er+Aq+isk4BIfia/gavo7D8SSOwJE4CkdhVfEWjsGxSGI8pmAKTsSJOAknYVah7+JUTMVpOB2n4wyciTPxfZyNH+AHOBfn4nxMwzRcgAsxHdNxEZ7CDFyMS3ApLsPluAxX4ipciWtwLa7B9bgeN+JG3IybcStuxe24HT9BBYCf4m7cjcm4F/fiPtyH+3E/HsADmImZeBAP4iE8hIfxMB7BI3gUj+FxPIYn8ASexFN4Gk/jWTyL5/DZ+K8bf1JydTKILEooESNiRKyIFblELpFb5BZ5RB4RERERJ+JEPpFP5Bf5RUFRUMSLeFFEFBFGGEEijAEAERVRUVwUFyVECVFKlBJOOJEgEkRZUVaUE+VEeXGLqCBuFRVFJdHWVRFVRFXRzlUTd4jqorqoIWqKWqK2qC3qiDqirqgr6ol6or6oLxqI+0VD0QcH4IMiqzNNxBBsKoZiM9FcyIufYK3FcGwj2op24nExEkdgB9HaJYqnREcxBjuJv4mx+IzoIsZjV/Gc6Ca6ix7iedFTtHG9RG8xGfuIvmIq9hP9xQDxkpiBNcX7ODtnLfGqSBZDxFDxmpiPr4vh4g0xQowUo8SbYrR4S4wRY8U4MV6kiAlionhbTBLviMniXTFFTBWpYpqYLt4TM8RMMUu8L2aLD8QcMVfME/NFmvhQLBALRbr4SCwSH4sMsVgsEUvFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQn4id4lOxS+wWe8RnYq/4XOwTX4j94ktxQHwlMsXX4qD4RhwS34rD4jtxRHwvjopj4rj4QZwQP4qT4pQ4Lc6Is+IncU78LM4LL0CiFFJKJQMZI3PIWJlT5pJXydwyuPjsXiPj5LUyn7xO5pcFZEFZSMbLwrKI1NJIK0mGsqgsJqPyellc3iBLyJKylCwtnSwjE+SNsqy8SZaTN8vy8hZZQd4qK8pKsrKsIm+TVeXtEiIX9lFD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6iy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeW/zH/7d/IH/7L3jXKT3Cy3yK1ym9wud8hP5E65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbKTHlQHpSH5CF5WB6WR+QReVQek2fkD/KE/FGelKfkKXlGnpVn5bmLzwEoVEJJpVSgYlQOFatyqlzqKpVbXa3yqLwqoq5RcepalU9dp/KrAqqgKqTiVWFVRGlllFWkQlVUFVNRdT1efMGoUqq0cqqMSlA3/jv5qri6QZVQJX+Vf6m+pH9SXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVKJKVB1VR9VJdVKdVWfVRXVRXVVX1U11Uz1UD9VT9VS9VC+VpJJUX/Wi6qf6qwHqJTVQvawGqUFqsBqsklWyGqqGqmFqmBquhqsRaoQapUap0Wq0GqPGqHFqnEpRKWqimqgmqUlqspqspqgpKlWlqulqupqhZqhZapaarWarOWqOmqfmqTSVphaoBSpdpatFapHKUIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nnfYFIhCBClQQE8QEsUFskCvIFeQOcgd5gjxBJIgEcUFckC+4LsgfFAgKBoWC+KBwUCTQgQlsIC42PRpcHxQPbghKBCWDUkHpwAVlgoTgxqBscFNQLrg5KB/cElQIbg0qBpWCykGV4LaganB7UC24I6ge3BnUCGoGtYLawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLGgetAhaBq3+1Pm9P1ngMddL99ZJuo/uq1/U/XR/PUC/pAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erJ+V0/RU3Wqnqan6/f0DD1Tz9Lv69n6Az1Hz9Xz9Hydpj/UC/RCna4/0ov0xzpDL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0J3qn/lTv0rv1Hv2Z3qs/1/v0F3q//lIf0F/pTP21Pqi/0Yf0t/qw/k4f0d/ro/qYPq5/0Cf0j/qkPqVP6zP6rP5Jn9M/6/PaZ53cZ329G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emn8ln8pv8pqApaOJNvCliipgsZMgUNUVN1ERNcVPclDAlTClTyjjjTIJJMGVNWVPOlDPlTXlTwVQwFU1FU9lUNreZ28zt5nZzh7nD3GnuNDVNTVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDCJJtF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TJJJMn1NX9PP9DMDzAAz0Aw0g8wgM9gMNskm2Qw1Q80wM8wMN8PNCDPSjMo6UTVvmTFmrBlnxpsUk2ImmolmkplkJpvJZoqZYlJNqpluppsZZoaZZWaZ2Wa2mWPmmHlmnkkzaWaBWWDSTbpZZBaZDJNhlpglZplZZlaYFWaVWWXWmDVmHawzG8wGs8lsMlvMFrPNbDM7zA6z0+w0u8wus8fsMXvNXrPP7DP7zX5zwBwwmSbTHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81ZU+Di96U3sTanzWWvsrnt1TaPzWv/MS5oC9l4W9gWsdrmtwV+FRtrbQlb0paypa2zZWyCvfE3cUVbyVa2Vexttqq93Vb7TVzH3m3r2ntsPXuvrW3v+lVc395nG9iHbUNEANvcNrYtbRP7sG1qH7HNbHPbwra07e0TtoN90ibap2xH+/Rv4gV2oV1lV9s1dq3dZXfb0/aMPWS/tWftT7aX7W0H2pftIPuKHWxftcl2yG/iUfZNO9q+ZcfYsXacHf+beIqdalPtNDvdvmdn2Jm/idPsh3a2Tbdz7Fw7z87/Jc6qKd1+ZBfZj22GDWCJXWqX2eV2hV15qVaf1663G+xGu9N+arfYrXab3W53XDoRtrvtHvuZ3Ws/twftN3a//dIesIdtpv36lzjr+A7b7+wR+709ao/Z4/YHe8L+qC5lZx37D/Zne956C4QEJElRQDGUg2IpJ+Wiqyg3XU15KC9F6BqKo2spH11H+akAFaRCFE+FqQhpMmSJKKSiVIyidD1dKq8UlSZHZSiBbqSydBOVo5upPN1CFehWqkiVqDJVoduoKt1O1egOqk53Ug2qSbWoNt1Fdehuqkv3UD26l+rTfdSA7qeG9AA1ogepMT1ETehhakqPUDNqTi2oJbWiR6k1PUZtqC21o8epPT1BHehJSqSnqCM9TZ3ob9SZnqEu9Cx1peeoG3WnHvQ89aQXqBf1piTqQ33pRepH/WkAvUQD6WUaRK/QYHqVkmkIDaXXaBi9TsPpDRpBI2kUvUmj6S0aQ2NpHI2nFJpAE+ltmkTv0GR6l6bQVEqlaTSd3qMZNJNm0fs0mz6gOTSX5tF8SqMPaQEtpHT6iBbRx5RBi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQJ7STPqVdtJv20Ge0lz6nffQF7acv6QB9RZn0NR2kb+gQfUuH6Tvfm76no3SMjtMPdIJ+pJN0ik7TGTpLP9E5+pnOkycIMRShDFUYhDFhjjA2zBnmCq8Kc4dXh3nCvGEkvCaMC68N84XXhfnDAmHBsFAYHxYOi4Q6NKENKQzDomGxMBpeHxYPbwhLhCXDUmHp0IVlwoTwxrBseFNYLrw5LB/eElYIbw0rhpXCh++tEt4WVg1vD6uFd4TVwzvDGmHNsFZYO7wrrBPeHdYN7wnrhfeG5cL7wgbh/WHD8IGwUfhg2Dh8KGwSPhw2DR8Jm4XNwxZhy7BV+GjYOnwsbBO2DduFj4ftwyfCDuGTYWL4VNgxfPqX9fct/Ofrk8I+Yd/wxfDF0Pt75Lzo/Gha9MPogujCaHr0o+ii6MfRjOji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iboxqj3tXOAQyecdMoFLsblcLEup8vlrnK53dUuj8vrIu4aF+eudfncdS6/K+AKukIu3hV2RZx2xllHLnRFXTEXdde74u4GV8KVdKVcaedcGZfgWrpWrpVr7R5zbVxb18497h53T7gn3JPuSfeU6+iedp3c31xn94zr4p51z7rnXDfX3fVwz7uebkKeC+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ15YS9z3Bw3z81zaS7NLXBZ54zpbpFb5DJchlvilrhlbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vl816Y1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5Mi7kSmRqZHUyLTI9Mh7kRmRmZFZkfcjsyMfROZE5kbmReZH0iIfRhZEFkbSIx9FFkU+jmREFkeWRJZGlkWWR7wvvCX0RX0xH/XX++L+Bl/Cl/SlfGnvfBmf4G/0Zf1Nvpy/2Zf3t/gK/lZf0Vfylf0jvplv7lv4lr6Vf9S39o/5Nr6tb+cf9+39E76Df9In+qd8R/+07+T/5jv7Z3wX/6zv6p/z3Xx338M/73v6F3wv39sn+T6+r3/R9/P9/QD/kh/oX/aD/Ct+sH/VJ/shfqh/zQ/zr/vh/g0/wo/0o2Le9KMvXSLDeJ/iJ/iJ/m0/yb/jJ/t3/RQ/1af6aX66f8/P8DP9LP++n+0/8HP8XD/Pz/dp/kO/wC/06f4jv8h/7DP84ks3lf0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9Dv+J3+k/9bv8br/Hf+b3+s/9Pv+F3++/9Af8Vz7Tf+0P+m/8If+tP+y/80f89/6oP+aP+x/8Cf+jP+lP+dP+jD/rf/Ln/M/+PP/OGmOMMcbYHzLh8lD8es2F2/l9fidH/N3GfQHg6q2FMv9+fdYZ5br8F8b9RXz7CAA81bvrg5eWGjWSkpIubpshISg2F+DS/wRliYHL8WJoB09AIrSFsr9bf3/R/Sz9i/mjtwDk+rucWLgcX57/CwBM+p35H3181IIK4em4/8/8cwFKFLuckxMux4uh3S/3V9pCuX9Sf4HW/6L+nF+mALT5u5zccDm+XH8CPAZPQ+KvtmSMMcYYY4wxxi7oLyp3vnT9eeknPn/v+jxeXc7JAZfjf3V9zhhjjDHGGGOMsSvvme49nnw0MbFt539/UO1/lPWHB03hf2tmHvzuwHuAS48oAPgPJwTIGsi/8ig2/yX7Sr741vnHVcvO+AD+O1r5Zwyu8AcTY4wxxhhj7E93+aT/14+rK1UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWDf0Vf07sSh8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9vwAAAP//kfb+pw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xa546544349ed4e4c, 0x11, r0, 0x0)
write$UHID_INPUT(r0, &(0x7f0000002900)={0x8, {"e050b08dab11e22fb94b1b38ef20eddc995c42c1b23e9b508adfecf86eb93d3313cc28119d4f353f09f442807a270f2e480aacd386e0c2871af39a698f981a5598c553b457c6cd39799449d8e30701dd9727c137e3cc633af3790c1cf3f8dfb29eac315e5d1a63d06d686011e427b1775999877fe3abd3ddc8a7198014eeac9143f2146fe8d60b218a8f4436bd49e4da223ee776b6c54270abd7fbbf70dc4da8f86c127b8368945d7731faac72b428392d4f0b58dcf5c0b15e0b6c096ee1f9cc3c8e719ae584d3ab395219dbacec94c027dab6b7d20a80c63a5494d39dfcb8ff0c82b45aa31cd1abed59b13b3ebae938ceeae2292613dd0d037c540bb8d735fbcd9c96b35f834fa7ddac0104f16ae5dfb9960d8e1d8bf8608404707ba54f5180d038fdf8403b396052c36ec76c83489bb5196947a4748a6dff1567f57c670fbff01d2954dbbcb39bb39e8dac95beecb1160b987608808b52fcceb1bec67799d368f4cc6b2c509e0d83f22ebaca58103c164b387142ecb4ba362d6e0a1ddcf541512790d5d033eb8631bf244390d43e4b792acca2ea03b344d0231f5801093afc5b1ba79c141a2ffe7c028dc23bff46ca72b965d60417092a08b76a24b17a331c1126833cdd3d702081c8b29858ff0c633a0305114a8c3552a0b8809ceb5be4071aef934db98d284adfbe6b9c9e30be5b0ffdea76066e77c598149e22ad118fca83976522a40388d157ad7eec566c672a18c54e347551475b519d27cf9cb087874ff52e84ec776ec77c9c36a5137f63b31432e79be4d6cf70e28f5fee907fa513f64d2ff2f1db8b7003c05ec35da7420df75dc066795d8b3ae8ff0e1993b82dcd01c6994387eaaf449e1807a1dfb453332faab67fa9c7a028ec70ea9c74078c23093f5cd6c1772cbdae78aee8312d0b3d4cfdfb17b692bb057acb29b3dbab29d711ccdf2468b83c2cd81afc036003e6d1241d528b6977542278881f80ba1bb1e476a317c3f067e8779269c84f4b63f28db598a566e7b01a38c79a48c686049150564e73eee755adc0e1e4ef3de5d035064501654a12fcfdd422db7ddb79ebd9b6c822786ede9bcbeef693c110d6d54abc198eef421764b5e6dcc4b7edcd4f38a4b88a6033b849fc81ad6b79d4bc3171af6206ac018e6d3ea91b116fd3a1cc7e7035c98d8bb8b582bdca94cb9da97ab873fdd8765506cfe88fec57cb169a93a310aa8d101fe9c90469e6ea0400837897e7630e55b6cf804b34490e93acf13034246c2da3f6bae328f3ec5b375720bca3413d7286014b4ce52bd3156e2a5041ecfb5b7651d6d36a2e6fa40777bf72c85c40e2aa43e7a4f40a39fb8ad8c27afad64ec6f1887fdb0785d814a643e9d8ca57c72fae1559afa4221ea50073e52c41a543b4456e759ad3364cf8ebddd99bc54f0b7b22f05df19b9a7ee3013df04720cc9121ed9e796441fa79d6af9db9dabfb64b702ef87c86e8c5d4a660b7738b0af15be39ccbcc7f888537af8f5c0fecdab272a7be9cabbfee9b9d3a2e07642fa0398b9ef553668eb6b81d6787ae0e0460278e6d203f93f92f7a1ad268b778ae38443b0b63fb1b598ea0403c6b43228302bdbcd6f8c18670312456070eb9a1b00b00e7dc9293412e3e47c7d07fb4a72c54e3495754c887cc8a540a834b49c8d6c5d0998e6c6578dcd6bce8ec31d8cbd2924ee3591bdccb335fa4166eb2210b77a0955e077cedcbd25439a951022bb777ce2d05f97c7032467c307149ff43b8f164ee61078c85d6d1dc62d09653e9a513377ff141af5c240855d9b117229fb984c49d61d75a4759152ec87298df049df32df1f1ae747807f1b9647302f62f58d58ca42cee87f1e8e46e60573d6eb003d77d97a6f48902b37d9ac14cd1f856e3137e2a09c11bac84016dae7d81296bed3464a77f8d033f66628b8adaf8e56327fade16f0b0e68f1e2ec51e70ad93788d4ef9f55ecafba5127f0f757d04f4581071bba77646362c7acf6db2d2c180e376d321ba62ed899321af6ce763d940535673abc41812e4df813c4e471e9f4fe9f2428e39ce7105c16b47c565a83fb848735f76a2f9716a3ac59437c88b0073b2a5830f87f96d5c33bd4b1d8882b8e5af1ce7abf39a339c732a166e701ccc8056647494a62cd48d8dd022b70835e6057d39e6ff32da6792862f8e36c47db98ee21281e105800b1b42ec4d2067c4fc70a17f98ca7cb8e237f3530e7691781a45e008222c54d3db03e1a18d068c0558b154dc457cc04bec62fe9d87b4e6ba38afd1f1a96389a62cb2789e1f9beb917ebe1ab20d01f6c96c2b7da4a85d05618a969f3de6b029861ea8621507f39ac4d1650703974054d8fa96c8249b0546240d610345ea242e4f35e3e2ec686b0aec00c9e512160cad585840f021d8678a4fea874e58b69b3932395178d8b0b769198656c7982b87ca44316c211bfae805a21482dacb761c3279f233f1abf6b98ed09aba1563b083f7648b009e61fb93e559016c8cdc71cbf44aeefb2340b46a79f36716492d29452e35983a056aa7de9ff466bfd050cc35e38bf5435eb98f334d3330da9a5ab2173f0cfcf9e6154187cab9c62828194ec6d0753453693ad03ee8da785dfed16d118e5b6060dab37defd7235942576713c46e02fb488607f26065fddcd86956b646c46101730b8ecce70d8370835c0ee0fff3a43ee4326f5d0cd00857baef74ca8adc180e10914784674bd8328268de812ee74861fd4945bf5c51181d634517c3152def6ae267e35a17e98b166cb61a77be8b3b5c98a752ad634283344dae4836cc8be918c870a69ecf2817acffe4159120e59540d67fa12a6f6609966c934b871d9279b01eadc118a98c4f517d30e8846be6e4ee1f214dcee3f7be9a55c2008736e3072fcd7c608ffc88194250098cbc63139f3b5aa64d2f0d87dfacaf3230c66f2f54f53009f3f158bf4da7e3801d6a3a10ac682fb63232c909829f764510c441600311a87e80a9405ab45bcec17266143d62e8ed31fd6a8524bd28d77b3d66469ed5958178153eb7de1e8cbfeaeb37bbc7cf7c435f59ae33ab0af41203f5d85db7d6dc323841e6ef85eb4e38c212a11e5eb81bf0b11f4e106da489875ead5a427ad3ab609ad0f9a5178ac7ee55ee7a4dbb59a1e280867e45a9684a311fc31c6d87f766da3c4fb0b3c5cc1ad38b95f95f53aa927bdd779a3893fa7cb4037b55e5f9e02b08fb1aa67094736b9ab27d70b56cc85c920b162c22968d19368f47f532c43e25de41fab55932e246e8ad789bc0681c59a7a62d17f8150f6f0ae8341386a8450c5c76a03634af9c61867ba94cf8e82187e7dc00ac7f285908bc4631a1619f9cac0691b2c618230bef2c52b6dbb98c4eff35e833ea2333c2cba5fbebb89549d69cee58d9dc0a7a8b7cf92748734ad19419f33b07498beb0ff926199d0277c8c3c86358a0e078ed72331d2b51bca8d2ec29466c0880cec9fd494c0a30232f79be19f6a42f0e2534c6e6e1ee7272c944751c31688d315fa3f36230450c353eaebccdad704c6e8cc919eca73fffc30f12c5dc994a995c80bb1d8609475620d67762ba24c362dfe611c67ce59284aa3d2e5ade744dba77f888b1d7b0b175929da4d6aac375652d16aeacf9d0510705806d21d6cc30ee5ef7dc672ff431e34527aa81e5c94e44fc3f0fc20e54207a55f91be81b8cfda0109c3e4608f5d202c7df72984035a8f4a939cf79d738a4cb9c88458dbcce546096bdd7bd60b22cdaecbfc0bc1b7c95772f723c7613d431b74fcb358531423c88e663e9263baf29eeb7a29ec7c423e62d5f08d992f2794483d7132331f37f968b6aeafb8ce9782ef0931cace494a7c61648db8225cc0bbf7144619262ac4af30eb533e35d9d611f55b8109fd9f79447a6440f7d30b34c1c7dc7fc0e2b002d061f801997be2cef9d185c7ae6eef714db3088e26c0955491be8747e8e93526c4311734c8a9b4ddb93edc72510d9bb784547608e8250a02d9f2bc34ef745b92a4af3abd77ef9dd19946d758d78d4fb131ce0a223c3f63bbb892b4299d13dfdc341e97d90398b7612d076604ed946f017a7a310a410a9e0ba7242b734a7ce2a4b4bd5173fc6e8b0677f99fd61c66a6bfdc909b9c99f1da60d2bc79b55dc1a63c2a9ac704582ac80fc09453ef71141e1a7e372bc96ff4bacb65976e79fc426aea02393ad8862e14e39abe6e476b0d03884315ca48ef5ebb83c2f09a9206bab1a7ddab0397c9d4dcac7f677068e382e500524cf192fbf6057c5aa929f8aa4b8cc339c91322f1f7757cce91ef490c0d68f59cde7986d8ccadc584059c02f670f35641c5bfe52dfb5555f7a3e18ee3da789f69b5237a713717c3b4d05b60b9b2c0b230676a60482e481e539d46a720bc4f32a76b87f74f16aa11d18577c8753546e46ac78615d404a008311aa01bafb8c61c02520cf8e56b67109977ab38ea9b7bb3ed11f9b9956e85a923005df5c0a51929fb179ebc6ecc0b8016e851a6b829d379cec27009530cf11d8f171ef46d7c1e3b206a6ec7f089100a0765e3f59e02ccedf48f30ffbdd08407eb920555938013919f305476e2a046c9e8ce4c81a7b4b569de5161cc96adc8727aff50a2375f2b122fc7f46433b146a718c8d0a330255fb1081b361343e5169dcb360fb990bc211f19c50c13217c1b35625e538d294fa75420a48d4756d14fcb7fb7a65368177acc014d0bea0aa50eaf27c0551851b05b0d39b91051655e492c153ca4a86243435319d6301d1789d0bf1fa49f6d216331d5a3e3575d162764a694976355ace6796941b6c86288f4d4df8a4d1986d5a29a49104f65ea0c3686530008532ae1ee9f615f9bdf354d6a1c47bdc935c516ac0cad94d6ee312933f7eb0537d8e4ac48c6c8b9b03340ac183d484249b8437260b7ea3d016d6ac18a0d044758358971fa5bdc3b3c07054fc276350a72cad0c9265b2a0998c02a935956f6a68969d91b998f264c8adb171a5844049d15c654fa52173ae2b42bd3d547df61154ff4aa1334d02b169f79a01f964000aff460d83fcec104b9c823438e3e8f937888289c7c87fb2b27113f2f4e1182e7992acb4e1d4ce4274b78bd64dd8d9a0ef164c1e80457b5c767d2d308fbb0eb1c65de4fc7aa59c8c021bbc5791914f2c65bfe1e2645fe10f769a98f6a53972abaf86a474873a83bcf50e5a84746636d74494f6094080cba5dfde0aac693bef748836772c3630026bdc4ece28655f9b95eef29513d142d561e7f2a4eb6b65e8adc45dcbdfec8b0e8cef9c4504ee054de595a9456b138ddc7c883a4bc96556d05b0f15951ef2ed08ff4ff4b9a0cc5f4eb90201211773f9531eb40f1fa76e2bd2cc0c568f9633c289aaca55399cf8496768f2507849e557362113258981171e814bd559480e457e3b8e816b894df439fdc0579fcc128a8535060350e4f05e3c4f86851c509c04121e1c98c88ddd5dd1683fde6f9ccf29d485f13ef3fdcf1162424b2d7d217f21d6408bde29de626ee124ea6426597e073db78d2852dcee6f5244a6524af8b4765ed4231abf6f0e63b93529a72aebdbf5ffe643d1c5cdfa2fc451285449e57c2445319f4170e420024eceb1c85381fe516b6634083f4fa0a1036b8c8f38e8672905602fa01d67764ee1b051f73a9226ad5321a2a85b236e933c5346896642b2c63d316e817e98eb8dcebb015c9448433ddbe41df90de80d766e23c996965e728133c32c6b22f3323aadaa832089e5d95bc02e1446cd89445d7b1eeb8d8ed5af6ff1d6daf22afb369ab7eec500", 0x1000}}, 0x1006)
mkdir(&(0x7f0000000100)='./control\x00', 0x0)

4.43175492s ago: executing program 2 (id=832):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@bridge_dellink={0x24, 0x13, 0x5, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0x4}]}, 0x24}}, 0x0)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000000000040de28421100000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f00000001c0)={0x2c, &(0x7f0000000000)={0x0, 0x0, 0x5, {0x5, 0x0, "b1a748"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000800)={0x84, &(0x7f00000003c0)={0x0, 0x17, 0x2, '{|'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGFEATURE(r4, 0xc0404807, &(0x7f00000001c0)={0x1, "5fbaf77c49a9e363eed255a8164a43edd3fbf3f53506ab88ceae7536ba00c7498731efa3dafb0258a1a0e6dacafa3ba666a4c94f7af45941f84c2857c71600b2"})
r5 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x881000, &(0x7f0000000580)={[{@resgid={'resgid', 0x3d, 0xee00}}, {@grpquota}, {@grpjquota_path={'grpjquota', 0x3d, './file1'}}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x2e}}, {@nobarrier}, {@sysvgroups}, {@nouser_xattr}, {@noacl}], [{@seclabel}]}, 0x1, 0x4d8, &(0x7f0000000b00)="$eJzs3c9rHG0dAPDvTLJvf+U1edXDa8G22EpatLtJY9vgoVYQPRWs9V5jsgkhm2zIbtomFEnxriCigidPXgT/AEH6J4hQ0LtUUURbPXhQV3Z2trZxNwl0s1OTzwem8zzzJPv9Pg07M8/Mw0wAx9aFiLgdESMRcSUixvPtab60227f7fzcyxeP59tLEq3Wvb8kkeTbup+V5OszEbETEScj4mtfifhm8r9xG1vbK3O1WnUjr1eaq+uVxtb21eXVuaXqUnVtZmb6xuzN2euzUwPp50RE3PrSH37w3Z9++dYvP/vwd/f/dPlb7bTG8vbX+zFIna6Xsv+LrtGI2DiMYAUYydelPu3fGRliMgAA7Kt9jv/RiPhUdv4/HiPZ2SkAAABwlLS+MBb/TCJaAAAAwJGVZnNgk7SczwUYizQtlztzeD8ep9NavdH8zGJ9c22hM1d2Ikrp4nKtOpXPFZ6IUtKuT+dzbLv1a7vqMxHxQUR8f/xUVi/P12sLRV/8AAAAgGPizK7x/9/Hs/H/iaLzAgAAAAZsYs/WVqvVGloqAAAAwCHZe/wPAAAAHAXG/wAAAHCkffXOnfbS6r7/euHB1uZK/cHVhWpjpby6OV+er2+sl5fq9aXsmX2r+31erV5f/1ysbT6qNKuNZqWxtX1/tb651ry//MYrsAEAAIAh+uD8098mEbHz+VPZ0vZe0UkBQ5Hs0569JOR5Xvn9EBIChmak6ASAwowWnQBQmNKuNXD87HcdoO/knV8NPhcAAOBwTH6i//1/1wTgaEuLTgAAGDr3/+H4Kr05A/B6cZkARfnIPu1vf//fS0QBAKBoY9mSpOX8XuBYpGm5HPF+9lqAUrK4XKtO5eOD34yXTrTr09lvJvvOGQYAAAAAAAAAAAAAAAAAAAAAAAAAOlqtJFoAAADAkRaR/jHJnuYfMTl+aWz39YH3kn+MZ+uIePjjez98NNdsbky3t//11fbmj/Lt14q4ggEAAADs1h2nd8fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBIL188nu8uw4z75y9GxETP+OdPZquTUYqI039LYvS130siYmQA8XeeRMSHveIn7bRiIjpZ9Ip/qsD4aUScGUB8OM6etvc/t3t9/9K4kK17f/9G8+Vt9d//pdHd/4302f+8f8AYZ5/9vNI3/pOIs6O99z/d+Emf+BcPGP8bX9/e7tfW+knEZM/jT/JGrEpzdb3S2Nq+urw6t1Rdqq7NzEzfmL05e312qrK4XKvm//aM8b1P/uLfe/X/dJ/4E/v0/9IB+/+vZ49efKxTLPWKf/li7+Pvh33ip/mx79N5ud0+2S3vdMqvO/ezX5/bq/8Lffr/6u/f40Dbjnn5gP2/cvfbzw/4owDAEDS2tlfmarXqxv9jIY13Ig2FgRROvBtpKHQKRe+ZAACAQfvvSX/RmQAAAAAAAAAAAAAAAAAAAMDxdVhPEdvryQI7xXQVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBP/wkAAP//8H7cnQ==")
r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000004c0)=@bpf_ext={0x1c, 0x26, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x6}, {}, {}, [@tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @map_val={0x18, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @map_idx={0x18, 0x2, 0x5, 0x0, 0xd}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x7ff, 0x0, &(0x7f0000000040), 0x41000, 0x43, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000001c0)={0x0, 0x1, 0x81, 0x200}, 0x10, 0x218ec, 0xffffffffffffffff, 0x3, &(0x7f0000000200)=[0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000480)=[{0x1, 0x1, 0x8, 0xc}, {0x5, 0x1, 0xe, 0x2}, {0x1, 0x1, 0xc, 0x3}], 0x10, 0x4, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000032500000000000000000018110000", @ANYRES32, @ANYRESOCT=r5], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r7}, 0x10)
openat(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xb, &(0x7f0000000b00)=@framed={{}, [@printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x20000000}, {0x85, 0x0, 0x0, 0x72}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
listxattr(&(0x7f00000008c0)='./file1\x00', 0x0, 0x0)

4.308045281s ago: executing program 4 (id=833):
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
socket$unix(0x1, 0x5, 0x0)
syz_usb_connect$uac1(0x0, 0xab, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x99, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@feature_unit={0x11, 0x24, 0x6, 0x0, 0x0, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @processing_unit={0xc, 0x24, 0x7, 0x0, 0x0, 0x0, "3e8e7a70e1"}, @mixer_unit={0x8, 0x24, 0x4, 0x0, 0x0, "5cc3bc"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0xe, 0x24, 0x2, 0x1, 0x0, 0x1, 0x0, 0x2, "e53a08000000"}, @as_header={0x7}]}, {{0x9, 0x5, 0x82, 0x9, 0x8, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x40000, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x8002, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x3)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000006c0015000000d9fece23b82000000000", @ANYRES32=r4, @ANYBLOB="000080000000000018003480050035"], 0x38}, 0x1, 0x300}, 0x0)

3.950852772s ago: executing program 3 (id=834):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x2000016, &(0x7f0000000000)={[], [{@rootcontext={'rootcontext', 0x3d, 'system_u'}}]}, 0x1, 0xb98, &(0x7f0000000c00)="$eJzs3M1rHGUYAPBnJpuPNrGbilhbBANSK4rbtCkKBaH1LCrooceuyaaEbD/MRjChh7Se/TiIeChI/wTBu/XQk+ChClr/giIWKXppPURmP9KlySZpu5tpm98P3p33nXezz/PssDvzwk4C2LbGsoc0Ym9EnEwiis39aUQM1HtDEUuN5925dX4ya0ksL7//dxJJRNy+dX6y9VpJczvcHAxFxLW3knj609VxawuLs+VqtTLXHB+cP33uYG1h8bWZ0+VTlVOVM0cm3jgy8frERBdrvXHuw2+e/+Wdly5e/nz83a93/ZTEsRhpzrXX0S1jMbbynrQrRES528Fy0tesp73OpJBjQgAArCttu4Z7NorRF3cv3opx9bdckwMAAAC6YrkvYhkAAAB4wiXW/wAAAPCEa/0O4Pat85Otlu8vErbWzeMRMdqov3V/c2OmEEv17VD0R8TOf5Jov601afzZQxvLIn3/cyVr0aP7kNezdCEinlvr+Cf1+kfrd3Gvrj+NiPEuxB+7Z/w41X+sC/Hzrh+A7enK8caJbPX5L125/ok1zn+FNc5dDyLv81/r+u/Oquu/u/X3dbj+e2+TMfb998q1TnPt138nvvhjKoufbR+qqPtw80LEvsJa9Scr9Scd6j+5yRjDkzcudZrL6s/qbbWtrn/5csT+WLv+lmS9/090cHqmWhlvPHaIsf/HEwc6xW8//lnL4rfWAlshO/47O9S/0fE/t8kYo3v+2ttpbuP60z8Hkg/qvYHmnk/K8/NzhyIGkrdX7z+8fi6t57ReI6v/5RfX//yvVX/2nbDUfB+ytcCF5jYbX7wn5vD+w989eP29ldU/9YDH/8tNxvj2h0sfdZrLu34AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg9pRIxEkpZW+mlaKkUMR8QzsTOtnq3Nvzp99uMzU9lcxGj0p9Mz1cp4RBQb4yQbH6r3744P3zOeiIjdEfFVcUd9XJo8W53Ku3gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABWDEfESCRpKSLSiPi3mKalUt5ZAQAAAF03mncCAAAAQM9Z/wMAAMCTz/ofAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHtv9wpXrSUQsHd1Rb5mB5lx/rpkBvZbmnQCQm768EwByU8g7ASA31vhAssH8UMeZwa7nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCj68DeK9eTiFg6uqPeMgPNuf5cMwN6Lb2fJ/f1Lg9g6/lIw/ZVyDsBIDfW+ECywfxQx5nBrucCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKNrpN6StBQRab2fpqVSxFMRMRr9yfRMtTIeEbsi4vdi/2A2PpR30gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHRdbWFxtlytVuZ0dHTW77wZvQzx2a8dp67uiWjbMxhbUHLe30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOShtrA4W65WK3O1vDMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8lZbWJwtV6uVuR528q4RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID8/B8AAP//H74Eag==")

3.747667783s ago: executing program 3 (id=835):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB='\x00'/10], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014001100b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
ptrace(0x4207, r4)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(0xffffffffffffffff)

3.303782495s ago: executing program 5 (id=848):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@bridge_dellink={0x24, 0x13, 0x5, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0x4}]}, 0x24}}, 0x0)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000000000040de28421100000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f00000001c0)={0x2c, &(0x7f0000000000)={0x0, 0x0, 0x5, {0x5, 0x0, "b1a748"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000800)={0x84, &(0x7f00000003c0)={0x0, 0x17, 0x2, '{|'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGFEATURE(r4, 0xc0404807, &(0x7f00000001c0)={0x1, "5fbaf77c49a9e363eed255a8164a43edd3fbf3f53506ab88ceae7536ba00c7498731efa3dafb0258a1a0e6dacafa3ba666a4c94f7af45941f84c2857c71600b2"})
r5 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x881000, &(0x7f0000000580)={[{@resgid={'resgid', 0x3d, 0xee00}}, {@grpquota}, {@grpjquota_path={'grpjquota', 0x3d, './file1'}}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x2e}}, {@nobarrier}, {@sysvgroups}, {@nouser_xattr}, {@noacl}], [{@seclabel}]}, 0x1, 0x4d8, &(0x7f0000000b00)="$eJzs3c9rHG0dAPDvTLJvf+U1edXDa8G22EpatLtJY9vgoVYQPRWs9V5jsgkhm2zIbtomFEnxriCigidPXgT/AEH6J4hQ0LtUUURbPXhQV3Z2trZxNwl0s1OTzwem8zzzJPv9Pg07M8/Mw0wAx9aFiLgdESMRcSUixvPtab60227f7fzcyxeP59tLEq3Wvb8kkeTbup+V5OszEbETEScj4mtfifhm8r9xG1vbK3O1WnUjr1eaq+uVxtb21eXVuaXqUnVtZmb6xuzN2euzUwPp50RE3PrSH37w3Z9++dYvP/vwd/f/dPlb7bTG8vbX+zFIna6Xsv+LrtGI2DiMYAUYydelPu3fGRliMgAA7Kt9jv/RiPhUdv4/HiPZ2SkAAABwlLS+MBb/TCJaAAAAwJGVZnNgk7SczwUYizQtlztzeD8ep9NavdH8zGJ9c22hM1d2Ikrp4nKtOpXPFZ6IUtKuT+dzbLv1a7vqMxHxQUR8f/xUVi/P12sLRV/8AAAAgGPizK7x/9/Hs/H/iaLzAgAAAAZsYs/WVqvVGloqAAAAwCHZe/wPAAAAHAXG/wAAAHCkffXOnfbS6r7/euHB1uZK/cHVhWpjpby6OV+er2+sl5fq9aXsmX2r+31erV5f/1ysbT6qNKuNZqWxtX1/tb651ry//MYrsAEAAIAh+uD8098mEbHz+VPZ0vZe0UkBQ5Hs0569JOR5Xvn9EBIChmak6ASAwowWnQBQmNKuNXD87HcdoO/knV8NPhcAAOBwTH6i//1/1wTgaEuLTgAAGDr3/+H4Kr05A/B6cZkARfnIPu1vf//fS0QBAKBoY9mSpOX8XuBYpGm5HPF+9lqAUrK4XKtO5eOD34yXTrTr09lvJvvOGQYAAAAAAAAAAAAAAAAAAAAAAAAAOlqtJFoAAADAkRaR/jHJnuYfMTl+aWz39YH3kn+MZ+uIePjjez98NNdsbky3t//11fbmj/Lt14q4ggEAAADs1h2nd8fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBIL188nu8uw4z75y9GxETP+OdPZquTUYqI039LYvS130siYmQA8XeeRMSHveIn7bRiIjpZ9Ip/qsD4aUScGUB8OM6etvc/t3t9/9K4kK17f/9G8+Vt9d//pdHd/4302f+8f8AYZ5/9vNI3/pOIs6O99z/d+Emf+BcPGP8bX9/e7tfW+knEZM/jT/JGrEpzdb3S2Nq+urw6t1Rdqq7NzEzfmL05e312qrK4XKvm//aM8b1P/uLfe/X/dJ/4E/v0/9IB+/+vZ49efKxTLPWKf/li7+Pvh33ip/mx79N5ud0+2S3vdMqvO/ezX5/bq/8Lffr/6u/f40Dbjnn5gP2/cvfbzw/4owDAEDS2tlfmarXqxv9jIY13Ig2FgRROvBtpKHQKRe+ZAACAQfvvSX/RmQAAAAAAAAAAAAAAAAAAAMDxdVhPEdvryQI7xXQVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBP/wkAAP//8H7cnQ==")
r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000004c0)=@bpf_ext={0x1c, 0x26, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x6}, {}, {}, [@tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @map_val={0x18, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @map_idx={0x18, 0x2, 0x5, 0x0, 0xd}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x7ff, 0x0, &(0x7f0000000040), 0x41000, 0x43, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000001c0)={0x0, 0x1, 0x81, 0x200}, 0x10, 0x218ec, 0xffffffffffffffff, 0x3, &(0x7f0000000200)=[0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000480)=[{0x1, 0x1, 0x8, 0xc}, {0x5, 0x1, 0xe, 0x2}, {0x1, 0x1, 0xc, 0x3}], 0x10, 0x4, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000032500000000000000000018110000", @ANYRES32, @ANYRESOCT=r5], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r7}, 0x10)
openat(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xb, &(0x7f0000000b00)=@framed={{}, [@printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x20000000}, {0x85, 0x0, 0x0, 0x72}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
listxattr(&(0x7f00000008c0)='./file1\x00', 0x0, 0x0)

2.857178177s ago: executing program 3 (id=839):
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
preadv(r0, &(0x7f0000004ec0), 0x0, 0x8000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x48100, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'syz_tun\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61158c000000000061138c0000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18487b6feb89752cd600000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbe0000000000000000000000000044585397feaadda3fcc64e7b0c08f7ac5c64cb190f1712a3b10fc34eb758705f1751d8c8b712eb39d2b8ad44f129c2c9aedb15"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

2.403480679s ago: executing program 1 (id=840):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r0, 0x4068aea3, &(0x7f00000002c0)={0x79, 0x0, 0x1})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000240), 0x1, 0x526, &(0x7f0000001b40)="$eJzs3d9rZFcdAPDvvTOTZndTM1WRWrEttrJbdGeSxrZBpK0g6ktBre9pTCYhZJIJmUndhKIp/gGCiAo++eSL4B8gSP8EEQr6LiqK6FafRPfKnbkxm2QmmTY/Zjf5fOBmzrm/vufc3Xvm3rmHewK4sp6OiFcjohQRz0XEZDE/Laa5PLPbW++9u28t5FMSWfb635NIinl7+8rz5Yi40dskxiPiG1+J+FZyNG57e2d1vtlsbBb5emdto97e3rm9sja/3FhurM/MTL84+9LsC7NTWeFU9axGxMtf+vOPvv/zL7/8689++w9zf731nbxYX/hY8omieAunCjBAb9+V7rHYkx+jzfMINgKloj6V0qhLAgDAMPJr/A9HxKe61/+TUepezQEAAACXSfbKRPwnicgAAACASyuNiIlI0lrRF2Ai0rRW6/Xh/WhcT5utduczS62t9cV8WUQ1KunSSrMxVfQVrkYlyfPTRR/bvfzzh/IzEfFYRPxw8lo3X1toNRdH/eMHAAAAXBE3njp4//+vybSbBgAAAC6Z6sAMAAAAcFm45QcAAIDL7d/FiwD259w73UhbAAAAwIPma6+9lk/Z3jjei29ub6223ry92Giv1ta2FmoLrc2N2nKrtdx9Z9/aSftrtlobn4v1rTv1TqPdqbe3d+bWWlvrnbmVA0NgAwAAABfosafe+X0SEbufv9adongPIMABfxp1AYCzVDrzFYGHRTn/88aoSwGMQuXENcoXUg5gdJITlg/svPObsy8LAABwPm5+/Ojz/7Fi2cm/DQAPM319AODq8XQPrq5KlNzmwxX3od7HI4OWv//n/4evLDKvFQUAgBGb6Pb8TdJa8SxwItK0Vot4tDssYCVZWmk2por7g99NVh7J89PdLZMT+wwDAAAAAAAAAAAAAAAAAAAAAAAAAD1ZlkQGAAAAXGoR6V+6IwBExM3JZycO/jpwaNSvn77+4zvznc7mdMRY8o/JfNZYRHR+Usx/PjMkAAAAADwAevfpxef0qEsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGXz3t23FvamAwvGzzfu374YEdV+8ctF6PGoRMT1fyZRvm+7JCJKZxB/9+2IeLxf/CTuZVlWLUrRL/61c45f7R6a/vHTiLhxBvHhKnsnb39e7Xf+pfF097P/+VcuptMa3P6l/2//SsX5fr+8/Xl0yBhPvPvL+sD4b0c8Ue7f/uzFT3r1Tw7Hf2bI+G98c2dn0LLsZxE3+37/JAdi1TtrG/X29s7tlbX55cZyY31mZvrF2ZdmX5idqi+tNBvF374xfvDJX907rv7XB8SvHqz/kfb/2SHr/99379z9SC9Z6Rf/1jP9v38fHxA/Lb77Pl2k8+U399K7vfT9nvzFb588rv6LA+q//++f9a3/rSHr/9zXv/fHIVcFAC5Ae3tndb7ZbGwekxgfYp0LTrxycbEmLr6CD+ABP+9E9t3e/8fT7eeUmx9JZCesMxbHbF6OMyjG2Ps4T882McpWCQAAOA/7F/15LktGXR4AAAAAAAAAAAAAAAAAAAC4ij7gG8LGI2LolQ/H3N1Prnz1gusLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDI/wIAAP//dGLgdw==")

2.067269921s ago: executing program 4 (id=841):
clock_nanosleep(0x2, 0x0, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)

2.001048021s ago: executing program 1 (id=842):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0xffdd)
write$tun(r0, &(0x7f0000000180)={@void, @void, @arp=@generic={0x30a, 0x8100, 0x6, 0x3, 0x2, @broadcast, "d646fa", @empty, "bda6fbfca90037f933a92cf770"}}, 0x24)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x4}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xb5, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000080)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x7}}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000001400), 0x208e24b)
fdatasync(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x28}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xa8}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r3}, 0xc)
memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setsockopt$MRT6_FLUSH(0xffffffffffffffff, 0x10e, 0xd4, 0x0, 0x0)

1.989942161s ago: executing program 3 (id=843):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
creat(&(0x7f0000000280)='./file0\x00', 0x48)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000030000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_int(r5, 0x0, 0x12, &(0x7f0000000000), &(0x7f0000000080)=0x3)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r7, &(0x7f0000000100)={0x24, @short={0x2, 0xffff}}, 0x14)
bind$inet6(r6, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r6, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000140)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "000500", 0x34, 0x6, 0x0, @remote, @mcast2, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0xd, 0x10, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "fb6b9acd8f4e1c92833a2f1e90339d18"}, @mptcp=@syn={0x1e, 0xc}]}}}}}}}}, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

1.584289303s ago: executing program 2 (id=844):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x7fff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000200), &(0x7f0000000280)=r1}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8)

1.448954993s ago: executing program 1 (id=845):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

1.314973054s ago: executing program 1 (id=846):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x2000016, &(0x7f0000000000)={[], [{@rootcontext={'rootcontext', 0x3d, 'system_u'}}]}, 0x1, 0xb98, &(0x7f0000000c00)="$eJzs3M1rHGUYAPBnJpuPNrGbilhbBANSK4rbtCkKBaH1LCrooceuyaaEbD/MRjChh7Se/TiIeChI/wTBu/XQk+ChClr/giIWKXppPURmP9KlySZpu5tpm98P3p33nXezz/PssDvzwk4C2LbGsoc0Ym9EnEwiis39aUQM1HtDEUuN5925dX4ya0ksL7//dxJJRNy+dX6y9VpJczvcHAxFxLW3knj609VxawuLs+VqtTLXHB+cP33uYG1h8bWZ0+VTlVOVM0cm3jgy8frERBdrvXHuw2+e/+Wdly5e/nz83a93/ZTEsRhpzrXX0S1jMbbynrQrRES528Fy0tesp73OpJBjQgAArCttu4Z7NorRF3cv3opx9bdckwMAAAC6YrkvYhkAAAB4wiXW/wAAAPCEa/0O4Pat85Otlu8vErbWzeMRMdqov3V/c2OmEEv17VD0R8TOf5Jov601afzZQxvLIn3/cyVr0aP7kNezdCEinlvr+Cf1+kfrd3Gvrj+NiPEuxB+7Z/w41X+sC/Hzrh+A7enK8caJbPX5L125/ok1zn+FNc5dDyLv81/r+u/Oquu/u/X3dbj+e2+TMfb998q1TnPt138nvvhjKoufbR+qqPtw80LEvsJa9Scr9Scd6j+5yRjDkzcudZrL6s/qbbWtrn/5csT+WLv+lmS9/090cHqmWhlvPHaIsf/HEwc6xW8//lnL4rfWAlshO/47O9S/0fE/t8kYo3v+2ttpbuP60z8Hkg/qvYHmnk/K8/NzhyIGkrdX7z+8fi6t57ReI6v/5RfX//yvVX/2nbDUfB+ytcCF5jYbX7wn5vD+w989eP29ldU/9YDH/8tNxvj2h0sfdZrLu34AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg9pRIxEkpZW+mlaKkUMR8QzsTOtnq3Nvzp99uMzU9lcxGj0p9Mz1cp4RBQb4yQbH6r3744P3zOeiIjdEfFVcUd9XJo8W53Ku3gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABWDEfESCRpKSLSiPi3mKalUt5ZAQAAAF03mncCAAAAQM9Z/wMAAMCTz/ofAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHtv9wpXrSUQsHd1Rb5mB5lx/rpkBvZbmnQCQm768EwByU8g7ASA31vhAssH8UMeZwa7nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCj68DeK9eTiFg6uqPeMgPNuf5cMwN6Lb2fJ/f1Lg9g6/lIw/ZVyDsBIDfW+ECywfxQx5nBrucCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKNrpN6StBQRab2fpqVSxFMRMRr9yfRMtTIeEbsi4vdi/2A2PpR30gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHRdbWFxtlytVuZ0dHTW77wZvQzx2a8dp67uiWjbMxhbUHLe30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOShtrA4W65WK3O1vDMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8lZbWJwtV6uVuR528q4RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID8/B8AAP//H74Eag==")

1.177293745s ago: executing program 4 (id=847):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r0, &(0x7f0000001340)=[{0x0}], 0x1)
readv(r0, &(0x7f0000001240)=[{&(0x7f0000000040)=""/65, 0x41}], 0x1)

1.114322735s ago: executing program 3 (id=849):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x25, 0x5586, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx44SsumCJWPBPEEisWPIbWMASdogFiB0SyDMTaNoGSuM4avs80vjMHL8+874jK9KZiRzAU2sh/e2XJE7FsYiYi4iTSeT7SblF3Im4XIx9LiJOR0Tlri0p838lDkfE8Yg4NSle1EzKtz47Oz5z8ec3f/362yOHTnz+1XcHunDgQD0fEf3VYn+jX8SsU8RbZb4x7uaxf2FcxtUdNfpZkd9or+QVNhrb4xp5PN8pxmer68NJvNlrNCex072Z51cHxQmH4852nckH0luNtfy41V7JY3eY5bGzVZx3c6v427Y1HBV1WmW9j/LyMRptxyLf3mwX61m9ncfmYFTmi7pZq705ieMylqeLZtZr5fNYecSL/Bh4qztY30zH7bVhNxukF2v1F2r1S9X6WtZqj9oXqo1+69KFdLHTmwyrjtqN/uVOlnV67Voz6y+li51ms1qvp4tX2ivdxiCt12vna+eqF5fKvbPpa9ffS3utdHESX+kO1kfd3jC9ma2lxSeW0uXa+ReX0jP19J1rN9Ibb1+9eu3Gux9cef/6y9feeLUcdN+00sXlc8vL1fq56nJ96Sla/8flpP/D+pMHp3/4fm+XDQq7fMEA2N19/X/c2/+H/h+Yur30//3b5fH+9P/xMP1/TLP/n7RU+v9/738rB9D/zof+fx/XD3vyaP3/4anPAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAmftx/ovX852F4vhEmf9fmXqmPE4iohIRfzzAXBzeUXOurDO/y/j5e+bwTRJ5hck5jpTb8Yi4XG6//3+/rwIAAAA8ub68c/rTolsvXhYOekLMUnHTpnLywynVSyJifuGnKVWrTF6enVKx/Pt9KDanVC2/gXV0SsWKW26HplXtocztCEfvCkkRKjOdDgAAMBM7O4HZdiEAAADM0if/+O5LM5sHM5bE9qPM7WfB+X/e//1A8NiO9wAAAIDHUHLQEwAAAAD2Xd7/+/0/AAAAeLIVv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf7JzP7lpA1EcgJ8Nhv5VUdV9r9IdHKNH6LLLwgF6CY5Ar9ALcAYiZZEjRBBhT5CcgBSJMU7Q90m2M+Po5xlg88bSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXbqpVrN/f77/PTdnuztPntkAAAAAx2yq1az+Y9K0P6b+z6nra2oXEVFGxLHafRCjVuYg5VQn/r96Mob/EXXCvn+cjg8R8SMd91+6/hQAAADgeq0Xy2lTrTentARw2++ouJBm0ab89DNTXhER1eQuU1q5P33LFFb/vofxO1NavYD1LlNYs+Q2PH5vlOshbYPW5XEm8/pLrFtlN88FAAD61K4ETlQhAAAAXIFffQ+AS3he2heH0+E947i5pBeC71stAAAA4A0q+h4AAAAA0Lm6/n9N+/8V9v8DAACA7Jr9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSplrN1ovl9NT9+Qtztrvz5JsRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLA/7ygQAmEQBnvXdyZz/8NKg4bGJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxb799EZRhgEAf3anu1DUWKtpYtVgwkEvUhYEuRqjaTz4EUyassXqIgo9CGnEXryZnrkYPRpjoqm3fgfONOGCNw491MSTh5r5V2bbFRqUmUJ/v+Td99nZ4f23E9Jn3lkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKm+/Gq+0iTtKXiTwuj93eWp5P641ddWp99c50WtK4VfO4nwCvVd8cn2puIAAAABweSZnfR8TdztpsWrcnsvy/U56T5vw/PJfHZT6/O+/f2Fo+Wnw0Xeb/v/9276WdjiaSrJ+00YXFQf/U3qGMPaYpHnjPP/SMsWzls3svSfaFtD9ceXGzk61n67tbt97vZuGROkYLADyKk2VdBOXfQ2nda3JgABwaY5XEu8z/k4lmxwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQh82VeKaMWxExPXY/Tm1sLc+Pqr9ZvTO9XpRzN2+uVttMm+hExMLioH+qxrkcXOVqXv9sbjDoX7l6re7geESM+OjG/v55Ugz/X8/pRsTQkRMvj2jn4330taudPUFxeUa9aziezu+hJ7eGjrT2LPh727kmLoC6gnbx/TyOLsZr/96Hg/La+/9brvm/IwAAnnqdoqSZ6N3O2mx6rDUZsf3jcP7/RiWOobx/+0Z+JH+/Xsn/731y7na1r2r+36tpfk+CmaVLX8xcvXb9rcVLcxf7F/ufv326907vzPmzZ8/PZPdKZhai7Y4JAAAA/0G3KNX8vz25d///WCWOB+z/51vCef7/5fe9r6t9JfL/ke5v+jU9EgAAgMOouxO98Ppff7ZGnNHqduOruaWlK738def96fy11uE+oiNFqeb/yWTTowIAAADqsLnSGtr/v1CJ4wH7/9Xn/5/96ZVfqm0mETEecTki+ifnLw8u1DedA62OHypnHXWbnikAAABNGS9Kdf+/kz3/39555KEdEW+eiPi7+A1/7DP/Tz749udqX9Xn/8/UOsuDpz2Vr0dWT0WMTTU9IgAAAJ5mR4uSJvt/dNZmP/312Eddz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2fAAAA//+FVSwP")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1817c3, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r3, 0xf501, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="0000000000000000b702000014000000b7030000030000008500000005000000bf0900000000000055090100000000009500000000000000b7020000000000007b2af0ff000000003609080000000000c39af0ffa0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000e80)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="757466383d312c7574663827312c756e695f786c6174653d312c756e695f786c6174653d312c73686f72746e616d653d6d697865642c756e695f786c6174653d302c73686f72746e616d653d77696e39352c757466383d302c6e6f6e756d7461696c3d302c73686f72746e2c6b6f636849727365743d6b6f69382d722c6e6f6e756d7461696c3d302c756e695f786c6174653d302c757466383d302c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c6e6f6e756d7461696c3d302c757466383d78ae0d302c66736e616d653d2c736d61636b66739c631f3aa44f38c0666c6f6f723d757c66383d00"], 0x1, 0x2b8, &(0x7f0000000700)="$eJzs3c+KI0UYAPCvM5mk1UNy8CSKDXrwtOzsE2SQWVjMSclBPeji7oJMgrALA/7B3j0Jnrx49AkEYW++hBffwAcQvLmHhZJOurcna5KdwGRGh9/vMt901Vf1VXfNDHPoyqevz47vFHHv0Td/RJ5n0RnFKJ5kMYxONB7GktEPAQD8nz1JKf5KC9vkZRGR764sAGCHtv77/3jnJQEAO/bBhx+9dzgeH71fFHncnH13Mqn+s6++LtoP78XnMY27cT0G8TQiPbOIb6aUym5RGcbbs/JkUmXOPvmtHv/wz4h5/kEMYji/tJx/a3x0UCycyi+rOl6u5x9V+TdiEK+umP/W+OjGivyY9OKdt07Vfy0G8ftn8UVM4868iDb/24OieDf9+PfXH1flVflZeTLpz/u10t4FPxoAAAAAAAAAAAAAAAAAAAAAAK6wa/XZOf2Yn99TXarP39l7Wn2zH0VjuHw+zyI/awZ67nygMsVPzfk614uiSHXHNr8br3WjezmrBgAAAAAAAAAAAAAAAAAAgP+WB19+dXx7Or17/1yC5jSA5rX+7cd5PM8anbryZmzO6rdzdepwwxSx1/TJIjbWUy3inG7Li4KX1tX88y/bDpi/uM9+NVe+rk/1CM8418M6aB5329TsruPb2ep72H/WOW82ya/NlZRS6sUZl9xb15S22n69lU2DDVnl6nFemQflhrkiW1fY92+0P5d1U/b8KnpL93kp2K+DWPcE8632879/V2RO6wAAAAAAAAAAAAAAAAAAgJ1qX/pd0fhoY2on9XdWFgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcqPbz/7cIyjr5DJ17cf9B1TXLLnedAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXG3/BAAA//8bwltm")
r5 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x7a)
ioctl$KVM_GET_DEBUGREGS(r5, 0x8080aea1, &(0x7f0000000180))
fcntl$setstatus(r5, 0x4, 0x2000)
rename(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00')

1.073696805s ago: executing program 1 (id=850):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB='\x00'/10], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014001100b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
ptrace(0x4207, r5)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(0xffffffffffffffff)

729.775717ms ago: executing program 2 (id=851):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x25c, &(0x7f0000000440)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002064070000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x26, &(0x7f0000000000))

517.182888ms ago: executing program 3 (id=852):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r0, 0x4068aea3, &(0x7f00000002c0)={0x79, 0x0, 0x1})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000240), 0x1, 0x526, &(0x7f0000001b40)="$eJzs3d9rZFcdAPDvvTOTZndTM1WRWrEttrJbdGeSxrZBpK0g6ktBre9pTCYhZJIJmUndhKIp/gGCiAo++eSL4B8gSP8EEQr6LiqK6FafRPfKnbkxm2QmmTY/Zjf5fOBmzrm/vufc3Xvm3rmHewK4sp6OiFcjohQRz0XEZDE/Laa5PLPbW++9u28t5FMSWfb635NIinl7+8rz5Yi40dskxiPiG1+J+FZyNG57e2d1vtlsbBb5emdto97e3rm9sja/3FhurM/MTL84+9LsC7NTWeFU9axGxMtf+vOPvv/zL7/8689++w9zf731nbxYX/hY8omieAunCjBAb9+V7rHYkx+jzfMINgKloj6V0qhLAgDAMPJr/A9HxKe61/+TUepezQEAAACXSfbKRPwnicgAAACASyuNiIlI0lrRF2Ai0rRW6/Xh/WhcT5utduczS62t9cV8WUQ1KunSSrMxVfQVrkYlyfPTRR/bvfzzh/IzEfFYRPxw8lo3X1toNRdH/eMHAAAAXBE3njp4//+vybSbBgAAAC6Z6sAMAAAAcFm45QcAAIDL7d/FiwD259w73UhbAAAAwIPma6+9lk/Z3jjei29ub6223ry92Giv1ta2FmoLrc2N2nKrtdx9Z9/aSftrtlobn4v1rTv1TqPdqbe3d+bWWlvrnbmVA0NgAwAAABfosafe+X0SEbufv9adongPIMABfxp1AYCzVDrzFYGHRTn/88aoSwGMQuXENcoXUg5gdJITlg/svPObsy8LAABwPm5+/Ojz/7Fi2cm/DQAPM319AODq8XQPrq5KlNzmwxX3od7HI4OWv//n/4evLDKvFQUAgBGb6Pb8TdJa8SxwItK0Vot4tDssYCVZWmk2por7g99NVh7J89PdLZMT+wwDAAAAAAAAAAAAAAAAAAAAAAAAAD1ZlkQGAAAAXGoR6V+6IwBExM3JZycO/jpwaNSvn77+4zvznc7mdMRY8o/JfNZYRHR+Usx/PjMkAAAAADwAevfpxef0qEsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGXz3t23FvamAwvGzzfu374YEdV+8ctF6PGoRMT1fyZRvm+7JCJKZxB/9+2IeLxf/CTuZVlWLUrRL/61c45f7R6a/vHTiLhxBvHhKnsnb39e7Xf+pfF097P/+VcuptMa3P6l/2//SsX5fr+8/Xl0yBhPvPvL+sD4b0c8Ue7f/uzFT3r1Tw7Hf2bI+G98c2dn0LLsZxE3+37/JAdi1TtrG/X29s7tlbX55cZyY31mZvrF2ZdmX5idqi+tNBvF374xfvDJX907rv7XB8SvHqz/kfb/2SHr/99379z9SC9Z6Rf/1jP9v38fHxA/Lb77Pl2k8+U399K7vfT9nvzFb588rv6LA+q//++f9a3/rSHr/9zXv/fHIVcFAC5Ae3tndb7ZbGwekxgfYp0LTrxycbEmLr6CD+ABP+9E9t3e/8fT7eeUmx9JZCesMxbHbF6OMyjG2Ps4T882McpWCQAAOA/7F/15LktGXR4AAAAAAAAAAAAAAAAAAAC4ij7gG8LGI2LolQ/H3N1Prnz1gusLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDI/wIAAP//dGLgdw==")

360.241979ms ago: executing program 4 (id=853):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x2000016, &(0x7f0000000000)={[], [{@rootcontext={'rootcontext', 0x3d, 'system_u'}}]}, 0x1, 0xb98, &(0x7f0000000c00)="$eJzs3M1rHGUYAPBnJpuPNrGbilhbBANSK4rbtCkKBaH1LCrooceuyaaEbD/MRjChh7Se/TiIeChI/wTBu/XQk+ChClr/giIWKXppPURmP9KlySZpu5tpm98P3p33nXezz/PssDvzwk4C2LbGsoc0Ym9EnEwiis39aUQM1HtDEUuN5925dX4ya0ksL7//dxJJRNy+dX6y9VpJczvcHAxFxLW3knj609VxawuLs+VqtTLXHB+cP33uYG1h8bWZ0+VTlVOVM0cm3jgy8frERBdrvXHuw2+e/+Wdly5e/nz83a93/ZTEsRhpzrXX0S1jMbbynrQrRES528Fy0tesp73OpJBjQgAArCttu4Z7NorRF3cv3opx9bdckwMAAAC6YrkvYhkAAAB4wiXW/wAAAPCEa/0O4Pat85Otlu8vErbWzeMRMdqov3V/c2OmEEv17VD0R8TOf5Jov601afzZQxvLIn3/cyVr0aP7kNezdCEinlvr+Cf1+kfrd3Gvrj+NiPEuxB+7Z/w41X+sC/Hzrh+A7enK8caJbPX5L125/ok1zn+FNc5dDyLv81/r+u/Oquu/u/X3dbj+e2+TMfb998q1TnPt138nvvhjKoufbR+qqPtw80LEvsJa9Scr9Scd6j+5yRjDkzcudZrL6s/qbbWtrn/5csT+WLv+lmS9/090cHqmWhlvPHaIsf/HEwc6xW8//lnL4rfWAlshO/47O9S/0fE/t8kYo3v+2ttpbuP60z8Hkg/qvYHmnk/K8/NzhyIGkrdX7z+8fi6t57ReI6v/5RfX//yvVX/2nbDUfB+ytcCF5jYbX7wn5vD+w989eP29ldU/9YDH/8tNxvj2h0sfdZrLu34AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg9pRIxEkpZW+mlaKkUMR8QzsTOtnq3Nvzp99uMzU9lcxGj0p9Mz1cp4RBQb4yQbH6r3744P3zOeiIjdEfFVcUd9XJo8W53Ku3gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABWDEfESCRpKSLSiPi3mKalUt5ZAQAAAF03mncCAAAAQM9Z/wMAAMCTz/ofAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHtv9wpXrSUQsHd1Rb5mB5lx/rpkBvZbmnQCQm768EwByU8g7ASA31vhAssH8UMeZwa7nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCj68DeK9eTiFg6uqPeMgPNuf5cMwN6Lb2fJ/f1Lg9g6/lIw/ZVyDsBIDfW+ECywfxQx5nBrucCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKNrpN6StBQRab2fpqVSxFMRMRr9yfRMtTIeEbsi4vdi/2A2PpR30gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHRdbWFxtlytVuZ0dHTW77wZvQzx2a8dp67uiWjbMxhbUHLe30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOShtrA4W65WK3O1vDMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8lZbWJwtV6uVuR528q4RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID8/B8AAP//H74Eag==")

313.085599ms ago: executing program 5 (id=854):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r0, 0x4068aea3, &(0x7f00000002c0)={0x79, 0x0, 0x1})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000240), 0x1, 0x526, &(0x7f0000001b40)="$eJzs3d9rZFcdAPDvvTOTZndTM1WRWrEttrJbdGeSxrZBpK0g6ktBre9pTCYhZJIJmUndhKIp/gGCiAo++eSL4B8gSP8EEQr6LiqK6FafRPfKnbkxm2QmmTY/Zjf5fOBmzrm/vufc3Xvm3rmHewK4sp6OiFcjohQRz0XEZDE/Laa5PLPbW++9u28t5FMSWfb635NIinl7+8rz5Yi40dskxiPiG1+J+FZyNG57e2d1vtlsbBb5emdto97e3rm9sja/3FhurM/MTL84+9LsC7NTWeFU9axGxMtf+vOPvv/zL7/8689++w9zf731nbxYX/hY8omieAunCjBAb9+V7rHYkx+jzfMINgKloj6V0qhLAgDAMPJr/A9HxKe61/+TUepezQEAAACXSfbKRPwnicgAAACASyuNiIlI0lrRF2Ai0rRW6/Xh/WhcT5utduczS62t9cV8WUQ1KunSSrMxVfQVrkYlyfPTRR/bvfzzh/IzEfFYRPxw8lo3X1toNRdH/eMHAAAAXBE3njp4//+vybSbBgAAAC6Z6sAMAAAAcFm45QcAAIDL7d/FiwD259w73UhbAAAAwIPma6+9lk/Z3jjei29ub6223ry92Giv1ta2FmoLrc2N2nKrtdx9Z9/aSftrtlobn4v1rTv1TqPdqbe3d+bWWlvrnbmVA0NgAwAAABfosafe+X0SEbufv9adongPIMABfxp1AYCzVDrzFYGHRTn/88aoSwGMQuXENcoXUg5gdJITlg/svPObsy8LAABwPm5+/Ojz/7Fi2cm/DQAPM319AODq8XQPrq5KlNzmwxX3od7HI4OWv//n/4evLDKvFQUAgBGb6Pb8TdJa8SxwItK0Vot4tDssYCVZWmk2por7g99NVh7J89PdLZMT+wwDAAAAAAAAAAAAAAAAAAAAAAAAAD1ZlkQGAAAAXGoR6V+6IwBExM3JZycO/jpwaNSvn77+4zvznc7mdMRY8o/JfNZYRHR+Usx/PjMkAAAAADwAevfpxef0qEsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGXz3t23FvamAwvGzzfu374YEdV+8ctF6PGoRMT1fyZRvm+7JCJKZxB/9+2IeLxf/CTuZVlWLUrRL/61c45f7R6a/vHTiLhxBvHhKnsnb39e7Xf+pfF097P/+VcuptMa3P6l/2//SsX5fr+8/Xl0yBhPvPvL+sD4b0c8Ue7f/uzFT3r1Tw7Hf2bI+G98c2dn0LLsZxE3+37/JAdi1TtrG/X29s7tlbX55cZyY31mZvrF2ZdmX5idqi+tNBvF374xfvDJX907rv7XB8SvHqz/kfb/2SHr/99379z9SC9Z6Rf/1jP9v38fHxA/Lb77Pl2k8+U399K7vfT9nvzFb588rv6LA+q//++f9a3/rSHr/9zXv/fHIVcFAC5Ae3tndb7ZbGwekxgfYp0LTrxycbEmLr6CD+ABP+9E9t3e/8fT7eeUmx9JZCesMxbHbF6OMyjG2Ps4T882McpWCQAAOA/7F/15LktGXR4AAAAAAAAAAAAAAAAAAAC4ij7gG8LGI2LolQ/H3N1Prnz1gusLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDI/wIAAP//dGLgdw==")

165.086089ms ago: executing program 1 (id=855):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x800000, &(0x7f0000006a80)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000018bbdecde39739fcd1df176dde746ec834120600000000003b814e50a959736d6572462abc30ef5b65c70f73ecea54b5e5bea9836c319f653557e79a002208ce996dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e3686873600000000005493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1034e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc36160191acf5ae7469c82ab4145b595b987d75912a0fcd1c061835294cc0c618aba204f8adaa20c80108d356cd88cc86177056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6020d90ea79b8027cf75964dd86c2ed2b5e75779677aa8c76b848dd03dab190b5f02ec52830a17b01eaae1c3df076000000000000000000000000000083a48a6b926c668b9b90195018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac0111701b125cc6799c43aa4ff708dc4a00a6decad26f0378072a571da000000b1a6bdf03fd56697e348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0df04f20020ee84075b4e1a2ad43d1be1138de4668e7b6137545708790c501f1ed7f6a571d500000000000000", @ANYRES64, @ANYBLOB="53d2d9de939847c9dd37ed564f2be0a4f9d29f7e23b3a032bbe730dc52348cbe87ceee766fd6025fe3e79ae4be665c25801faff43856dd4a90209ef9ad9a90beca5921e77f0b0248d2793d9a477240b4d3e13b1079fb066ea5b89316eaa679c336a781bafb6020144f23f787a4057fcb152a4a807a2fda22545953e4650264b5f42a2712642c0e"], 0x25, 0x558f, &(0x7f00000014c0)="$eJzs3EtvG9UXAPAzSZM+//1HiAW7jlQhJVId1elDsKJAKx6iVcVjwQqc2LXc2p4odt3QVRcsEQu+CQKJFUs+AwtYwg6xALFDAnnupGrapvThOGr7+0njM3N858y9I8vSGUsO4Lm1kP/1RxZH42BEzEbEkSzK/azaIm5FnEtjX4qIYxExc8eWVfnbifmIOBQRR8fFU82seuurE6PjZ35/98/vf9y/7/DX3/20pwsH9tTLEdFbT/s3eikW7RSvVvnGqFPG3ulRFde31egVKX+jtVpWuNHYGtco46l2Gl+sXx+M45VuY20c250rZX69ny44GLW36oxPyK82NsrjZmu1jJ1BUcb2zXTdzZvpu+3mYJjqNKt6n5XlYzjciinf2myl9axfK+Naf1jlU92i2docx1EVq8vFWtFtlvNYfcyb/BR4r9O/vpmPWhuDTtHPzyzXX1mun63VN4pma9g6XWv0mmdP54vt7nhYbdhq9M61i6LdbS2vFb2lfLG9tlar1/PF863VTqOf1+vLp5ZP1s4sVXsn8rcufZR3m/niOL7R6V8fdrqD/EqxkaczlvKV5VOvLuXH6/kHFy/nl9+/cOHi5Q8/Of/xpdcvvvNmNeieaeWLKydXVmr1k7WV+tJztP7Pq0k/wvqz+6d/+fnJbhskO3zAANjZPf1/3N3/h/4fmLiy/6/2H7X/712rjnen/4+H6f9jkv3/uKXS//93/zuzB/3vXOj/d3H98EQer/+fn/g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYul/nvnm73FlIx4er/P+q1AvVcRYRMxHxz33Mxvy2mrNVnbkdxs/dNYcfsigrjK+xv9oORcS5avv7/7t9FwAAAODZ9e2tY1+mbj29LOz1hJim9NBm5sinE6qXRcTcwm8TqjYzfnlxQsXKz/e+2JxQtfIB1oEJFUuP3PZNqtpDmd0WDtwRshRmpjodAABgKrZ3AtPtQgAAAJimLx747mtTmwe7Z/5+ySy2fsq8PWB/CtUPggcfcDIAAADwVMj2egIAAADAriv7f///BwAAAM+29P9/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8y8795CANRHEAfi0U/BuJce9V3MExPIJLl8IBvARHwCt4Ac6AiQuPYMAwHUmqJTFhSiP5vqQt05JfZ4DNm4YBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGNK3Zrf68unt51tzjqfblBkNAAAA0OfQ7FbpxaJtP8/nX+ZTr3O7iog6Ivpq90nMOpmTnNNceX/zRx++RqSE8/l53p5FxLu8/Xw19KcAAAAAj2u/2S7bar3d5SmA7+P2ijtpJ23qF+8L5VUR0Sx+FEqrz7s3hcLS73saHwulpQmsJ4XC2im3af+1WambdE06h98jWacvMbXqYe4LAACMqVsJXKlCAAAAeAAfxu4A9/B3aV9ddpfnjPP2kB8IPu20AAAAgP9QNXYHAAAAgMGl+r9n/b/0398x1v+rrP8HAAAAxbXr/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADCkQ7Nb7Tfb5bXr63/MOZ5uU25EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAv9ucdBUIgDMJg7/rOZO5/WGnQ0NikCoSPvzEYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYn5cUCIEgiII5438nff/DSoKeQYQIaHhUUYsGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYt5/eKMowAODP7nQXihprNU2sGkw46EXKgiBXYzSNBz+CSVO2WF1EoQchjdiLN9MzF6NHY0w09dbvwJkmXPDGoYeaePJQM//KbLtCgzJT6O+XvPs+Ozu8/3ZC+sw7CwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQ2nw3Xm0XcZK+TORxeez21vJ8Wm/sqlPrq3em05LGrZrH/QR4rfrm+FRzAwEAAODwSMr8PiLudtZm07o9keX/nfKcNOf/4bk8LvP53Xn/xtby0eKj6TL///23ey/tdDSRZP2kjS4sDvqn9g5l7DFN8cB7/qFnjGUrn917SbIvpP3hyoubnWw9W9/duvV+NwuP1DFaAOBRnCzrIij/HkrrXpMDA+DQGKsk3mX+n0w0OyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAOmyuxDNl3IqI6bH7cWpja3l+VP3N6p3p9aKcu3lztdpm2kQnIhYWB/1TNc7l4CpX8/pnc4NB/8rVa3UHxyNixEc39vfPk2L4/3pONyKGjpx4eUQ7H++jr13t7AmKyzPqXcPxdH4PPbk1dKS1Z8Hf2841cQHUFbSL7+dxdDFe+/c+HJTX3v/fcs3/HQEA8NTrFCXNRO921mbTY63JiO0fh/P/NypxDOX92zfyI/n79Ur+f++Tc7erfVXz/15N83sSzCxd+mLm6rXrby1emrvYv9j//O3TvXd6Z86fPXt+JrtXMrMQbXdMAAAA+A+6Ranm/+3Jvfv/xypxPGD/P98SzvP/L7/vfV3tK5H/j3R/06/pkQAAABxG3Z3ohdf/+rM14oxWtxtfzS0tXenlrzvvT+evtQ73ER0pSjX/TyabHhUAAABQh82V1tD+/4VKHA/Y/68+///sT6/8Um0ziYjxiMsR0T85f3lwob7pHGh1/FA566jb9EwBAABoynhRqvv/nez5//bOIw/tiHjzRMTfxW/4Y5/5f/LBtz9X+6o+/3+m1lkePO2pfD2yeipibKrpEQEAAPA0O1qUNNn/o7M2++mvxz7qev4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoG7/BAAA//8t0Sun")
r0 = open(&(0x7f00000001c0)='./bus\x00', 0x14d27e, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r2}, 0x10)
setitimer(0x2, 0x0, 0x0)
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x198)
r4 = open(&(0x7f0000000100)='./bus\x00', 0x40542, 0xc0)
ftruncate(r4, 0xee72)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="e5", 0x1}], 0x1, 0x7c00, 0x0, 0x0)
fallocate(r0, 0x10, 0x70, 0x7000)
r5 = syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c616c6c6f635f6d6f64653d72657573652c830564653d667261676d656e743a626c6f636b2c64697361626c655f726f6c6c5f666f72776172642c6261636b67726f756e645f67633d6f6e2c6e6f757365725f078e7474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c6e6f626172726965722c6a71666d743d7666736f6c642c6e6f696e6c696e655f64656e7472792c00"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
r6 = open(&(0x7f0000000340)='./file0\x00', 0x2, 0xdd)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r6, 0x6, &(0x7f00000004c0)={0x7, 0x0, &(0x7f0000000380)=[r3, r5, r2]}, 0x3)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0x8004587d, &(0x7f00000003c0)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4})

0s ago: executing program 4 (id=856):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

kernel console output (not intermixed with test programs):

139.298050][ T2505] erofs: (device loop3): mounted with root inode @ nid 36.
[  139.305948][ T2505] attempt to access beyond end of device
[  139.305948][ T2505] loop3: rw=0, want=14552337264, limit=16
[  139.362556][  T417] usb 2-1: USB disconnect, device number 8
[  139.387994][ T2285] usb 6-1: Using ep0 maxpacket: 8
[  139.397862][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  139.414612][   T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  139.424603][   T20] usb 5-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  139.433987][   T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.445868][   T20] usb 5-1: config 0 descriptor??
[  139.500710][ T2511] loop2: detected capacity change from 0 to 512
[  139.519790][ T2285] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  139.538566][ T2285] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  139.548542][ T2285] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  140.368232][ T2521] loop3: detected capacity change from 0 to 256
[  140.445317][ T2521] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  140.480477][ T2519] loop1: detected capacity change from 0 to 40427
[  140.507843][ T2285] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  140.516832][ T2285] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.525027][ T2285] usb 6-1: Product: syz
[  140.529059][ T2285] usb 6-1: Manufacturer: syz
[  140.533433][ T2285] usb 6-1: SerialNumber: syz
[  140.551347][ T2519] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  140.560199][ T2519] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  140.569967][   T20] hid-steam 0003:28DE:1142.000F: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.4-1/input0
[  140.574024][ T2519] F2FS-fs (loop1): Found nat_bits in checkpoint
[  140.589398][   T20] hid-steam 0003:28DE:1142.0010: hidraw1: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.4-1/input0
[  140.619463][ T2519] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  140.626639][ T2519] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  140.667723][   T20] hid-steam 0003:28DE:1142.000F: Steam wireless receiver connected
[  141.082123][ T2536] device pim6reg1 entered promiscuous mode
[  141.145948][   T30] audit: type=1400 audit(2000000114.170:903): avc:  denied  { write } for  pid=2538 comm="syz.2.567" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  141.169040][ T2545] loop2: detected capacity change from 0 to 16
[  141.177748][ T2285] usb 6-1: 2:1 : format type 0 is detected, processed as PCM
[  141.184965][ T2285] usb 6-1: 2:1 : invalid channels 0
[  141.209593][ T2285] usb 6-1: USB disconnect, device number 8
[  141.228140][ T2545] erofs: (device loop2): mounted with root inode @ nid 36.
[  141.242006][  T313] udevd[313]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  141.266391][ T2545] attempt to access beyond end of device
[  141.266391][ T2545] loop2: rw=0, want=14552337264, limit=16
[  141.278459][  T312] usb 3-1: USB disconnect, device number 13
[  141.290145][  T312] hid-steam 0003:28DE:1142.000D: Steam wireless receiver disconnected
[  141.384507][ T2549] loop1: detected capacity change from 0 to 512
[  141.422290][ T2554] loop4: detected capacity change from 0 to 512
[  141.440169][ T2549] EXT4-fs error (device loop1): ext4_do_update_inode:5205: inode #3: comm syz.1.569: corrupted inode contents
[  141.452139][ T2549] EXT4-fs error (device loop1): ext4_dirty_inode:6041: inode #3: comm syz.1.569: mark_inode_dirty error
[  141.463880][ T2549] EXT4-fs error (device loop1): ext4_do_update_inode:5205: inode #3: comm syz.1.569: corrupted inode contents
[  141.475970][ T2549] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #3: comm syz.1.569: mark_inode_dirty error
[  141.494538][ T2549] Quota error (device loop1): write_blk: dquota write failed
[  141.501901][ T2549] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  141.511778][ T2549] EXT4-fs error (device loop1): ext4_acquire_dquot:6188: comm syz.1.569: Failed to acquire dquot type 0
[  141.528470][ T2549] EXT4-fs (loop1): 1 orphan inode deleted
[  141.534083][ T2549] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  141.545070][ T2549] ext4 filesystem being mounted at /128/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.187867][  T907] usb 5-1: reset high-speed USB device number 14 using dummy_hcd
[  142.197830][  T312] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  142.245629][ T2567] loop1: detected capacity change from 0 to 256
[  142.330506][ T2567] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  142.457681][  T312] usb 3-1: Using ep0 maxpacket: 32
[  143.437714][  T312] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  143.453135][  T312] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  143.584229][  T312] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  143.594387][  T312] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  143.603306][  T312] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  143.925651][  T312] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.937561][  T312] usb 3-1: config 0 descriptor??
[  143.951514][ T2572] loop3: detected capacity change from 0 to 40427
[  143.964848][ T2585] loop5: detected capacity change from 0 to 4096
[  143.982395][ T2583] loop1: detected capacity change from 0 to 2048
[  143.989662][ T2572] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  143.997279][ T2572] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  144.008118][ T2572] F2FS-fs (loop3): Found nat_bits in checkpoint
[  144.018095][ T2585] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  144.035433][ T2585] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  144.046729][ T2585] SELinux: security_context_str_to_sid(system_u) failed for (dev loop5, type ext4) errno=-22
[  144.067534][ T2583] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  144.077907][ T2572] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  144.092961][ T2572] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  144.150607][ T2285] usb 5-1: USB disconnect, device number 14
[  144.164530][ T2285] hid-steam 0003:28DE:1142.000F: Steam wireless receiver disconnected
[  144.177339][ T2597] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  144.192059][ T2597] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1494 with error 28
[  144.204584][ T2597] EXT4-fs (loop1): This should not happen!! Data will be lost
[  144.204584][ T2597] 
[  144.216628][ T2597] EXT4-fs (loop1): Total free blocks count 0
[  144.223238][ T2597] EXT4-fs (loop1): Free/Dirty block details
[  144.229450][ T2597] EXT4-fs (loop1): free_blocks=2415919504
[  144.235117][ T2597] EXT4-fs (loop1): dirty_blocks=1584
[  144.240543][ T2597] EXT4-fs (loop1): Block reservation details
[  144.246475][ T2597] EXT4-fs (loop1): i_reserved_data_blocks=99
[  144.275455][ T2598] loop5: detected capacity change from 0 to 256
[  144.327964][ T2598] exfat: Deprecated parameter 'namecase'
[  144.336164][ T2598] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  144.375368][ T2601] syz.4.582[2601] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  144.375460][ T2601] syz.4.582[2601] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  144.411067][ T2603] device pim6reg1 entered promiscuous mode
[  144.481165][ T2601] loop4: detected capacity change from 0 to 512
[  144.506462][ T2606] loop3: detected capacity change from 0 to 2048
[  144.530053][ T2017] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  144.542182][ T2017] EXT4-fs (loop1): This should not happen!! Data will be lost
[  144.542182][ T2017] 
[  144.553993][ T2601] EXT4-fs error (device loop4): ext4_do_update_inode:5205: inode #3: comm syz.4.582: corrupted inode contents
[  144.566015][ T2601] EXT4-fs error (device loop4): ext4_dirty_inode:6041: inode #3: comm syz.4.582: mark_inode_dirty error
[  144.578208][ T2601] EXT4-fs error (device loop4): ext4_do_update_inode:5205: inode #3: comm syz.4.582: corrupted inode contents
[  144.590734][ T2601] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #3: comm syz.4.582: mark_inode_dirty error
[  144.602486][ T2601] Quota error (device loop4): write_blk: dquota write failed
[  144.605340][ T2606] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  144.610069][ T2601] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  144.610105][ T2601] EXT4-fs error (device loop4): ext4_acquire_dquot:6188: comm syz.4.582: Failed to acquire dquot type 0
[  144.611952][ T2601] EXT4-fs (loop4): 1 orphan inode deleted
[  144.653984][ T2601] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  144.664923][ T2601] ext4 filesystem being mounted at /113/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.699038][ T2613] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  144.714225][ T2613] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1950 with error 28
[  144.727038][ T2613] EXT4-fs (loop3): This should not happen!! Data will be lost
[  144.727038][ T2613] 
[  144.737724][ T2613] EXT4-fs (loop3): Total free blocks count 0
[  144.756588][ T2613] EXT4-fs (loop3): Free/Dirty block details
[  144.763427][ T2613] EXT4-fs (loop3): free_blocks=2415919504
[  144.769519][ T2613] EXT4-fs (loop3): dirty_blocks=3296
[  144.774816][ T2613] EXT4-fs (loop3): Block reservation details
[  144.781475][ T2613] EXT4-fs (loop3): i_reserved_data_blocks=206
[  145.107896][  T417] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  145.274583][  T311] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  145.286916][  T311] EXT4-fs (loop3): This should not happen!! Data will be lost
[  145.286916][  T311] 
[  145.357942][  T417] usb 2-1: Using ep0 maxpacket: 8
[  145.400004][ T2623] netlink: 104 bytes leftover after parsing attributes in process `syz.5.586'.
[  145.495430][  T417] usb 2-1: config 1 has an invalid descriptor of length 231, skipping remainder of the config
[  145.510981][  T417] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  145.522655][  T417] usb 2-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  145.819026][ T2285] usb 3-1: USB disconnect, device number 14
[  145.842884][   T30] audit: type=1326 audit(2000000118.870:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2630 comm="syz.2.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9b60de849 code=0x7ffc0000
[  145.873779][   T30] audit: type=1326 audit(2000000118.900:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2630 comm="syz.2.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=155 compat=0 ip=0x7fc9b60de849 code=0x7ffc0000
[  145.897221][   T30] audit: type=1400 audit(2000000118.900:906): avc:  denied  { read } for  pid=2630 comm="syz.2.589" name="ppp" dev="devtmpfs" ino=150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  145.931752][   T30] audit: type=1400 audit(2000000118.900:907): avc:  denied  { open } for  pid=2630 comm="syz.2.589" path="/dev/ppp" dev="devtmpfs" ino=150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  146.079613][ T2639] netlink: 104 bytes leftover after parsing attributes in process `syz.4.588'.
[  147.271491][  T417] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  147.296775][  T417] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.411068][ T2652] device pim6reg1 entered promiscuous mode
[  147.420128][ T2650] loop3: detected capacity change from 0 to 2048
[  147.427662][  T417] usb 2-1: Product: syz
[  147.431675][  T417] usb 2-1: Manufacturer: syz
[  147.438133][  T417] usb 2-1: SerialNumber: syz
[  148.076372][ T2650] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  148.104066][ T2649] loop2: detected capacity change from 0 to 40427
[  148.110592][  T417] cdc_ncm 2-1:1.0: bind() failure
[  148.119172][ T2662] loop4: detected capacity change from 0 to 512
[  148.125666][  T417] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  148.128602][ T2661] loop1: detected capacity change from 0 to 4096
[  148.139597][  T417] cdc_ncm 2-1:1.1: bind() failure
[  148.147986][  T417] usb 2-1: USB disconnect, device number 9
[  148.167945][ T2661] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  148.239012][ T2649] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  148.258257][ T2649] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  148.266722][ T2661] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  148.285733][ T2665] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  148.300576][ T2662] EXT4-fs error (device loop4): ext4_do_update_inode:5205: inode #3: comm syz.4.595: corrupted inode contents
[  148.312884][ T2662] EXT4-fs error (device loop4): ext4_dirty_inode:6041: inode #3: comm syz.4.595: mark_inode_dirty error
[  148.316622][ T2667] loop5: detected capacity change from 0 to 4096
[  148.324162][ T2661] SELinux: security_context_str_to_sid(system_u) failed for (dev loop1, type ext4) errno=-22
[  148.332750][ T2649] F2FS-fs (loop2): Found nat_bits in checkpoint
[  148.341870][ T2665] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  148.358582][ T2662] EXT4-fs error (device loop4): ext4_do_update_inode:5205: inode #3: comm syz.4.595: corrupted inode contents
[  148.371718][ T2665] EXT4-fs (loop3): This should not happen!! Data will be lost
[  148.371718][ T2665] 
[  148.381234][ T2662] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #3: comm syz.4.595: mark_inode_dirty error
[  148.390412][ T2649] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  148.392505][ T2667] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  148.399336][ T2649] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  148.415805][ T2665] EXT4-fs (loop3): Total free blocks count 0
[  148.422207][ T2665] EXT4-fs (loop3): Free/Dirty block details
[  148.428226][ T2662] Quota error (device loop4): write_blk: dquota write failed
[  148.428573][ T2665] EXT4-fs (loop3): free_blocks=2415919504
[  148.435489][ T2662] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  148.450761][ T2662] EXT4-fs error (device loop4): ext4_acquire_dquot:6188: comm syz.4.595: Failed to acquire dquot type 0
[  148.461872][ T2665] EXT4-fs (loop3): dirty_blocks=5216
[  148.467240][ T2665] EXT4-fs (loop3): Block reservation details
[  148.473366][ T2665] EXT4-fs (loop3): i_reserved_data_blocks=326
[  148.482868][ T2662] EXT4-fs (loop4): 1 orphan inode deleted
[  148.488444][ T2662] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  148.499305][ T2662] ext4 filesystem being mounted at /117/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.539600][ T2667] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  148.577734][ T2667] SELinux: security_context_str_to_sid(system_u) failed for (dev loop5, type ext4) errno=-22
[  148.678398][ T2017] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  148.700562][ T2017] EXT4-fs (loop3): This should not happen!! Data will be lost
[  148.700562][ T2017] 
[  149.797741][  T417] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  150.065757][ T2700] device pim6reg1 entered promiscuous mode
[  150.092609][ T2702] loop5: detected capacity change from 0 to 16
[  150.128107][ T2706] loop2: detected capacity change from 0 to 2048
[  150.148237][ T2702] erofs: (device loop5): mounted with root inode @ nid 36.
[  150.156234][ T2702] attempt to access beyond end of device
[  150.156234][ T2702] loop5: rw=0, want=14552337264, limit=16
[  150.180809][ T2706] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  150.247738][  T426] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  150.258926][ T2711] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  150.273898][ T2711] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  150.297643][  T417] usb 2-1: Using ep0 maxpacket: 32
[  150.306600][ T2711] EXT4-fs (loop2): This should not happen!! Data will be lost
[  150.306600][ T2711] 
[  150.327553][ T2711] EXT4-fs (loop2): Total free blocks count 0
[  150.333422][ T2711] EXT4-fs (loop2): Free/Dirty block details
[  150.339547][ T2711] EXT4-fs (loop2): free_blocks=2415919504
[  150.345092][ T2711] EXT4-fs (loop2): dirty_blocks=3552
[  150.350511][ T2711] EXT4-fs (loop2): Block reservation details
[  150.354571][ T2710] loop5: detected capacity change from 0 to 40427
[  150.356434][ T2711] EXT4-fs (loop2): i_reserved_data_blocks=222
[  150.367693][   T42] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  150.417721][  T417] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  150.426213][  T417] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  150.435165][  T417] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  150.446042][ T2710] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  150.445838][  T417] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  150.461792][ T2710] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  150.467202][  T417] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  150.484153][  T417] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.493631][  T417] usb 2-1: config 0 descriptor??
[  150.499697][ T2710] F2FS-fs (loop5): Found nat_bits in checkpoint
[  150.507782][  T426] usb 4-1: Using ep0 maxpacket: 32
[  150.532462][   T10] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  150.535427][ T2710] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  150.545244][   T10] EXT4-fs (loop2): This should not happen!! Data will be lost
[  150.545244][   T10] 
[  150.552847][ T2710] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  150.627704][  T426] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[  150.635957][  T426] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  150.644625][  T426] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  150.654632][  T426] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  150.663697][  T426] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  150.672986][  T426] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.688291][  T426] usb 4-1: config 0 descriptor??
[  150.754508][   T42] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  150.767932][   T42] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  150.777480][   T42] usb 5-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  150.786385][   T42] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.794998][   T42] usb 5-1: config 0 descriptor??
[  151.097708][  T300] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  151.329282][   T42] hid-steam 0003:28DE:1142.0011: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.4-1/input0
[  151.343015][   T42] hid-steam 0003:28DE:1142.0012: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.4-1/input0
[  151.357667][  T300] usb 3-1: Using ep0 maxpacket: 32
[  151.417671][   T42] hid-steam 0003:28DE:1142.0011: Steam wireless receiver connected
[  151.477762][  T300] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  151.486091][  T300] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  151.494634][  T300] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  151.504588][  T300] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  151.513437][  T300] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  151.522299][  T300] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.531169][  T300] usb 3-1: config 0 descriptor??
[  151.964731][ T2733] loop4: detected capacity change from 0 to 512
[  152.159476][  T300] usb 5-1: USB disconnect, device number 15
[  152.211108][  T300] hid-steam 0003:28DE:1142.0011: Steam wireless receiver disconnected
[  152.214025][   T42] usb 2-1: USB disconnect, device number 10
[  152.247543][ T2737] loop1: detected capacity change from 0 to 4096
[  152.278147][ T2737] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  152.320578][ T2737] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  152.328653][  T907] usb 4-1: USB disconnect, device number 9
[  152.337888][ T2737] SELinux: security_context_str_to_sid(system_u) failed for (dev loop1, type ext4) errno=-22
[  152.464274][ T2742] loop3: detected capacity change from 0 to 512
[  152.513790][ T2742] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #3: comm syz.3.613: corrupted inode contents
[  152.525864][ T2742] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #3: comm syz.3.613: mark_inode_dirty error
[  152.547000][ T2742] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #3: comm syz.3.613: corrupted inode contents
[  152.559833][ T2742] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #3: comm syz.3.613: mark_inode_dirty error
[  152.571759][ T2742] Quota error (device loop3): write_blk: dquota write failed
[  152.579121][ T2742] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  152.588974][ T2742] EXT4-fs error (device loop3): ext4_acquire_dquot:6188: comm syz.3.613: Failed to acquire dquot type 0
[  153.186300][ T2742] EXT4-fs (loop3): 1 orphan inode deleted
[  153.191945][ T2742] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  153.202783][ T2742] ext4 filesystem being mounted at /138/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.533205][ T2762] device pim6reg1 entered promiscuous mode
[  154.549638][  T907] usb 3-1: USB disconnect, device number 15
[  154.622139][ T2763] loop3: detected capacity change from 0 to 2048
[  154.632004][ T2765] loop5: detected capacity change from 0 to 2048
[  154.667162][ T2763] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  155.404104][ T2765] EXT4-fs (loop5): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  155.785801][ T2780] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  155.804872][ T2780] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  155.817434][ T2780] EXT4-fs (loop3): This should not happen!! Data will be lost
[  155.817434][ T2780] 
[  155.827560][ T2780] EXT4-fs (loop3): Total free blocks count 0
[  155.839597][ T2786] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  155.842811][ T2780] EXT4-fs (loop3): Free/Dirty block details
[  155.864419][ T2786] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  155.899228][ T2786] EXT4-fs (loop5): This should not happen!! Data will be lost
[  155.899228][ T2786] 
[  155.916153][ T2780] EXT4-fs (loop3): free_blocks=2415919504
[  155.921932][  T417] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  155.936158][ T2786] EXT4-fs (loop5): Total free blocks count 0
[  155.946137][ T2780] EXT4-fs (loop3): dirty_blocks=2160
[  155.951701][ T2786] EXT4-fs (loop5): Free/Dirty block details
[  155.957939][ T2780] EXT4-fs (loop3): Block reservation details
[  155.959596][ T2786] EXT4-fs (loop5): free_blocks=2415919504
[  155.963843][ T2780] EXT4-fs (loop3): i_reserved_data_blocks=135
[  155.976471][ T2790] FAULT_INJECTION: forcing a failure.
[  155.976471][ T2790] name failslab, interval 1, probability 0, space 0, times 0
[  155.989411][ T2786] EXT4-fs (loop5): dirty_blocks=3168
[  155.994522][ T2786] EXT4-fs (loop5): Block reservation details
[  156.000850][ T2790] CPU: 1 PID: 2790 Comm: syz.2.624 Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  156.010474][ T2790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  156.020372][ T2790] Call Trace:
[  156.023495][ T2790]  <TASK>
[  156.026279][ T2790]  dump_stack_lvl+0x151/0x1c0
[  156.030881][ T2790]  ? io_uring_drop_tctx_refs+0x190/0x190
[  156.036342][ T2790]  ? kmem_cache_free+0x116/0x2e0
[  156.041122][ T2790]  ? ____kasan_slab_free+0x131/0x160
[  156.046252][ T2790]  dump_stack+0x15/0x20
[  156.050226][ T2790]  should_fail+0x3c6/0x510
[  156.054478][ T2790]  __should_failslab+0xa4/0xe0
[  156.057738][ T2786] EXT4-fs (loop5): i_reserved_data_blocks=198
[  156.059076][ T2790]  ? __alloc_skb+0xbe/0x550
[  156.069323][ T2790]  should_failslab+0x9/0x20
[  156.073661][ T2790]  slab_pre_alloc_hook+0x37/0xd0
[  156.078435][ T2790]  ? __alloc_skb+0xbe/0x550
[  156.082777][ T2790]  kmem_cache_alloc+0x44/0x200
[  156.087375][ T2790]  ? __mutex_lock_slowpath+0x10/0x10
[  156.092495][ T2790]  __alloc_skb+0xbe/0x550
[  156.096660][ T2790]  pfkey_sendmsg+0xc52/0xfb0
[  156.101087][ T2790]  ? avc_has_perm_noaudit+0x430/0x430
[  156.106298][ T2790]  ? pfkey_release+0x340/0x340
[  156.110892][ T2790]  ? selinux_socket_sendmsg+0x243/0x340
[  156.116283][ T2790]  ? check_stack_object+0x114/0x130
[  156.121310][ T2790]  ? security_socket_sendmsg+0x82/0xb0
[  156.126602][ T2790]  ? pfkey_release+0x340/0x340
[  156.131202][ T2790]  ____sys_sendmsg+0x59e/0x8f0
[  156.135803][ T2790]  ? __sys_sendmsg_sock+0x40/0x40
[  156.140662][ T2790]  ? import_iovec+0xe5/0x120
[  156.145093][ T2790]  ___sys_sendmsg+0x252/0x2e0
[  156.149604][ T2790]  ? __sys_sendmsg+0x260/0x260
[  156.154217][ T2790]  ? __fdget+0x1bc/0x240
[  156.158281][ T2790]  __se_sys_sendmsg+0x19a/0x260
[  156.162967][ T2790]  ? __x64_sys_sendmsg+0x90/0x90
[  156.167739][ T2790]  ? ksys_write+0x260/0x2c0
[  156.172084][ T2790]  ? debug_smp_processor_id+0x17/0x20
[  156.177287][ T2790]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  156.183201][ T2790]  __x64_sys_sendmsg+0x7b/0x90
[  156.187790][ T2790]  x64_sys_call+0x16a/0x9a0
[  156.192144][ T2790]  do_syscall_64+0x3b/0xb0
[  156.196379][ T2790]  ? clear_bhb_loop+0x35/0x90
[  156.200892][ T2790]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  156.206623][ T2790] RIP: 0033:0x7fc9b60de849
[  156.210881][ T2790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.230315][ T2790] RSP: 002b:00007fc9b4755058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  156.238558][ T2790] RAX: ffffffffffffffda RBX: 00007fc9b62a3fa0 RCX: 00007fc9b60de849
[  156.246372][ T2790] RDX: 0000000000000050 RSI: 0000000020000040 RDI: 0000000000000003
[  156.254182][ T2790] RBP: 00007fc9b47550a0 R08: 0000000000000000 R09: 0000000000000000
[  156.262079][ T2790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.270193][ T2790] R13: 0000000000000000 R14: 00007fc9b62a3fa0 R15: 00007fff19446dc8
[  156.278006][ T2790]  </TASK>
[  156.280941][  T300] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  156.309886][ T2793] loop2: detected capacity change from 0 to 256
[  156.327133][ T2017] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  156.339460][ T2017] EXT4-fs (loop3): This should not happen!! Data will be lost
[  156.339460][ T2017] 
[  156.363461][ T2793] FAT-fs (loop2): Directory bread(block 64) failed
[  156.370016][ T2793] FAT-fs (loop2): Directory bread(block 65) failed
[  156.376471][ T2793] FAT-fs (loop2): Directory bread(block 66) failed
[  156.382904][ T2793] FAT-fs (loop2): Directory bread(block 67) failed
[  156.389777][ T2793] FAT-fs (loop2): Directory bread(block 68) failed
[  156.389777][   T10] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  156.389805][   T10] EXT4-fs (loop5): This should not happen!! Data will be lost
[  156.389805][   T10] 
[  156.396192][ T2793] FAT-fs (loop2): Directory bread(block 69) failed
[  156.408373][  T417] usb 2-1: Using ep0 maxpacket: 32
[  156.418531][ T2793] FAT-fs (loop2): Directory bread(block 70) failed
[  156.452074][ T2793] FAT-fs (loop2): Directory bread(block 71) failed
[  156.459066][ T2793] FAT-fs (loop2): Directory bread(block 72) failed
[  156.465586][ T2793] FAT-fs (loop2): Directory bread(block 73) failed
[  156.557776][  T417] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  156.626562][  T300] usb 5-1: Using ep0 maxpacket: 32
[  156.682075][  T417] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  156.891998][  T417] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  156.902169][  T417] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  156.911335][  T417] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  156.920229][  T417] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.929644][  T417] usb 2-1: config 0 descriptor??
[  157.123560][  T550] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  157.212414][  T300] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  157.220717][  T300] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  157.229235][  T300] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  157.239123][  T300] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  157.248074][  T300] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  157.256896][  T300] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.265363][  T300] usb 5-1: config 0 descriptor??
[  157.408682][  T550] usb 6-1: Using ep0 maxpacket: 8
[  157.527702][  T550] usb 6-1: config 1 has an invalid descriptor of length 231, skipping remainder of the config
[  157.538052][  T550] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  157.548836][  T550] usb 6-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  157.763558][  T550] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  157.776212][  T550] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.784162][  T550] usb 6-1: Product: syz
[  157.788359][  T550] usb 6-1: Manufacturer: syz
[  157.792847][  T550] usb 6-1: SerialNumber: syz
[  157.837766][ T2813] loop2: detected capacity change from 0 to 512
[  157.901301][ T2813] EXT4-fs error (device loop2): ext4_do_update_inode:5205: inode #3: comm syz.2.630: corrupted inode contents
[  157.913513][ T2813] EXT4-fs error (device loop2): ext4_dirty_inode:6041: inode #3: comm syz.2.630: mark_inode_dirty error
[  157.926946][ T2813] EXT4-fs error (device loop2): ext4_do_update_inode:5205: inode #3: comm syz.2.630: corrupted inode contents
[  157.938782][ T2813] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #3: comm syz.2.630: mark_inode_dirty error
[  157.950223][ T2813] Quota error (device loop2): write_blk: dquota write failed
[  157.957448][ T2813] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  157.967210][ T2813] EXT4-fs error (device loop2): ext4_acquire_dquot:6188: comm syz.2.630: Failed to acquire dquot type 0
[  157.979905][ T2813] EXT4-fs (loop2): 1 orphan inode deleted
[  157.985446][ T2813] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  157.996340][ T2813] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  158.507697][  T417] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  158.587968][ T2823] device pim6reg1 entered promiscuous mode
[  158.664344][  T300] usb 2-1: USB disconnect, device number 11
[  158.729384][ T2828] loop1: detected capacity change from 0 to 2048
[  158.807761][  T417] usb 4-1: Using ep0 maxpacket: 32
[  159.074441][  T907] usb 5-1: USB disconnect, device number 16
[  159.114138][ T2828] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  159.147691][  T417] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[  159.155954][  T417] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  159.164774][  T417] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  159.175048][  T417] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  159.184038][  T417] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  159.193317][  T417] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.203006][ T2836] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  159.203580][  T417] usb 4-1: config 0 descriptor??
[  159.222228][ T2836] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  159.235121][ T2836] EXT4-fs (loop1): This should not happen!! Data will be lost
[  159.235121][ T2836] 
[  159.237802][  T550] cdc_ncm 6-1:1.0: bind() failure
[  159.249850][ T2836] EXT4-fs (loop1): Total free blocks count 0
[  159.255919][ T2836] EXT4-fs (loop1): Free/Dirty block details
[  159.256895][  T550] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[  159.262532][ T2836] EXT4-fs (loop1): free_blocks=2415919504
[  159.269225][  T550] cdc_ncm 6-1:1.1: bind() failure
[  159.277696][ T2836] EXT4-fs (loop1): dirty_blocks=3792
[  159.283872][ T2836] EXT4-fs (loop1): Block reservation details
[  159.290290][ T2836] EXT4-fs (loop1): i_reserved_data_blocks=237
[  159.399113][   T10] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  159.411521][   T10] EXT4-fs (loop1): This should not happen!! Data will be lost
[  159.411521][   T10] 
[  159.540821][ T2841] loop2: detected capacity change from 0 to 2048
[  159.550716][  T907] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  159.609314][ T2841] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  159.688634][ T2845] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  159.703474][ T2845] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  159.722254][ T2845] EXT4-fs (loop2): This should not happen!! Data will be lost
[  159.722254][ T2845] 
[  159.755471][ T2845] EXT4-fs (loop2): Total free blocks count 0
[  159.762167][ T2845] EXT4-fs (loop2): Free/Dirty block details
[  159.768255][ T2845] EXT4-fs (loop2): free_blocks=2415919504
[  159.773806][ T2845] EXT4-fs (loop2): dirty_blocks=4000
[  159.779558][ T2845] EXT4-fs (loop2): Block reservation details
[  159.785478][ T2845] EXT4-fs (loop2): i_reserved_data_blocks=250
[  159.817642][  T907] usb 5-1: Using ep0 maxpacket: 32
[  159.943626][  T300] usb 6-1: USB disconnect, device number 9
[  159.949494][  T907] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  159.961909][ T2017] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  159.966434][  T907] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  159.983600][ T2017] EXT4-fs (loop2): This should not happen!! Data will be lost
[  159.983600][ T2017] 
[  159.984414][  T907] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  160.018840][  T907] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  160.029188][  T907] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  160.039894][  T907] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.052415][  T907] usb 5-1: config 0 descriptor??
[  160.514510][ T2861] loop1: detected capacity change from 0 to 256
[  160.557668][  T300] usb 3-1: new low-speed USB device number 16 using dummy_hcd
[  160.590860][ T2861] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  161.382708][  T907] usb 4-1: USB disconnect, device number 10
[  161.417679][  T300] usb 3-1: device descriptor read/64, error -71
[  162.498610][  T300] usb 3-1: device descriptor read/64, error -71
[  162.568129][   T20] usb 5-1: USB disconnect, device number 17
[  162.599293][ T2885] loop3: detected capacity change from 0 to 2048
[  162.629859][ T2889] loop4: detected capacity change from 0 to 512
[  162.661154][ T2889] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,auto_da_alloc,minixdf,,errors=continue. Quota mode: writeback.
[  162.675739][ T2889] ext4 filesystem being mounted at /125/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  162.887146][ T2885] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  163.027681][  T300] usb 3-1: new low-speed USB device number 17 using dummy_hcd
[  163.037569][ T2895] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  163.052546][ T2895] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  163.064886][ T2895] EXT4-fs (loop3): This should not happen!! Data will be lost
[  163.064886][ T2895] 
[  163.074835][ T2895] EXT4-fs (loop3): Total free blocks count 0
[  163.080699][ T2895] EXT4-fs (loop3): Free/Dirty block details
[  163.086377][ T2895] EXT4-fs (loop3): free_blocks=2415919504
[  163.092007][ T2895] EXT4-fs (loop3): dirty_blocks=2848
[  163.097112][ T2895] EXT4-fs (loop3): Block reservation details
[  163.102928][ T2895] EXT4-fs (loop3): i_reserved_data_blocks=178
[  163.117757][  T907] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  163.156326][ T2899] loop2: detected capacity change from 0 to 2048
[  163.183009][ T2896] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  163.191737][ T2896] overlayfs: missing 'lowerdir'
[  163.238048][ T2899] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  163.349641][   T10] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  163.361870][   T10] EXT4-fs (loop3): This should not happen!! Data will be lost
[  163.361870][   T10] 
[  163.374887][ T2017] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  163.396393][  T907] usb 6-1: Using ep0 maxpacket: 32
[  163.401547][ T2017] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  163.413829][ T2017] EXT4-fs (loop2): This should not happen!! Data will be lost
[  163.413829][ T2017] 
[  163.423501][ T2017] EXT4-fs (loop2): Total free blocks count 0
[  163.429341][ T2017] EXT4-fs (loop2): Free/Dirty block details
[  163.435024][ T2017] EXT4-fs (loop2): free_blocks=2415919504
[  163.440778][ T2017] EXT4-fs (loop2): dirty_blocks=2528
[  163.445876][ T2017] EXT4-fs (loop2): Block reservation details
[  163.459051][ T2017] EXT4-fs (loop2): i_reserved_data_blocks=158
[  163.469948][ T2905] device pim6reg1 entered promiscuous mode
[  163.483720][ T2017] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 470 with error 28
[  163.497272][ T2017] EXT4-fs (loop2): This should not happen!! Data will be lost
[  163.497272][ T2017] 
[  163.528994][  T907] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  163.537163][  T907] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  163.554761][  T907] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  163.564976][  T907] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  163.574740][  T907] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  163.583827][  T907] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.598492][  T907] usb 6-1: config 0 descriptor??
[  163.610545][ T2910] loop3: detected capacity change from 0 to 512
[  163.670979][ T2916] loop2: detected capacity change from 0 to 2048
[  163.732267][ T2910] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  163.741941][ T2910] EXT4-fs error (device loop3): ext4_get_journal_inode:5151: comm syz.3.650: inode #67108864: comm syz.3.650: iget: illegal inode #
[  163.756364][ T2910] EXT4-fs (loop3): no journal found
[  163.771123][ T2916] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  163.822765][ T2910] loop3: detected capacity change from 0 to 512
[  163.916472][ T2910] EXT4-fs (loop3): Unrecognized mount option "data=journal2appraise_type=imasig" or missing value
[  164.088274][ T2921] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  164.114019][ T2921] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 216 with error 28
[  164.136937][ T2921] EXT4-fs (loop2): This should not happen!! Data will be lost
[  164.136937][ T2921] 
[  164.146660][ T2921] EXT4-fs (loop2): Total free blocks count 0
[  164.152694][ T2921] EXT4-fs (loop2): Free/Dirty block details
[  164.158437][ T2285] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  164.166460][ T2921] EXT4-fs (loop2): free_blocks=2415919504
[  164.172327][ T2921] EXT4-fs (loop2): dirty_blocks=672
[  164.177493][ T2921] EXT4-fs (loop2): Block reservation details
[  164.183821][ T2921] EXT4-fs (loop2): i_reserved_data_blocks=42
[  164.315438][ T2017] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  164.327460][ T2017] EXT4-fs (loop2): This should not happen!! Data will be lost
[  164.327460][ T2017] 
[  164.397644][ T2285] usb 2-1: Using ep0 maxpacket: 32
[  164.458977][  T907] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  164.517812][ T2285] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  164.526224][ T2285] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  164.535019][ T2285] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  164.545264][ T2285] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  164.562522][ T2285] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  164.571743][ T2285] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.580587][ T2285] usb 2-1: config 0 descriptor??
[  164.827826][  T907] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  164.843162][  T907] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  164.855610][  T907] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  164.864894][  T907] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.876520][  T907] usb 4-1: config 0 descriptor??
[  165.288505][ T2936] loop2: detected capacity change from 0 to 4096
[  165.308508][ T2936] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  165.340490][ T2936] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  165.351502][ T2936] SELinux: security_context_str_to_sid(system_u) failed for (dev loop2, type ext4) errno=-22
[  165.359711][  T907] hid-steam 0003:28DE:1142.0013: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0
[  165.376037][  T907] hid-steam 0003:28DE:1142.0014: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0
[  165.457845][  T907] hid-steam 0003:28DE:1142.0013: Steam wireless receiver connected
[  165.533130][ T2942] loop2: detected capacity change from 0 to 2048
[  165.536096][   T26] usb 6-1: USB disconnect, device number 10
[  165.899463][ T2942] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  165.986376][ T2951] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  166.030248][ T2951] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1476 with error 28
[  166.046716][ T2951] EXT4-fs (loop2): This should not happen!! Data will be lost
[  166.046716][ T2951] 
[  166.057923][ T2951] EXT4-fs (loop2): Total free blocks count 0
[  166.064802][ T2951] EXT4-fs (loop2): Free/Dirty block details
[  166.071948][ T2951] EXT4-fs (loop2): free_blocks=2415919504
[  166.079146][ T2951] EXT4-fs (loop2): dirty_blocks=1488
[  166.085331][ T2951] EXT4-fs (loop2): Block reservation details
[  166.097146][ T2951] EXT4-fs (loop2): i_reserved_data_blocks=93
[  166.401071][ T2954] loop3: detected capacity change from 0 to 512
[  166.828911][    T8] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  166.840767][   T20] usb 2-1: USB disconnect, device number 12
[  166.862941][ T2960] loop5: detected capacity change from 0 to 1024
[  166.867771][  T907] usb 4-1: reset high-speed USB device number 11 using dummy_hcd
[  166.869370][    T8] EXT4-fs (loop2): This should not happen!! Data will be lost
[  166.869370][    T8] 
[  166.984838][ T2960] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,barrier=0x0000000000000000,norecovery,debug_want_extra_isize=0x0000000000000080,resuid=0x0000000000000000,nodelalloc,acl,noinit_itable,,errors=continue. Quota mode: none.
[  167.367909][ T2968] device pim6reg1 entered promiscuous mode
[  167.476162][ T2974] device pim6reg1 entered promiscuous mode
[  167.537005][ T2977] loop2: detected capacity change from 0 to 16
[  167.642422][ T2977] erofs: (device loop2): mounted with root inode @ nid 36.
[  167.717773][   T20] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  167.850052][ T2977] attempt to access beyond end of device
[  167.850052][ T2977] loop2: rw=0, want=14552337264, limit=16
[  167.891340][  T300] usb 4-1: USB disconnect, device number 11
[  167.971347][  T300] hid-steam 0003:28DE:1142.0013: Steam wireless receiver disconnected
[  168.046293][ T2984] loop1: detected capacity change from 0 to 4096
[  168.068918][ T2984] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  168.114065][ T2984] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  168.125056][ T2984] SELinux: security_context_str_to_sid(system_u) failed for (dev loop1, type ext4) errno=-22
[  168.135529][   T20] usb 5-1: Using ep0 maxpacket: 8
[  168.257743][   T20] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  168.268448][   T20] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  168.278133][   T20] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  168.637774][  T426] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  168.787750][   T20] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  168.796901][   T20] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.804954][   T20] usb 5-1: Product: syz
[  168.977797][  T426] usb 3-1: Using ep0 maxpacket: 32
[  169.116856][   T20] usb 5-1: Manufacturer: syz
[  169.153320][ T3001] loop1: detected capacity change from 0 to 2048
[  169.158539][   T20] usb 5-1: SerialNumber: syz
[  169.207693][  T426] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  169.216101][  T426] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  169.225967][  T426] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  169.236438][  T426] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  169.245648][  T426] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  169.255912][ T3001] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  169.273574][  T426] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.300910][  T426] usb 3-1: config 0 descriptor??
[  169.342805][ T3006] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  169.357571][ T3006] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  169.370135][ T3006] EXT4-fs (loop1): This should not happen!! Data will be lost
[  169.370135][ T3006] 
[  169.380259][ T3006] EXT4-fs (loop1): Total free blocks count 0
[  169.386126][ T3006] EXT4-fs (loop1): Free/Dirty block details
[  169.392268][ T3006] EXT4-fs (loop1): free_blocks=2415919504
[  169.398030][ T3006] EXT4-fs (loop1): dirty_blocks=4128
[  169.403265][ T3006] EXT4-fs (loop1): Block reservation details
[  169.409261][ T3006] EXT4-fs (loop1): i_reserved_data_blocks=258
[  169.561758][   T20] usb 5-1: 2:1 : format type 0 is detected, processed as PCM
[  169.570011][   T20] usb 5-1: 2:1 : invalid channels 0
[  169.578763][ T3011] loop3: detected capacity change from 0 to 16
[  169.590031][   T20] usb 5-1: USB disconnect, device number 18
[  169.608013][ T3011] erofs: (device loop3): mounted with root inode @ nid 36.
[  169.619766][  T313] udevd[313]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  169.638777][ T3011] attempt to access beyond end of device
[  169.638777][ T3011] loop3: rw=0, want=14552337264, limit=16
[  169.650283][  T426] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  169.708888][  T311] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  169.721088][  T311] EXT4-fs (loop1): This should not happen!! Data will be lost
[  169.721088][  T311] 
[  169.840263][ T3014] loop3: detected capacity change from 0 to 256
[  169.857343][ T3016] device pim6reg1 entered promiscuous mode
[  169.863385][ T3014] exfat: Deprecated parameter 'namecase'
[  169.936848][ T3014] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  169.950018][  T426] usb 6-1: Using ep0 maxpacket: 32
[  169.972181][ T3019] loop1: detected capacity change from 0 to 2048
[  170.061888][ T3019] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  170.169734][ T3028] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  170.191489][ T3028] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  170.216253][ T3028] EXT4-fs (loop1): This should not happen!! Data will be lost
[  170.216253][ T3028] 
[  170.226334][ T3028] EXT4-fs (loop1): Total free blocks count 0
[  170.232463][ T3028] EXT4-fs (loop1): Free/Dirty block details
[  170.238564][ T3028] EXT4-fs (loop1): free_blocks=2415919504
[  170.244249][ T3028] EXT4-fs (loop1): dirty_blocks=3280
[  170.249812][ T3028] EXT4-fs (loop1): Block reservation details
[  170.255796][ T3028] EXT4-fs (loop1): i_reserved_data_blocks=205
[  170.460607][  T311] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  170.472959][  T311] EXT4-fs (loop1): This should not happen!! Data will be lost
[  170.472959][  T311] 
[  170.636220][  T426] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  170.645008][  T426] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  170.653747][  T426] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  170.663753][  T426] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  170.672816][  T426] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  170.681807][  T426] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.696089][  T426] usb 6-1: config 0 descriptor??
[  171.027969][ T3036] loop1: detected capacity change from 0 to 512
[  171.292686][ T3036] EXT4-fs error (device loop1): ext4_do_update_inode:5205: inode #3: comm syz.1.682: corrupted inode contents
[  171.304949][ T3036] EXT4-fs error (device loop1): ext4_dirty_inode:6041: inode #3: comm syz.1.682: mark_inode_dirty error
[  171.316466][ T3036] EXT4-fs error (device loop1): ext4_do_update_inode:5205: inode #3: comm syz.1.682: corrupted inode contents
[  171.328381][ T3036] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #3: comm syz.1.682: mark_inode_dirty error
[  171.339682][ T3036] Quota error (device loop1): write_blk: dquota write failed
[  171.346934][ T3036] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  171.357059][ T3036] EXT4-fs error (device loop1): ext4_acquire_dquot:6188: comm syz.1.682: Failed to acquire dquot type 0
[  171.369592][ T3036] EXT4-fs (loop1): 1 orphan inode deleted
[  171.375144][ T3036] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  171.386038][ T3036] ext4 filesystem being mounted at /153/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.402834][  T426] usb 3-1: USB disconnect, device number 18
[  171.573170][   T30] audit: type=1326 audit(2000000144.600:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3043 comm="syz.4.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6608c71849 code=0x7ffc0000
[  172.199498][   T30] audit: type=1326 audit(2000000144.600:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3043 comm="syz.4.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f6608c71849 code=0x7ffc0000
[  172.356404][ T3058] device pim6reg1 entered promiscuous mode
[  172.372154][ T3059] loop1: detected capacity change from 0 to 4096
[  172.417760][ T3059] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  172.508620][ T3059] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  172.519420][ T3059] SELinux: security_context_str_to_sid(system_u) failed for (dev loop1, type ext4) errno=-22
[  172.557887][  T417] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  172.897646][  T426] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  173.574995][ T2285] usb 6-1: USB disconnect, device number 11
[  173.621078][ T3077] loop5: detected capacity change from 0 to 16
[  173.645384][  T426] usb 5-1: Using ep0 maxpacket: 8
[  173.650536][  T417] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  173.661753][  T417] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  173.671918][  T417] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  173.681071][  T417] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.689812][ T3077] erofs: (device loop5): mounted with root inode @ nid 36.
[  173.698930][  T417] usb 4-1: config 0 descriptor??
[  173.704215][ T3077] attempt to access beyond end of device
[  173.704215][ T3077] loop5: rw=0, want=14552337264, limit=16
[  175.813352][  T426] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  175.824081][  T426] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  175.833709][  T426] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  175.884456][  T426] usb 5-1: string descriptor 0 read error: -71
[  175.891111][  T417] usbhid 4-1:0.0: can't add hid device: -71
[  176.232990][  T417] usbhid: probe of 4-1:0.0 failed with error -71
[  176.244849][  T426] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  176.307572][  T417] usb 4-1: USB disconnect, device number 12
[  176.329521][  T426] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.418183][  T426] usb 5-1: can't set config #1, error -71
[  176.451220][ T2285] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  176.453341][  T426] usb 5-1: USB disconnect, device number 19
[  176.492180][ T3099] loop4: detected capacity change from 0 to 40427
[  176.551240][ T3106] loop5: detected capacity change from 0 to 16
[  176.568274][ T3099] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  176.576036][ T3099] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  176.588559][ T3106] erofs: (device loop5): mounted with root inode @ nid 36.
[  176.608337][ T3106] attempt to access beyond end of device
[  176.608337][ T3106] loop5: rw=0, want=14552337264, limit=16
[  176.629424][ T3099] F2FS-fs (loop4): Found nat_bits in checkpoint
[  176.676227][ T3099] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  176.683360][ T3099] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  176.727688][ T2285] usb 2-1: Using ep0 maxpacket: 32
[  176.854449][  T417] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  177.107689][ T2285] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  177.115867][ T2285] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  177.124726][ T2285] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  177.136037][ T2285] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  177.145330][ T2285] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  177.154398][ T2285] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.155414][ T3121] loop4: detected capacity change from 0 to 4096
[  177.163232][ T2285] usb 2-1: config 0 descriptor??
[  177.168828][  T426] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  177.198068][ T3121] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  177.240330][ T3121] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  177.251382][ T3121] SELinux: security_context_str_to_sid(system_u) failed for (dev loop4, type ext4) errno=-22
[  177.267758][  T417] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.278926][  T417] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  177.288825][  T417] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  177.297779][  T417] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.306706][  T417] usb 4-1: config 0 descriptor??
[  177.361189][ T3125] loop4: detected capacity change from 0 to 2048
[  177.447711][  T426] usb 6-1: Using ep0 maxpacket: 32
[  177.477780][ T3125] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  177.599587][ T3130] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  177.614264][ T3130] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  177.626615][ T3130] EXT4-fs (loop4): This should not happen!! Data will be lost
[  177.626615][ T3130] 
[  177.636113][ T3130] EXT4-fs (loop4): Total free blocks count 0
[  177.642037][ T3130] EXT4-fs (loop4): Free/Dirty block details
[  177.647805][ T3130] EXT4-fs (loop4): free_blocks=2415919504
[  177.653347][ T3130] EXT4-fs (loop4): dirty_blocks=4384
[  177.657758][  T426] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  177.680469][  T426] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  177.702119][ T3130] EXT4-fs (loop4): Block reservation details
[  177.890375][  T426] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  177.946696][ T3130] EXT4-fs (loop4): i_reserved_data_blocks=274
[  177.958802][  T417] hid-steam 0003:28DE:1142.0015: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0
[  177.969643][  T426] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  178.049621][  T426] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  178.058705][  T417] hid-steam 0003:28DE:1142.0016: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0
[  178.074787][  T426] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.086577][  T426] usb 6-1: config 0 descriptor??
[  178.138273][  T417] hid-steam 0003:28DE:1142.0015: Steam wireless receiver connected
[  178.159092][   T10] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  178.171220][   T10] EXT4-fs (loop4): This should not happen!! Data will be lost
[  178.171220][   T10] 
[  179.020702][ T3140] loop3: detected capacity change from 0 to 512
[  179.428422][ T2285] usb 2-1: USB disconnect, device number 13
[  179.458309][  T426] usb 4-1: reset high-speed USB device number 13 using dummy_hcd
[  179.488571][ T3149] loop1: detected capacity change from 0 to 256
[  179.580872][ T3149] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  179.627660][   T26] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  179.656512][ T3151] loop1: detected capacity change from 0 to 2048
[  179.749877][ T3151] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  179.823155][ T3155] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  179.837828][ T3155] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  179.850312][ T3155] EXT4-fs (loop1): This should not happen!! Data will be lost
[  179.850312][ T3155] 
[  179.903313][   T26] usb 5-1: Using ep0 maxpacket: 8
[  179.908631][ T3155] EXT4-fs (loop1): Total free blocks count 0
[  179.917780][ T3155] EXT4-fs (loop1): Free/Dirty block details
[  179.921300][ T3158] device pim6reg1 entered promiscuous mode
[  179.923502][ T3155] EXT4-fs (loop1): free_blocks=2415919504
[  179.923522][ T3155] EXT4-fs (loop1): dirty_blocks=5920
[  179.923535][ T3155] EXT4-fs (loop1): Block reservation details
[  179.945996][ T3155] EXT4-fs (loop1): i_reserved_data_blocks=409
[  180.025916][    T8] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  180.038154][    T8] EXT4-fs (loop1): This should not happen!! Data will be lost
[  180.038154][    T8] 
[  180.121201][   T26] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  180.133444][   T26] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  180.142960][   T26] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  180.536460][  T417] usb 4-1: USB disconnect, device number 13
[  180.663509][  T417] hid-steam 0003:28DE:1142.0015: Steam wireless receiver disconnected
[  180.728204][   T26] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  180.780528][   T26] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.815708][   T26] usb 5-1: Product: syz
[  180.816086][ T2285] usb 6-1: USB disconnect, device number 12
[  180.820125][   T26] usb 5-1: Manufacturer: syz
[  180.974473][   T26] usb 5-1: SerialNumber: syz
[  181.306011][ T3179] loop3: detected capacity change from 0 to 256
[  181.412699][ T3184] netlink: 104 bytes leftover after parsing attributes in process `syz.2.719'.
[  181.435614][ T3179] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  183.157738][   T26] usb 5-1: 2:1 : format type 0 is detected, processed as PCM
[  183.172125][   T26] usb 5-1: 2:1 : invalid channels 0
[  183.215395][ T3206] device pim6reg1 entered promiscuous mode
[  183.218345][ T3202] loop5: detected capacity change from 0 to 2048
[  183.280273][   T26] usb 5-1: USB disconnect, device number 20
[  183.293805][  T313] udevd[313]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  183.294969][ T3202] EXT4-fs (loop5): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  183.849235][  T300] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  184.297656][  T907] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  184.414829][ T3223] loop4: detected capacity change from 0 to 256
[  185.125886][ T3223] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  185.430639][ T3232] loop3: detected capacity change from 0 to 4096
[  185.467741][  T300] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  185.478579][  T300] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  185.488510][  T300] usb 3-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  185.497473][  T300] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.498068][ T3232] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  185.522593][  T300] usb 3-1: config 0 descriptor??
[  185.527624][  T907] usb 2-1: Using ep0 maxpacket: 32
[  185.538214][ T3232] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  185.549280][ T3232] SELinux: security_context_str_to_sid(system_u) failed for (dev loop3, type ext4) errno=-22
[  185.566264][ T3230] loop5: detected capacity change from 0 to 40427
[  185.670470][ T3238] netlink: 104 bytes leftover after parsing attributes in process `syz.4.734'.
[  185.682937][  T907] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  185.720819][  T907] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  185.759017][  T907] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  185.821012][ T3230] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  185.847871][  T300] usbhid 3-1:0.0: can't add hid device: -71
[  185.872051][  T300] usbhid: probe of 3-1:0.0 failed with error -71
[  185.887673][ T3230] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  185.912601][  T300] usb 3-1: USB disconnect, device number 19
[  185.918869][  T907] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  185.929712][  T907] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  185.939350][  T907] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.970797][  T907] usb 2-1: config 0 descriptor??
[  185.998232][ T3230] F2FS-fs (loop5): Found nat_bits in checkpoint
[  186.032236][ T3230] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  186.039156][ T3230] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  187.050617][  T417] usb 2-1: USB disconnect, device number 14
[  187.125987][ T3256] loop2: detected capacity change from 0 to 4096
[  187.947927][ T3256] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  188.268918][ T3256] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  188.287657][ T3256] SELinux: security_context_str_to_sid(system_u) failed for (dev loop2, type ext4) errno=-22
[  188.316394][ T3278] loop5: detected capacity change from 0 to 16
[  188.325216][ T3278] erofs: (device loop5): mounted with root inode @ nid 36.
[  188.334213][ T3278] attempt to access beyond end of device
[  188.334213][ T3278] loop5: rw=0, want=14552337264, limit=16
[  188.363693][ T3280] loop3: detected capacity change from 0 to 4096
[  188.398103][ T3280] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  188.426677][ T3285] loop2: detected capacity change from 0 to 4096
[  188.457483][ T3280] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  188.457917][ T3285] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  188.553168][ T3285] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  188.564136][  T417] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  188.686598][ T3280] SELinux: security_context_str_to_sid(system_u) failed for (dev loop3, type ext4) errno=-22
[  188.699572][ T3285] SELinux: security_context_str_to_sid(system_u) failed for (dev loop2, type ext4) errno=-22
[  188.853236][ T3289] loop3: detected capacity change from 0 to 2048
[  188.866317][ T3284] loop5: detected capacity change from 0 to 40427
[  188.872760][  T417] usb 2-1: Using ep0 maxpacket: 32
[  188.898393][ T3284] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  188.906532][ T3284] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  188.918925][ T3284] F2FS-fs (loop5): invalid crc value
[  188.919107][ T3289] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  188.940323][ T3284] F2FS-fs (loop5): Found nat_bits in checkpoint
[  188.997682][  T417] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  189.004145][ T3284] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  189.005852][  T417] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  189.013989][ T3284] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  189.046307][  T417] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  189.080807][ T3284] attempt to access beyond end of device
[  189.080807][ T3284] loop5: rw=0, want=77832, limit=40427
[  189.082994][ T3303] loop3: detected capacity change from 0 to 2048
[  189.097774][  T417] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  189.106606][  T417] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  189.127618][  T417] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.137547][  T417] usb 2-1: config 0 descriptor??
[  189.187650][  T300] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  189.242634][ T3303] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  189.257673][ T3301] loop4: detected capacity change from 0 to 40427
[  189.292959][ T3301] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  189.307667][ T3301] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  189.338748][ T3301] F2FS-fs (loop4): Found nat_bits in checkpoint
[  189.389623][ T3301] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  189.396185][ T2017] attempt to access beyond end of device
[  189.396185][ T2017] loop5: rw=1, want=45104, limit=40427
[  189.396711][ T3301] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  189.424743][    T8] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  189.439378][  T300] usb 3-1: Using ep0 maxpacket: 32
[  189.444124][    T8] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1234 with error 28
[  189.457337][    T8] EXT4-fs (loop3): This should not happen!! Data will be lost
[  189.457337][    T8] 
[  189.467093][    T8] EXT4-fs (loop3): Total free blocks count 0
[  189.474642][    T8] EXT4-fs (loop3): Free/Dirty block details
[  189.480587][    T8] EXT4-fs (loop3): free_blocks=2415919504
[  189.486981][    T8] EXT4-fs (loop3): dirty_blocks=1248
[  189.504570][    T8] EXT4-fs (loop3): Block reservation details
[  189.512603][    T8] EXT4-fs (loop3): i_reserved_data_blocks=78
[  189.557695][  T300] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  189.571530][  T300] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  189.587637][  T300] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  189.619219][  T300] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  189.639845][ T3314] loop3: detected capacity change from 0 to 2048
[  189.647647][  T300] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  189.656665][  T300] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.665560][  T300] usb 3-1: config 0 descriptor??
[  189.770013][ T3319] loop4: detected capacity change from 0 to 512
[  189.796823][ T3322] netlink: 104 bytes leftover after parsing attributes in process `syz.5.753'.
[  190.001538][ T3319] EXT4-fs error (device loop4): ext4_do_update_inode:5205: inode #3: comm syz.4.754: corrupted inode contents
[  190.014230][ T3319] EXT4-fs error (device loop4): ext4_dirty_inode:6041: inode #3: comm syz.4.754: mark_inode_dirty error
[  190.028922][ T3319] EXT4-fs error (device loop4): ext4_do_update_inode:5205: inode #3: comm syz.4.754: corrupted inode contents
[  190.041147][ T3319] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #3: comm syz.4.754: mark_inode_dirty error
[  190.055603][ T3319] Quota error (device loop4): write_blk: dquota write failed
[  190.062926][ T3319] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  190.072758][ T3319] EXT4-fs error (device loop4): ext4_acquire_dquot:6188: comm syz.4.754: Failed to acquire dquot type 0
[  190.088432][ T3319] EXT4-fs (loop4): 1 orphan inode deleted
[  190.094069][ T3319] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  190.105212][ T3319] ext4 filesystem being mounted at /147/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  190.130195][ T3314] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  190.277064][ T3328] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  190.297663][ T3328] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  190.310211][ T3328] EXT4-fs (loop3): This should not happen!! Data will be lost
[  190.310211][ T3328] 
[  190.320019][ T3328] EXT4-fs (loop3): Total free blocks count 0
[  190.326080][ T3328] EXT4-fs (loop3): Free/Dirty block details
[  190.331979][ T3328] EXT4-fs (loop3): free_blocks=2415919504
[  190.337693][ T3328] EXT4-fs (loop3): dirty_blocks=4736
[  190.342870][ T3328] EXT4-fs (loop3): Block reservation details
[  190.348883][ T3328] EXT4-fs (loop3): i_reserved_data_blocks=296
[  190.621103][   T10] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 472 with max blocks 2048 with error 28
[  190.633671][   T10] EXT4-fs (loop3): This should not happen!! Data will be lost
[  190.633671][   T10] 
[  190.867673][  T417] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  190.877872][  T426] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  191.125484][  T300] usb 2-1: USB disconnect, device number 15
[  191.151646][  T417] usb 6-1: Using ep0 maxpacket: 32
[  191.169212][ T3346] loop1: detected capacity change from 0 to 256
[  191.207803][  T426] usb 5-1: Using ep0 maxpacket: 32
[  191.231034][ T3346] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  191.332039][  T417] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  191.340742][  T417] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  191.349419][  T417] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  191.359503][  T417] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  191.368522][  T417] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  191.377444][  T417] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.386665][  T417] usb 6-1: config 0 descriptor??
[  191.391550][  T426] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  191.400005][  T426] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  191.408518][  T426] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  191.418536][  T426] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  191.427361][  T426] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  191.436351][  T426] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.542562][  T426] usb 5-1: config 0 descriptor??
[  191.879032][  T426] usb 3-1: USB disconnect, device number 20
[  191.907830][ T3354] loop3: detected capacity change from 0 to 512
[  191.924149][ T3356] loop2: detected capacity change from 0 to 2048
[  191.979840][ T3356] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  192.010318][ T3354] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #3: comm syz.3.762: corrupted inode contents
[  192.022298][ T3354] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #3: comm syz.3.762: mark_inode_dirty error
[  192.033930][ T3354] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #3: comm syz.3.762: corrupted inode contents
[  192.046039][ T3354] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #3: comm syz.3.762: mark_inode_dirty error
[  192.057646][ T3354] Quota error (device loop3): write_blk: dquota write failed
[  192.064917][ T3354] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  192.074660][ T3354] EXT4-fs error (device loop3): ext4_acquire_dquot:6188: comm syz.3.762: Failed to acquire dquot type 0
[  192.086802][ T3354] EXT4-fs (loop3): 1 orphan inode deleted
[  192.092759][ T3354] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  192.103645][ T3354] ext4 filesystem being mounted at /171/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  192.211643][   T10] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  192.227308][   T10] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  192.240360][   T10] EXT4-fs (loop2): This should not happen!! Data will be lost
[  192.240360][   T10] 
[  192.251557][   T10] EXT4-fs (loop2): Total free blocks count 0
[  192.291904][   T10] EXT4-fs (loop2): Free/Dirty block details
[  192.298018][   T10] EXT4-fs (loop2): free_blocks=2415919504
[  192.303750][   T10] EXT4-fs (loop2): dirty_blocks=3616
[  192.309176][   T10] EXT4-fs (loop2): Block reservation details
[  192.314971][   T10] EXT4-fs (loop2): i_reserved_data_blocks=226
[  192.334576][   T10] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 1562 with error 28
[  192.684866][   T10] EXT4-fs (loop2): This should not happen!! Data will be lost
[  192.684866][   T10] 
[  192.880966][ T3373] loop3: detected capacity change from 0 to 512
[  193.229595][ T3373] EXT4-fs (loop3): fragment/cluster size (33554432) != block size (2048)
[  193.368817][ T3379] loop1: detected capacity change from 0 to 512
[  193.480601][ T3386] netlink: 104 bytes leftover after parsing attributes in process `syz.3.769'.
[  193.543584][ T3379] EXT4-fs error (device loop1): ext4_do_update_inode:5205: inode #3: comm syz.1.767: corrupted inode contents
[  193.569688][ T3379] EXT4-fs error (device loop1): ext4_dirty_inode:6041: inode #3: comm syz.1.767: mark_inode_dirty error
[  193.608886][ T3379] EXT4-fs error (device loop1): ext4_do_update_inode:5205: inode #3: comm syz.1.767: corrupted inode contents
[  193.697242][ T3379] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #3: comm syz.1.767: mark_inode_dirty error
[  193.774451][ T3379] Quota error (device loop1): write_blk: dquota write failed
[  193.781767][ T3379] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  193.791518][ T3379] EXT4-fs error (device loop1): ext4_acquire_dquot:6188: comm syz.1.767: Failed to acquire dquot type 0
[  193.803719][ T3379] EXT4-fs (loop1): 1 orphan inode deleted
[  193.809392][ T3379] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  193.817499][    T6] usb 5-1: USB disconnect, device number 21
[  193.820288][ T3379] ext4 filesystem being mounted at /169/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  193.846205][  T907] usb 6-1: USB disconnect, device number 13
[  193.885907][   T30] audit: type=1326 audit(2000000166.910:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3390 comm="syz.5.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb90ad3f849 code=0x7ffc0000
[  193.909240][   T30] audit: type=1326 audit(2000000166.920:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3390 comm="syz.5.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7fb90ad3f849 code=0x7ffc0000
[  194.047790][  T300] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  194.268704][ T3402] loop3: detected capacity change from 0 to 2048
[  194.349449][ T3402] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  194.372833][    T6] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  194.407703][  T300] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  194.418666][  T300] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  194.431797][  T300] usb 3-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  194.440702][  T300] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.457651][  T417] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  194.461474][  T300] usb 3-1: config 0 descriptor??
[  194.511052][   T10] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  194.525713][   T10] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  194.538150][   T10] EXT4-fs (loop3): This should not happen!! Data will be lost
[  194.538150][   T10] 
[  194.547699][   T10] EXT4-fs (loop3): Total free blocks count 0
[  194.553477][   T10] EXT4-fs (loop3): Free/Dirty block details
[  194.559243][   T10] EXT4-fs (loop3): free_blocks=2415919504
[  194.564755][   T10] EXT4-fs (loop3): dirty_blocks=3216
[  194.569890][   T10] EXT4-fs (loop3): Block reservation details
[  194.575781][   T10] EXT4-fs (loop3): i_reserved_data_blocks=201
[  194.590706][    T8] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 1162 with error 28
[  194.603222][    T8] EXT4-fs (loop3): This should not happen!! Data will be lost
[  194.603222][    T8] 
[  194.617632][    T6] usb 5-1: Using ep0 maxpacket: 32
[  194.736886][ T3411] loop5: detected capacity change from 0 to 512
[  194.743337][    T6] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  194.751643][  T417] usb 2-1: Using ep0 maxpacket: 32
[  194.755321][    T6] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  194.769555][    T6] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  194.780625][    T6] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  194.788892][ T3411] EXT4-fs (loop5): mounted filesystem without journal. Opts: bsddf,,errors=continue. Quota mode: none.
[  194.789536][    T6] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  194.809226][    T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.819215][    T6] usb 5-1: config 0 descriptor??
[  194.903559][  T417] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  194.912048][  T417] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  194.922418][  T417] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  194.933584][  T417] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  194.975290][  T417] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  195.008261][  T417] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.079060][  T417] usb 2-1: config 0 descriptor??
[  195.264599][   T30] audit: type=1400 audit(2000000168.290:912): avc:  denied  { create } for  pid=3410 comm="syz.5.778" name=E91F7189591E9233614B scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[  195.363117][   T30] audit: type=1400 audit(2000000168.330:913): avc:  denied  { execute } for  pid=3410 comm="syz.5.778" path="/98/file0/blkio.bfq.avg_queue_size" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  195.626202][ T3416] loop2: detected capacity change from 0 to 512
[  195.808687][  T300] hid-steam 0003:28DE:1142.0017: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[  195.828639][  T300] hid-steam 0003:28DE:1142.0018: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[  195.870486][ T3419] loop3: detected capacity change from 0 to 4096
[  195.898224][ T3419] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  195.907655][  T300] hid-steam 0003:28DE:1142.0017: Steam wireless receiver connected
[  195.930205][ T3419] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  195.941258][ T3419] SELinux: security_context_str_to_sid(system_u) failed for (dev loop3, type ext4) errno=-22
[  195.974649][   T30] audit: type=1326 audit(2000000169.000:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3422 comm="syz.5.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb90ad3f849 code=0x7ffc0000
[  195.997931][   T30] audit: type=1326 audit(2000000169.000:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3422 comm="syz.5.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb90ad3f849 code=0x7ffc0000
[  196.021559][   T30] audit: type=1326 audit(2000000169.000:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3422 comm="syz.5.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb90ad3f849 code=0x7ffc0000
[  196.045049][   T30] audit: type=1326 audit(2000000169.050:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3422 comm="syz.5.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb90ad3f849 code=0x7ffc0000
[  196.071393][   T30] audit: type=1326 audit(2000000169.060:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3422 comm="syz.5.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb90ad3f849 code=0x7ffc0000
[  196.094837][   T30] audit: type=1326 audit(2000000169.070:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3422 comm="syz.5.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb90ad3f849 code=0x7ffc0000
[  196.126540][   T30] audit: type=1326 audit(2000000169.070:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3422 comm="syz.5.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb90ad3f849 code=0x7ffc0000
[  196.153189][   T30] audit: type=1326 audit(2000000169.070:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3422 comm="syz.5.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb90ad3f849 code=0x7ffc0000
[  196.788820][   T26] usb 3-1: USB disconnect, device number 21
[  196.808747][   T26] hid-steam 0003:28DE:1142.0017: Steam wireless receiver disconnected
[  196.989433][ T3437] loop2: detected capacity change from 0 to 512
[  197.066952][ T3437] EXT4-fs error (device loop2): ext4_do_update_inode:5205: inode #3: comm syz.2.784: corrupted inode contents
[  197.079379][ T3437] EXT4-fs error (device loop2): ext4_dirty_inode:6041: inode #3: comm syz.2.784: mark_inode_dirty error
[  197.091019][ T3437] EXT4-fs error (device loop2): ext4_do_update_inode:5205: inode #3: comm syz.2.784: corrupted inode contents
[  197.102943][ T3437] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #3: comm syz.2.784: mark_inode_dirty error
[  197.114518][ T3437] EXT4-fs error (device loop2): ext4_acquire_dquot:6188: comm syz.2.784: Failed to acquire dquot type 0
[  197.179017][ T3446] netlink: 104 bytes leftover after parsing attributes in process `syz.3.785'.
[  197.281534][ T3437] EXT4-fs (loop2): 1 orphan inode deleted
[  197.287270][ T3437] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  197.302390][ T3437] ext4 filesystem being mounted at /137/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.418642][  T300] usb 2-1: USB disconnect, device number 16
[  197.457221][ T3449] loop1: detected capacity change from 0 to 16
[  197.488470][ T3449] erofs: (device loop1): mounted with root inode @ nid 36.
[  197.510423][ T3449] attempt to access beyond end of device
[  197.510423][ T3449] loop1: rw=0, want=14552337264, limit=16
[  197.510979][    T6] usb 5-1: USB disconnect, device number 22
[  198.488695][ T3471] loop4: detected capacity change from 0 to 256
[  198.554052][ T3471] exfat: Deprecated parameter 'namecase'
[  198.602713][ T3471] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  198.962714][ T3478] device pim6reg1 entered promiscuous mode
[  198.993350][ T3482] loop4: detected capacity change from 0 to 4096
[  199.011546][ T3484] loop5: detected capacity change from 0 to 16
[  199.017752][  T300] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  199.037981][ T3482] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  199.048419][ T3484] erofs: (device loop5): mounted with root inode @ nid 36.
[  199.056185][ T3484] attempt to access beyond end of device
[  199.056185][ T3484] loop5: rw=0, want=14552337264, limit=16
[  199.075480][ T3482] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  199.086729][ T3482] SELinux: security_context_str_to_sid(system_u) failed for (dev loop4, type ext4) errno=-22
[  199.277669][    T6] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  199.447838][  T300] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  199.458602][  T300] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  199.468401][  T300] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  199.477248][  T300] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.485262][  T907] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  199.523601][  T300] usb 2-1: config 0 descriptor??
[  199.528619][    T6] usb 3-1: Using ep0 maxpacket: 32
[  199.548318][ T3499] netlink: 104 bytes leftover after parsing attributes in process `syz.3.802'.
[  199.647838][    T6] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  199.656971][    T6] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  199.668309][    T6] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  199.683975][    T6] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  199.695426][    T6] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  199.707754][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.723793][    T6] usb 3-1: config 0 descriptor??
[  199.729248][  T907] usb 6-1: Using ep0 maxpacket: 32
[  199.847707][  T907] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  199.856019][  T907] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  199.864564][  T907] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  199.874526][  T907] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  199.883382][  T907] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  199.892218][  T907] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.900678][  T907] usb 6-1: config 0 descriptor??
[  200.977778][  T300] uclogic 0003:256C:006D.0019: v1 buttonpad probing failed: -71
[  200.985466][  T300] uclogic 0003:256C:006D.0019: failed probing parameters: -71
[  200.993199][  T300] uclogic: probe of 0003:256C:006D.0019 failed with error -71
[  201.002275][  T300] usb 2-1: USB disconnect, device number 17
[  201.295314][ T3517] loop3: detected capacity change from 0 to 256
[  201.301997][ T3517] exfat: Deprecated parameter 'namecase'
[  201.331739][ T3517] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  201.665270][  T426] usb 3-1: USB disconnect, device number 22
[  201.671184][   T26] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  201.712499][ T3524] loop2: detected capacity change from 0 to 16
[  201.721755][ T3524] erofs: (device loop2): mounted with root inode @ nid 36.
[  201.730016][ T3524] attempt to access beyond end of device
[  201.730016][ T3524] loop2: rw=0, want=14552337264, limit=16
[  201.817697][ T3528] loop2: detected capacity change from 0 to 2048
[  201.839626][ T3528] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  201.918284][ T3530] loop4: detected capacity change from 0 to 512
[  201.926522][ T3535] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  201.941343][ T3535] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  201.953948][ T3535] EXT4-fs (loop2): This should not happen!! Data will be lost
[  201.953948][ T3535] 
[  201.963831][ T3535] EXT4-fs (loop2): Total free blocks count 0
[  201.970331][ T3535] EXT4-fs (loop2): Free/Dirty block details
[  201.976335][ T3535] EXT4-fs (loop2): free_blocks=2415919504
[  201.982234][ T3535] EXT4-fs (loop2): dirty_blocks=4096
[  201.987659][ T3535] EXT4-fs (loop2): Block reservation details
[  201.987837][   T42] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  201.993455][ T3535] EXT4-fs (loop2): i_reserved_data_blocks=256
[  202.040014][ T3530] EXT4-fs error (device loop4): ext4_do_update_inode:5205: inode #3: comm syz.4.813: corrupted inode contents
[  202.051757][ T3530] EXT4-fs error (device loop4): ext4_dirty_inode:6041: inode #3: comm syz.4.813: mark_inode_dirty error
[  202.063540][ T3530] EXT4-fs error (device loop4): ext4_do_update_inode:5205: inode #3: comm syz.4.813: corrupted inode contents
[  202.075300][ T3530] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #3: comm syz.4.813: mark_inode_dirty error
[  202.086805][ T3530] __quota_error: 37 callbacks suppressed
[  202.086818][ T3530] Quota error (device loop4): write_blk: dquota write failed
[  202.087790][   T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  202.092348][ T3530] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  202.120085][   T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  202.120127][   T26] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  202.120150][   T26] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.146684][ T3530] EXT4-fs error (device loop4): ext4_acquire_dquot:6188: comm syz.4.813: Failed to acquire dquot type 0
[  202.148771][ T2017] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  202.173660][   T26] usb 4-1: config 0 descriptor??
[  202.174117][ T3530] EXT4-fs (loop4): 1 orphan inode deleted
[  202.183992][ T3530] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  202.184294][ T2017] EXT4-fs (loop2): This should not happen!! Data will be lost
[  202.184294][ T2017] 
[  202.194885][ T3530] ext4 filesystem being mounted at /158/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  202.223699][    T6] usb 6-1: USB disconnect, device number 14
[  202.247637][   T42] usb 2-1: Using ep0 maxpacket: 8
[  202.347382][   T30] audit: type=1326 audit(2000000175.370:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3544 comm="syz.4.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6608c71849 code=0x7ffc0000
[  202.370616][   T30] audit: type=1326 audit(2000000175.370:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3544 comm="syz.4.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6608c71849 code=0x7ffc0000
[  202.395086][ T3546] netlink: 104 bytes leftover after parsing attributes in process `syz.5.815'.
[  202.404355][   T30] audit: type=1326 audit(2000000175.370:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3544 comm="syz.4.816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f6608c71849 code=0x7ffc0000
[  202.537753][   T42] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  202.548484][   T42] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  202.558029][   T42] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  202.670656][   T26] hid-steam 0003:28DE:1142.001A: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0
[  202.683328][   T26] hid-steam 0003:28DE:1142.001B: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0
[  202.767705][   T42] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  202.776730][   T26] hid-steam 0003:28DE:1142.001A: Steam wireless receiver connected
[  202.785030][   T42] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.794040][   T42] usb 2-1: Product: syz
[  202.798098][   T42] usb 2-1: Manufacturer: syz
[  202.802484][   T42] usb 2-1: SerialNumber: syz
[  203.127749][   T42] usb 2-1: 2:1 : format type 0 is detected, processed as PCM
[  203.135287][   T42] usb 2-1: 2:1 : invalid channels 0
[  203.155084][ T3554] loop2: detected capacity change from 0 to 256
[  203.163850][   T42] usb 2-1: USB disconnect, device number 18
[  203.187960][ T3554] exfat: Deprecated parameter 'namecase'
[  203.231213][ T3554] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  203.254878][  T313] udevd[313]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  203.277547][ T3561] loop3: detected capacity change from 0 to 512
[  203.389539][ T3566] loop2: detected capacity change from 0 to 16
[  203.414144][ T3566] erofs: (device loop2): mounted with root inode @ nid 36.
[  203.422110][ T3566] attempt to access beyond end of device
[  203.422110][ T3566] loop2: rw=0, want=14552337264, limit=16
[  203.476425][ T1941] usb 4-1: USB disconnect, device number 14
[  203.488710][ T1941] hid-steam 0003:28DE:1142.001A: Steam wireless receiver disconnected
[  203.507694][  T300] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  203.576656][ T3572] loop1: detected capacity change from 0 to 128
[  203.651289][ T3572] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  203.661833][ T3572] ext4 filesystem being mounted at /175/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  203.747848][  T300] usb 5-1: Using ep0 maxpacket: 32
[  203.867840][  T300] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  203.876092][  T300] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  203.884494][  T300] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  203.894443][  T300] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  203.903356][  T300] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  203.912176][  T300] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.920771][  T300] usb 5-1: config 0 descriptor??
[  203.937667][    T6] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  203.968082][ T3576] loop5: detected capacity change from 0 to 2048
[  204.069288][ T3576] EXT4-fs (loop5): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  204.240543][ T3582] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  204.265786][ T3582] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2030 with error 28
[  204.299886][ T3582] EXT4-fs (loop5): This should not happen!! Data will be lost
[  204.299886][ T3582] 
[  204.405629][ T3582] EXT4-fs (loop5): Total free blocks count 0
[  204.412946][ T3582] EXT4-fs (loop5): Free/Dirty block details
[  204.419557][ T3582] EXT4-fs (loop5): free_blocks=2415919504
[  204.425204][ T3582] EXT4-fs (loop5): dirty_blocks=2128
[  204.430496][ T3582] EXT4-fs (loop5): Block reservation details
[  204.436385][ T3582] EXT4-fs (loop5): i_reserved_data_blocks=133
[  204.487689][    T6] usb 2-1: too many configurations: 65, using maximum allowed: 8
[  204.509083][ T2017] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  204.521568][ T2017] EXT4-fs (loop5): This should not happen!! Data will be lost
[  204.521568][ T2017] 
[  204.717645][  T300] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  204.857637][ T1941] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  204.993466][ T3593] loop3: detected capacity change from 0 to 512
[  205.099787][ T3593] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #3: comm syz.3.828: corrupted inode contents
[  205.111738][ T3593] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #3: comm syz.3.828: mark_inode_dirty error
[  205.117785][  T300] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  205.133496][  T300] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  205.133927][ T3593] EXT4-fs error (device loop3): ext4_do_update_inode:5205: inode #3: comm syz.3.828: corrupted inode contents
[  205.143525][  T300] usb 3-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00
[  205.155268][ T3593] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #3: comm syz.3.828: mark_inode_dirty error
[  205.163569][    T6] usb 2-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  205.175129][ T3593] Quota error (device loop3): write_blk: dquota write failed
[  205.183199][  T300] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.190335][ T3593] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  205.198276][    T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.207916][ T3593] EXT4-fs error (device loop3): ext4_acquire_dquot:6188: comm syz.3.828: Failed to acquire dquot type 0
[  205.209930][ T3593] EXT4-fs (loop3): 1 orphan inode deleted
[  205.224743][  T300] usb 3-1: config 0 descriptor??
[  205.226929][ T3593] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  205.248261][ T3593] ext4 filesystem being mounted at /191/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  205.377770][ T1941] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  205.388748][ T1941] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  205.398364][ T1941] usb 6-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  205.407209][ T1941] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.416152][ T1941] usb 6-1: config 0 descriptor??
[  205.468980][ T3586] UDC core: couldn't find an available UDC or it's busy: -16
[  205.476365][ T3586] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  205.567860][  T300] usbhid 3-1:0.0: can't add hid device: -71
[  205.573702][  T300] usbhid: probe of 3-1:0.0 failed with error -71
[  205.579907][    T6] usb 2-1: string descriptor 0 read error: -71
[  205.585941][    T6] usb 2-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  205.596584][  T300] usb 3-1: USB disconnect, device number 23
[  205.602508][    T6] usb 2-1: No valid video chain found.
[  205.613661][    T6] usb 2-1: USB disconnect, device number 19
[  205.760903][   T30] audit: type=1326 audit(2000000178.790:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3599 comm="syz.3.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca470f6849 code=0x7ffc0000
[  205.784174][   T30] audit: type=1326 audit(2000000178.790:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3599 comm="syz.3.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca470f6849 code=0x7ffc0000
[  205.807514][   T30] audit: type=1326 audit(2000000178.790:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3599 comm="syz.3.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7fca470f6849 code=0x7ffc0000
[  205.899566][ T1941] hid-steam 0003:28DE:1142.001C: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.5-1/input0
[  205.912893][ T1941] hid-steam 0003:28DE:1142.001D: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.5-1/input0
[  205.997660][ T1941] hid-steam 0003:28DE:1142.001C: Steam wireless receiver connected
[  206.015355][ T3602] loop2: detected capacity change from 0 to 256
[  206.057988][ T3602] exfat: Deprecated parameter 'namecase'
[  206.093423][ T3602] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  206.211148][   T26] usb 5-1: USB disconnect, device number 23
[  206.427632][ T1941] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  206.490036][ T3609] loop5: detected capacity change from 0 to 512
[  206.619449][ T3612] loop3: detected capacity change from 0 to 4096
[  206.638052][ T3612] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  206.670826][ T3612] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  206.681978][   T26] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  206.681983][ T3612] SELinux: security_context_str_to_sid(system_u) failed for (dev loop3, type ext4) errno=-22
[  206.691134][  T426] usb 6-1: USB disconnect, device number 15
[  206.707163][  T426] hid-steam 0003:28DE:1142.001C: Steam wireless receiver disconnected
[  206.817726][ T1941] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  206.828632][ T1941] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  206.838235][ T1941] usb 3-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  206.847017][ T1941] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.855816][ T1941] usb 3-1: config 0 descriptor??
[  206.927794][   T26] usb 5-1: Using ep0 maxpacket: 8
[  206.975552][ T3620] device pim6reg1 entered promiscuous mode
[  207.021058][ T3622] loop1: detected capacity change from 0 to 4096
[  207.057936][ T3622] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  207.077706][   T26] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  207.089013][   T26] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  207.101649][ T3622] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  207.102854][   T26] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  207.112851][ T3622] SELinux: security_context_str_to_sid(system_u) failed for (dev loop1, type ext4) errno=-22
[  207.310863][   T30] audit: type=1326 audit(2000000180.340:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3627 comm="syz.1.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4392314849 code=0x7ffc0000
[  207.334197][   T30] audit: type=1326 audit(2000000180.340:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3627 comm="syz.1.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4392314849 code=0x7ffc0000
[  207.338153][   T26] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  207.358009][   T30] audit: type=1326 audit(2000000180.340:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3627 comm="syz.1.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4392314849 code=0x7ffc0000
[  207.370565][ T1941] hid-steam 0003:28DE:1142.001E: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[  207.397805][   T30] audit: type=1326 audit(2000000180.370:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3627 comm="syz.1.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4392314849 code=0x7ffc0000
[  207.400059][   T26] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.434430][   T26] usb 5-1: Product: syz
[  207.438654][ T1941] hid-steam 0003:28DE:1142.001F: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[  207.449932][   T30] audit: type=1326 audit(2000000180.460:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3627 comm="syz.1.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4392314849 code=0x7ffc0000
[  207.453247][   T26] usb 5-1: Manufacturer: syz
[  207.479602][   T26] usb 5-1: SerialNumber: syz
[  207.489273][   T30] audit: type=1326 audit(2000000180.460:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3627 comm="syz.1.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4392314849 code=0x7ffc0000
[  207.512658][   T30] audit: type=1326 audit(2000000180.460:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3627 comm="syz.1.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4392314849 code=0x7ffc0000
[  207.536428][   T30] audit: type=1326 audit(2000000180.460:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3627 comm="syz.1.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4392314849 code=0x7ffc0000
[  207.559734][   T30] audit: type=1326 audit(2000000180.460:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3627 comm="syz.1.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4392314849 code=0x7ffc0000
[  207.583208][ T1941] hid-steam 0003:28DE:1142.001E: Steam wireless receiver connected
[  207.583274][   T30] audit: type=1326 audit(2000000180.510:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3627 comm="syz.1.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4392314849 code=0x7ffc0000
[  207.700816][  T426] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  208.072786][   T26] usb 5-1: 2:1 : format type 0 is detected, processed as PCM
[  208.080077][   T26] usb 5-1: 2:1 : invalid channels 0
[  208.100449][ T3637] loop2: detected capacity change from 0 to 512
[  208.109783][   T26] usb 5-1: USB disconnect, device number 24
[  208.172494][  T313] udevd[313]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  208.226747][ T3639] loop1: detected capacity change from 0 to 512
[  208.267710][  T426] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  208.278555][  T426] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  208.289781][  T426] usb 6-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  208.298636][  T300] usb 3-1: USB disconnect, device number 24
[  208.300031][  T300] hid-steam 0003:28DE:1142.001E: Steam wireless receiver disconnected
[  208.304492][  T426] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.321407][  T426] usb 6-1: config 0 descriptor??
[  208.326977][ T3639] EXT4-fs error (device loop1): ext4_do_update_inode:5205: inode #3: comm syz.1.840: corrupted inode contents
[  208.339053][ T3639] EXT4-fs error (device loop1): ext4_dirty_inode:6041: inode #3: comm syz.1.840: mark_inode_dirty error
[  208.350839][ T3639] EXT4-fs error (device loop1): ext4_do_update_inode:5205: inode #3: comm syz.1.840: corrupted inode contents
[  208.363940][ T3639] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #3: comm syz.1.840: mark_inode_dirty error
[  208.376430][ T3639] EXT4-fs error (device loop1): ext4_acquire_dquot:6188: comm syz.1.840: Failed to acquire dquot type 0
[  208.388789][ T3639] EXT4-fs (loop1): 1 orphan inode deleted
[  208.394507][ T3639] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  208.405623][ T3639] ext4 filesystem being mounted at /180/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  208.571613][ T3647] loop1: detected capacity change from 0 to 2048
[  208.589525][ T3647] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  208.679185][ T3653] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  208.694158][ T3653] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  208.706906][ T3653] EXT4-fs (loop1): This should not happen!! Data will be lost
[  208.706906][ T3653] 
[  208.716545][ T3653] EXT4-fs (loop1): Total free blocks count 0
[  208.722742][ T3653] EXT4-fs (loop1): Free/Dirty block details
[  208.730982][ T3653] EXT4-fs (loop1): free_blocks=2415919504
[  208.741804][ T3653] EXT4-fs (loop1): dirty_blocks=3488
[  208.752229][ T3653] EXT4-fs (loop1): Block reservation details
[  208.789798][ T3653] EXT4-fs (loop1): i_reserved_data_blocks=218
[  208.932282][  T426] hid-steam 0003:28DE:1142.0020: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.5-1/input0
[  208.981205][  T426] hid-steam 0003:28DE:1142.0021: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.5-1/input0
[  209.067669][  T426] hid-steam 0003:28DE:1142.0020: Steam wireless receiver connected
[  209.099210][ T2017] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  209.111348][ T2017] EXT4-fs (loop1): This should not happen!! Data will be lost
[  209.111348][ T2017] 
[  209.183457][ T3659] device pim6reg1 entered promiscuous mode
[  209.251423][ T3661] loop1: detected capacity change from 0 to 4096
[  209.297929][ T3661] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  209.336820][ T3661] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  209.347863][ T3661] SELinux: security_context_str_to_sid(system_u) failed for (dev loop1, type ext4) errno=-22
[  209.520517][ T3668] loop5: detected capacity change from 0 to 512
[  209.583730][ T3666] loop3: detected capacity change from 0 to 40427
[  209.673553][ T3666] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  209.682664][ T3666] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  209.693908][ T3666] F2FS-fs (loop3): invalid crc value
[  209.703364][ T3666] F2FS-fs (loop3): Found nat_bits in checkpoint
[  209.719908][    T6] usb 6-1: USB disconnect, device number 16
[  209.728543][    T6] hid-steam 0003:28DE:1142.0020: Steam wireless receiver disconnected
[  209.746868][ T3666] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  209.754072][ T3666] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  210.002878][  T296] ------------[ cut here ]------------
[  210.008470][  T296] WARNING: CPU: 1 PID: 296 at fs/f2fs/inode.c:880 f2fs_evict_inode+0x1246/0x1520
[  210.017480][  T296] Modules linked in:
[  210.021420][  T296] CPU: 1 PID: 296 Comm: syz-executor Not tainted 5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  210.031321][  T296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  210.041201][  T296] RIP: 0010:f2fs_evict_inode+0x1246/0x1520
[  210.046794][  T296] Code: ff ff e8 8d fc 52 ff eb 08 e8 86 fc 52 ff 4d 89 e5 48 8b 7c 24 10 e8 19 19 03 00 4c 8b 64 24 58 e9 b4 fc ff ff e8 6a fc 52 ff <0f> 0b 4c 89 f7 be 08 00 00 00 e8 7b 56 95 ff f0 41 80 0e 04 e9 96
[  210.066325][  T296] RSP: 0018:ffffc90000a778a0 EFLAGS: 00010293
[  210.072303][  T296] RAX: ffffffff821d69a6 RBX: 0000000000000002 RCX: ffff88810a85bb40
[  210.080082][  T296] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000
[  210.087904][  T296] RBP: ffffc90000a77a10 R08: ffffffff821d6641 R09: ffffed10273fcbc1
[  210.095680][  T296] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888139fe5b30
[  210.103519][  T296] R13: dffffc0000000000 R14: ffff888112f20078 R15: 1ffff9200014ef28
[  210.111318][  T296] FS:  000055556da92500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  210.120083][  T296] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  210.126500][  T296] CR2: 000055556daad4a8 CR3: 0000000125c15000 CR4: 00000000003506a0
[  210.134693][  T296] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  210.142548][  T296] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  210.150358][  T296] Call Trace:
[  210.153457][  T296]  <TASK>
[  210.156230][  T296]  ? show_regs+0x58/0x60
[  210.160326][  T296]  ? __warn+0x160/0x2f0
[  210.164301][  T296]  ? f2fs_evict_inode+0x1246/0x1520
[  210.169353][  T296]  ? report_bug+0x3d9/0x5b0
[  210.173675][  T296]  ? f2fs_evict_inode+0x1246/0x1520
[  210.178732][  T296]  ? handle_bug+0x41/0x70
[  210.182903][  T296]  ? exc_invalid_op+0x1b/0x50
[  210.187399][  T296]  ? asm_exc_invalid_op+0x1b/0x20
[  210.198145][  T296]  ? f2fs_evict_inode+0xee1/0x1520
[  210.203239][  T296]  ? f2fs_evict_inode+0x1246/0x1520
[  210.208497][  T296]  ? f2fs_evict_inode+0x1246/0x1520
[  210.213569][  T296]  ? _raw_spin_unlock+0x4d/0x70
[  210.215293][ T3685] loop4: detected capacity change from 0 to 4096
[  210.218465][  T296]  ? f2fs_write_inode+0x5d0/0x5d0
[  210.230013][  T296]  ? bit_waitqueue+0x30/0x30
[  210.234483][  T296]  ? locks_free_lock_context+0x42/0x70
[  210.239938][  T296]  ? __destroy_inode+0x35f/0x4e0
[  210.241654][ T3685] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  210.246536][  T296]  ? f2fs_write_inode+0x5d0/0x5d0
[  210.258998][  T296]  evict+0x529/0x930
[  210.262712][  T296]  ? mode_strip_sgid+0x220/0x220
[  210.267485][  T296]  ? __kasan_check_write+0x14/0x20
[  210.272481][  T296]  ? _raw_spin_lock+0xa4/0x1b0
[  210.277037][  T296]  ? _raw_spin_unlock+0x4d/0x70
[  210.293025][  T296]  ? list_lru_del+0x295/0x2d0
[  210.297712][  T296]  evict_inodes+0x642/0x6d0
[  210.302239][  T296]  ? clear_inode+0x150/0x150
[  210.303164][ T3685] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  210.306698][  T296]  generic_shutdown_super+0x97/0x330
[  210.330074][ T3685] SELinux: security_context_str_to_sid(system_u) failed for (dev loop4, type ext4) errno=-22
[  210.334123][  T296]  kill_block_super+0x7e/0xe0
[  210.344576][  T296]  kill_f2fs_super+0x2f9/0x3c0
[  210.349291][  T296]  ? f2fs_mount+0x40/0x40
[  210.354951][  T296]  ? unregister_shrinker+0x23c/0x2d0
[  210.360258][  T296]  deactivate_locked_super+0xad/0x110
[  210.365556][  T296]  deactivate_super+0xbe/0xf0
[  210.370327][  T296]  cleanup_mnt+0x45c/0x510
[  210.374729][  T296]  __cleanup_mnt+0x19/0x20
[  210.379216][  T296]  task_work_run+0x129/0x190
[  210.383669][  T296]  exit_to_user_mode_loop+0xc4/0xe0
[  210.388700][  T296]  exit_to_user_mode_prepare+0x5a/0xa0
[  210.393957][  T296]  syscall_exit_to_user_mode+0x26/0x160
[  210.399384][  T296]  do_syscall_64+0x47/0xb0
[  210.403589][  T296]  ? clear_bhb_loop+0x35/0x90
[  210.414126][  T296]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  210.419951][  T296] RIP: 0033:0x7fca470f7b77
[  210.424102][  T296] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  210.443723][  T296] RSP: 002b:00007ffcd1ed3018 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  210.458273][ T3687] loop5: detected capacity change from 0 to 512
[  210.464365][  T296] RAX: 0000000000000000 RBX: 00007fca47169824 RCX: 00007fca470f7b77
[  210.472354][  T296] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcd1ed30d0
[  210.480224][  T296] RBP: 00007ffcd1ed30d0 R08: 0000000000000000 R09: 0000000000000000
[  210.488692][  T296] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcd1ed4150
[  210.496495][  T296] R13: 00007fca47169824 R14: 000000000003320c R15: 00007ffcd1ed4190
[  210.504398][  T296]  </TASK>
[  210.507170][  T296] ---[ end trace 5cc11a1b5fef5646 ]---
[  210.539464][ T3687] EXT4-fs error (device loop5): ext4_do_update_inode:5205: inode #3: comm syz.5.854: corrupted inode contents
[  210.558129][  T296] ==================================================================
[  210.558121][ T3687] EXT4-fs error (device loop5): ext4_dirty_inode:6041: inode #3: comm syz.5.854: mark_inode_dirty error
[  210.570639][ T3696] device pim6reg1 entered promiscuous mode
[  210.576954][  T296] BUG: KASAN: use-after-free in _raw_spin_lock+0x97/0x1b0
[  210.576986][  T296] Write of size 4 at addr ffff888139fe5b78 by task syz-executor/296
[  210.588213][ T3687] EXT4-fs error (device loop5): ext4_do_update_inode:5205: inode #3: comm syz.5.854: corrupted inode contents
[  210.589538][  T296] 
[  210.589547][  T296] CPU: 1 PID: 296 Comm: syz-executor Tainted: G        W         5.15.169-syzkaller-00085-g548ca9fbf844 #0
[  210.602885][ T3687] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #3: comm syz.5.854: mark_inode_dirty error
[  210.608806][  T296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  210.608822][  T296] Call Trace:
[  210.608829][  T296]  <TASK>
[  210.608838][  T296]  dump_stack_lvl+0x151/0x1c0
[  210.608867][  T296]  ? io_uring_drop_tctx_refs+0x190/0x190
[  210.623645][ T3687] EXT4-fs error (device loop5): ext4_acquire_dquot:6188: comm syz.5.854: Failed to acquire dquot type 0
[  210.633027][  T296]  ? __wake_up_klogd+0xd5/0x110
[  210.633059][  T296]  ? panic+0x760/0x760
[  210.633083][  T296]  print_address_description+0x87/0x3b0
[  210.633110][  T296]  kasan_report+0x179/0x1c0
[  210.688144][  T296]  ? _raw_spin_lock+0x97/0x1b0
[  210.692737][  T296]  ? _raw_spin_lock+0x97/0x1b0
[  210.697345][  T296]  kasan_check_range+0x293/0x2a0
[  210.702110][  T296]  __kasan_check_write+0x14/0x20
[  210.706882][  T296]  _raw_spin_lock+0x97/0x1b0
[  210.711310][  T296]  ? _raw_spin_trylock_bh+0x190/0x190
[  210.716521][  T296]  ? _raw_spin_lock+0xa4/0x1b0
[  210.721124][  T296]  ? _raw_spin_trylock_bh+0x190/0x190
[  210.726334][  T296]  ? remove_wait_queue+0x140/0x140
[  210.731274][  T296]  igrab+0x20/0xa0
[  210.734830][  T296]  f2fs_sync_inode_meta+0x14d/0x2a0
[  210.739968][  T296]  f2fs_write_checkpoint+0xab4/0x1fb0
[  210.745194][  T296]  ? f2fs_get_sectors_written+0x500/0x500
[  210.750725][  T296]  ? rwsem_write_trylock+0x153/0x340
[  210.755846][  T296]  ? __kasan_check_write+0x14/0x20
[  210.760805][  T296]  ? mutex_unlock+0xb2/0x260
[  210.765221][  T296]  f2fs_issue_checkpoint+0x31b/0x4d0
[  210.770346][  T296]  ? f2fs_destroy_checkpoint_caches+0x30/0x30
[  210.776241][  T296]  ? sync_inodes_sb+0x7cd/0x8b0
[  210.780930][  T296]  ? try_to_writeback_inodes_sb+0xc0/0xc0
[  210.786484][  T296]  f2fs_sync_fs+0x186/0x2f0
[  210.790823][  T296]  sync_filesystem+0x1cf/0x250
[  210.795421][  T296]  f2fs_quota_off_umount+0x20e/0x220
[  210.800543][  T296]  ? f2fs_drop_inode+0xa20/0xa20
[  210.805317][  T296]  f2fs_put_super+0xb9/0xc10
[  210.809746][  T296]  ? f2fs_drop_inode+0xa20/0xa20
[  210.814521][  T296]  ? __fsnotify_vfsmount_delete+0x20/0x20
[  210.820070][  T296]  ? clear_inode+0x150/0x150
[  210.824495][  T296]  ? fscrypt_destroy_keyring+0x287/0x2a0
[  210.829968][  T296]  ? f2fs_drop_inode+0xa20/0xa20
[  210.834740][  T296]  generic_shutdown_super+0x14f/0x330
[  210.839954][  T296]  kill_block_super+0x7e/0xe0
[  210.844463][  T296]  kill_f2fs_super+0x2f9/0x3c0
[  210.849061][  T296]  ? f2fs_mount+0x40/0x40
[  210.853769][  T296]  ? unregister_shrinker+0x23c/0x2d0
[  210.859007][  T296]  deactivate_locked_super+0xad/0x110
[  210.864170][  T296]  deactivate_super+0xbe/0xf0
[  210.868762][  T296]  cleanup_mnt+0x45c/0x510
[  210.873017][  T296]  __cleanup_mnt+0x19/0x20
[  210.877269][  T296]  task_work_run+0x129/0x190
[  210.881694][  T296]  exit_to_user_mode_loop+0xc4/0xe0
[  210.886730][  T296]  exit_to_user_mode_prepare+0x5a/0xa0
[  210.892020][  T296]  syscall_exit_to_user_mode+0x26/0x160
[  210.897401][  T296]  do_syscall_64+0x47/0xb0
[  210.901656][  T296]  ? clear_bhb_loop+0x35/0x90
[  210.906167][  T296]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  210.911897][  T296] RIP: 0033:0x7fca470f7b77
[  210.916149][  T296] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  210.935764][  T296] RSP: 002b:00007ffcd1ed3018 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  210.944008][  T296] RAX: 0000000000000000 RBX: 00007fca47169824 RCX: 00007fca470f7b77
[  210.951818][  T296] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcd1ed30d0
[  210.959632][  T296] RBP: 00007ffcd1ed30d0 R08: 0000000000000000 R09: 0000000000000000
[  210.967441][  T296] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcd1ed4150
[  210.975254][  T296] R13: 00007fca47169824 R14: 000000000003320c R15: 00007ffcd1ed4190
[  210.983073][  T296]  </TASK>
[  210.985930][  T296] 
[  210.988102][  T296] Allocated by task 3666:
[  210.992271][  T296]  __kasan_slab_alloc+0xb1/0xe0
[  210.996950][  T296]  slab_post_alloc_hook+0x53/0x2c0
[  211.001985][  T296]  kmem_cache_alloc+0xf5/0x200
[  211.006584][  T296]  f2fs_alloc_inode+0x26/0x340
[  211.011184][  T296]  new_inode_pseudo+0x64/0x220
[  211.015786][  T296]  new_inode+0x28/0x1c0
[  211.019779][  T296]  f2fs_new_inode+0x10e/0x1410
[  211.024379][  T296]  f2fs_create+0x178/0x1510
[  211.028806][  T296]  path_openat+0x13a8/0x2f40
[  211.033238][  T296]  do_filp_open+0x21c/0x460
[  211.037573][  T296]  do_sys_openat2+0x13f/0x820
[  211.042091][  T296]  __x64_sys_openat+0x243/0x290
[  211.046774][  T296]  x64_sys_call+0x6bf/0x9a0
[  211.051117][  T296]  do_syscall_64+0x3b/0xb0
[  211.055363][  T296]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  211.061109][  T296] 
[  211.063267][  T296] Freed by task 296:
[  211.067001][  T296]  kasan_set_track+0x4b/0x70
[  211.071421][  T296]  kasan_set_free_info+0x23/0x40
[  211.076196][  T296]  ____kasan_slab_free+0x126/0x160
[  211.081144][  T296]  __kasan_slab_free+0x11/0x20
[  211.085741][  T296]  slab_free_freelist_hook+0xbd/0x190
[  211.090950][  T296]  kmem_cache_free+0x116/0x2e0
[  211.095548][  T296]  f2fs_free_inode+0x24/0x30
[  211.099974][  T296]  i_callback+0x4b/0x70
[  211.103966][  T296]  rcu_do_batch+0x57a/0xc10
[  211.108306][  T296]  rcu_core+0x517/0x1020
[  211.112382][  T296]  rcu_core_si+0x9/0x10
[  211.116377][  T296]  handle_softirqs+0x25e/0x5c0
[  211.120979][  T296]  __irq_exit_rcu+0x52/0xf0
[  211.125320][  T296]  irq_exit_rcu+0x9/0x10
[  211.129402][  T296]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  211.134862][  T296]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  211.140682][  T296] 
[  211.142849][  T296] Last potentially related work creation:
[  211.148404][  T296]  kasan_save_stack+0x3b/0x60
[  211.152916][  T296]  __kasan_record_aux_stack+0xd3/0xf0
[  211.158123][  T296]  kasan_record_aux_stack_noalloc+0xb/0x10
[  211.163766][  T296]  call_rcu+0x123/0x10b0
[  211.167846][  T296]  evict+0x87d/0x930
[  211.171576][  T296]  evict_inodes+0x642/0x6d0
[  211.175918][  T296]  generic_shutdown_super+0x97/0x330
[  211.181044][  T296]  kill_block_super+0x7e/0xe0
[  211.185558][  T296]  kill_f2fs_super+0x2f9/0x3c0
[  211.190152][  T296]  deactivate_locked_super+0xad/0x110
[  211.195359][  T296]  deactivate_super+0xbe/0xf0
[  211.199872][  T296]  cleanup_mnt+0x45c/0x510
[  211.204125][  T296]  __cleanup_mnt+0x19/0x20
[  211.208378][  T296]  task_work_run+0x129/0x190
[  211.212802][  T296]  exit_to_user_mode_loop+0xc4/0xe0
[  211.217836][  T296]  exit_to_user_mode_prepare+0x5a/0xa0
[  211.223143][  T296]  syscall_exit_to_user_mode+0x26/0x160
[  211.228514][  T296]  do_syscall_64+0x47/0xb0
[  211.232763][  T296]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  211.238493][  T296] 
[  211.240661][  T296] The buggy address belongs to the object at ffff888139fe5af0
[  211.240661][  T296]  which belongs to the cache f2fs_inode_cache of size 1424
[  211.255072][  T296] The buggy address is located 136 bytes inside of
[  211.255072][  T296]  1424-byte region [ffff888139fe5af0, ffff888139fe6080)
[  211.268264][  T296] The buggy address belongs to the page:
[  211.273741][  T296] page:ffffea0004e7f800 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888139fe2460 pfn:0x139fe0
[  211.285103][  T296] head:ffffea0004e7f800 order:3 compound_mapcount:0 compound_pincount:0
[  211.293259][  T296] flags: 0x4000000000010200(slab|head|zone=1)
[  211.299168][  T296] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888107fb3200
[  211.307591][  T296] raw: ffff888139fe2460 0000000080150010 00000001ffffffff 0000000000000000
[  211.315999][  T296] page dumped because: kasan: bad access detected
[  211.322254][  T296] page_owner tracks the page as allocated
[  211.327800][  T296] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 2572, ts 144065161100, free_ts 141547760661
[  211.349243][  T296]  post_alloc_hook+0x1a3/0x1b0
[  211.353839][  T296]  prep_new_page+0x1b/0x110
[  211.358179][  T296]  get_page_from_freelist+0x3550/0x35d0
[  211.363564][  T296]  __alloc_pages+0x27e/0x8f0
[  211.367987][  T296]  new_slab+0x9a/0x4e0
[  211.371890][  T296]  ___slab_alloc+0x39e/0x830
[  211.376317][  T296]  __slab_alloc+0x4a/0x90
[  211.380483][  T296]  kmem_cache_alloc+0x134/0x200
[  211.385170][  T296]  f2fs_alloc_inode+0x26/0x340
[  211.389773][  T296]  iget_locked+0x174/0x860
[  211.394025][  T296]  f2fs_iget+0x55/0x4fe0
[  211.398122][  T296]  f2fs_fill_super+0x6783/0x8190
[  211.402876][  T296]  mount_bdev+0x282/0x3b0
[  211.407043][  T296]  f2fs_mount+0x34/0x40
[  211.411034][  T296]  legacy_get_tree+0xf1/0x190
[  211.415548][  T296]  vfs_get_tree+0x88/0x290
[  211.419800][  T296] page last free stack trace:
[  211.424333][  T296]  free_unref_page_prepare+0x7c8/0x7d0
[  211.429608][  T296]  free_unref_page+0xe8/0x750
[  211.434123][  T296]  __free_pages+0x61/0xf0
[  211.438298][  T296]  __free_slab+0xec/0x1d0
[  211.442454][  T296]  __unfreeze_partials+0x165/0x1a0
[  211.447399][  T296]  put_cpu_partial+0xc4/0x120
[  211.451915][  T296]  __slab_free+0x1c8/0x290
[  211.456167][  T296]  ___cache_free+0x109/0x120
[  211.460681][  T296]  qlink_free+0x4d/0x90
[  211.464671][  T296]  qlist_free_all+0x44/0xb0
[  211.469012][  T296]  kasan_quarantine_reduce+0x15a/0x180
[  211.474305][  T296]  __kasan_slab_alloc+0x2f/0xe0
[  211.478996][  T296]  slab_post_alloc_hook+0x53/0x2c0
[  211.483954][  T296]  __kmalloc+0x11e/0x270
[  211.488018][  T296]  inotify_handle_inode_event+0x17f/0x4b0
[  211.493574][  T296]  inotify_ignored_and_remove_idr+0x29/0x70
[  211.499305][  T296] 
[  211.501471][  T296] Memory state around the buggy address:
[  211.506944][  T296]  ffff888139fe5a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
[  211.514842][  T296]  ffff888139fe5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fa fb
[  211.522745][  T296] >ffff888139fe5b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  211.530637][  T296]                                                                 ^
[  211.538448][  T296]  ffff888139fe5b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  211.546358][  T296]  ffff888139fe5c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  211.554244][  T296] ==================================================================
[  211.562141][  T296] Disabling lock debugging due to kernel taint
[  211.588547][ T3687] EXT4-fs (loop5): 1 orphan inode deleted
[  211.596377][ T3687] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  211.607778][ T3687] ext4 filesystem being mounted at /111/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  211.663962][ T3690] loop1: detected capacity change from 0 to 40427
[  211.708489][ T3690] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  211.720609][ T3690] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  211.735513][ T3690] F2FS-fs (loop1): invalid crc value
[  211.742240][ T3690] F2FS-fs (loop1): Found nat_bits in checkpoint
[  211.787451][ T3690] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  211.794504][ T3690] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  211.838224][ T3690] attempt to access beyond end of device
[  211.838224][ T3690] loop1: rw=0, want=77832, limit=40427
[  212.075217][ T2017] attempt to access beyond end of device
[  212.075217][ T2017] loop1: rw=1, want=45104, limit=40427