last executing test programs:

1m19.694486168s ago: executing program 4 (id=2380):
syz_io_uring_setup(0x1eb1, &(0x7f0000000480)={0x0, 0x300000, 0x400, 0xfffffffe}, &(0x7f0000000080), &(0x7f0000000040))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000240), 0x36, 0xcc800)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
get_robust_list(0x0, &(0x7f0000000500)=0x0, 0x0)

1m18.298575159s ago: executing program 4 (id=2383):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x190, 0x168, 0x10, 0x388, 0xb, 0x388, 0x250, 0x250, 0x388, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [0xff6a], [0xff], 'ip6gretap0\x00', 'veth1_to_hsr\x00', {}, {0xff}, 0x3a, 0xb6, 0x0, 0x20}, 0x6000000, 0x128, 0x190, 0x0, {0x0, 0x28e}, [@inet=@rpfilter={{0x28}, {0x1}}, @common=@inet=@hashlimit1={{0x58}, {'netdevsim0\x00', {0x0, 0x0, 0x3ff, 0x1, 0xfffffffc, 0x10000, 0x80000001}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x10000, '\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x1f8, 0x0, {}, [@common=@eui64={{0x28}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:usb_device_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8)
timerfd_create(0x9, 0x0)
close(0xffffffffffffffff)
socketpair(0x2c, 0x3, 0x8, &(0x7f0000000180))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)

1m17.314184334s ago: executing program 4 (id=2394):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000540)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f0000000340)=@id={0x1e, 0x3, 0x2, {0x4e23, 0x4}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r4, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, &(0x7f0000000480)=[{&(0x7f0000000180)="f7", 0x101d0}], 0x1}, 0x0) (fail_nth: 2)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r5, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x200000000000003e, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r6, 0x11b, 0x2, &(0x7f0000000000)=0x800, 0x4)

1m15.166196216s ago: executing program 4 (id=2398):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x26, 0x75c, &(0x7f0000000b00)="$eJzs3M1rHGUYAPBnJtmkTaMbQfDjIEILFko3SXNpT40Xb4VCwWsNySSETLIhu6ndWLD1LNTmoiCIePboVSj1D/AmBQXvgmiNB/GyMptNatNsum3Srqa/H0z3eefjfd6nO7zsQN4J4Ln1ZvFPEjEcERcjotzen0bEQCs6EnF987yNe9emiy2JZvPSb0lxWWw0y9t9Je3PY9G6JF6NiDuliFMfPZy31lhbmMrzbKXdHq0vLo/WGmtD84tTc9lctjQ+cW7s7MTE2bGJR9bwSpe1nnj33NFb37+zvv7DN/Wbb/SfTmKyVXe0a+uym8ey+X9Siskd+5eeRrIeSno9AAAAulL8zu+LiP7Wr9Ry9LUiAAAA4DBpDjYBAACAQy+JPQ4e2esgAAAA8P+w9XcAW2t7n9Y62E5+fTsiRnbL399aQxxxJEoRMbSRPLAyIdm8DPbl+o2IuD258/77qrjDru+z77Ed7QfXSA/ss3cOwu1i/pncbf5Jt+ef2GX+6d96d8I+dZ7/7ufv6zD/Xewyx7dfvFbqmP9GxOv9u+VPtvMnHfK/12X+m+sf33rUObvl/3eurfdDnH74/RCTs/P5nq8fuPP3ybudjhX1D3XK3+q1c/3LXdRe+GDjj4VOc0mR/+Txvb//3fIX98Qn7XGkEXGr/Vm013fkOL7443d71T8T0XyS7//LLuv/+evBq12eCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC1pRAxHkla24zStVCKORcTLMZTm1Vr91Gx1dWmmOBYxEqV0dj7PxiKivNlOivZ4K77fPrOjPRERL/10dDPpfJ5Vpqv5TK+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNuxiBiOJK1ERBoRf5bTtFKJ6O/i2sFnMD4AAADggIz0egAAAADAU+f5HwAAAA6/J33+Tw54HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMChdvHChWJrbty7Nl20Z640VheqV07PZLWFyuLqdGW6urJcmatW5/KsMl1dfFR/ebW6PH4uVq+O1rNafbTWWLu8WF1dql+eX5yayy5npWdSFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI9ruLUlaSUi0lacppVKxAsRMRKlZHY+z8Yi4sWIuFsuDRbt8V4PGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgANXa6wtTOV5tiIQCJ5Z8GFE/AeGsUfQ65kJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBeqDXWFqbyPFup9XokAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fb6SxIRxfZW+cTwjoN9A8lf5SIYiIj3P7/06dWpen1lPGIg+X17f/2z9v4zPSkAAAAAngfnH+fkref0red4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAbtUaawtTeZ6t7C84H421ZtLhnF7XCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJl/AgAA///CK8Nb")
chdir(&(0x7f00000001c0)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x82400, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000a80)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
sched_getattr(0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
socket(0x400000000010, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$FS_IOC_MEASURE_VERITY(r0, 0xc0046686, &(0x7f00000003c0)={0x1})
r4 = syz_clone(0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
ptrace$getregset(0x4204, r4, 0x202, &(0x7f0000000100)={&(0x7f0000000140)=""/12, 0x30})

1m12.938476719s ago: executing program 4 (id=2417):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)

1m12.694755712s ago: executing program 4 (id=2418):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000003"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="a90303000000000000003200000008004001"], 0x1c}}, 0x4004050)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
fchdir(r6)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x2, 0xc}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0, 0x0, 0x0, 0x0, 0x9}}, &(0x7f0000000280)='syzkaller\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x94)
r10 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r10, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r10, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
connect$inet(r10, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10)
sendmmsg$inet(r10, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0)
setsockopt$inet_msfilter(r10, 0x0, 0x29, 0x0, 0x0)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000200)={r9, r7}, 0xc)
r11 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
setsockopt$sock_attach_bpf(r10, 0x1, 0x32, &(0x7f0000000180)=r8, 0x4)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x6c, r11, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x2a, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x4, @mcast2, 0x8081}}}}]}]}, 0x6c}}, 0x0)

1m12.550927295s ago: executing program 32 (id=2418):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000003"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="a90303000000000000003200000008004001"], 0x1c}}, 0x4004050)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
fchdir(r6)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x2, 0xc}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0, 0x0, 0x0, 0x0, 0x9}}, &(0x7f0000000280)='syzkaller\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x94)
r10 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r10, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r10, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
connect$inet(r10, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10)
sendmmsg$inet(r10, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0)
setsockopt$inet_msfilter(r10, 0x0, 0x29, 0x0, 0x0)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000200)={r9, r7}, 0xc)
r11 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
setsockopt$sock_attach_bpf(r10, 0x1, 0x32, &(0x7f0000000180)=r8, 0x4)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x6c, r11, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x2a, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x4, @mcast2, 0x8081}}}}]}]}, 0x6c}}, 0x0)

6.951042806s ago: executing program 2 (id=2824):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4)
connect$inet6(r0, &(0x7f0000000e40)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup3(r0, r1, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000001f00)=""/4106, 0xfffffffffffffccb, 0x0, 0x0}, &(0x7f0000000080)=0x40)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x48}, &(0x7f00000004c0)=0x40)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00')
read$FUSE(r2, &(0x7f0000002640)={0x2020}, 0x2020)
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=<r4=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYRESOCT=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r7, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r9}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r8}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="620ac4ff000000067110b30000000000950000e3911d0000"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r6}, 0x10)

6.927042736s ago: executing program 2 (id=2825):
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000011000000850000001500000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0857f9f582f0300000000001000", 0x0, 0x2e00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)

6.858253327s ago: executing program 2 (id=2827):
request_key(0x0, 0x0, 0x0, 0xfffffffffffffffd)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0x3ff)
r4 = gettid()
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x0, 0x0, @pic={0x4, 0x8, 0x1e, 0x7f, 0x4, 0x2f, 0x9e, 0xf3, 0x1, 0xd4, 0x9, 0x3, 0xd, 0x6, 0x14}})
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
prlimit64(r4, 0xa, 0x0, &(0x7f00000001c0))
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/81, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000e40))
ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1, r3})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r8}, 0x38)

5.884541412s ago: executing program 2 (id=2835):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x190, 0x168, 0x10, 0x388, 0xb, 0x388, 0x250, 0x250, 0x388, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [0xff6a], [0xff], 'ip6gretap0\x00', 'veth1_to_hsr\x00', {}, {0xff}, 0x3a, 0xb6, 0x0, 0x20}, 0x6000000, 0x128, 0x190, 0x0, {0x0, 0x28e}, [@inet=@rpfilter={{0x28}, {0x1}}, @common=@inet=@hashlimit1={{0x58}, {'netdevsim0\x00', {0x0, 0x0, 0x3ff, 0x1, 0xfffffffc, 0x10000, 0x80000001}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x10000, '\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x1f8, 0x0, {}, [@common=@eui64={{0x28}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:usb_device_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8)
timerfd_create(0x9, 0x0)
close(0xffffffffffffffff)
socketpair(0x2c, 0x3, 0x8, &(0x7f0000000180))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)

4.888087277s ago: executing program 2 (id=2843):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f00000003c0)={0x1c, r3, 0x62c21a4ade68aba1, 0x80000000, 0x0, {{0x32}, {@val={0x8, 0x1, 0x78}, @void, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4051}, 0x4)
getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000300))
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
close_range(r8, 0xffffffffffffffff, 0x0)

3.502789567s ago: executing program 2 (id=2848):
fsopen(0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x7c, 0x0, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000d7dda4108911930800000102030109022400020000000009046802006e02c0000904680001253e5300090508"], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0f00000004000000e27fffff0000000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0044099a286174b515c83d305ca2fb000000000000000000000000000000000080000000800000000000294a12dd51eac469ce758ed009df3fdb9373ffff04f2b498fee5daab7a3c716795"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x40000002}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r7, &(0x7f0000000440)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r7, 0xa)
r8 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r8, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
r9 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r9, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
close_range(r4, r8, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x17, 0x3, &(0x7f0000000080)=ANY=[@ANYRES64=r6], 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r10, 0x0)
madvise(&(0x7f00003fd000/0x3000)=nil, 0x3000, 0x4)
r11 = fsopen(0x0, 0x0)
dup3(r10, r11, 0x0)

3.260265691s ago: executing program 3 (id=2853):
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, 0x0, &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000004080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="14000000000000000100000001000000"], 0x18}}], 0x1, 0x0)
dup3(r4, r3, 0x0)

3.246491961s ago: executing program 3 (id=2854):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000380)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000018bbdecde39739fcd1df176dde746ec834120600000000003b814e50a959736d6572462abc30ef5b65c70f73ecea54b5e5bea9836c319f653557e79a002208ce996dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e3686873600000000005493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1034e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc36160191acf5ae7469c82ab4145b595b987d75912a0fcd1c061835294cc0c618aba204f8adaa20c80108d356cd88cc86177056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6020d90ea79b8027cf75964dd86c2ed2b5e75779677aa8c76b848dd03dab190b5f02ec52830a17b01eaae1c3df076000000000000000000000000000083a48a6b926c668b9b90195018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac0111701b125cc6799c43aa4ff708dc4a00a6decad26f0378072a571da000000b1a6bdf03fd56697e348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0df04f20020ee84075b4e1a2ad43d1be1138de4668e7b6137545708790c501f1ed7f6a571d500000000000000"], 0x25, 0x5594, &(0x7f0000006a80)="$eJzs3L1vG2UYAPDnnKbflAgxsPWkCimRaqtOPwQTBVrxIVpVfAxM4Niu5db2RbHrhEwdGBED/wkCiYmRv4EBRtgQA4gNCeS7CzRtA23jOGr7+0nn5+7x6+fe92RFeu4iB/DUWkj/+C2JE3EkIuYi4ngS+X5SbhG3Iy4WY1+IiJMRUbljS8r8P4mDEXE0Ik5Mihc1k/KtL06PT53/9e3fv/3+0IFjX37zw74uHNhXL0ZEf7XYX+8XMesU8UaZb4y7eeyfG5dxdVuNflbk19sreYX1xta4Rh7Pdorx2eqt4SRe7zWak9jpXs/zq4PihMNxZ6vO5APpjcZaftxqr+SxO8zy2NkszruxWfxt2xyOijqtst4nefkYjbZikW9vtIv1rN7MY3MwKvNF3azV3pjEcRnL00Uz67Xyeaw84kV+DLzTHdzaSMfttWE3G6Tna/WXavUL1fpa1mqP2ueqjX7rwrl0sdObDKuO2o3+xU6WdXrtWjPrL6WLnWazWq+ni5faK93GIK3Xa2drZ6rnl8q90+kbVz9Ie610cRJf6w5ujbq9YXo9W0uLTyyly7WzLy+lp+rpe1eupdfevXz5yrX3P7r04dVXr7z1ejnonmmli8tnlper9TPV5frSU7T+T8tJP8T6k/unf/pxd5cNCjt8wQDY2T39f9zd/4f+H5i63fT//Zvl8d70//Eg/X9Ms/+ftFT6///vfysP1f+emEr/Ox/6/z1cP+zKo/X/B6c+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZu7n+a/ezHcWiuNjZf6ZMvVceZxERCUi/rqPuTi4reZcWWd+h/Hzd83huyTyCpNzHCq3oxFxsdz+fHavrwIAAAA8ub6+ffLzolsvXhb2e0LMUnHTpnL84ynVSyJifuGXKVWrTF6en1Kx/Pt9IDamVC2/gXV4SsWKW24HplXtgcxtC4fvCEkRKjOdDgAAMBPbO4HZdiEAAADM0mf/+e4rM5sHM5bE1qPMrWfB+X/e//tA8Mi29wAAAIDHULLfEwAAAAD2XN7/+/0/AAAAeLIVv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwNzv3k5s2EMUB+Nlg6F8VVd33Kt3BMXqELrssHKCX4Aj0Cr0AZyBSFjlCBBH2BMkJSJEY4wR9n2Q7M45+ngE2bywNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXbqpVrN/f77/PTdnuztPntkAAAAAx2yq1az+Y9K0P6b+z6nra2oXEVFGxLHafRCjVuYg5VQn/r96Mob/EXXCvn+cjg8R8SMd91+6/hQAAADgeq0Xy2lTrTentARw2++ouJBm0ab89DNTXhER1eQuU1q5P33LFFb/vofxO1NavYD1LlNYs+Q2PH5vlOshbYPW5XEm8/pLrFtlN88FAAD61K4ETlQhAAAAXIFffQ+AS3he2heH0+E947i5pBeC71stAAAA4A0q+h4AAAAA0Lm6/n9N+/8V9v8DAACA7Jr9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSplrN1ovl9NT9+Qtztrvz5JsRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAA/vzjgIhEAZhsHd9ZzL3P6w0aGhsUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9LCoRAEETBnPG/k77/YSVBzyBCBDQ8qqhFAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7NvPaxxVHADw7+5kt01VjFECRqVCD3qx6ba29iqiBA/+CUJINzW6tdrmYEuw5uJNcu5F9CKICEq85X/ouYFe6q2HHCJ48hCZ2Zl0NlmbENuZJP184O377uzr+7VLyXffLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFBYfzdebeZxkj6M9ePi2t2Nxdm0XttWp1aX702mJY0bFc/7EHit/OTkRH0TAQAA4Kh4btcWSZHfR8T91sp0WjfHsvy/VbRJc/4f8q6KfH573r+2sXg8f2myyP//+P3BS1sDjSXZOGmnc/O97pmdUxnZ9zIPued3bTGS7Xz23UuSvSHND5deXG9l+9n47s6d99tZeKyK2QIA+3G6qPOg+HsorTt1TgyAp8ZIKfEu8v9krN45AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFRhfSmeKeJGREyOPIxTaxuLs8Pqb5bvTa7m5cLt28vlPtMuWhExN9/rnqlwLQdXsZs3P5vp9brXrt+oOjgZEUNeurW3f57k0//PNu2IGLhy6uUh/Xy8h7G29bMjyD+eUe0ejqbr27VxY+BKY8eGv7fZV8cHoKqgmb8/T2KI0crf98Gg+Ow9/p4r/u8IAIAjr5WXNBO931qZTq81xiM2fxzM/98oxTGQ92/e6l/pP18t5f8PPrlwtzxWOf/vVLS+w2Bq4coXU9dv3Hxr/srM5e7l7udvn+280zl38fz5i1PZdyVTc9H0jQkAAAD/Qzsv5fy/Ob7z/P9EKY5HnP/3j4T7+f+X33e+Lo+VyP+HenjoV/dMAAAAnkbtreiF1//+qzGkRaPdjq9mFhaudfqPW8/P9h8rne4+HctLOf9PxuueFQAAAFCF9aXGwPn/pVIcjzj/L9///+zPr/xa7jOJiNGIqxHRPT17tXepuuUcaIM/+v0peRI/VM4Gate9UgAAAOoympfy+X8ru/+/uXXLQzMi3jwV8U/+G/7YY/6ffPDtL+Wxyvf/n6t0lQdPc6K/H1k9ETEyUfeMAAAAOMqO5yVN9v9srUx/+tuJj9ru/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACo2r8BAAD//yHlK8g=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffffff000}], 0x5, 0x0, 0x0)

3.236015972s ago: executing program 5 (id=2855):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000340)=ANY=[@ANYBLOB="f0000000100013070000000000000000fc020000000000000000000000000000fe8000000000000000000000000000100004000000000000000000202c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe"], 0xf0}, 0x1, 0xe}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xffffffff)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000580)=0x1)
socketpair(0x21, 0x6, 0x5, &(0x7f0000000080))
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0500000004000000df7f00000100000000000000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="55afd104275aa21608380a6b706dbc5e5dfc3561ffda05cea81624b5cc46385a65bb750eb6fba75b6c4d3bd9375b32924132b8a70b320aa1d27a7b97a9cdba642a5c725270544765fd9c76299b74a2ada1c5ae67062ea8f0f7d597500f86a79b2ff03b1e10a629f8392f5136195c9489b0b67b4c6ae56af52d11f2fb778faf62316960ec03e20878f6dbc189ced0da3b350804aa790ba9102b183a76fb83c047f07d5744c62cc8ea26bca071915f0b7f790f3b9a6394560e1897641eea1377e36e3ce7c35b15fa7099bdd8cd5a914ca5c0657fdb2524ed92bc1887745473b9b5fe938e0aee8b3a328c7870c59fd3e3b334b3942f65f43967073f8842c12b7ee3e2560d5710da2c3ecb9616cf7ea896a3bb83ba111463a6b62059991dcc2289939267e20543c8ae15115c62e04be9e741a3f12336936c17404bff44ca27c5c8bd692c8b3fa0f4afbe29b89f74e90718b50a041a5ae5fa8bf8b9b5ed3ba9b26f59c5c95540d7df04359768a5e936c23fb8bba8ef055e111b12d32bb9f86df04a521b2d759539d5ddeba535132daa7afcb3a1ae9b8171f1c08a4ef4cc1ae95a197d6e2c0fffbce4190b734d1e273e1fdd204f397ff6cdae84dec2b5da45c3ce1112273267071dd373a5250b7861d24fae24e3fda88e6846c002c9d49ecc0ddf6c2efb7d0f1a18b99cc02ada7584b966ced16780cd6523a67e979f397e296afca7b1d4b1c3b73f1c864cb083c7f0256280a9f1bd7b81843ab4371d79f470cae1c5966bc30f8a6be8da60065afd26f72fcfa3520c6890e745c9f92f02b1735c0ecd85fe11972fb1fd7ff19bedc6d7dfd4137e7d3d8f15234159624203e66c237e266d65dc0841b488119331c3205ea86510cc56fa2a541addaead4cbc1d71306f1da47330b6a601056d87600e04f0549f828c84d3d481c84476af6621cdbdfa64df260f14010cd6b957be26c51d688e8b08ba431d93152d65d411e10b9e2eade5bb0c118b588f9df7a7be0d14ecf4a15857c2c9a27fd1ec88c8a1b71706eff181b1e08e43e9ac7171beb6dd8b5d6c9de81aa23600288825c1c9c7d86451710879aebf4fbfc49391ec91a45440aa0f88757c20c1104b274c962a9fe414a1b2039c45efe6d980d6977fab4df4f6464f01168686fcea9e34af597b97788ece5299b1e5ce36e117571b22775672a0c750473fc101399341fc23ea658631242f87035eb7f5d48a949fef4f7f25f859d36514ba21e2f120ed1da45a3e31eccae1ed8131f8a33438006e1dc9f3bf09af9d685b18b0c096976749121846b986a4d92cb51d5debb8101375767802a0680595b6c5121aea2a2a6ee60661b110731401c61afee5cd84985d6af5329a6b7987f5d4f1ec9d76b40191b6a1b80a7ae9c60d59e4ebab72ef3e37b9a6ca736ed6cb44b16aed34528f2ac45b9d32fb0dabaaa646c6b66589ce45ffe46c3fcd3d15f78b8f91e59afef8cfb6924216ca545a2f856ede9a87a353281869fac03b4faa5c767302b2c128ec8f68e91c5782742192c2542e6e4582030b04b6ee4b19a572ee1387b867834d4e03463afd9ab9178ff0c9324deef096b2fc4b8018aa371609f91454ea8307a9b34f0c19daa3869c9eecc99e46da518ca500aa59067fbb458beaf0d81d50d54bb09cc9e7b3e7c322c2ba23f976289dafd22dc61847910ae2a64d7cb800c99bda29482536b7cfda45a44f72b934eb807fc6336b226f17f4e3d49372aa2b2bca3cc7aeed7748a4dfe72797f825430e9111a76ba792bc0f406a89edb662f966773046c4c000fe1d79d990a3883e164a14446690369b14f4f022d3c81235d2ce71a9a6615b2d494050ae48b32639754cf1ac89515f5389ead4d868462327c7355c5146d2fa05f1c361f366b14c68f5b3934f6bd63bd95adb0e60007fff603c49107b822b942977b813f209c3601b016726d20d1397d8268e3e0d58390051a7c90eb2a6fd23981743491b2babac18f12f72ee823426a39985f17a92e43ccbb4cd614d76433559b2811633d35a3c8a89021f0b2cc7f3e4092b3d36c2890b6b38382ad643132aea03ad183c06d6d57f16b8bf6f65bee8158536f4d39e77b4867355cd729fb451107dae49e1aeb580f3dc24cfff74c71c0b413b63e997c4ff543df4cf27a80fb5baab02c8c70f62196c7f565230405939367800bee2df25594e5130343f6ed5773dfdc6056336d48f2d33b89cf54203cc5160e4acca353e88172613c2a6ad1a08010c9365be9f769f071272a84c907d8ba1cf643137beab62b7562906237a3031d90b56e8b90aa6c6c516a2d3dfc1820f006944f529e99553f1009c651fa2c3a5daeef1e2983cdda8dfec2f6d62dabf661e585392f478a21faecab2585f7deb1d43fb1bfa130d55386b39f94f64587bfa23a5cb268822e6e2f5f10c506d0f7302f17fc342cc268cbb585929cedcd38e9442953bc321351a2bbf021e6173bf71d8c3b90cd392c06816fb61c4e173724a0d578f38f3d5cc9f8e9d44b1707f9c3dafd0f2045e26a3bbbe767cdba4a1556e27fd4cb6e56f158b1b1a361a307c786690f0055346623151de8e39d2affa73daf8e755f1a9d9f7a87ebb58fef463a32f7b14f540ccd4612e63cc26b7246a1255adc4104cfeeeac56d8986e8aa2ee10507e89bf493ec2da47ea78016b6e6db3b1cc45cefc78bb821ddc9894874b79401cb05941b9f33edd0fcfc93df248ef7001162ec4c3ca4bdf60046f154880b334d5c458e1b946f9a5c40a14625e02c435b9c5781e097bfb930cb575b44a75d290eda571dbb8bd304c8201e45c18df5d80a74b297fbdd09a0627dd632168db75daf726ab86de56eecde1331cef750de4a7e5157149aa866577fc33cac8c21258b6a7a4bfd8a66cc72f082917a063bc9c478f22b8fb2f3a20b0ae26f6aea6b2e7b57f592baa64f2eb46ea0b32d2f58a963a607b1627fa26e5dae6d852e307444faec4eb75959ed3578e779c5ae028fd682ac03abd4f592963996182a1c1f6decc79c70f59c7d9140d51c6c257efc0bae2484a86f68a7d2b1de734953ba935abdd432beec90cd35fae90124a0f51307d8d7d0d6e103dee84297c6527f5dc0098f50a780223c2298269c17e6717e1bd941031c07693bd13f104a4087c613e69817cf56792d1ce07c286a259d2cc17882a36559fed0eb5d0e2a7c6a0730180c138812126813a1a62560d78ae07ca928fcab53441157fff18d3ce91ec8ffdce47d48bcfc529108c43be94bbb0676dc418276bd3b0cb498bfe2f8fad12fd1a24f1d1cc0f4981a17b3efc61ad6c07801f7c8385754ac2ee666e85270671a90e503468490713233522fa8ce64ef0e13a17c57bb699bc1c7aae89749ff61c15e00b50a799a6d9902cc2ad7fcd1e57d7ff7d6597343ba1c45b0fac4929986ce0f971203d3349d93b8c49d1df5d6fc6c2cf0e59301eb83b1244bbb5ac56570ecda30e459420bdf921635109c2e657e0324ead006aab4ab73d136fc1182ebf9917d5a284aca560af4a35dcfbd5cb4b8f817dccacd6352dc1ad60cd46c345a37ef2675363026b5306f92fc8a90fbfb79569b1f3c8b0a883375546fde5ad356d7d1e1c121342ff8af899f739451179939b00f25cd00c0a44953d4719083f51a071251cb83aebb7587822a602492f7b11aef75933044f52735b72015f4cd903898bcf28e9faf15d7c9cf648ccbd5d5209398d98835e18102f1d846ce0a96004e281bbaafc291e315e3d7bf4211b50a3a82034b644c8edee29c8928b5cfdce307c454d85a62f4d4db394cd6fbf02988f13a49fb2eefbb67793c4ef628670b7b9444718a6d652a8dee3a3b0a8e38e0d3bcef469aecb0baebfe1f7b671bd7a6d5c47da82f3448ccde4725a1104ed84ce69f482f107965d67f5efe7a6d5b30819bd00e1cb2ab3778a19611c8ab9332cf55357ee8e4397d0f17f78c116361d4cd28c24de8a45b18cbebb21865a186f7f4e6fb4d59500daa72373c0018b560a2a4ab6810ffd3e5bdd4d0271d6660c4edc8ee2aa723d3da4e27040574686d877e4f1f51c85b0771b6b867078f5958d63b55a51b2905562b7b4b0259f921bf560a08bee3f99375ce057e9e8d5582d11b09e3d1cb44aef80c32494f1e2298707f350aafdb6a53b59a71594fd37aa6a0eca595f7b9c83c56d022ab4c297758333dd45299f01bdb2f0e75645be8bb7f9115d135605a92681306b5109429bff1e5f31572e0457e4d575fe73a555997124791f3c488cb31edaff59dbc0088637b521b137ad67d6d57b6327d390b0ce2a73efa792658883c2b0d983e39642547461466fe0834d6225929c892cf1ae799a256840e0322a6c572c37461c3709725e9acad987ae0e09cbaa3784864c84230a376852e0f69645038dc9eb32137bc31f373353122232619cd991a0a64ec44650754f8186a3a88a8536a440cc1309a7cd3b927211ebc8cfd0ad6775fab33b1e3889543a72191f8a3f8b942ded622d7d13a04719f0f0dd8dda67a7baaedbed6a05d08a5122cbbcacadff6e5df6680858aaabc95aa35ce9066bacae68f387315f8dbd50f03a9833d98e56354eff6774db0f24d9bbbe17398764d07e5a8a83678017f33f7a81fbd7248c9b193dec61cf1d2bfd8176ee6cc4d101a4802ea628739d53a675234ac7c10b75886a5ede4b2475be8dfa5f5e4caad09c68872b2cc279e5051c45d47c1b5141ccd45ea838ebd2a62f0ce2e2ad3c7a04ee4a70c31300aa638463874ea7f1a290fad34094eb7c3b6bc9e0ea706b9df677102d4041754b74974ed86b5f48657a20efe071619126c6855d87939b5312c88615cbe830fe87358f02e5ab12c0809f9d64d0870f996e733ca98f947f84289a2f877ee6727aefd404e31fef24a8d29a50ca170c8a2bef3333f1dd486e4217e8425c251ad9e367e0fded370f7fb4f50e7a5bcd6463181927c37b821ef07c28d7cc11eb378d37e83ccd0921d478f8dacc8476e494a3ef7c6691071ee790257fb27c5fe5422fd2e999798739c7dad5690948976fa6aae369bfe8208784ba4deac87ebd656fc1a49cd6db6ed0ea0db664f5d052ccd4d8346e5d7903654e9c038072361741d3d14e8d8443caa92b1f2b39f098dfeea34c841c86e218a515bffc0fc7780c5dfa14249c4a66dfb9877cd6f420b827e9b123d7b7a0e9f994474be296c89fb38c699e533f9f61abc5c773ce7d7f1fb34d11046807fa9329cdbf33c0cf8a6b489b550e5b1d927e7312e174751b6e9ebc506a1885f6b3f33b16720146da33372a5bb7b3d8ef3683a8405fce12eaa26d780165e6eded0fae3980a9206a7dc4df27c3435f1754385f4cd0bc90099cb21758a51824ef65664f6d503bc468d667a6eb1d9f427edce66b629170095ce12b607ccd423997da41442551946a36be7074f446d79a3214c84da67077be5380c357d4f3b46f281978e5ff488ba925f0eb5aa1d1265e5c9bef746d43e0cf98daa5ffd1307fbf331dabb0414b1f198cf00bf23c601c4a75f7bada898ec85f86bd1a3d0077bcd95f481109f3d919e6c980c5bd20ae14dde5519da6053e69c46634d894741135a28926e5cf6d8da874b048826e6a24112504126a7ef6b11c66246360843e8930418a97895b5e5e824c126c927ecbfc92df64fa8d01cba676bb67c0fb23189bbd48d99e75940a3cdcb3e1db71b7396131636d227c1194e4936aa10a1a28afaed2dccd8a91e2efe14f41b9a4cb3a963f179314c3694a6f5d74e397032632bdf8a8ca32b20fd749aa00b2214423888596a726a078d82f7b34d0485f4538cc4259a9f0b45ad7", @ANYBLOB="0000000000000000000000000000000000000000000000000000000010c33a"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000001c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

3.116720383s ago: executing program 5 (id=2856):
r0 = inotify_init1(0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x44, 0x86}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'erspan0\x00', <r7=>0x0})
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x11, 0x1a, r7, 0x1, 0x23, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x14)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r1, 0x89f8, &(0x7f00000001c0)={'erspan0\x00', &(0x7f0000000180)={'tunl0\x00', r7, 0x7, 0x700, 0xa788, 0xb, {{0x6, 0x4, 0x2, 0x20, 0x18, 0x67, 0x0, 0x1, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}, @rand_addr=0x64010102, {[@end]}}}}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000680)={'tunl0\x00', &(0x7f00000005c0)={'syztnl1\x00', <r8=>0x0, 0x10, 0x20, 0x1, 0x9, {{0x5, 0x4, 0x1, 0x1, 0x14, 0x64, 0x0, 0x81, 0x2f, 0x0, @empty, @dev={0xac, 0x14, 0x14, 0x2a}}}}})
r9 = socket$inet6(0xa, 0x80002, 0x88)
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x2810, &(0x7f0000000780)=ANY=[@ANYRESHEX=r8, @ANYRES16=r4, @ANYRES32=r9, @ANYRESOCT=r7, @ANYRES8=r5, @ANYRES64=r5, @ANYBLOB="91f451c162a5c3a1b516c077e62754c940da4d63449062c49b1853e94c33f36f2aed841787ee4f777d564a23222652356fedbb1ef34d51ea1be0b2d295b162b7b8f9ecd421b6dbbf613caf08ca5c6b27cd2eaa608498"], 0xfd, 0x1500, &(0x7f0000002e00)="$eJzs3Au0TlX3MPA511qb4+TyJLnvuebmSS6LJAklySVJkpA7CUmSJEnikFsSkpDrSXIPuaeTjvv9knvSyStJkpCQZH3jdPn8ey//3vf99//0vWf+xtjjrPnsPdee68zxnGfvPcZ5vuo2vHqjGlXqMzP8O/SvA/z5RxIAJADAIADIAQABAJTNWTZn+v4sGpP+rZOI/yUNZl7pCsSVJP3P2KT/GZv0P2OT/mds0v+MTfqfsUn/MzbpvxAZ2ux8V8uWcTd5/v//OfU/SZbP/wwB/9EO6f9/Gv0vHS39z9ik/xmb9D9jk/5nZMGVLkBcYfL+z9ik/0JkaH/4M+WN56/0M23Z/oVNCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYT4f+C8v8wAwK/jK12XEEIIIYQQQggh/jj+nStdgRBCCCGEEEIIIf73ISjQYCCATJAZEiALJMJVkBWyQXbIATG4GnLCNZALroXckAfyQj7IDwWgIIRAYIEhgkJQGOJwHRSB66EoFIPiUAIclIRScAOUhhuhDNwEZeFmKAe3QHmo8NM5090OleEOqAJ3QlWoBtWhBtwFNeFuqAX3QG24F+rAfVAX7od68ADUhwbQEB6ERtAYmkBTaAbNoQW0hFa/k5+c4+/lPwc94XnoBb0hCfpAX3gB+kF/GAADYRC8CIPhJRgCL8NQGAbD4RUYAa/CSHgNRsFoGAOvw1gYB+NhAkyESZAMb8BkeBOmwFuNs8E0mA4zYCbMgtnwNsyBuTAP3oH5sAAWQnKWxbAElsK7sAzegxR4H5bDB5AKK2AlrILVsAbWwjpYDxtgI2yCzbAFtsI22A4fwg7YCbtgN+yBvbAPPoL98DEcgE8gDT/9F/PP/TYfuiMgoEKFBg1mwkyYgAmYiImYFbNidsyOMYxhTsyJuTAX5sbcmBfzYhLmx4JYEAkJGRkLYSGMYxyLYBEsikWxOBZHhw5LYSksjTdiGSyDZbEslsNyWB4rYAW8FW/FSlgJK2NlrIJVsCpWxepYHe/Cu/BurIW1sDbWxjpYB+tiXayH9bA+1seG2BAbYSNsgk2wGTbDFtgCW2ErbI2tsQ22wXbYDttje+yAHbAjdsRO2Ak7Y2fsgl2wK3bFbtgNu+Oz+Cw+h8/h8/g89saqqg/2xb7YD/vhAByIA/FFHIwv4Uv4Mg7FYTgcX8FX8FUciWdxFI7GMTgGK6lxOB4nIKtJmIzJmBkm4xScglNxGk7DGTgTZ+FsnI1zcC7OxXdwPi7ABbgIF+ESXIpLcRm+hymYgsvxHKbiClyJq3A1rsHVuA7X4zrciJtwI27BLbgNt+GH+CHuxJ24G3fjXtyLH+FH+DF+jEMxDdPwIB7EQ3gID+NhPIJH8CgexWN4DI/jcTyBJ/AknsLTeArP4Bk8i+fwPABcwAt4ES/iJbyU/uZX6YwyKpPKpBJUgkpUiSqryqqyq+wqpmIqp8qpcqlcKrfKrfKqvCq/yq8KqoKKFClWkSqkCqm4iqsiqogqqoqq4qq4csqpUqqUKq1KqzKqjCqrblbl1C2qvKqg2rpb1a2qkmrnKqs7VBVVRVVV1VR1VUPVUDVVTVVL1VK1VW1VR9VRddX9qp7qgwOwgUrvTCM1DJuo4dhMNVctVEv1Kj6kWquR2Ea1Ve3UI2o0jsIOqrXrqB5XndR47KyeVBPwKdVVTcJu6hnVXT2reqjnVE/VxvVSvdVU7KP6qhnYT/VXA9RANQerqfSOVVcvq+cyD1PD1StqCb6qRqrX1Cg1Wo1Rr6uxapwaryaoiWqSSlZvqMnqTTVFvaWmqmlqupqhZqpZarZ6W81Rc9U89Y6arxaohWqRWqyWqKXqXbVMvadS1PtqufpApaoVaqVapVarNWqtWqfWqw1qo9qkNqstaqvaprarD9UOtVPtUrvVHrVX7VMfqf3qY3VAfaLS1KfqoPqLOqQ+U4fV5+qI+kIdVV+qY+ordVx9rU6ob9RJdUqdVt+qM+o7dVadU+fV9+qC+kFdVD+qS8or0KiV1troQGfSmXWCzqIT9VU6q86ms+scOqav1jn1NTqXvlbn1nl0XpNP59cFdEEdatJWs450IV1Yx/V1uoi+XhfVxXRxXUI7XVKX0jfo0vpGXUbfpMvqm3U5fYsuryvoih70bbqSvl1X1nfoKvpOXVVX09V1DX2Xrqnv1rX0Pbq2vlfX0ffpuvp+XU8/oOvrBrqhflA30o11E91UN9PNdQvdUrfSD+nW+mHdRrfV7fQjur1+VHfQj+mO+nHdST+hO+sndRf9lO6qn9bd9DO6u35W99A/6kva6166t07SfXRf/YLup/vrAXqgHqRf1IP1S3qIflkP1cP0cP2KHqFf1SP1a3qUHq3H6Nf1WD1Oj9cT9EQ9SSfrN/Rk/aaeot/SU/U0PV3P0DP1LD3gl5nm/RP5b/6d/CE/nX2b3q4/1Dv0Tr1L79Z79F69T+/T+/V+fUAf0Gk6TR/UB/UhfUgf1of1EX1EH9VH9TF9TB/Xx/UJfUKf1Kf09/pbfUZ/p8/qc/qc/l5f0Bf0xV9+B2DQKKONMYHJZDKbBJPFJJqrTFaTzWQ3OUzMXG1ymmtMLnOtyW3ymLwmn8lvCpiCJjRkrGETmUKmsImb60wRc70paoqZ4qaEcaakKWVu+B/n/159rUwr09q0Nm1MG9POtDPtTXvTwXQwHU1H08l0Mp1NZ9PFdDFdTVfTzXQz3U1308P0MD1NT9PL9DJJJsn0NS+Yfqa/GWAGmkHmRTPYDDZDzBAz1Aw1w81wM8KMMCPNSDPKjDJjzBgz1ow14814M9FMNMk+h5lsJpspZoqZaqaa6YNymJlmppltZps5Zo6ZZ+aZ+Wa+WWgWmsVmsVlqlpplZplJMSlmuVluUs0Ks8KsMqvMGrPGrDPrzAazwWwym8wWs8Wkmu1mu9lhdphdZpfZY/aYfWaf2W/2mwPmgEkzaeagOWgOmUPmsDlsjpgj5qg5ao6ZY+a4OW5OmBPmpDlpTpvT5ow5Y86as+a8OW8umAvmorloLplL6Zd9gQpUYAITZAoyBQlBQpAYJAZZg6xB9iB7EAtiQc4gZ5AruDbIHeQJ8gb5gvxBgaBgEAYU2ICDKCgUFA7iwXVBkeD6oGhQLCgelAhcUDIoFdwQlA5uDMoENwVlg5uDcsEtQfmgQlAxuDW4LagU3B5UDu4IqgR3BlWDakH1oEZwV1AzuDuoFdwT1A7uDeoE9wV1g/uDesEDQf2gQdAweDBoFDQOmgRNg2ZB86BF0DJo9YfO7/3ZPA+7XmHvMCnsE/YNXwj7hf3DAeHAcFD4Yjg4fCkcEr4cDg2HhcPDV8IR4avhyPC1cFQ4OhwTvh6ODceF48MJ4cRwUpgcvhFODt8Mp4RvhVPDaeH0YEY4M5wVzg7fDueEc8N54Tvh/HBBuDBcFC4Ol4T48yUxpITvh8vDD8LUcEW4MlwVrg7XhGvDdeH6cEO4MdwUbg63lB3886HhjnBnuCvcHe4J94b7wo/C/eHH4YHwkzAt/DQ8GP4lPBR+Fh4OPw+PhF+ER8Mvw2PhV+Hx8OvwRPhNeDI8FZ4Ovw3PhN+FZ8Nz4fnw+/BC+EN4MfwxvBT69Iv79I93MmQoE2WiBEqgREqkrJSVslN2ilGMclJOykW5KDflpryUl/JTfipIBSkdE1MhKkRxilMRKkJFqSgVp+LkyFEpKkWlqTSVoTJUlspSOSpH5ak8VaSKdBvdRrfT7XQH3UF30p1UjapRDapBNakm1aJaVJtqUx2qQ3WpLtWjelSf6lNDakiNqBE1oSbUjJpRC2pBragVtabW1IbaUDtqR+2pPXWgDtSROlIn6kSdqTN1oS7UlbpSN+pG3ak79aAe1JN6Ui/qRUmURH2pL/WjfjSABtAgGkSDaTANoSE0lIbScBpOI2gEjaSRNIpG0xh6ncbSOBpPE2giTaJkSqbJNJmm0BSaSlNpOk2nmTSTZtNsmkNzaB7No/k0nxbSQlpMi2kpLaVltIxSKIWW03JKpVRaSStpNa2mtbSW1tN62kgbaTNtpq20lbbTdtpBO2gX7aI9tIf20T7aT/vpAB2gNEqjg3SQDtEhOkyH6QgdoaN0lI7RMTpOx+kEnaCTdJJO02k6Q2foLJ2l83SeLtAPdJF+pEvkKcFmsYn2KpvVZrPZbQ7713Fem8/mtwVsQRva3DbPb2Ky1ha1xWxxW8I6W9KWsjf8TVzeVrAV7a32NlvJ3m4r2/I2C/zXuKa929ay99ja9l5bw971m7iOvc/WtY1tPdvU1rfNbUPb0jayjW0T29Q2s81tC9vStreP2g72MdvRPm472Sf+Jl5m37Pr7Qa70W6y++3H9rz93h6zX9kL9gfby/a2g+yLdrB9yQ6xL9uhdthvYwA7xr5ux9pxdrydYCfaSX8TT7cz7Ew7y862b9s5du7fxEvtu3a+TbEL7SK72C75KU6vKcW+b5fbD2yqXWFX2lV2tV1j19p1/7fWVXaL3Wq32X32I7vD7rS77G67x+79KU5fxwH7iU2zn9qj9kt7yH5mD9vj9oj94qc4fX3H7df2hP3GnrSn7Gn7rT1jv7Nn7bmf1p++9m/tj/aS9RYYWbFmwwFn4sycwFk4ka/irJyNs3MOjvHVnJOv4Vx8LefmPJyX83F+LsAFOWRiy8wRF+LCHOfruAhfz0W5GBfnEuy4JJfiG7g038hl+CYuyzdzOb6Fy3MFrsi38m1ciW/nynwHV+E7uSpX4+pcg+/imnw31+J7uDbfy3X4Pq7L93M9foDrcwNuyA9yI27MTbgpN+Pm3IJbcit+iFvzw9yG23I7foTb86PcgR/jjvw4d+InuDM/yV34Ke7KT3M3foa787Pcg5/jnvw89+LenMR9uC+/wP24Pw/ggTyIX+TB/BIP4Zd5KA/j4fwKj+BXeSS/xqN4NI/h13ksj+PxPIEn8iRO5jd4Mr/JU/gtnsrTeDrP4Jk8i2fz2zyH5/I8fofn8wJeyIt4MS/hpfwuL+P3OIXf5+X8AafyCl7Jq3g1r+G1vI7X8wbeyJt4M2/hrbyNt/OHvIN38i7ezXt4L+/jj3g/f8wH+BNO40/5IP+FD/FnfJg/5yP8BR/lL/kYf8XH+Ws+wd/wST7Fp/lbPsPf8Vk+x+f5e77AP/BF/pEvsWeIMFKRjkwURJmizFFClCVKjK6KskbZouxRjigWXR3ljK6JckXXRrmjPFHeKF+UPyoQFYzCiCIbcRRFhaLCUTy6LioSXR8VjYpFxaMSkYtKRqWiG6LS0Y1RmeimqGx0c1QuuiUqH1WIKka3RrdFlaLbo8rRHVGV6M6oalQtqh7ViO6KakZ3R7Wie6La0b1Rmei+qG50f1QveiCqHzWIGkYPRo2ixlGTqGnULGoetYhaRq2ih6LW0cNRm6ht1C56JGofPRp1iB6LOkaPR52iJy7vLxb8/Gn6V/uToj6R/uUJ2T16cXxJfGn83fiy+Hvxxt1+fjU1viK+Mr4qvjq+Jr42vi6+Pr4hvjG+Kb45viW+Nb4t7n2NzOAw/UYYjAtcJpfZJbgsLtFd5bK6bC67y+Fi7mqX013jcrlrXW6Xx+V1+Vx+V8AVdKEjZx27yBVyhV3cXeeKuOtdUVfMFXclnHMlXSnX0rVyrVxr97Br49q6du4R94h71D3qHkv4pXDX2T3purinXFf3tHvaPeO6u2ddD/ec6+med71cb5fkklxf19f1c/3cADfADXKD3GA32A1xQ9xQN9QNd8PdCDfCjXQj3Sg3yo1xY9xYN9aNd+PdRDfRJbtkN9lNdlPcFDfVTXXT3XQ30810s91sN8fNcfPcPDffzXcL3UK32C12S91St8wtcykuxS13y12qS3Ur3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt8vtcnvcHrfP7XP73X53wB1waS7NHXQH3SF3yB12n7sj7gt31H3pjrmv3HH3tTvhvnEn3Sl32nl9xn3nzrpz7rz73l1wP7iL7kd3yXmXHHsjNjn2ZmxK7K3Y1Ni02PTYjNjM2KzY7NjbsTmxubF5sXdi82MLYgtji2KLY0tiS2PvxpbF3oulxN6PLY99EEuNrYitjK2KrY6tiXlfYEfkC/nCPu6v80X89b6oL+aL+xLe+ZK+lL/Bl/Y3+jL+Jl/W3+zL+Vt8eV/BV/RNfTPf3LfwLX0r/5Bv7R/2bXxb384/4tv7R30H/5jv6B/3nfwTvrN/0nfxT/mu/mnfzT+z4Jcu+57+ed/L9/ZJvo/v61/w/Xx/P8AP9IP8i36wf8kP8S/7oX6YH+5f8SP8q36kf82P8qP9GP+6H+vH+fF+gp/oJ/lk/4af7N/0U/xbfqqf5qf7GX6mn+Vn+7f9HD/Xz/Pv+Pl+gV/oF/nFfolf6t/1y/x7PsW/75f7D3yqX+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+m1+u//Q7/A7/S6/2+/xe/0+/5Hf7z/2B/wnPs1/6g/6v/hD/jN/2H/uj/gv/FH/pT/mv/LH/df+hP/Gn/Sn/Gn/rT/jv/Nn/Tl/3n/vL/gf/EX/o78k/7MmhBBCCPFP0b+zv8/feU39sqXrCwDZduY78tdzbs7987i/2t8pBgCP9+7W4NetQYOkpKRfjk3VEBReBACxy/k/ff/AL/EKaAePQkdoC6X/bn39VcWfrvv+u/njNwMkAmT5NSf99igR/nr+G//B/E3f5d+bfxFA0cKXc9JP9Gt8ef4y/2D+ve1/Z/4snyUDtPkvOVnhcnx5/lLwMDwBHX9zpBBCCCGEEEII8bP+6kL337u/Tb8/z28u52SGy/Hv3Z//jsp/xBqEEEIIIYQQQgjx33vq2R6PPdSxY9su/8mDzH+OMv4EAwSAP0EZMvjzD670XyYhhBBCCCHEH+3yRf+VrkQIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhMi4/v1vCFP/9MFXeo1CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfZ/AgAA///M7VMc")
r10 = openat$rtc(0xffffffffffffff9c, 0x0, 0x1, 0x0)
ioctl$RTC_WKALM_SET(r10, 0x4028700f, &(0x7f0000000040)={0x0, 0x1, {0x27, 0x20, 0x6, 0x3, 0x7, 0xfffffff9, 0x3, 0xbe, 0x7ffffffffffffffe}})
sendto$inet(r1, 0x0, 0xfffffffffffffe1a, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x29, &(0x7f0000000600), 0x4)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000001000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r11}, 0x10)
inotify_add_watch(r0, &(0x7f0000000100)='./file0\x00', 0x10002a0)

2.497626923s ago: executing program 1 (id=2857):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0xa00410, &(0x7f0000000a40)={[{@nodiscard}, {}, {@acl}, {@min_batch_time={'min_batch_time', 0x3d, 0x6}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@jqfmt_vfsv1}, {@nodelalloc}, {@auto_da_alloc}, {@discard}]}, 0x5, 0x591, &(0x7f0000000f80)="$eJzs3V1rFFcfAPD/bBKNL89jBJHaiyJ4UYt1Y5LWFyjUXpZWKrT3dknWINm4kt2ISYXqRb3pTZFCKRVKP0Dveyn9Av0UQitIkdBSpJAyu7PJmuzmzdVd3d8PRs+Zmew5Z8/8Z8+ZmWUD6FtH039yEUci4psk4kDTtsHINh6t77f0+OZkuiSxvPzpn0kk2brG/kn2/74s81pE/PpVxIlcff1Q02tXFhZnCqVScS7Lj1Znr41WFhZPXpktTBeni1fHJybOvjs8fu7M6Y619a2Lf3//yf0Ph78+tvTdzw8P3k3ifOzPtjW34xncas4cLfybpYbi/JodxzpQWC9Jul0BdmQgi/M0No/EgRjIoh549X0ZEctAn0rEP/SpxjigMbfv0Dz4pfHog/oEaH37B+vXRmK4Njfau5Q8NTNK57sjHSg/LeOXP+7dTZfY+DrEnk3yANty63ZEnBocXH/+S7Lz386dql083tjaMvrt8we66X46/nm71fgntzL+iRbjn30tYncnNo//3MOnsh2+0ZCO/95rOf5dOXWNDGS5/9XGfEPJ5Sul4qmI+H9EHI+h3Wl+o/s5Z5ceLLfb1jz+S5e0/MZYMKvHw8Hdtcv0K6YK1cKztXrVo9sRr7cc/yYr/Z+06P/0/bi44SuvdtTh4r032u21efufr+WfIt5s2f+r9U/a3p+cGD935vRo7XgYbRwV6/115/Bv7crvdvvT/t+7cftHkub7tZXtl/Hj8JNiu21bPP6fkh7/u5LPauld2bobhWp1bixiV/Lx+vXjq3/byDf2T9t//NjG579Wx386+fp8i+2/c+hO2117of+nttX/2088+OiLH9qVv7X+f6eWOp6tWXP+e7LmUkbNVivYobcRAAAAAAAAekIuIvZHksuvpHO5fL7+fMeh2JsrlSvVE5fL81enovZd2ZEYyjXudB+o3YKtPw8xlj0P23g+YnxNfiIiDkbEtwN7avn8ZLk01e3GAwAAAAAAAAAAAAAAAAAAQI/Y1+b7/6nfB7pdO+C5q/2wwe5u1wLohk1/8r8Tv/QE9KRN4x94ZYl/6F/iH/qX+If+Jf6hf4l/6F+t49/TP9APfP4DAAAAAAAAAAAAAAAAAAAAAAAAAABAR128cCFdlpce35xM81PXF+ZnytdPThUrM/nZ+cn8ZHnuWn66XJ4uFfOT5dnNXq9ULl8bG4/5G6PVYqU6WllYvDRbnr9avXRltjBdvFQceiGtAgAAAAAAAAAAAAAAAAAAgJdLZWFxplAqFedecGIwulDoDhPvR09U43k2sG5Hfz64ftM/EdEL7ZJ4hkSXT0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0OS/AAAA//8Umzy+")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00\x00\b\x00\x00\x00\b\x00\x00'], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdc3, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
chdir(&(0x7f0000000380)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)

1.841887952s ago: executing program 1 (id=2859):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r1 = syz_io_uring_setup(0x126b, &(0x7f00000006c0), &(0x7f0000000740)=<r2=>0x0, &(0x7f0000000780))
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r1, 0x2, &(0x7f0000002d40)={0x0, 0x0, 0x0, 0x0}, 0x20)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r1, 0x6, &(0x7f00000001c0)={0xfffffffc, 0x0, &(0x7f0000000940)=[0xffffffffffffffff]}, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYRESOCT=r2, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa20000000000000702000004000000b703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
r4 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$binfmt_misc(r4, &(0x7f0000000180)="e502", 0x2)
execveat(r4, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

1.759174924s ago: executing program 1 (id=2860):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x2, 0x8, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffd08, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000e4ffffffffffffff00000000800000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2008}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000040)={'macsec0\x00', @random="06517dc2e6ea"})

1.715778554s ago: executing program 5 (id=2862):
r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0x1, 0x120d, &(0x7f0000001280)="$eJzs3M+LG2UYB/Bnd2u3bt0faq22IL7oRS9Ddw9e9BJkC9KA0jZCKwhTN9GwYxIyYSEiVk+eBP8OEUTwJog3vezF/0DwthdvVhBHNqlto6k0omYpn88lDzzzTZ43IYEJ78zBi5+8s9sqs1Y+iMWFhVjsRaQbKVIsxh8+iOde+Pa7Jy9duXqhVq9vX0zpfO3y5vMppbWnvn79vc+e/mZw8rUv175ajv2NNw5+2vpx//T+mYPfLr/dLlO7TJ3uIOXpWrc7yK8VzbTTLnezlF4tmnnZTO1O2exP9FtFt9cbpryzs7rS6zfLMuWdpZuTpEF/mPK38nYnZVmWVleC2R27VTU+vVFVVURVPRDHo6qq6sFYiZPxUKzGWqzHRjwcj8SjcSoei9PxeDwRX/zw+fAwAQAAAAAAAAAAAAAAAAAAAPx7Zr3+/8zoqHlPDQAAAAAAAAAAAAAAAAAAAPeXS1euXqjV69sXUzoRUXy019hrjB/H/Vor2lFEM87Fevwao6v/x8b1+Zfr2+fSyEZ8WFy/mb++11iazG+ObicwNb85zqfJ/HKs3JnfivU4NT2/NTV/Ip595o58Fuvx/ZvRjSJ24jB7O//+ZkovvVL/U/7s6DgAAAC4H2Tplqnn71l2t/44P8P/AxPn14fZs8fmunQiohy+u5sXRbOvOPLF8fmO8UtVVf/VSywdgbf3b4u7f1OWI+Jenufnaa2FiDgaC/xLMe9fJv4Ptz/0eU8CAAAAAAAAAADALP7pDsGPx9vD72nn47zXCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Ds7cCwAAAAAIMzfOo2ODQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACArwIAAP//GgHNcg==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
clock_gettime(0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000080), &(0x7f0000000040)='./bus\x00', 0x8, &(0x7f0000000880)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461002018bbdecde39739fcd1df176dde746ec834120600000000003b048000000000000072462abc30ef5b65c70f73ecea54b5e5bec5aca9836c319f653557e79a002208ceae6dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e36868736000000f6a55493b4b81d5b9fa9b40fe4d76afc2a989c6d60044e89eb96e44d01a1174e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc369c71e57fafab52f325ca91e684160191acf5ae7469c82ab4145b595b987d75912afdcc1c061835294cc0c618aba204f8adaa20c80108d356cd887ba217c8f569e6d0caf75052a77056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6ac0d90ea79b8027cf75964dd86c2ed2b5e75779677a28c76b848dd03dab190b5f02ec52830f3ff01faae1c3df076000000000000000000000000000083a48a6b926c668b9ba42490175018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac011170182f99766e86fb125cc6799c43aa4dc708dc4a00a6decad26f0378072a571da000000aec3dfbae348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0f1da8390fd0400bad5f796374bb196e60e537b8ffca80a5ec3c5c063aab2c87a7824c4fbfab7264185e1b2e59012acbf3732abe75b848de8ec4aaba2e3c8cd14dd9bf9499952815b9fb34057a585a9c18a11f3d496825b3fcb0c8aa89e079fd78997da864b302139b2b10597100846b55f7d0b050b7b0ef7e9c897c50b53404acdd701425323201b33465fddec69c37cb13fd441a830af5ea73f4ac82d7926eb0db1141003d14c473077a76c3bee7e37dc799abb47bd67cde7958c50fb2d15c9cc196e4bff1d000000000000000002220082e48604ca6ddeddb98b0d02d6ebee92772007d347c0cdd608888df848362c512931510ba5494d65df9ad90e696ab12f91a48c18a967fc3d894b69467663a7218d96ddd125d7472bc4493c2d7dac0becf517ba5a5870058e19f17e0ed80daa35939236764e352d0a172f7189058b575dc381e7a0862a029ca12da832401926956625f41d772a05a1284cc31c22f6a4d754810059a4c2cfefc489", @ANYBLOB="3f62ba82fbfbbfa268d1dc8088261980514d9a63bfae70a79135e7af0232700de511c327c3b27b24e7949c3a9396e1b84228e85126e922d263b6687c8350fbff3ae622205b993af2a232aed506ba74d5c03cc1f8dfefa6f8e70da45ffaa369590c6d4347df3d3882879836ecec7f6b046d00a0b006a65a09897ab99f0e74604469411b520391d7020e4ab31c4615f445f0b1c99574514a74fb18df402fadcef45174893e836af19e43fb1a9f2f940d76d953111380c8b87766e9594227d6be5ee8b8", @ANYRES8=r0], 0x5, 0x5599, &(0x7f000000cf80)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx64auumCJWPBPEEisWPIbWMASdogFiB1SkWcmULdNC43jQPs80vjMHL8+874jK9KZiRzAU2sp/e2XJI7FoYhYiIijSeT7SblF3I44X4x9LiKOR0Tlri0p838m9kfE4Yg4Nile1EzKtz47OT5x9uc3f/362wP7jnz+1Xd7unBgTz0fEf31Yv9mv4hZJw93Fsp8Y9zNY//MuIzrUzX6WZG/2V7LK9xsbI1r5PF0pxifrd8YTuLVXqM5iZ3u1Ty/PihOOBx3tupMPpBea2zkx632Wh67wyyPnVvFeTdvFX/bbg1HRZ1WWe+jvHyMRluxyLc328V61q/nsTkYlfmibtZqb07iuIzl6aKZ9Vr5PNYe9yr/+73VHdzYTMftjWE3G6Rna/UXavVz1fpG1mqP2meqjX7r3Jl0udObDKuO2o3++U6WdXrtWjPrr6TLnWazWq+nyxfaa93GIK3Xa6drp6pnV8q9k+lrl99Le610eRJf6Q5ujLq9YXo120iLT6ykq7XTL66kJ+rpO5eupFfevnjx0pV3P7jw/uWXL73xajnovmmly6unVler9VPV1frKU7T+j8tJ/4P1Jw9O//D9zi4bFLb5ggGwvfv6/7i3/w/9PzBzD+n/49oj+v/+9fJ4d/r/eGD/X5nu/2Mn/X8lynzZ/09aKv3/o/vfyh70v4uh/9/F9cOOPF7/v3/m8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYO5+XPzi9XxnqTg+Uub/V6aeKY+TiKhExJ0HWIj9UzUXyjqL24xfvGcO3ySRV5ic40C5HY6I8+X2+/93+yoAAADAk+vL28c/Lbr14mVpryfEPBU3bSpHP5xRvSQiFpd+mlG1yuTl2RkVy7/f+2JzRtXyG1gHZ1SsuOW2b1bV/paFqXDwrpAUoTLX6QAAAHMx3QnMtwsBAABgnj556LsvzW0ezFkSW48yt54F5/95/9cDwUNT7wEAAAD/QcleTwAAAADYdXn/7/f/AAAA4MlW/P4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwB/s3E1u2kAUAOBng0t/VVR136t0B8foEbrssnCAXoIj0BNU6gU4A5GyyAGySEKEPbFCAlIkxkDQ90keM2P0PAP24s1IAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAly6q+fjv729/9gzz73a1n0zDAQAAALZYVvNx/WHY1D+k9k+p6UuqFxFRRsS23L0XbzZi9lKcasf3qyd9+B9RR1i3D9LxPiK+p+Pmc9e/AgAAAJydNllfTGejJltvijQFcHm0nnFIzXNQfvyRKV4REdXwKlO0cl18zRSsfr778StTtHoC622mYM2UW3/7tccTa9e5bphe9/b0MJJJ/SfWtTLfvQAAgFOxmQnsyEIAAAA4Az+P3QEO4XlqX7RFu844aE5pQfDdRg0AAAB4hYpjdwAAAADoXJ3/n9L+f4X9/wAAACC7Zv8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAurSs5uPFdDbadX3ywjh3q/3kGxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcsz/vKBACYRAGe9d3JnP/w0qDhsYmVSB8/I3BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDF/rykQAgEQRTMGf876fsfVhL0DCJEQMOjilo0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDFvh37tlGFAQD/7LPdpoAIAUUigIrUARaauqWlK0KgiIE/ASlKnRJwKbQZaBVRsrChzF0QjAghgcKW/6FzI3UpW4cMQWJiCLrzXXpODI1Ke+c2v5/0/D6fr+9972xV+fzOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFLbejVebeZykD5ODuDh2e3tlIe039/SpjbU7M2lL40bFeT8BXis/OT5dXyIAAAAcHklR30fE3fb6XNo3J7P6v12ck9b8Pzw3iIt6fm/dv7m9cjR/aaao/3//7d5LuxNNJtk86aCLS/3eqf2ptB7TEsfe8w88o5Vd+ey7lyR7Q5ofrr641c6uZ+O7W7fe72ThkSqyBQAexsmiz4Pi76G079aZGACHRqtUeBf1fzJZb04AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAVdhajWeKuBERM637cWpze2VhVP/N2p2Zjbydu3lzrTxmOkQ7IhaX+r1TFa5lfBVX8/pn8/1+78rVa1UHxyNixEs3DvbPkzz9fz2nExFDR068PGKcjw8w155x9gX5xzOqvYYT6foeeHJj6Ehj3wV/b2egjg9AVUEzf3/GJZ9HGRSfvUc/csX/HQEA8NRr5y2tRO+21+fSY42piJ0fh+v/N0pxDNX9OzcGRwbPN0r1/71Pzt0uz1Wu/7sVre9JMLt86YvZq9euv7V0af5i72Lv87dPd9/pnjl/9uz52ey7ktnFaPrGBAAAgP+hk7dy/d+c2r//f6wUx3/s/5fr/y+/735dnitR/490f9Ov7kwAAAAOo85u9MLrf/3ZGHFGo9OJr+aXl690B4+7z08PHitN9yEdyVu5/k+m6s4KAAAAqMLWamNo//9CKY4D7v8/+9Mrv5THTCJiIuJyRPROLlzuX6huOWOtih8qZxN16l4pAAAAdZnIW3n/v53d/9/cveWhGRFvnoj4O/8Nfxyw/k8++Pbn8lzl+//PVLrK8dOcHlyPrJ+OaE3XnREAAABPs6N5S4v9P9rrc5/+euyjjvv/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKr2TwAAAP//KrQypA==")
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3ffff)

1.713525444s ago: executing program 0 (id=2863):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0xa00410, &(0x7f0000000a40)={[{@nodiscard}, {}, {@acl}, {@min_batch_time={'min_batch_time', 0x3d, 0x6}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@jqfmt_vfsv1}, {@nodelalloc}, {@auto_da_alloc}, {@discard}]}, 0x5, 0x591, &(0x7f0000000f80)="$eJzs3V1rFFcfAPD/bBKNL89jBJHaiyJ4UYt1Y5LWFyjUXpZWKrT3dknWINm4kt2ISYXqRb3pTZFCKRVKP0Dveyn9Av0UQitIkdBSpJAyu7PJmuzmzdVd3d8PRs+Zmew5Z8/8Z8+ZmWUD6FtH039yEUci4psk4kDTtsHINh6t77f0+OZkuiSxvPzpn0kk2brG/kn2/74s81pE/PpVxIlcff1Q02tXFhZnCqVScS7Lj1Znr41WFhZPXpktTBeni1fHJybOvjs8fu7M6Y619a2Lf3//yf0Ph78+tvTdzw8P3k3ifOzPtjW34xncas4cLfybpYbi/JodxzpQWC9Jul0BdmQgi/M0No/EgRjIoh549X0ZEctAn0rEP/SpxjigMbfv0Dz4pfHog/oEaH37B+vXRmK4Njfau5Q8NTNK57sjHSg/LeOXP+7dTZfY+DrEnk3yANty63ZEnBocXH/+S7Lz386dql083tjaMvrt8we66X46/nm71fgntzL+iRbjn30tYncnNo//3MOnsh2+0ZCO/95rOf5dOXWNDGS5/9XGfEPJ5Sul4qmI+H9EHI+h3Wl+o/s5Z5ceLLfb1jz+S5e0/MZYMKvHw8Hdtcv0K6YK1cKztXrVo9sRr7cc/yYr/Z+06P/0/bi44SuvdtTh4r032u21efufr+WfIt5s2f+r9U/a3p+cGD935vRo7XgYbRwV6/115/Bv7crvdvvT/t+7cftHkub7tZXtl/Hj8JNiu21bPP6fkh7/u5LPauld2bobhWp1bixiV/Lx+vXjq3/byDf2T9t//NjG579Wx386+fp8i+2/c+hO2117of+nttX/2088+OiLH9qVv7X+f6eWOp6tWXP+e7LmUkbNVivYobcRAAAAAAAAekIuIvZHksuvpHO5fL7+fMeh2JsrlSvVE5fL81enovZd2ZEYyjXudB+o3YKtPw8xlj0P23g+YnxNfiIiDkbEtwN7avn8ZLk01e3GAwAAAAAAAAAAAAAAAAAAQI/Y1+b7/6nfB7pdO+C5q/2wwe5u1wLohk1/8r8Tv/QE9KRN4x94ZYl/6F/iH/qX+If+Jf6hf4l/6F+t49/TP9APfP4DAAAAAAAAAAAAAAAAAAAAAAAAAABAR128cCFdlpce35xM81PXF+ZnytdPThUrM/nZ+cn8ZHnuWn66XJ4uFfOT5dnNXq9ULl8bG4/5G6PVYqU6WllYvDRbnr9avXRltjBdvFQceiGtAgAAAAAAAAAAAAAAAAAAgJdLZWFxplAqFedecGIwulDoDhPvR09U43k2sG5Hfz64ftM/EdEL7ZJ4hkSXT0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0OS/AAAA//8Umzy+")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdc3, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)

1.652314635s ago: executing program 1 (id=2864):
r0 = syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000380)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000018bbdecde39739fcd1df176dde746ec834120600000000003b814e50a959736d6572462abc30ef5b65c70f73ecea54b5e5bea9836c319f653557e79a002208ce996dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e3686873600000000005493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1034e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc36160191acf5ae7469c82ab4145b595b987d75912a0fcd1c061835294cc0c618aba204f8adaa20c80108d356cd88cc86177056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6020d90ea79b8027cf75964dd86c2ed2b5e75779677aa8c76b848dd03dab190b5f02ec52830a17b01eaae1c3df076000000000000000000000000000083a48a6b926c668b9b90195018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac0111701b125cc6799c43aa4ff708dc4a00a6decad26f0378072a571da000000b1a6bdf03fd56697e348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0df04f20020ee84075b4e1a2ad43d1be1138de4668e7b6137545708790c501f1ed7f6a571d500000000000000"], 0x25, 0x5594, &(0x7f0000006a80)="$eJzs3L1vG2UYAPDnnKbflAgxsPWkCimRaqtOPwQTBVrxIVpVfAxM4Niu5db2RbHrhEwdGBED/wkCiYmRv4EBRtgQA4gNCeS7CzRtA23jOGr7+0nn5+7x6+fe92RFeu4iB/DUWkj/+C2JE3EkIuYi4ngS+X5SbhG3Iy4WY1+IiJMRUbljS8r8P4mDEXE0Ik5Mihc1k/KtL06PT53/9e3fv/3+0IFjX37zw74uHNhXL0ZEf7XYX+8XMesU8UaZb4y7eeyfG5dxdVuNflbk19sreYX1xta4Rh7Pdorx2eqt4SRe7zWak9jpXs/zq4PihMNxZ6vO5APpjcZaftxqr+SxO8zy2NkszruxWfxt2xyOijqtst4nefkYjbZikW9vtIv1rN7MY3MwKvNF3azV3pjEcRnL00Uz67Xyeaw84kV+DLzTHdzaSMfttWE3G6Tna/WXavUL1fpa1mqP2ueqjX7rwrl0sdObDKuO2o3+xU6WdXrtWjPrL6WLnWazWq+ni5faK93GIK3Xa2drZ6rnl8q90+kbVz9Ie610cRJf6w5ujbq9YXo9W0uLTyyly7WzLy+lp+rpe1eupdfevXz5yrX3P7r04dVXr7z1ejnonmmli8tnlper9TPV5frSU7T+T8tJP8T6k/unf/pxd5cNCjt8wQDY2T39f9zd/4f+H5i63fT//Zvl8d70//Eg/X9Ms/+ftFT6///vfysP1f+emEr/Ox/6/z1cP+zKo/X/B6c+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZu7n+a/ezHcWiuNjZf6ZMvVceZxERCUi/rqPuTi4reZcWWd+h/Hzd83huyTyCpNzHCq3oxFxsdz+fHavrwIAAAA8ub6+ffLzolsvXhb2e0LMUnHTpnL84ynVSyJifuGXKVWrTF6en1Kx/Pt9IDamVC2/gXV4SsWKW24HplXtgcxtC4fvCEkRKjOdDgAAMBPbO4HZdiEAAADM0mf/+e4rM5sHM5bE1qPMrWfB+X/e//tA8Mi29wAAAIDHULLfEwAAAAD2XN7/+/0/AAAAeLIVv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwNzv3k5s2EMUB+Nlg6F8VVd33Kt3BMXqELrssHKCX4Aj0Cr0AZyBSFjlCBBH2BMkJSJEY4wR9n2Q7M45+ngE2bywNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXbqpVrN/f77/PTdnuztPntkAAAAAx2yq1az+Y9K0P6b+z6nra2oXEVFGxLHafRCjVuYg5VQn/r96Mob/EXXCvn+cjg8R8SMd91+6/hQAAADgeq0Xy2lTrTentARw2++ouJBm0ab89DNTXhER1eQuU1q5P33LFFb/vofxO1NavYD1LlNYs+Q2PH5vlOshbYPW5XEm8/pLrFtlN88FAAD61K4ETlQhAAAAXIFffQ+AS3he2heH0+E947i5pBeC71stAAAA4A0q+h4AAAAA0Lm6/n9N+/8V9v8DAACA7Jr9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSplrN1ovl9NT9+Qtztrvz5JsRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAA/vzjgIhEAZhsHd9ZzL3P6w0aGhsUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9LCoRAEETBnPG/k77/YSVBzyBCBDQ8qqhFAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7NvPaxxVHADw7+5kt01VjFECRqVCD3qx6ba29iqiBA/+CUJINzW6tdrmYEuw5uJNcu5F9CKICEq85X/ouYFe6q2HHCJ48hCZ2Zl0NlmbENuZJP184O377uzr+7VLyXffLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFBYfzdebeZxkj6M9ePi2t2Nxdm0XttWp1aX702mJY0bFc/7EHit/OTkRH0TAQAA4Kh4btcWSZHfR8T91sp0WjfHsvy/VbRJc/4f8q6KfH573r+2sXg8f2myyP//+P3BS1sDjSXZOGmnc/O97pmdUxnZ9zIPued3bTGS7Xz23UuSvSHND5deXG9l+9n47s6d99tZeKyK2QIA+3G6qPOg+HsorTt1TgyAp8ZIKfEu8v9krN45AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFRhfSmeKeJGREyOPIxTaxuLs8Pqb5bvTa7m5cLt28vlPtMuWhExN9/rnqlwLQdXsZs3P5vp9brXrt+oOjgZEUNeurW3f57k0//PNu2IGLhy6uUh/Xy8h7G29bMjyD+eUe0ejqbr27VxY+BKY8eGv7fZV8cHoKqgmb8/T2KI0crf98Gg+Ow9/p4r/u8IAIAjr5WXNBO931qZTq81xiM2fxzM/98oxTGQ92/e6l/pP18t5f8PPrlwtzxWOf/vVLS+w2Bq4coXU9dv3Hxr/srM5e7l7udvn+280zl38fz5i1PZdyVTc9H0jQkAAAD/Qzsv5fy/Ob7z/P9EKY5HnP/3j4T7+f+X33e+Lo+VyP+HenjoV/dMAAAAnkbtreiF1//+qzGkRaPdjq9mFhaudfqPW8/P9h8rne4+HctLOf9PxuueFQAAAFCF9aXGwPn/pVIcjzj/L9///+zPr/xa7jOJiNGIqxHRPT17tXepuuUcaIM/+v0peRI/VM4Gate9UgAAAOoympfy+X8ru/+/uXXLQzMi3jwV8U/+G/7YY/6ffPDtL+Wxyvf/n6t0lQdPc6K/H1k9ETEyUfeMAAAAOMqO5yVN9v9srUx/+tuJj9ru/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACo2r8BAAD//yHlK8g=")
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./file0\x00', 0x1000840, &(0x7f0000000f00)=ANY=[@ANYBLOB="696f636861727365743d6b6f69382d72752c73686f72746e616d653d77696e6e742c636f6465706167653d3935302c757466383d312c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c757466383d302c756e695f786c6174653d302c696f636861727365743d63703836352c757466383d312c73686f72746e616d653d6c6f7765722c757466383d302c73686f72746e616d653d77696e6e742c001d46d61beb"], 0x3, 0x384, &(0x7f0000000b40)="$eJzs3T+IHFUYAPBvb/Z27yThrhCCgjDaCXokURFtvBAuENwmyuKfQlxMonJ7BnK4mBTZnI1YCpYKgpUWWlikE0RQxM7C1gghKhaaLmDIyOzM/rvdvYhy+YO/X7H58t73vfdm78HODey7l1dj/fh8nLxy5XIsLFSiunp4Na5WYjmS6Dsfk2rFPx9N6QIAbnNXsyz+zAoRX/6TksrurwoA2E29z/9X9460vP3NTvmZT38AuOOVv/8vjrYl23IWZhWf2rVlAQC7aPz5f0Q8MJFSG4bViXsDAODO8+wLLz59qBHxTJouRGy802l2mvHksP/QyXg92nEi9sdSXIsobhTyl0rv9cjRxtr+NE278ctyNPOKTjNio9tpFncKh5JefT0OxFIsl/Xl3UaWZcmRLxprB9KeiDjf7c0fG5VOcz4Wy/l/uitOxMFI4+6J+oijjbWDaTlAc6NfPx+xNXxuka9/JZbih1fiVLTjeOS1/duaxtq5A2l6OGvsqQzru51mvZdXmPkEBAAAAAAAAAAAAAAAAAAAAAAA/pWVdGB5cH5ONjy/Z2VlSn/vfJyivjwfaKs4HyirZ5Flf7z1cPPdJMbOB9p2Pk+306zG3K29dAAAAAAAAAAAAAAAAAAAALhtbJ6pRavdPnF688zZ9dGge3rzzFxE5C1vfPfZ14sxnrNYDjBeNRZUy5SRrnRYlSX95CwZyymDJJ+8Ui1aPr0wWPFoTn1wFVOXUZ/aVS3WvPf+Sx8Mu+5L+iNfHyYnMfW6zibbllEEC2Nv7Oy3ZYfg4A1yLmZZNqv83EuTVVGJqE5Z6n8Ksjz49vJr9zyyue+xXstXWeHBh5aeu/j+x7+tt9r5zLl2u3Z681q23ir/P32zzQ6S/v755NJgs1VGd0K19ej1Y3tmjLw13tJKfvz9+Xvf+75smdv5x5SNtrw50lUpq5Ji0s+3l9eKIF/moOupPMjfo8m55qds/mnB47Fzzg0uZ9+Hq60L537+dWr53OQmGdnLDuoAAAAAAAAAAAAAAAAAAICbYuS74qXyy77zO1U9cWz3VwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN8/w7/8Pgpjb2tYyO6iWw+Qtf3VjMqeeDxi1kRmXb9GVAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf/Z3AAAA//8HNl2q")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10138, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRESOCT, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES64=r0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000800000d2bb11f800000000662ef32c0da38de054112506336c1beaf1ab8242d7b5c1bcc89eb0e24ec661550ce551f28a2e55be3042e1a9f1"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000000000000000000009500a500000000003e62782f6b62fe583a205a2a93679f78609d6ca7f05ba88e8460d0693a8e47c2857ff1c02f24ca929b6aec07a02b58cbd88131bb0d547c9bab43442e4535f88409162afd1ed8ff5a113677be48432632a733fb0c58fcdba24799f692860f292f268d00eac7dd739212a24e74fef584daca158d64b64536a0c21a0ab5a3e038038aaef7bd2ea0621eb7be6fc89005be16748d73f3a1887006e10ed1fb7d9eb609d12ae5bcfd530400e18f6ad05fe15db26a4951f34aa25731"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x14}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000400)=ANY=[@ANYRESOCT, @ANYBLOB="1800000000", @ANYRES16=r4], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe2$9p(0x0, 0x800)
write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xd6}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0)
rename(0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
write$UHID_INPUT2(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="0c0000005b006e657d64fdb933fe7fe9957545658c6bb8c37000b2ce9d98cdb7e040d02da957e3b66e4549cf3bd8dc1e420e7a8b5d481b7b354db5be8cedcd24f79e6a7442172f2a51268344730a00"/94], 0x61)

1.651563025s ago: executing program 0 (id=2865):
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), 0x0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000004080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="14000000000000000100000001000000"], 0x18}}], 0x1, 0x0)
dup3(r4, r3, 0x0)

1.633240226s ago: executing program 0 (id=2866):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0xbc9d, 0x8000, 0x100, 0x8080, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x1}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r4}, 0x10)
setuid(0xee01)
mknod$loop(0x0, 0xfff, 0x0)
ioctl$KDGKBDIACR(0xffffffffffffffff, 0x4bfb, &(0x7f0000000600)=""/171)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000200)={'ip6gre0\x00', 0x0, 0x0, 0x4, 0x7, 0x5, 0x42, @mcast1, @remote, 0x8, 0x1, 0x200, 0x52a}})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000540)={0xffffffffffffffff, 0x20, &(0x7f0000000500)={&(0x7f0000000040)=""/66, 0x42, <r5=>0x0, &(0x7f00000004c0)=""/26, 0x1a}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x1}, 0x8, 0x10, 0x0, 0x0, r5}, 0x94)
syz_open_dev$vcsu(&(0x7f0000000340), 0x5, 0x800)

1.500810937s ago: executing program 3 (id=2867):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001000000", @ANYRES32, @ANYBLOB='\x00\b\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
uname(&(0x7f0000000300)=""/10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="01000000010000000500080001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000f7ff0000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mincore(&(0x7f0000fff000/0x1000)=nil, 0x1000, &(0x7f00000004c0)=""/245)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x80c80, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r7, 0x4138ae84, &(0x7f0000000100)={{0x7000, 0xdddd1000, 0x0, 0x0, 0x8, 0x8, 0x0, 0x2, 0x10, 0x6, 0x9, 0x10}, {0xeeee8000, 0x0, 0xc, 0x8, 0x7c, 0x0, 0x0, 0x0, 0x7, 0x7, 0x0, 0xff}, {0x2fff, 0x5000, 0xc, 0x0, 0x7, 0x4, 0x0, 0x0, 0x3, 0x9, 0x0, 0xfc}, {0x100000, 0xd000, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x9, 0x0, 0x4}, {0xeeee8000, 0xf000, 0x9, 0x0, 0x0, 0x4, 0x20, 0xe, 0x0, 0x3c}, {0x0, 0x0, 0xd, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80}, {0x8080000, 0x0, 0xf, 0x6, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfe}, {0x80a0000, 0xdddd0000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xa, 0x26, 0x0, 0xfc}, {0x80a0000}, {0xeeef0000}, 0xfdfcffdb, 0x0, 0x0, 0x28, 0xb, 0xf801, 0x0, [0x0, 0x0, 0x2]})
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000840)={0xffffffffffffffff, 0xffffffffffffffff, 0x17, 0x0, @val=@kprobe_multi=@addrs={0x1, 0x0, 0x0, 0x0, 0x7}}, 0x30)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r4}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kmem_cache_free\x00', r10}, 0x18)
faccessat2(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x5, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r8, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)
r11 = accept$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @initdev}, &(0x7f0000000040)=0x1c)
setsockopt$inet6_int(r11, 0x29, 0xa, &(0x7f00000002c0)=0xfffffffe, 0x4)

1.35811224s ago: executing program 3 (id=2868):
socket$nl_xfrm(0x10, 0x3, 0x6)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0b00000007000000080000000800000005000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000037fe402751dbbd27ff0d90d08d3ca82754", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES8=r3, @ANYRES8=0x0], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/5, 0x1c000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r5, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f00000000c0)=0x100, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180))
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ppoll(&(0x7f0000000500)=[{r8}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
bind$xdp(r5, &(0x7f00000001c0)={0x2c, 0x0, r7}, 0x10)
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bind$xdp(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x4}}, 0x18)

1.219858852s ago: executing program 5 (id=2869):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001040)=@nat={'nat\x00', 0x8, 0x5, 0x6c0, 0x390, 0x390, 0xffffffff, 0x2a0, 0x390, 0x5f0, 0x5f0, 0xffffffff, 0x5f0, 0x5f0, 0x5, 0x0, {[{{@uncond, 0xb7030000, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x1d, @ipv6=@private1, @ipv6=@private0, @port, @gre_key}}}, {{@uncond, 0x0, 0x168, 0x1b0, 0x0, {}, [@common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@dev, [], @ipv6=@private1, [], @ipv6=@private1, [], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}]}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x1, @ipv4, @ipv6=@local, @icmp_id, @icmp_id}}}, {{@ipv6={@mcast1, @local, [], [], 'wg1\x00', 'virt_wifi0\x00'}, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv4, @ipv4=@multicast1, @gre_key, @icmp_id}}}, {{@ipv6={@rand_addr=' \x01\x00', @ipv4={'\x00', '\xff\xff', @empty}, [], [], 'dummy0\x00', 'syzkaller0\x00'}, 0x0, 0x218, 0x260, 0x0, {}, [@common=@inet=@sctp={{0x148}, {[], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}}, @common=@mh={{0x28}, {"0c06"}}]}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv4=@multicast1, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id, @icmp_id}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x720)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000003000000000000000400000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080020140000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000000ef3529a030000009500000000000000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r2}, 0x10)
r3 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x0)
connect$tipc(r3, &(0x7f0000000280)=@nameseq={0x1e, 0x1, 0x3, {0x41, 0x2, 0x3}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018100000", @ANYRES32, @ANYBLOB="00000000000000007a00e70000000000180000000000000000000000000000009500000000000000d50a0000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xee, &(0x7f0000000340)=""/238}, 0x21)

860.937837ms ago: executing program 3 (id=2870):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4)
connect$inet6(r0, &(0x7f0000000e40)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup3(r0, r1, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000001f00)=""/4106, 0xfffffffffffffccb, 0x0, 0x0}, &(0x7f0000000080)=0x40)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x48}, &(0x7f00000004c0)=0x40)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00')
read$FUSE(r2, &(0x7f0000002640)={0x2020}, 0x2020)
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback=0x3b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18020000fcffffff000000000000210085000000360000009500070000000000b83f3584230b8f5ec8921327291cf4880dd3a91af830f8a476ba1b51d4eb67103b000000000000000000000000000000640f9922d207e93470686f20ad"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x70)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r8, 0x1800000000000060, 0x0, 0x0, 0x0, 0x0, 0xc00d, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x82200, 0x70, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r9}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0xe, 0x4, 0x4, 0x20002, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x50)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000280)={0xffffffffffffffff, 0x2, 0x2})

860.262227ms ago: executing program 5 (id=2871):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001500)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") (async, rerun: 64)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x100) (async, rerun: 64)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (async, rerun: 32)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0) (async, rerun: 32)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file2'}}, {@nfs_export_off}, {@metacopy_on}]}) (async)
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x12)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0) (async)
getsockname$packet(r0, &(0x7f00000002c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000400)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa1005260257a000000000007010000f8ffffffb7022c2a4649c6ff01000000000000000000b7030000850000000000000000580e00500000009556e5523ef05c626f6401958276b9d39c5621c51afdb477eb3664a32e290fcd088f6dd38d9932bc9c0f41891b6edc2817d92ce1142233b6de54f3b56ecaf4502f02f15199b9c54d6d8c0d24c87699fc8e1a6f1d6b9f2716fd60102349836fe0f79140db74ffffffef191a8437818017b8830721f78a836dd050f7b7d2750f92e102a80d5e7fc026360776fc66fef5886619aec30ebd078b104c3e2ccf5eaa25e6bafc3d443092d99141e56b88021111570b5115901454abba5a0c95bd50df6fd4469cdeea1911db012a2fe963438ac1dc53ea86e869c6491875e327138846ab4d06ec1f92e82ea6ea09906e21"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b40)={&(0x7f0000000100)='kfree\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18) (async, rerun: 32)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x82400, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x6000, 0x1)
r3 = open(&(0x7f0000000040)='./file2\x00', 0x1, 0x104)
ioctl$BTRFS_IOC_DEFRAG(r3, 0x4c00, 0x3) (async)
userfaultfd(0x80000) (async, rerun: 32)
close_range(r2, 0xffffffffffffffff, 0x0) (async, rerun: 32)
chdir(&(0x7f0000000140)='./bus\x00') (async)
link(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0)='./file0\x00')

798.359328ms ago: executing program 5 (id=2872):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
keyctl$unlink(0x9, 0x0, 0xfffffffffffffffc)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r8, r7, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r8}, &(0x7f0000000000), &(0x7f0000000080)=r5}, 0x20)
sendmsg$inet(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)}, 0x0) (fail_nth: 5)

698.313699ms ago: executing program 1 (id=2873):
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), 0x0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
dup3(r4, r3, 0x0)

656.7547ms ago: executing program 0 (id=2874):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/155}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000cc0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x3, [@func_proto, @func={0x1, 0x0, 0x0, 0xc, 0x1}]}, {0x0, [0x61]}}, 0x0, 0x33}, 0x28) (fail_nth: 9)

49.099489ms ago: executing program 3 (id=2875):
socket$inet6(0xa, 0x2, 0x3a) (async)
socket$inet6(0xa, 0x2, 0x3a)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x10) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='cpuacct.usage_sys\x00', 0x275a, 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='cpuacct.usage_sys\x00', 0x275a, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'pimreg1\x00', <r1=>0x0})
setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000240)={r1, @local, @private=0xa010101}, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (async)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000900)={0x0, 0x2, 0x1, [0xffff, 0x13a0000000000, 0x0, 0x88, 0x6], [0x7fc, 0x8, 0xffffffffffffff4a, 0x7f, 0x10000, 0x2, 0x2d9, 0x1, 0x3, 0xc7, 0x8001, 0x9, 0x4, 0x7e, 0x7d, 0x2, 0x8, 0x101, 0x10000, 0x7, 0x7, 0x9, 0x7f, 0x6, 0x1, 0xc, 0x5, 0xff800000000000, 0x401, 0x7fffffff, 0xc333, 0xe, 0x4000006, 0x8001, 0x1, 0xd5d, 0x8, 0x1, 0x2, 0x5, 0x6cf2, 0x2, 0x0, 0xa, 0x100000000, 0xffffffff00000001, 0x7fffffffffffffff, 0x2, 0x5, 0x4cc2, 0xfffffffffffffff7, 0x6, 0x0, 0x8, 0x7f, 0x0, 0xfff, 0xffffffffffffffff, 0x8, 0x3, 0x706, 0x2, 0x5b4, 0x8, 0xfffffffffffffffb, 0xe, 0xb88d, 0x6, 0x3, 0x6, 0x2, 0x800000077, 0x8, 0x346, 0x0, 0xfffffffffffffff9, 0x8, 0xffff7ffffffffffe, 0x7, 0x6, 0x7, 0xffffffffffffff92, 0x7, 0x5, 0xe36, 0x3, 0x9, 0x5, 0x8, 0x6, 0x40000000000000, 0x8bf2, 0xfffffffffffffffd, 0x2, 0x401, 0x34, 0x6fc, 0xc90, 0xfff, 0xfffffffffffffeff, 0x72, 0x3, 0x9, 0x28, 0x3, 0x1, 0x8d49, 0x0, 0x3ff, 0xfffffffffffffffd, 0x800, 0x8, 0x8, 0x8001, 0x5, 0x9, 0xa, 0x1fb, 0x2, 0x1, 0x100000000]}) (async)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000900)={0x0, 0x2, 0x1, [0xffff, 0x13a0000000000, 0x0, 0x88, 0x6], [0x7fc, 0x8, 0xffffffffffffff4a, 0x7f, 0x10000, 0x2, 0x2d9, 0x1, 0x3, 0xc7, 0x8001, 0x9, 0x4, 0x7e, 0x7d, 0x2, 0x8, 0x101, 0x10000, 0x7, 0x7, 0x9, 0x7f, 0x6, 0x1, 0xc, 0x5, 0xff800000000000, 0x401, 0x7fffffff, 0xc333, 0xe, 0x4000006, 0x8001, 0x1, 0xd5d, 0x8, 0x1, 0x2, 0x5, 0x6cf2, 0x2, 0x0, 0xa, 0x100000000, 0xffffffff00000001, 0x7fffffffffffffff, 0x2, 0x5, 0x4cc2, 0xfffffffffffffff7, 0x6, 0x0, 0x8, 0x7f, 0x0, 0xfff, 0xffffffffffffffff, 0x8, 0x3, 0x706, 0x2, 0x5b4, 0x8, 0xfffffffffffffffb, 0xe, 0xb88d, 0x6, 0x3, 0x6, 0x2, 0x800000077, 0x8, 0x346, 0x0, 0xfffffffffffffff9, 0x8, 0xffff7ffffffffffe, 0x7, 0x6, 0x7, 0xffffffffffffff92, 0x7, 0x5, 0xe36, 0x3, 0x9, 0x5, 0x8, 0x6, 0x40000000000000, 0x8bf2, 0xfffffffffffffffd, 0x2, 0x401, 0x34, 0x6fc, 0xc90, 0xfff, 0xfffffffffffffeff, 0x72, 0x3, 0x9, 0x28, 0x3, 0x1, 0x8d49, 0x0, 0x3ff, 0xfffffffffffffffd, 0x800, 0x8, 0x8, 0x8001, 0x5, 0x9, 0xa, 0x1fb, 0x2, 0x1, 0x100000000]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
chdir(&(0x7f0000000140)='./bus\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000280), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r3, 0x0)
sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x40408c1)
inotify_init() (async)
r4 = inotify_init()
r5 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
listen(r5, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
inotify_add_watch(r4, &(0x7f00000004c0)='./file0\x00', 0x8c7) (async)
inotify_add_watch(r4, &(0x7f00000004c0)='./file0\x00', 0x8c7)
ioctl$FS_IOC_SETFLAGS(r3, 0xc0189436, &(0x7f0000000140))

10.38797ms ago: executing program 0 (id=2876):
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), 0x0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000004080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="14000000000000000100000001000000"], 0x18}}], 0x1, 0x0)
dup3(r4, r3, 0x0)

9.78914ms ago: executing program 1 (id=2877):
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="18000000", @ANYRES16, @ANYBLOB="09030000000000fdff072000adce04"], 0x18}, 0x1, 0xf000000}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffffff000}], 0x5, 0x0, 0x0)

0s ago: executing program 0 (id=2878):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
socket$netlink(0x10, 0x3, 0x0)
syz_usb_connect$cdc_ecm(0x1, 0x7e, &(0x7f0000000380)=ANY=[@ANYBLOB="12010003020000082505a1a440000102030108026c000101000000090400000002060000052406000005240000000d240f0100000000070000000017241307f284bd6180c875720ecde54bf149d21732d9c00724140600f5830c241bd90000000c0106000007240afe070408090582020000000000090503020000000000"], &(0x7f0000000040)={0x0, 0x0, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="050f0f00012a10030fc435a08fd2a000000000000000c8431e63e2f160c1518f8d37d643ef7d5aa5333d6a63067c14c50a0075fe8c8bd0ccb8c89b192cb274e787a1ae49ffa6b4b48bb6a85adde2ea397aeee5133c7ad5437cb7f004a011bc7f8ba6713971bf34a159a636015061b002de4c16c68b4cdf3b5e0085d2838cb6e999cddaadb9ec8c6e68c8e88114068c262f051a64cbb2cfcd6391071d0de2326558baca1ef943702c92d93d00b273d0401585a81ff955b3f080fec84b5f90ee29009ba711c141795f9bccae1650d630d315d86c9dc6d88012cbe8d3b0e9341e33ee102040e9378bcac30957ae446eac543d907f90572175074c68e3447c97ed084bdc424432754f74bf5ee204"], 0x1, [{0x0, 0x0}]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000001b00)=""/102392, 0x18ff8)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r2, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc)
r3 = socket$inet6(0xa, 0x3, 0x26)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000340)={{{@in=@dev={0xac, 0x14, 0x14, 0x15}, @in6=@private1, 0x4e20, 0x0, 0x4e22, 0x0, 0xa}, {0x9, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x24}, {0x0, 0x4}, 0x0, 0x0, 0x1, 0x0, 0x5, 0x3}, {{@in=@empty, 0x800, 0x33}, 0xa, @in=@private=0xa010102, 0x0, 0x0, 0x0, 0x4, 0xfffffffc, 0x4, 0x401}}, 0xe8)
sendmmsg(r3, &(0x7f0000000fc0), 0x0, 0x0)
getsockopt$inet6_mreq(r3, 0x29, 0x1c, &(0x7f0000000100)={@private0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000380)='./file0\x00', 0x804, &(0x7f00000003c0)={[{@uni_xlate}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'koi8-r'}}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@rodir}, {@uni_xlateno}, {@shortname_win95}, {@utf8no}, {@fat=@codepage={'codepage', 0x3d, '1250'}}, {@fat=@errors_remount}, {@uni_xlateno}, {@utf8no}, {@shortname_winnt}, {@uni_xlateno}, {@uni_xlate}]}, 0x3, 0x276, &(0x7f0000000640)="$eJzs3UFqG1cYB/BvLMmW2oW06KoUPNAuujJ2T2BTXCg1FFq0aLtoTS1DsYTBBkGTEMWrnCAnyHmyCblADpCQXbwwmSDPSFbCyEaJbJnk99vo8d77z/vezCCtZvTPN72DvcPj/ZN7z6NeT2JpMzbjNIlWLMXIgyj17GV5PwBwy51mWbzKciulM2pTktWlay0MALg2k7//i64FALgZv//x5y9bOzvbv6VpPaL3sN9OIv/Mx7f247/oRifWoxlnEdlY3v7p553tqKZDrfiuN+i3h8ne30+K42+9iDjPb0QzWuX5jTQ3kR/027X4olh/sxudXx9HM74qz/9Qko/2cnz/7UT9a9GMp//GYXRjr6htlL+/kaY/Zo9e3/1r2DvMJ4N+e2U8r5hdudELAwAAAAAAAAAAAAAAAAAAAADAJ20tHWu9+/6dytn5+Nq08Tw/7f1Ag4n386ynaZol+fyLfDW+rkZ1kXsHAAAAAAAAAAAAAAAAAACA2+L4/zsHu91u52iujdFj/SVD8Waea63OmopKUVo3iZhtrVqRvHpyZcZdNIb1dI6SaszvEiTjnsbk0Grkaw17GnljouejV6/HeWN0dx3sJnFFql52k8yhkZXcfpWpqeX3exrFDkomNy5ZffnLD6o5a04ZSiKiNj6Zlx+nNt9zeFPfQAAAAAAAAAAAAAAAAAAAwMjFQ78lgycLKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFuDi//9naAyK8LQ5WWXYqEbRs+AtAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Bl4GwAA//95LWni")
sched_setscheduler(r0, 0x6, &(0x7f0000000500)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

kernel console output (not intermixed with test programs):

[ T7175] F2FS-fs (loop4): Found nat_bits in checkpoint
[  757.197094][ T7175] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  757.198153][ T7208] syz.0.2195[7208] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  757.204356][ T7175] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  760.573034][  T331] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  761.349315][ T7252] loop4: detected capacity change from 0 to 16
[  761.386367][ T7252] erofs: (device loop4): mounted with root inode @ nid 36.
[  761.400166][ T7252] attempt to access beyond end of device
[  761.400166][ T7252] loop4: rw=0, want=14546590696, limit=16
[  762.589800][   T30] audit: type=1400 audit(2000000322.432:3128): avc:  denied  { read write } for  pid=7251 comm="syz.4.2210" name="vhost-vsock" dev="devtmpfs" ino=264 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  762.714392][ T7264] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7264 comm=syz.3.2214
[  762.727152][   T30] audit: type=1400 audit(2000000322.432:3129): avc:  denied  { open } for  pid=7251 comm="syz.4.2210" path="/dev/vhost-vsock" dev="devtmpfs" ino=264 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  762.752731][ T7264] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7264 comm=syz.3.2214
[  762.764643][  T331] usb 2-1: device descriptor read/all, error -71
[  762.768817][   T30] audit: type=1400 audit(2000000322.432:3130): avc:  denied  { ioctl } for  pid=7251 comm="syz.4.2210" path="/dev/vhost-vsock" dev="devtmpfs" ino=264 ioctlcmd=0xaf61 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  762.799161][   T30] audit: type=1400 audit(2000000322.741:3131): avc:  denied  { create } for  pid=7261 comm="syz.1.2213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  762.822801][ T7268] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7268 comm=syz.1.2213
[  762.835420][   T30] audit: type=1400 audit(2000000322.750:3132): avc:  denied  { getopt } for  pid=7261 comm="syz.1.2213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  762.973799][   T30] audit: type=1400 audit(2000000322.928:3133): avc:  denied  { mount } for  pid=7265 comm="syz.2.2215" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  763.072630][ T7277] xt_hashlimit: max too large, truncated to 1048576
[  764.005132][  T836] hid-generic 0000:0003:0000.0016: unknown main item tag 0x0
[  764.012592][  T836] hid-generic 0000:0003:0000.0016: unknown main item tag 0x0
[  764.122531][  T836] hid-generic 0000:0003:0000.0016: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  764.281562][ T7286] xt_hashlimit: max too large, truncated to 1048576
[  764.947092][   T30] audit: type=1326 audit(2000000324.864:3134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7291 comm="syz.0.2222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2055e2929 code=0x7ffc0000
[  764.988770][   T30] audit: type=1326 audit(2000000324.864:3135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7291 comm="syz.0.2222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa2055e2929 code=0x7ffc0000
[  765.018983][   T30] audit: type=1326 audit(2000000324.864:3136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7291 comm="syz.0.2222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2055e2929 code=0x7ffc0000
[  765.043137][   T30] audit: type=1326 audit(2000000324.883:3137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7291 comm="syz.0.2222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7fa2055e2929 code=0x7ffc0000
[  765.506264][ T7311] FAULT_INJECTION: forcing a failure.
[  765.506264][ T7311] name failslab, interval 1, probability 0, space 0, times 0
[  765.519096][ T7311] CPU: 1 PID: 7311 Comm: syz.3.2226 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  765.530401][ T7311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  765.540474][ T7311] Call Trace:
[  765.543779][ T7311]  <TASK>
[  765.546724][ T7311]  __dump_stack+0x21/0x30
[  765.551071][ T7311]  dump_stack_lvl+0xee/0x150
[  765.555758][ T7311]  ? show_regs_print_info+0x20/0x20
[  765.561083][ T7311]  dump_stack+0x15/0x20
[  765.565272][ T7311]  should_fail+0x3c1/0x510
[  765.569706][ T7311]  __should_failslab+0xa4/0xe0
[  765.574490][ T7311]  should_failslab+0x9/0x20
[  765.579012][ T7311]  slab_pre_alloc_hook+0x3b/0xe0
[  765.583972][ T7311]  ? security_file_alloc+0x33/0x120
[  765.589192][ T7311]  kmem_cache_alloc+0x44/0x260
[  765.593978][ T7311]  security_file_alloc+0x33/0x120
[  765.599020][ T7311]  __alloc_file+0xb5/0x2a0
[  765.603455][ T7311]  alloc_empty_file+0x97/0x180
[  765.608234][ T7311]  alloc_file+0x59/0x540
[  765.612487][ T7311]  alloc_file_pseudo+0x17a/0x1f0
[  765.617436][ T7311]  ? alloc_empty_file_noaccount+0x80/0x80
[  765.623169][ T7311]  ? __kasan_check_write+0x14/0x20
[  765.628300][ T7311]  ? clear_nlink+0x8a/0xe0
[  765.632757][ T7311]  __shmem_file_setup+0x1df/0x2b0
[  765.637820][ T7311]  shmem_file_setup+0x2f/0x40
[  765.642510][ T7311]  __se_sys_memfd_create+0x1e6/0x3b0
[  765.647814][ T7311]  __x64_sys_memfd_create+0x5b/0x70
[  765.653028][ T7311]  x64_sys_call+0x473/0x9a0
[  765.657555][ T7311]  do_syscall_64+0x4c/0xa0
[  765.661990][ T7311]  ? clear_bhb_loop+0x50/0xa0
[  765.666684][ T7311]  ? clear_bhb_loop+0x50/0xa0
[  765.671373][ T7311]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  765.677277][ T7311] RIP: 0033:0x7f025cf12929
[  765.681703][ T7311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  765.701323][ T7311] RSP: 002b:00007f025b538e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  765.709754][ T7311] RAX: ffffffffffffffda RBX: 000000000000055f RCX: 00007f025cf12929
[  765.717749][ T7311] RDX: 00007f025b538ef0 RSI: 0000000000000000 RDI: 00007f025cf954cc
[  765.725748][ T7311] RBP: 0000200000000d00 R08: 00007f025b538bb7 R09: 00007f025b538e40
[  765.733743][ T7311] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000040
[  765.741732][ T7311] R13: 00007f025b538ef0 R14: 00007f025b538eb0 R15: 0000200000000080
[  765.749734][ T7311]  </TASK>
[  767.556484][ T7340] xt_hashlimit: max too large, truncated to 1048576
[  768.895441][ T7367] loop4: detected capacity change from 0 to 16
[  768.957504][ T7367] erofs: (device loop4): mounted with root inode @ nid 36.
[  769.002460][   T30] kauditd_printk_skb: 66 callbacks suppressed
[  769.002477][   T30] audit: type=1400 audit(2000000328.652:3204): avc:  denied  { set_context_mgr } for  pid=7373 comm="syz.3.2247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  769.029189][   T30] audit: type=1400 audit(2000000328.662:3205): avc:  denied  { write } for  pid=7373 comm="syz.3.2247" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  769.052346][   T30] audit: type=1400 audit(2000000328.662:3206): avc:  denied  { map } for  pid=7373 comm="syz.3.2247" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  769.076400][   T30] audit: type=1400 audit(2000000328.662:3207): avc:  denied  { call } for  pid=7373 comm="syz.3.2247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  769.095838][   T30] audit: type=1326 audit(2000000328.746:3208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7373 comm="syz.3.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  769.119877][   T30] audit: type=1326 audit(2000000328.746:3209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7373 comm="syz.3.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  769.161747][   T30] audit: type=1326 audit(2000000328.802:3210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7383 comm="syz.4.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f67b9f929 code=0x7ffc0000
[  769.194001][   T30] audit: type=1326 audit(2000000328.802:3211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7383 comm="syz.4.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f67b9f929 code=0x7ffc0000
[  769.218439][   T30] audit: type=1326 audit(2000000328.802:3212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7383 comm="syz.4.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6f67b9f929 code=0x7ffc0000
[  769.242455][   T30] audit: type=1326 audit(2000000328.802:3213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7383 comm="syz.4.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f67b9f929 code=0x7ffc0000
[  769.273779][ T7387] loop4: detected capacity change from 0 to 1024
[  769.308445][ T7387] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  769.319515][ T7387] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  769.350851][ T7387] JBD2: no valid journal superblock found
[  769.371660][ T7387] EXT4-fs (loop4): error loading journal
[  769.642527][ T7402] netlink: 'syz.0.2257': attribute type 2 has an invalid length.
[  769.657485][ T7402] netlink: 1 bytes leftover after parsing attributes in process `syz.0.2257'.
[  770.096827][ T7408] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2260'.
[  770.825842][ T7412] loop4: detected capacity change from 0 to 16
[  770.892849][ T7412] erofs: (device loop4): mounted with root inode @ nid 36.
[  772.243676][ T7444] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2272'.
[  775.087436][ T7480] loop4: detected capacity change from 0 to 16
[  775.114128][ T7480] erofs: (device loop4): mounted with root inode @ nid 36.
[  775.135206][ T7480] attempt to access beyond end of device
[  775.135206][ T7480] loop4: rw=0, want=14546590696, limit=16
[  775.216631][   T30] kauditd_printk_skb: 76 callbacks suppressed
[  775.219035][   T30] audit: type=1400 audit(2000000334.461:3290): avc:  denied  { create } for  pid=7477 comm="syz.3.2283" dev="anon_inodefs" ino=42936 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  776.812275][   T30] audit: type=1400 audit(2000000335.958:3291): avc:  denied  { setopt } for  pid=7475 comm="syz.2.2282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  777.175031][ T7501] netlink: 'syz.3.2290': attribute type 27 has an invalid length.
[  777.195814][ T7501] bridge0: port 2(bridge_slave_1) entered disabled state
[  777.203183][ T7501] bridge0: port 1(bridge_slave_0) entered disabled state
[  777.412509][ T7504] bridge0: port 1(bridge_slave_0) entered blocking state
[  777.419761][ T7504] bridge0: port 1(bridge_slave_0) entered forwarding state
[  777.450054][ T7504] bridge0: port 2(bridge_slave_1) entered blocking state
[  777.457170][ T7504] bridge0: port 2(bridge_slave_1) entered forwarding state
[  777.496019][ T7504] device veth0_vlan left promiscuous mode
[  777.503231][ T7504] device veth0_vlan entered promiscuous mode
[  777.516634][ T7504] device veth1_macvtap left promiscuous mode
[  777.524749][ T7504] device veth1_macvtap entered promiscuous mode
[  777.543145][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  777.551273][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  777.559431][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  777.569545][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  777.578279][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  777.587130][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  777.595717][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  777.604233][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  777.612884][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  777.638883][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  777.709368][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  777.806944][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  777.837411][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  777.858844][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  777.875576][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  777.892520][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[  777.900443][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[  777.985555][ T7517] loop4: detected capacity change from 0 to 16
[  778.042218][ T7517] erofs: (device loop4): mounted with root inode @ nid 36.
[  779.680645][  T417] hid-generic 0000:0003:0000.0017: unknown main item tag 0x0
[  779.698536][  T417] hid-generic 0000:0003:0000.0017: unknown main item tag 0x0
[  779.710173][  T417] hid-generic 0000:0003:0000.0017: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  779.727463][ T7554] SELinux: security_context_str_to_sid(staff_u) failed for (dev ?, type ?) errno=-22
[  779.764886][ T7554] overlayfs: unrecognized mount option "fowner=00000000000000000000" or missing value
[  780.520198][ T7569] FAULT_INJECTION: forcing a failure.
[  780.520198][ T7569] name failslab, interval 1, probability 0, space 0, times 0
[  780.533789][ T7569] CPU: 1 PID: 7569 Comm: syz.3.2313 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  780.545101][ T7569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  780.555174][ T7569] Call Trace:
[  780.558471][ T7569]  <TASK>
[  780.561415][ T7569]  __dump_stack+0x21/0x30
[  780.565768][ T7569]  dump_stack_lvl+0xee/0x150
[  780.570377][ T7569]  ? show_regs_print_info+0x20/0x20
[  780.575601][ T7569]  ? preempt_schedule_irq+0xbb/0x110
[  780.580900][ T7569]  ? __cond_resched+0xb0/0xb0
[  780.585939][ T7569]  dump_stack+0x15/0x20
[  780.590111][ T7569]  should_fail+0x3c1/0x510
[  780.594554][ T7569]  __should_failslab+0xa4/0xe0
[  780.599340][ T7569]  should_failslab+0x9/0x20
[  780.603858][ T7569]  slab_pre_alloc_hook+0x3b/0xe0
[  780.608812][ T7569]  ? security_inode_alloc+0x33/0x110
[  780.614113][ T7569]  kmem_cache_alloc+0x44/0x260
[  780.618897][ T7569]  security_inode_alloc+0x33/0x110
[  780.624038][ T7569]  inode_init_always+0x711/0x990
[  780.628991][ T7569]  new_inode_pseudo+0x91/0x210
[  780.634207][ T7569]  __sock_create+0x12c/0x7a0
[  780.638818][ T7569]  __sys_socket+0xec/0x190
[  780.643248][ T7569]  __x64_sys_socket+0x7a/0x90
[  780.647939][ T7569]  x64_sys_call+0x8c5/0x9a0
[  780.652500][ T7569]  do_syscall_64+0x4c/0xa0
[  780.656932][ T7569]  ? clear_bhb_loop+0x50/0xa0
[  780.661633][ T7569]  ? clear_bhb_loop+0x50/0xa0
[  780.666326][ T7569]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  780.672237][ T7569] RIP: 0033:0x7f025cf12929
[  780.676667][ T7569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  780.696551][ T7569] RSP: 002b:00007f025b57b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  780.704991][ T7569] RAX: ffffffffffffffda RBX: 00007f025d139fa0 RCX: 00007f025cf12929
[  780.712981][ T7569] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 000000000000002c
[  780.720962][ T7569] RBP: 00007f025b57b090 R08: 0000000000000000 R09: 0000000000000000
[  780.728949][ T7569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  780.736935][ T7569] R13: 0000000000000000 R14: 00007f025d139fa0 R15: 00007ffd8a141848
[  780.744927][ T7569]  </TASK>
[  780.829269][ T7569] socket: no more sockets
[  781.833539][ T7576] loop4: detected capacity change from 0 to 40427
[  781.901502][ T7576] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  781.912399][ T7576] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  781.934666][ T7576] F2FS-fs (loop4): invalid crc value
[  781.944065][   T61] hid-generic 0000:0003:0000.0018: unknown main item tag 0x0
[  781.952120][   T61] hid-generic 0000:0003:0000.0018: unknown main item tag 0x0
[  781.960798][   T61] hid-generic 0000:0003:0000.0018: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  781.974989][ T7576] F2FS-fs (loop4): Found nat_bits in checkpoint
[  782.029438][ T7592] netlink: 'syz.2.2320': attribute type 3 has an invalid length.
[  782.093506][ T7576] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  782.102537][ T7576] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  783.510428][ T7609] loop4: detected capacity change from 0 to 512
[  783.601264][ T7609] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.2324: casefold flag without casefold feature
[  783.625224][ T7609] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.2324: couldn't read orphan inode 15 (err -117)
[  783.654176][ T7609] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  783.697281][   T30] audit: type=1400 audit(2000000342.403:3292): avc:  denied  { bind } for  pid=7606 comm="syz.2.2326" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  783.912348][   T30] audit: type=1400 audit(2000000342.599:3293): avc:  denied  { remount } for  pid=7608 comm="syz.4.2324" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  783.932315][ T7609] EXT4-fs (loop4): re-mounted. Opts: (null). Quota mode: writeback.
[  783.949889][ T7609] EXT4-fs error (device loop4): ext4_ind_map_blocks:604: inode #18: comm syz.4.2324: Can't allocate blocks for non-extent mapped inodes with bigalloc
[  783.963280][   T30] audit: type=1400 audit(2000000342.637:3294): avc:  denied  { map } for  pid=7608 comm="syz.4.2324" path="/442/file0/bus" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  784.349458][   T30] audit: type=1400 audit(2000000343.001:3295): avc:  denied  { remove_name } for  pid=286 comm="syz-executor" name="file2" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  784.359863][  T286] EXT4-fs warning (device loop4): ext4_dirblock_csum_set:427: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  784.418073][   T30] audit: type=1400 audit(2000000343.001:3296): avc:  denied  { unlink } for  pid=286 comm="syz-executor" name="file2" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  784.440373][  T286] EXT4-fs warning (device loop4): ext4_dirblock_csum_set:427: inode #2: comm syz-executor: No space for directory leaf checksum. Please run e2fsck -D.
[  784.470919][   T30] audit: type=1400 audit(2000000343.086:3297): avc:  denied  { unmount } for  pid=286 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  784.517414][   T30] audit: type=1326 audit(2000000343.160:3298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7623 comm="syz.3.2331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  784.557190][   T30] audit: type=1326 audit(2000000343.188:3299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7623 comm="syz.3.2331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  784.590948][   T30] audit: type=1326 audit(2000000343.188:3300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7623 comm="syz.3.2331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  784.628512][   T30] audit: type=1326 audit(2000000343.188:3301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7623 comm="syz.3.2331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  786.147636][ T7636] loop4: detected capacity change from 0 to 512
[  786.202080][ T7636] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[  786.250350][ T7636] EXT4-fs (loop4): orphan cleanup on readonly fs
[  786.314582][ T7636] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.2334: bg 0: block 248: padding at end of block bitmap is not set
[  786.330603][ T7636] EXT4-fs error (device loop4): ext4_acquire_dquot:6195: comm syz.4.2334: Failed to acquire dquot type 1
[  786.345720][ T7636] EXT4-fs (loop4): 1 truncate cleaned up
[  786.352608][ T7636] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsdgroups,resgid=0x0000000000000000,noblock_validity,grpjquota=,grpjquota=,resuid=0x0000000000000000,auto_da_alloc,noload,jqfmt=vfsv1,,errors=continue. Quota mode: writeback.
[  786.395444][ T7636] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2334'.
[  787.973787][  T417] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  787.999726][ T7672] netlink: 92 bytes leftover after parsing attributes in process `syz.2.2347'.
[  788.372335][  T417] usb 5-1: Using ep0 maxpacket: 16
[  788.533464][  T417] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  788.544710][  T417] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  788.550348][  T836] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  788.751220][  T417] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  788.761425][  T417] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  788.770584][  T417] usb 5-1: Product: syz
[  788.775909][  T417] usb 5-1: Manufacturer: syz
[  788.781758][  T417] usb 5-1: SerialNumber: syz
[  788.828337][  T836] usb 4-1: Using ep0 maxpacket: 16
[  789.213238][  T836] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  789.223483][  T836] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  789.668922][  T417] usb 5-1: 0:2 : does not exist
[  789.673936][  T417] usb 5-1: unit 6 not found!
[  789.679745][  T417] usb 5-1: USB disconnect, device number 22
[  789.737114][  T836] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  789.746337][  T836] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  789.754916][  T836] usb 4-1: Product: syz
[  789.759314][  T836] usb 4-1: Manufacturer: syz
[  789.763959][  T836] usb 4-1: SerialNumber: syz
[  789.895079][   T30] kauditd_printk_skb: 96 callbacks suppressed
[  789.895096][   T30] audit: type=1400 audit(2000000348.193:3396): avc:  denied  { read write } for  pid=7705 comm="syz.0.2358" name="uinput" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  789.925256][   T30] audit: type=1400 audit(2000000348.193:3397): avc:  denied  { open } for  pid=7705 comm="syz.0.2358" path="/dev/uinput" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  789.931045][  T291] hid-generic 0000:0003:0000.0019: unknown main item tag 0x0
[  789.956556][  T291] hid-generic 0000:0003:0000.0019: unknown main item tag 0x0
[  789.964953][  T291] hid-generic 0000:0003:0000.0019: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  789.988325][   T30] audit: type=1400 audit(2000000348.286:3398): avc:  denied  { name_bind } for  pid=7709 comm="syz.0.2360" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  790.069339][ T7714] netlink: 'syz.2.2362': attribute type 3 has an invalid length.
[  790.111241][  T836] usb 4-1: 0:2 : does not exist
[  790.116191][  T836] usb 4-1: unit 6 not found!
[  790.131808][  T836] usb 4-1: USB disconnect, device number 18
[  790.246105][   T30] audit: type=1326 audit(2000000348.511:3399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7721 comm="syz.2.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  790.271802][   T30] audit: type=1326 audit(2000000348.511:3400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7721 comm="syz.2.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  790.295446][   T30] audit: type=1326 audit(2000000348.511:3401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7721 comm="syz.2.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  790.319788][   T30] audit: type=1326 audit(2000000348.511:3402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7721 comm="syz.2.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  790.343409][   T30] audit: type=1326 audit(2000000348.511:3403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7721 comm="syz.2.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  790.384969][   T30] audit: type=1326 audit(2000000348.511:3404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7721 comm="syz.2.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  790.409093][   T30] audit: type=1326 audit(2000000348.511:3405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7721 comm="syz.2.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  790.436465][ T7725] overlayfs: failed to clone upperpath
[  791.084915][ T7730] loop4: detected capacity change from 0 to 40427
[  791.152037][ T7730] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  791.168208][ T7730] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  791.245468][ T7730] F2FS-fs (loop4): invalid crc value
[  791.518376][ T7730] F2FS-fs (loop4): Found nat_bits in checkpoint
[  791.594319][ T7730] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  791.601630][ T7730] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  792.513976][ T7767] FAULT_INJECTION: forcing a failure.
[  792.513976][ T7767] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  792.527849][ T7767] CPU: 0 PID: 7767 Comm: syz.4.2378 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  792.539172][ T7767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  792.549242][ T7767] Call Trace:
[  792.552531][ T7767]  <TASK>
[  792.555470][ T7767]  __dump_stack+0x21/0x30
[  792.559899][ T7767]  dump_stack_lvl+0xee/0x150
[  792.564500][ T7767]  ? show_regs_print_info+0x20/0x20
[  792.569711][ T7767]  dump_stack+0x15/0x20
[  792.573870][ T7767]  should_fail+0x3c1/0x510
[  792.578295][ T7767]  should_fail_usercopy+0x1a/0x20
[  792.583346][ T7767]  strncpy_from_user+0x24/0x2e0
[  792.588202][ T7767]  ? kmem_cache_alloc+0xf7/0x260
[  792.593146][ T7767]  getname_flags+0xf4/0x500
[  792.597652][ T7767]  ? refcount_dec_and_lock_irqsave+0xa1/0x100
[  792.603758][ T7767]  user_path_at_empty+0x30/0x1c0
[  792.608722][ T7767]  __se_sys_mount+0x2e3/0x380
[  792.613401][ T7767]  ? __x64_sys_mount+0xd0/0xd0
[  792.618165][ T7767]  ? __ia32_sys_read+0x90/0x90
[  792.622938][ T7767]  __x64_sys_mount+0xbf/0xd0
[  792.627548][ T7767]  x64_sys_call+0x6bf/0x9a0
[  792.632056][ T7767]  do_syscall_64+0x4c/0xa0
[  792.636473][ T7767]  ? clear_bhb_loop+0x50/0xa0
[  792.641151][ T7767]  ? clear_bhb_loop+0x50/0xa0
[  792.645834][ T7767]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  792.651736][ T7767] RIP: 0033:0x7f6f67b9f929
[  792.656153][ T7767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  792.675860][ T7767] RSP: 002b:00007f6f66208038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  792.684279][ T7767] RAX: ffffffffffffffda RBX: 00007f6f67dc6fa0 RCX: 00007f6f67b9f929
[  792.692259][ T7767] RDX: 0000200000000b80 RSI: 0000200000000040 RDI: 0000000000000000
[  792.700235][ T7767] RBP: 00007f6f66208090 R08: 0000200000000580 R09: 0000000000000000
[  792.708209][ T7767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  792.716182][ T7767] R13: 0000000000000000 R14: 00007f6f67dc6fa0 R15: 00007ffe540bb5d8
[  792.724173][ T7767]  </TASK>
[  792.858447][ T7773] FAULT_INJECTION: forcing a failure.
[  792.858447][ T7773] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  793.907225][ T7773] CPU: 1 PID: 7773 Comm: syz.1.2381 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  793.918651][ T7773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  793.928726][ T7773] Call Trace:
[  793.932010][ T7773]  <TASK>
[  793.935009][ T7773]  __dump_stack+0x21/0x30
[  793.939348][ T7773]  dump_stack_lvl+0xee/0x150
[  793.943937][ T7773]  ? show_regs_print_info+0x20/0x20
[  793.949140][ T7773]  dump_stack+0x15/0x20
[  793.953299][ T7773]  should_fail+0x3c1/0x510
[  793.957721][ T7773]  should_fail_usercopy+0x1a/0x20
[  793.962747][ T7773]  strncpy_from_user+0x24/0x2e0
[  793.967619][ T7773]  ? kmem_cache_alloc+0xf7/0x260
[  793.972568][ T7773]  getname_flags+0xf4/0x500
[  793.977075][ T7773]  getname+0x19/0x20
[  793.980970][ T7773]  do_sys_openat2+0xd9/0x7b0
[  793.985567][ T7773]  ? __kasan_check_write+0x14/0x20
[  793.990707][ T7773]  ? fput_many+0x15a/0x1a0
[  793.995132][ T7773]  ? do_sys_open+0xe0/0xe0
[  793.999558][ T7773]  ? fput+0x1a/0x20
[  794.003386][ T7773]  ? ksys_write+0x1eb/0x240
[  794.007910][ T7773]  ? __ia32_sys_read+0x90/0x90
[  794.012681][ T7773]  __x64_sys_openat+0x136/0x160
[  794.017538][ T7773]  x64_sys_call+0x219/0x9a0
[  794.022056][ T7773]  do_syscall_64+0x4c/0xa0
[  794.026486][ T7773]  ? clear_bhb_loop+0x50/0xa0
[  794.031175][ T7773]  ? clear_bhb_loop+0x50/0xa0
[  794.035864][ T7773]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  794.041767][ T7773] RIP: 0033:0x7f8a27826929
[  794.046189][ T7773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  794.065961][ T7773] RSP: 002b:00007f8a25e8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  794.074395][ T7773] RAX: ffffffffffffffda RBX: 00007f8a27a4dfa0 RCX: 00007f8a27826929
[  794.082415][ T7773] RDX: 0000000000000000 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  794.090399][ T7773] RBP: 00007f8a25e8f090 R08: 0000000000000000 R09: 0000000000000000
[  794.098384][ T7773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  794.106444][ T7773] R13: 0000000000000001 R14: 00007f8a27a4dfa0 R15: 00007ffd2b684dc8
[  794.114438][ T7773]  </TASK>
[  794.454722][ T7783] xt_hashlimit: max too large, truncated to 1048576
[  795.037026][   T30] kauditd_printk_skb: 187 callbacks suppressed
[  795.037044][   T30] audit: type=1326 audit(2000000353.347:3593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7806 comm="syz.2.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  795.173312][ T7807] overlayfs: failed to clone upperpath
[  796.410207][ T7816] FAULT_INJECTION: forcing a failure.
[  796.410207][ T7816] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  796.423385][ T7816] CPU: 0 PID: 7816 Comm: syz.4.2394 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  796.434685][ T7816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  796.444755][ T7816] Call Trace:
[  796.448044][ T7816]  <TASK>
[  796.450985][ T7816]  __dump_stack+0x21/0x30
[  796.455363][ T7816]  dump_stack_lvl+0xee/0x150
[  796.459980][ T7816]  ? show_regs_print_info+0x20/0x20
[  796.465199][ T7816]  ? stack_trace_save+0x98/0xe0
[  796.470075][ T7816]  ? __stack_depot_save+0x34/0x480
[  796.475218][ T7816]  dump_stack+0x15/0x20
[  796.479391][ T7816]  should_fail+0x3c1/0x510
[  796.483824][ T7816]  should_fail_usercopy+0x1a/0x20
[  796.488872][ T7816]  _copy_from_user+0x20/0xd0
[  796.493492][ T7816]  __copy_msghdr_from_user+0x448/0x5e0
[  796.498989][ T7816]  ? _kstrtoull+0x3c0/0x4d0
[  796.503527][ T7816]  ? __ia32_sys_shutdown+0x1e0/0x1e0
[  796.508830][ T7816]  ? kstrtouint_from_user+0x1a0/0x200
[  796.514229][ T7816]  ___sys_sendmsg+0x156/0x260
[  796.518943][ T7816]  ? __sys_sendmsg+0x250/0x250
[  796.523750][ T7816]  ? __fdget+0x1a1/0x230
[  796.528023][ T7816]  __x64_sys_sendmsg+0x1e2/0x2a0
[  796.532984][ T7816]  ? ___sys_sendmsg+0x260/0x260
[  796.537851][ T7816]  ? ksys_write+0x1eb/0x240
[  796.542373][ T7816]  ? fpregs_assert_state_consistent+0xb1/0xe0
[  796.548548][ T7816]  x64_sys_call+0x4b/0x9a0
[  796.553021][ T7816]  do_syscall_64+0x4c/0xa0
[  796.557450][ T7816]  ? clear_bhb_loop+0x50/0xa0
[  796.562149][ T7816]  ? clear_bhb_loop+0x50/0xa0
[  796.566844][ T7816]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  796.572835][ T7816] RIP: 0033:0x7f6f67b9f929
[  796.577270][ T7816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  796.596894][ T7816] RSP: 002b:00007f6f661c6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  796.605315][ T7816] RAX: ffffffffffffffda RBX: 00007f6f67dc7160 RCX: 00007f6f67b9f929
[  796.613294][ T7816] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000007
[  796.621265][ T7816] RBP: 00007f6f661c6090 R08: 0000000000000000 R09: 0000000000000000
[  796.629242][ T7816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  796.637216][ T7816] R13: 0000000000000000 R14: 00007f6f67dc7160 R15: 00007ffe540bb5d8
[  796.645194][ T7816]  </TASK>
[  796.735285][   T30] audit: type=1326 audit(2000000353.484:3594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7806 comm="syz.2.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  796.759292][   T30] audit: type=1326 audit(2000000353.484:3595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7806 comm="syz.2.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  797.139551][   T30] audit: type=1326 audit(2000000353.484:3596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7806 comm="syz.2.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  797.164392][   T30] audit: type=1326 audit(2000000353.484:3597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7806 comm="syz.2.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  797.188017][   T30] audit: type=1326 audit(2000000353.484:3598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7806 comm="syz.2.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  797.236409][   T30] audit: type=1326 audit(2000000353.484:3599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7806 comm="syz.2.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  797.268431][   T30] audit: type=1326 audit(2000000353.484:3600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7806 comm="syz.2.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  797.314996][ T7830] loop4: detected capacity change from 0 to 2048
[  797.345606][   T30] audit: type=1326 audit(2000000353.484:3601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7806 comm="syz.2.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  797.403903][ T7830] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  797.432690][   T30] audit: type=1326 audit(2000000353.484:3602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7806 comm="syz.2.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  797.462842][ T7830] ext4 filesystem being mounted at /456/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  797.504376][ T7830] fs-verity: sha512 using implementation "sha512-avx2"
[  797.552294][ T7824] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2397'.
[  798.809632][ T7863] overlayfs: failed to clone upperpath
[  799.021785][ T7830] syz.4.2398 (7830) used greatest stack depth: 20704 bytes left
[  799.471926][  T286] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 16: comm syz-executor: path /456/file0: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0
[  799.495717][  T286] EXT4-fs error (device loop4): ext4_lookup:1858: inode #14: comm syz-executor: iget: bogus i_mode (0)
[  799.507297][  T286] EXT4-fs error (device loop4): ext4_lookup:1858: inode #14: comm syz-executor: iget: bogus i_mode (0)
[  799.589229][  T308] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  799.937534][  T308] usb 4-1: device descriptor read/64, error -71
[  799.974327][ T7896] overlayfs: failed to clone upperpath
[  800.043161][ T7899] netlink: 'syz.2.2422': attribute type 3 has an invalid length.
[  800.076431][ T7897] bridge0: port 1(bridge_slave_0) entered blocking state
[  800.083505][ T7897] bridge0: port 1(bridge_slave_0) entered disabled state
[  800.096918][ T7897] device bridge_slave_0 entered promiscuous mode
[  800.104165][ T7897] bridge0: port 2(bridge_slave_1) entered blocking state
[  800.111794][ T7897] bridge0: port 2(bridge_slave_1) entered disabled state
[  800.124892][ T7897] device bridge_slave_1 entered promiscuous mode
[  800.240487][ T7897] bridge0: port 2(bridge_slave_1) entered blocking state
[  800.247583][ T7897] bridge0: port 2(bridge_slave_1) entered forwarding state
[  800.254898][ T7897] bridge0: port 1(bridge_slave_0) entered blocking state
[  800.261968][ T7897] bridge0: port 1(bridge_slave_0) entered forwarding state
[  800.389273][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  800.396747][  T308] usb 4-1: device descriptor read/64, error -71
[  800.409213][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  800.611737][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  800.629211][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  800.699728][  T308] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  800.746189][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  800.845621][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  800.923923][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[  800.931022][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[  801.315775][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  801.324240][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  801.332766][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[  801.339835][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[  801.360065][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  801.368526][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  801.376604][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  801.385037][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  801.401464][  T308] usb 4-1: device descriptor read/64, error -71
[  801.419500][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  801.439485][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  801.461690][ T7897] device veth0_vlan entered promiscuous mode
[  801.471369][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  801.490316][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  801.509734][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  801.517955][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  801.536214][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  801.549703][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  801.560484][ T7897] device veth1_macvtap entered promiscuous mode
[  801.581089][    T8] device bridge_slave_1 left promiscuous mode
[  801.587313][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  801.606001][    T8] device bridge_slave_0 left promiscuous mode
[  801.612499][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  801.630925][    T8] device veth1_macvtap left promiscuous mode
[  801.637042][    T8] device veth0_vlan left promiscuous mode
[  801.681421][ T7909] futex_wake_op: syz.0.2425 tries to shift op by -1; fix this program
[  801.717753][  T291] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  801.823762][  T308] usb 4-1: device descriptor read/64, error -71
[  801.906279][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  801.914999][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  801.923455][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  801.942547][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  801.950956][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  801.959338][  T308] usb usb4-port1: attempt power cycle
[  801.959698][   T30] kauditd_printk_skb: 164 callbacks suppressed
[  801.959715][   T30] audit: type=1400 audit(2000000359.949:3767): avc:  denied  { mounton } for  pid=7897 comm="syz-executor" path="/root/syzkaller.yjQhqr/syz-tmp" dev="sda1" ino=2047 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  801.993541][  T291] usb 2-1: Using ep0 maxpacket: 16
[  802.014833][   T30] audit: type=1400 audit(2000000359.996:3768): avc:  denied  { mount } for  pid=7897 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  802.037413][   T30] audit: type=1400 audit(2000000359.996:3769): avc:  denied  { mount } for  pid=7897 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  802.059931][   T30] audit: type=1400 audit(2000000359.996:3770): avc:  denied  { mounton } for  pid=7897 comm="syz-executor" path="/root/syzkaller.yjQhqr/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  802.087709][   T30] audit: type=1400 audit(2000000359.996:3771): avc:  denied  { mounton } for  pid=7897 comm="syz-executor" path="/root/syzkaller.yjQhqr/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=45125 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  802.123808][   T30] audit: type=1400 audit(2000000359.996:3772): avc:  denied  { mounton } for  pid=7897 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=556 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  802.142421][  T291] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  802.157702][  T291] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  802.167713][  T291] usb 2-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[  802.178872][  T291] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  802.191609][  T291] usb 2-1: config 0 descriptor??
[  802.494688][  T308] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  802.511618][   T30] audit: type=1326 audit(2000000360.476:3773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7935 comm="syz.2.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  802.539712][ T7936] overlayfs: failed to clone upperpath
[  802.555066][   T30] audit: type=1326 audit(2000000360.494:3774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7935 comm="syz.2.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  802.584854][   T30] audit: type=1326 audit(2000000360.504:3775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7935 comm="syz.2.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  802.612348][   T30] audit: type=1326 audit(2000000360.504:3776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7935 comm="syz.2.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  802.643087][ T7938] netlink: 'syz.2.2434': attribute type 3 has an invalid length.
[  803.909883][  T308] usb 4-1: device not accepting address 21, error -71
[  803.922336][  T291] holtek 0003:1241:5015.001A: item fetching failed at offset 4/5
[  803.930348][  T291] holtek 0003:1241:5015.001A: parse failed
[  803.936201][  T291] holtek: probe of 0003:1241:5015.001A failed with error -22
[  804.189001][  T291] usb 2-1: USB disconnect, device number 27
[  804.395843][ T7968] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2443'.
[  804.495339][ T7976] netlink: 'syz.2.2446': attribute type 3 has an invalid length.
[  807.418884][   T30] kauditd_printk_skb: 167 callbacks suppressed
[  807.418902][   T30] audit: type=1326 audit(2000000365.083:3944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8045 comm="syz.5.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  807.480579][   T30] audit: type=1326 audit(2000000365.111:3945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8045 comm="syz.5.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  807.505653][   T30] audit: type=1326 audit(2000000365.111:3946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8045 comm="syz.5.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  807.667115][   T30] audit: type=1326 audit(2000000365.111:3947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8045 comm="syz.5.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  807.692263][   T30] audit: type=1326 audit(2000000365.111:3948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8045 comm="syz.5.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  808.018053][   T30] audit: type=1326 audit(2000000365.111:3949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8045 comm="syz.5.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  808.072580][   T30] audit: type=1326 audit(2000000365.111:3950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8045 comm="syz.5.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  808.101867][   T30] audit: type=1326 audit(2000000365.111:3951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8045 comm="syz.5.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  808.153182][   T30] audit: type=1326 audit(2000000365.111:3952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8045 comm="syz.5.2469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  808.215004][   T30] audit: type=1326 audit(2000000365.823:3953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8065 comm="syz.0.2475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2055e2929 code=0x7ffc0000
[  808.350908][ T8072] netlink: 'syz.1.2478': attribute type 3 has an invalid length.
[  809.999303][ T8084] futex_wake_op: syz.2.2482 tries to shift op by -1; fix this program
[  810.076741][ T8097] overlayfs: failed to clone upperpath
[  814.071206][ T8160] 9pnet: Insufficient options for proto=fd
[  814.211228][ T8170] device veth0_vlan left promiscuous mode
[  814.222718][ T8170] device veth0_vlan entered promiscuous mode
[  814.290356][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  814.313592][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  814.337186][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  814.391475][ T8183] netlink: 'syz.3.2516': attribute type 3 has an invalid length.
[  814.421705][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  814.432207][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  814.443324][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  814.512412][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  814.631982][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  814.653246][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  814.661819][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  814.669538][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  814.677319][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[  814.685355][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[  814.694836][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth5: link becomes ready
[  814.702556][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth4: link becomes ready
[  814.759115][ T8194] netlink: 'syz.3.2519': attribute type 3 has an invalid length.
[  814.856899][  T308] hid-generic 0000:0003:0000.001B: unknown main item tag 0x0
[  814.864891][  T308] hid-generic 0000:0003:0000.001B: unknown main item tag 0x0
[  814.873077][  T308] hid-generic 0000:0003:0000.001B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  814.995202][ T8206] FAULT_INJECTION: forcing a failure.
[  814.995202][ T8206] name failslab, interval 1, probability 0, space 0, times 0
[  815.017485][ T8206] CPU: 0 PID: 8206 Comm: syz.5.2525 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  815.028829][ T8206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  815.038907][ T8206] Call Trace:
[  815.042210][ T8206]  <TASK>
[  815.045162][ T8206]  __dump_stack+0x21/0x30
[  815.049515][ T8206]  dump_stack_lvl+0xee/0x150
[  815.054110][ T8206]  ? show_regs_print_info+0x20/0x20
[  815.059394][ T8206]  ? proc_fail_nth_write+0x17a/0x1f0
[  815.064689][ T8206]  ? proc_fail_nth_read+0x210/0x210
[  815.069925][ T8206]  ? security_file_permission+0x79/0xa0
[  815.075472][ T8206]  dump_stack+0x15/0x20
[  815.079624][ T8206]  should_fail+0x3c1/0x510
[  815.084038][ T8206]  __should_failslab+0xa4/0xe0
[  815.088799][ T8206]  should_failslab+0x9/0x20
[  815.093295][ T8206]  slab_pre_alloc_hook+0x3b/0xe0
[  815.098356][ T8206]  ? getname_flags+0xb9/0x500
[  815.103051][ T8206]  kmem_cache_alloc+0x44/0x260
[  815.107829][ T8206]  getname_flags+0xb9/0x500
[  815.112338][ T8206]  user_path_at_empty+0x30/0x1c0
[  815.117283][ T8206]  ? do_fchownat+0xdc/0x270
[  815.121790][ T8206]  do_fchownat+0x108/0x270
[  815.126223][ T8206]  ? chown_common+0x640/0x640
[  815.130903][ T8206]  ? __bpf_trace_sys_enter+0x62/0x70
[  815.136194][ T8206]  __x64_sys_lchown+0x85/0x90
[  815.140874][ T8206]  x64_sys_call+0x171/0x9a0
[  815.145403][ T8206]  do_syscall_64+0x4c/0xa0
[  815.149921][ T8206]  ? clear_bhb_loop+0x50/0xa0
[  815.154613][ T8206]  ? clear_bhb_loop+0x50/0xa0
[  815.159300][ T8206]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  815.165212][ T8206] RIP: 0033:0x7f330af6c929
[  815.169760][ T8206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  815.189381][ T8206] RSP: 002b:00007f33095d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000005e
[  815.197812][ T8206] RAX: ffffffffffffffda RBX: 00007f330b193fa0 RCX: 00007f330af6c929
[  815.205888][ T8206] RDX: 000000000000ee01 RSI: 0000000000000000 RDI: 00002000000006c0
[  815.213951][ T8206] RBP: 00007f33095d5090 R08: 0000000000000000 R09: 0000000000000000
[  815.221932][ T8206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  815.229912][ T8206] R13: 0000000000000000 R14: 00007f330b193fa0 R15: 00007ffcc414e088
[  815.237897][ T8206]  </TASK>
[  815.263456][ T8211] loop5: detected capacity change from 0 to 16
[  815.293793][ T8211] erofs: (device loop5): mounted with root inode @ nid 36.
[  815.313281][ T8211] attempt to access beyond end of device
[  815.313281][ T8211] loop5: rw=0, want=14546590696, limit=16
[  815.378274][ T8217] syz.3.2529[8217] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  815.378341][ T8217] syz.3.2529[8217] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  815.547350][   T30] kauditd_printk_skb: 116 callbacks suppressed
[  815.547372][   T30] audit: type=1326 audit(2000000372.655:4070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.2.2531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  815.651938][   T30] audit: type=1326 audit(2000000372.655:4071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.2.2531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  815.675865][   T30] audit: type=1326 audit(2000000372.655:4072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.2.2531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  815.701003][   T30] audit: type=1326 audit(2000000372.655:4073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.2.2531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  815.724706][   T30] audit: type=1326 audit(2000000372.655:4074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8215 comm="syz.2.2531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  816.087434][ T8232] IPv6: NLM_F_CREATE should be specified when creating new route
[  817.607212][ T8243] IPv6: NLM_F_CREATE should be specified when creating new route
[  817.675327][   T30] audit: type=1400 audit(2000000374.685:4075): avc:  denied  { ioctl } for  pid=8250 comm="syz.0.2541" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=45638 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  817.756927][ T8254] xt_hashlimit: max too large, truncated to 1048576
[  817.804230][ T8257] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2543'.
[  817.826811][ T8249] xt_hashlimit: max too large, truncated to 1048576
[  817.924253][ T8257] 9pnet: Insufficient options for proto=fd
[  818.769541][  T287] hid-generic 0000:0003:0000.001C: unknown main item tag 0x0
[  818.777148][  T287] hid-generic 0000:0003:0000.001C: unknown main item tag 0x0
[  818.785178][  T287] hid-generic 0000:0003:0000.001C: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  818.899442][ T8259] loop5: detected capacity change from 0 to 40427
[  818.936426][ T8259] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  818.944300][ T8259] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  818.945048][ T8282] FAULT_INJECTION: forcing a failure.
[  818.945048][ T8282] name failslab, interval 1, probability 0, space 0, times 0
[  818.954354][ T8259] F2FS-fs (loop5): invalid crc value
[  818.971370][ T8282] CPU: 1 PID: 8282 Comm: syz.3.2552 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  818.982682][ T8282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  818.992755][ T8282] Call Trace:
[  818.996056][ T8282]  <TASK>
[  818.999011][ T8282]  __dump_stack+0x21/0x30
[  819.003389][ T8282]  dump_stack_lvl+0xee/0x150
[  819.008082][ T8282]  ? show_regs_print_info+0x20/0x20
[  819.013316][ T8282]  dump_stack+0x15/0x20
[  819.017494][ T8282]  should_fail+0x3c1/0x510
[  819.021927][ T8282]  __should_failslab+0xa4/0xe0
[  819.026712][ T8282]  should_failslab+0x9/0x20
[  819.031242][ T8282]  slab_pre_alloc_hook+0x3b/0xe0
[  819.036198][ T8282]  __kmalloc+0x6d/0x2c0
[  819.040373][ T8282]  ? hci_mgmt_cmd+0x52/0xc80
[  819.044987][ T8282]  hci_mgmt_cmd+0x52/0xc80
[  819.049421][ T8282]  ? selinux_socket_sendmsg+0x208/0x2e0
[  819.054989][ T8282]  ? selinux_socket_accept+0x500/0x500
[  819.060569][ T8282]  hci_sock_sendmsg+0x367/0xa50
[  819.065453][ T8282]  ? hci_sock_getsockopt+0x430/0x430
[  819.070772][ T8282]  ? security_socket_sendmsg+0x82/0xa0
[  819.076260][ T8282]  sock_write_iter+0x29c/0x380
[  819.081049][ T8282]  ? sock_read_iter+0x340/0x340
[  819.085939][ T8282]  ? memset+0x35/0x40
[  819.089948][ T8282]  ? iov_iter_init+0xbc/0x180
[  819.094669][ T8282]  vfs_write+0x802/0xf70
[  819.098948][ T8282]  ? file_end_write+0x1b0/0x1b0
[  819.104001][ T8282]  ? __fget_files+0x2c4/0x320
[  819.108724][ T8282]  ? __fdget_pos+0x1f7/0x380
[  819.113341][ T8282]  ? ksys_write+0x71/0x240
[  819.117792][ T8282]  ksys_write+0x140/0x240
[  819.122154][ T8282]  ? __ia32_sys_read+0x90/0x90
[  819.127029][ T8282]  ? __bpf_trace_sys_enter+0x62/0x70
[  819.132348][ T8282]  __x64_sys_write+0x7b/0x90
[  819.137046][ T8282]  x64_sys_call+0x8ef/0x9a0
[  819.141566][ T8282]  do_syscall_64+0x4c/0xa0
[  819.145995][ T8282]  ? clear_bhb_loop+0x50/0xa0
[  819.150685][ T8282]  ? clear_bhb_loop+0x50/0xa0
[  819.155379][ T8282]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  819.161292][ T8282] RIP: 0033:0x7f025cf12929
[  819.165725][ T8282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  819.185476][ T8282] RSP: 002b:00007f025b55a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  819.193921][ T8282] RAX: ffffffffffffffda RBX: 00007f025d13a080 RCX: 00007f025cf12929
[  819.201918][ T8282] RDX: 0000000000000006 RSI: 0000200000000100 RDI: 0000000000000006
[  819.209906][ T8282] RBP: 00007f025b55a090 R08: 0000000000000000 R09: 0000000000000000
[  819.217895][ T8282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  819.225886][ T8282] R13: 0000000000000000 R14: 00007f025d13a080 R15: 00007ffd8a141848
[  819.233884][ T8282]  </TASK>
[  819.283009][ T8259] F2FS-fs (loop5): Found nat_bits in checkpoint
[  819.398605][   T30] audit: type=1326 audit(2000000376.294:4076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8292 comm="syz.2.2556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  819.424430][ T8259] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  819.428053][ T8297] overlayfs: failed to clone upperpath
[  819.436356][ T8259] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  819.437375][   T30] audit: type=1326 audit(2000000376.294:4077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8292 comm="syz.2.2556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  819.470204][   T30] audit: type=1326 audit(2000000376.294:4078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8292 comm="syz.2.2556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  819.542888][   T30] audit: type=1326 audit(2000000376.294:4079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8292 comm="syz.2.2556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  821.958780][ T8326] FAULT_INJECTION: forcing a failure.
[  821.958780][ T8326] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  821.971985][ T8326] CPU: 1 PID: 8326 Comm: syz.0.2565 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  821.983290][ T8326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  821.993360][ T8326] Call Trace:
[  821.996656][ T8326]  <TASK>
[  821.999602][ T8326]  __dump_stack+0x21/0x30
[  822.004000][ T8326]  dump_stack_lvl+0xee/0x150
[  822.008613][ T8326]  ? show_regs_print_info+0x20/0x20
[  822.013837][ T8326]  dump_stack+0x15/0x20
[  822.018009][ T8326]  should_fail+0x3c1/0x510
[  822.022440][ T8326]  should_fail_usercopy+0x1a/0x20
[  822.027480][ T8326]  _copy_from_user+0x20/0xd0
[  822.032090][ T8326]  do_ip6t_set_ctl+0x5e6/0xcf0
[  822.036869][ T8326]  ? __schedule+0xb76/0x14c0
[  822.041476][ T8326]  ? ip6t_unregister_table_exit+0x220/0x220
[  822.047391][ T8326]  ? release_firmware_map_entry+0x190/0x190
[  822.053305][ T8326]  ? preempt_schedule_common+0xbe/0xf0
[  822.058776][ T8326]  ? preempt_schedule+0xa7/0xb0
[  822.063710][ T8326]  ? __kasan_check_write+0x14/0x20
[  822.068844][ T8326]  ? mutex_unlock+0x89/0x220
[  822.073462][ T8326]  ? __mutex_lock_slowpath+0x10/0x10
[  822.078776][ T8326]  ? preempt_schedule_thunk+0x16/0x18
[  822.084191][ T8326]  nf_setsockopt+0x272/0x2a0
[  822.088812][ T8326]  ipv6_setsockopt+0x2555/0x38a0
[  822.093824][ T8326]  ? ipv6_update_options+0x410/0x410
[  822.099140][ T8326]  ? __this_cpu_preempt_check+0x13/0x20
[  822.104717][ T8326]  ? perf_callchain_user+0x6bd/0x11b0
[  822.110111][ T8326]  ? __kasan_check_read+0x11/0x20
[  822.115152][ T8326]  ? cpupri_find+0xfc/0x280
[  822.119671][ T8326]  ? find_lowest_rq+0x172/0x660
[  822.124543][ T8326]  ? pick_next_pushable_task+0x210/0x210
[  822.130199][ T8326]  ? find_lock_lowest_rq+0x97/0x460
[  822.135425][ T8326]  ? __kasan_check_write+0x14/0x20
[  822.140561][ T8326]  ? push_rt_task+0x35f/0x5b0
[  822.145254][ T8326]  ? update_rt_migration+0x3a0/0x3a0
[  822.150560][ T8326]  ? _raw_spin_unlock+0x4d/0x70
[  822.155427][ T8326]  ? update_rt_migration+0x3a0/0x3a0
[  822.160732][ T8326]  ? finish_task_switch+0x16b/0x780
[  822.165957][ T8326]  ? __switch_to_asm+0x3a/0x60
[  822.170741][ T8326]  ? __schedule+0xb76/0x14c0
[  822.175356][ T8326]  ? release_firmware_map_entry+0x190/0x190
[  822.181284][ T8326]  ? __kasan_check_read+0x11/0x20
[  822.186334][ T8326]  ? preempt_schedule_irq+0xbb/0x110
[  822.191642][ T8326]  ? __cond_resched+0xb0/0xb0
[  822.196338][ T8326]  ? selinux_socket_setsockopt+0x21c/0x300
[  822.202176][ T8326]  ? selinux_socket_getsockopt+0x2e0/0x2e0
[  822.208008][ T8326]  rawv6_setsockopt+0x263/0x620
[  822.212894][ T8326]  ? raw6_destroy+0x30/0x30
[  822.217429][ T8326]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[  822.223114][ T8326]  sock_common_setsockopt+0xa0/0xb0
[  822.228330][ T8326]  ? sock_common_recvmsg+0x1b0/0x1b0
[  822.233636][ T8326]  __sys_setsockopt+0x2f0/0x460
[  822.238501][ T8326]  ? __ia32_sys_recv+0xb0/0xb0
[  822.243309][ T8326]  ? ksys_write+0x1eb/0x240
[  822.247846][ T8326]  ? __bpf_trace_sys_enter+0x62/0x70
[  822.253184][ T8326]  __x64_sys_setsockopt+0xbf/0xd0
[  822.258251][ T8326]  x64_sys_call+0x982/0x9a0
[  822.262776][ T8326]  do_syscall_64+0x4c/0xa0
[  822.267224][ T8326]  ? clear_bhb_loop+0x50/0xa0
[  822.272005][ T8326]  ? clear_bhb_loop+0x50/0xa0
[  822.276702][ T8326]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  822.282602][ T8326] RIP: 0033:0x7fa2055e2929
[  822.287019][ T8326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  822.306719][ T8326] RSP: 002b:00007fa203c09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  822.315275][ T8326] RAX: ffffffffffffffda RBX: 00007fa20580a160 RCX: 00007fa2055e2929
[  822.323269][ T8326] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000008
[  822.331247][ T8326] RBP: 00007fa203c09090 R08: 0000000000000488 R09: 0000000000000000
[  822.339228][ T8326] R10: 0000200000000b00 R11: 0000000000000246 R12: 0000000000000001
[  822.347206][ T8326] R13: 0000000000000000 R14: 00007fa20580a160 R15: 00007fff5c609c68
[  822.355187][ T8326]  </TASK>
[  823.117834][   T30] kauditd_printk_skb: 34 callbacks suppressed
[  823.117853][   T30] audit: type=1326 audit(2000000379.774:4114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8343 comm="syz.3.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  823.154048][   T30] audit: type=1326 audit(2000000379.774:4115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8343 comm="syz.3.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  823.209710][   T30] audit: type=1326 audit(2000000379.774:4116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8343 comm="syz.3.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  823.257355][   T30] audit: type=1326 audit(2000000379.774:4117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8343 comm="syz.3.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  823.304437][   T30] audit: type=1326 audit(2000000379.774:4118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8343 comm="syz.3.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  823.381688][   T30] audit: type=1326 audit(2000000379.774:4119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8343 comm="syz.3.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  823.425514][   T30] audit: type=1326 audit(2000000379.774:4120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8343 comm="syz.3.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  823.464068][   T30] audit: type=1326 audit(2000000379.774:4121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8343 comm="syz.3.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  823.499480][   T30] audit: type=1326 audit(2000000379.774:4122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8343 comm="syz.3.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  823.533964][   T30] audit: type=1326 audit(2000000379.774:4123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8343 comm="syz.3.2571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  823.607889][ T8346] loop5: detected capacity change from 0 to 40427
[  823.715017][ T8346] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  823.733625][ T8346] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  823.747235][ T8346] F2FS-fs (loop5): invalid crc value
[  823.919731][ T8346] F2FS-fs (loop5): Found nat_bits in checkpoint
[  824.157182][ T8346] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  824.184623][ T8346] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  824.612783][ T7897] attempt to access beyond end of device
[  824.612783][ T7897] loop5: rw=2049, want=40968, limit=40427
[  824.737102][ T8381] netlink: 'syz.1.2583': attribute type 4 has an invalid length.
[  824.874639][ T8381] 9pnet: Insufficient options for proto=fd
[  824.936866][ T8381] overlayfs: failed to resolve './file1': -2
[  825.388289][ T8392] loop5: detected capacity change from 0 to 512
[  825.460826][ T8392] EXT4-fs (loop5): Test dummy encryption mode enabled
[  825.468205][ T8392] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  825.485454][ T8392] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.2586: bad orphan inode 131083
[  825.497047][ T8392] EXT4-fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable,noload,,errors=continue. Quota mode: none.
[  825.982859][ T8419] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2594'.
[  827.451439][ T8463] FAULT_INJECTION: forcing a failure.
[  827.451439][ T8463] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  827.465183][ T8463] CPU: 0 PID: 8463 Comm: syz.1.2609 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  827.476513][ T8463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  827.486581][ T8463] Call Trace:
[  827.489863][ T8463]  <TASK>
[  827.492894][ T8463]  __dump_stack+0x21/0x30
[  827.497244][ T8463]  dump_stack_lvl+0xee/0x150
[  827.501845][ T8463]  ? show_regs_print_info+0x20/0x20
[  827.507257][ T8463]  dump_stack+0x15/0x20
[  827.511436][ T8463]  should_fail+0x3c1/0x510
[  827.515865][ T8463]  should_fail_alloc_page+0x55/0x80
[  827.521081][ T8463]  prepare_alloc_pages+0x156/0x600
[  827.526203][ T8463]  ? __alloc_pages_bulk+0xab0/0xab0
[  827.531413][ T8463]  ? slab_post_alloc_hook+0x4f/0x2b0
[  827.536718][ T8463]  ? alloc_vmap_area+0x17a/0x1990
[  827.541745][ T8463]  ? __get_vm_area_node+0x14e/0x350
[  827.547030][ T8463]  ? __vmalloc_node_range+0xe8/0x840
[  827.552316][ T8463]  ? dev_map_alloc+0x24c/0x560
[  827.557351][ T8463]  __alloc_pages+0x10a/0x440
[  827.561963][ T8463]  ? prep_new_page+0x110/0x110
[  827.566749][ T8463]  ? __kasan_check_write+0x14/0x20
[  827.572038][ T8463]  __get_free_pages+0x10/0x30
[  827.576737][ T8463]  kasan_populate_vmalloc_pte+0x29/0x120
[  827.582771][ T8463]  __apply_to_page_range+0x8b0/0xbf0
[  827.588373][ T8463]  ? kasan_populate_vmalloc+0x70/0x70
[  827.593769][ T8463]  ? kasan_populate_vmalloc+0x70/0x70
[  827.599252][ T8463]  apply_to_page_range+0x3b/0x50
[  827.604302][ T8463]  kasan_populate_vmalloc+0x60/0x70
[  827.609607][ T8463]  alloc_vmap_area+0x185c/0x1990
[  827.614557][ T8463]  ? vm_map_ram+0xa60/0xa60
[  827.619063][ T8463]  ? kmem_cache_alloc_trace+0x119/0x270
[  827.624615][ T8463]  ? __get_vm_area_node+0x11d/0x350
[  827.629822][ T8463]  __get_vm_area_node+0x14e/0x350
[  827.634862][ T8463]  __vmalloc_node_range+0xe8/0x840
[  827.639980][ T8463]  ? dev_map_alloc+0x24c/0x560
[  827.644858][ T8463]  bpf_map_area_alloc+0xd5/0xe0
[  827.649728][ T8463]  ? dev_map_alloc+0x24c/0x560
[  827.654494][ T8463]  dev_map_alloc+0x24c/0x560
[  827.659092][ T8463]  map_create+0x455/0x21b0
[  827.663547][ T8463]  __sys_bpf+0x2cf/0x730
[  827.667805][ T8463]  ? bpf_link_show_fdinfo+0x310/0x310
[  827.673194][ T8463]  ? bpf_trace_run2+0xb5/0x1b0
[  827.677977][ T8463]  ? __bpf_trace_sys_enter+0x62/0x70
[  827.683277][ T8463]  __x64_sys_bpf+0x7c/0x90
[  827.687696][ T8463]  x64_sys_call+0x4b9/0x9a0
[  827.692205][ T8463]  do_syscall_64+0x4c/0xa0
[  827.696624][ T8463]  ? clear_bhb_loop+0x50/0xa0
[  827.701308][ T8463]  ? clear_bhb_loop+0x50/0xa0
[  827.705996][ T8463]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  827.711910][ T8463] RIP: 0033:0x7f8a27826929
[  827.716349][ T8463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  827.735969][ T8463] RSP: 002b:00007f8a25e8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  827.744397][ T8463] RAX: ffffffffffffffda RBX: 00007f8a27a4dfa0 RCX: 00007f8a27826929
[  827.752375][ T8463] RDX: 0000000000000050 RSI: 00002000000006c0 RDI: 0000000000000000
[  827.760369][ T8463] RBP: 00007f8a25e8f090 R08: 0000000000000000 R09: 0000000000000000
[  827.768359][ T8463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  827.776343][ T8463] R13: 0000000000000000 R14: 00007f8a27a4dfa0 R15: 00007ffd2b684dc8
[  827.784328][ T8463]  </TASK>
[  827.801203][ T8465] xt_hashlimit: max too large, truncated to 1048576
[  829.434075][ T8486] netlink: 'syz.0.2615': attribute type 5 has an invalid length.
[  829.520831][   T30] kauditd_printk_skb: 207 callbacks suppressed
[  829.520849][   T30] audit: type=1326 audit(2000000385.761:4331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8489 comm="syz.0.2617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2055e2929 code=0x7ffc0000
[  829.757948][   T30] audit: type=1326 audit(2000000385.761:4332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8489 comm="syz.0.2617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2055e2929 code=0x7ffc0000
[  829.839558][   T30] audit: type=1326 audit(2000000385.761:4333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8489 comm="syz.0.2617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa2055e2929 code=0x7ffc0000
[  829.944859][   T30] audit: type=1326 audit(2000000385.761:4334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8489 comm="syz.0.2617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2055e2929 code=0x7ffc0000
[  830.041171][   T30] audit: type=1326 audit(2000000385.761:4335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8489 comm="syz.0.2617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2055e2929 code=0x7ffc0000
[  830.141989][   T30] audit: type=1326 audit(2000000385.789:4336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8489 comm="syz.0.2617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7fa2055e2929 code=0x7ffc0000
[  830.233191][   T30] audit: type=1326 audit(2000000385.789:4337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8489 comm="syz.0.2617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2055e2929 code=0x7ffc0000
[  830.256932][   T30] audit: type=1326 audit(2000000385.789:4338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8489 comm="syz.0.2617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2055e2929 code=0x7ffc0000
[  830.280662][   T30] audit: type=1326 audit(2000000385.789:4339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8489 comm="syz.0.2617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fa2055e2929 code=0x7ffc0000
[  830.304168][   T30] audit: type=1326 audit(2000000385.789:4340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8489 comm="syz.0.2617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2055e2929 code=0x7ffc0000
[  830.560450][ T8513] loop5: detected capacity change from 0 to 1024
[  830.620810][ T8513] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  830.641067][ T8513] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  830.665451][ T8513] JBD2: no valid journal superblock found
[  830.685862][ T8513] EXT4-fs (loop5): error loading journal
[  830.912656][ T8521] loop5: detected capacity change from 0 to 8192
[  832.210755][ T8538] loop5: detected capacity change from 0 to 512
[  832.246126][ T8538] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[  832.253429][ T8538] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  832.262470][ T8538] EXT4-fs (loop5): can't mount with commit=3, fs mounted w/o journal
[  832.545291][ T8563] xt_hashlimit: max too large, truncated to 1048576
[  832.640077][ T8562] FAULT_INJECTION: forcing a failure.
[  832.640077][ T8562] name failslab, interval 1, probability 0, space 0, times 0
[  832.653068][ T8562] CPU: 0 PID: 8562 Comm: syz.5.2640 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  832.664382][ T8562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  832.674455][ T8562] Call Trace:
[  832.677750][ T8562]  <TASK>
[  832.680694][ T8562]  __dump_stack+0x21/0x30
[  832.685059][ T8562]  dump_stack_lvl+0xee/0x150
[  832.689665][ T8562]  ? show_regs_print_info+0x20/0x20
[  832.694886][ T8562]  dump_stack+0x15/0x20
[  832.699145][ T8562]  should_fail+0x3c1/0x510
[  832.703581][ T8562]  __should_failslab+0xa4/0xe0
[  832.708363][ T8562]  should_failslab+0x9/0x20
[  832.712882][ T8562]  slab_pre_alloc_hook+0x3b/0xe0
[  832.717842][ T8562]  ? key_alloc+0x302/0xf30
[  832.722284][ T8562]  __kmalloc_track_caller+0x6c/0x2c0
[  832.727592][ T8562]  ? key_alloc+0x302/0xf30
[  832.732030][ T8562]  kmemdup+0x26/0x60
[  832.736032][ T8562]  key_alloc+0x302/0xf30
[  832.740301][ T8562]  keyring_alloc+0x47/0xb0
[  832.744740][ T8562]  lookup_user_key+0x4a9/0x1140
[  832.749621][ T8562]  ? lookup_user_key_possessed+0x40/0x40
[  832.755270][ T8562]  ? search_process_keyrings_rcu+0x270/0x270
[  832.761295][ T8562]  ? __kasan_check_write+0x14/0x20
[  832.766432][ T8562]  ? _copy_from_user+0x95/0xd0
[  832.771224][ T8562]  __se_sys_request_key+0x1be/0x330
[  832.776452][ T8562]  ? fput+0x1a/0x20
[  832.780294][ T8562]  ? __x64_sys_request_key+0xb0/0xb0
[  832.785603][ T8562]  __x64_sys_request_key+0x9b/0xb0
[  832.790738][ T8562]  x64_sys_call+0x6f7/0x9a0
[  832.795268][ T8562]  do_syscall_64+0x4c/0xa0
[  832.799699][ T8562]  ? clear_bhb_loop+0x50/0xa0
[  832.804394][ T8562]  ? clear_bhb_loop+0x50/0xa0
[  832.809096][ T8562]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  832.815153][ T8562] RIP: 0033:0x7f330af6c929
[  832.819606][ T8562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  832.839238][ T8562] RSP: 002b:00007f33095d5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[  832.847678][ T8562] RAX: ffffffffffffffda RBX: 00007f330b193fa0 RCX: 00007f330af6c929
[  832.855672][ T8562] RDX: 0000200000000140 RSI: 0000200000000080 RDI: 0000200000000040
[  832.863667][ T8562] RBP: 00007f33095d5090 R08: 0000000000000000 R09: 0000000000000000
[  832.871668][ T8562] R10: fffffffffffffffe R11: 0000000000000246 R12: 0000000000000001
[  832.879662][ T8562] R13: 0000000000000000 R14: 00007f330b193fa0 R15: 00007ffcc414e088
[  832.887659][ T8562]  </TASK>
[  835.202224][   T30] kauditd_printk_skb: 633 callbacks suppressed
[  835.202242][   T30] audit: type=1326 audit(2000000391.074:4974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8602 comm="syz.2.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  835.283782][   T30] audit: type=1326 audit(2000000391.102:4975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8602 comm="syz.2.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  835.361484][   T30] audit: type=1326 audit(2000000391.102:4976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8602 comm="syz.2.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  835.417188][   T30] audit: type=1326 audit(2000000391.102:4977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8602 comm="syz.2.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  835.472780][   T30] audit: type=1326 audit(2000000391.102:4978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8602 comm="syz.2.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  835.539159][   T30] audit: type=1326 audit(2000000391.102:4979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8602 comm="syz.2.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  835.564910][   T30] audit: type=1326 audit(2000000391.102:4980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8602 comm="syz.2.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  835.606905][   T30] audit: type=1326 audit(2000000391.102:4981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8602 comm="syz.2.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  835.641979][   T30] audit: type=1326 audit(2000000391.102:4982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8602 comm="syz.2.2654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  835.688813][   T30] audit: type=1326 audit(2000000391.139:4983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8604 comm="syz.2.2655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f547f384929 code=0x7ffc0000
[  835.792804][ T8625] loop5: detected capacity change from 0 to 512
[  835.897048][ T8625] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  835.916933][ T8625] ext4 filesystem being mounted at /34/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  836.989894][ T8642] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2664'.
[  838.704553][ T8658] FAULT_INJECTION: forcing a failure.
[  838.704553][ T8658] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  838.764589][ T8658] CPU: 0 PID: 8658 Comm: syz.3.2671 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  838.775922][ T8658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  838.785993][ T8658] Call Trace:
[  838.789287][ T8658]  <TASK>
[  838.792234][ T8658]  __dump_stack+0x21/0x30
[  838.796671][ T8658]  dump_stack_lvl+0xee/0x150
[  838.801277][ T8658]  ? show_regs_print_info+0x20/0x20
[  838.806499][ T8658]  ? __kasan_check_write+0x14/0x20
[  838.811632][ T8658]  ? proc_fail_nth_write+0x17a/0x1f0
[  838.817024][ T8658]  dump_stack+0x15/0x20
[  838.821286][ T8658]  should_fail+0x3c1/0x510
[  838.825721][ T8658]  should_fail_usercopy+0x1a/0x20
[  838.830759][ T8658]  _copy_from_user+0x20/0xd0
[  838.835365][ T8658]  __sys_sendto+0x29e/0x580
[  838.839885][ T8658]  ? __ia32_sys_getpeername+0x90/0x90
[  838.845368][ T8658]  ? __ia32_sys_read+0x90/0x90
[  838.850157][ T8658]  __x64_sys_sendto+0xe5/0x100
[  838.854943][ T8658]  x64_sys_call+0x178/0x9a0
[  838.859467][ T8658]  do_syscall_64+0x4c/0xa0
[  838.863985][ T8658]  ? clear_bhb_loop+0x50/0xa0
[  838.868695][ T8658]  ? clear_bhb_loop+0x50/0xa0
[  838.873393][ T8658]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  838.879320][ T8658] RIP: 0033:0x7f025cf12929
[  838.883748][ T8658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  838.903365][ T8658] RSP: 002b:00007f025b57b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  838.911789][ T8658] RAX: ffffffffffffffda RBX: 00007f025d139fa0 RCX: 00007f025cf12929
[  838.919762][ T8658] RDX: 000000000000e90c RSI: 00002000000000c0 RDI: 0000000000000006
[  838.927739][ T8658] RBP: 00007f025b57b090 R08: 0000200000000540 R09: 0000000000000014
[  838.935811][ T8658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  838.943966][ T8658] R13: 0000000000000000 R14: 00007f025d139fa0 R15: 00007ffd8a141848
[  838.951944][ T8658]  </TASK>
[  839.896886][ T8682] netlink: 'syz.3.2680': attribute type 3 has an invalid length.
[  840.972355][ T8695] FAULT_INJECTION: forcing a failure.
[  840.972355][ T8695] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  841.004194][ T8695] CPU: 0 PID: 8695 Comm: syz.5.2684 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  841.015527][ T8695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  841.025687][ T8695] Call Trace:
[  841.029064][ T8695]  <TASK>
[  841.032001][ T8695]  __dump_stack+0x21/0x30
[  841.036345][ T8695]  dump_stack_lvl+0xee/0x150
[  841.041030][ T8695]  ? show_regs_print_info+0x20/0x20
[  841.046238][ T8695]  dump_stack+0x15/0x20
[  841.050403][ T8695]  should_fail+0x3c1/0x510
[  841.054832][ T8695]  should_fail_usercopy+0x1a/0x20
[  841.059951][ T8695]  _copy_to_user+0x20/0x90
[  841.064404][ T8695]  simple_read_from_buffer+0xe9/0x160
[  841.069899][ T8695]  proc_fail_nth_read+0x19a/0x210
[  841.074927][ T8695]  ? proc_fault_inject_write+0x2f0/0x2f0
[  841.080567][ T8695]  ? security_file_permission+0x83/0xa0
[  841.086120][ T8695]  ? proc_fault_inject_write+0x2f0/0x2f0
[  841.091877][ T8695]  vfs_read+0x282/0xbe0
[  841.096036][ T8695]  ? kernel_read+0x1f0/0x1f0
[  841.100626][ T8695]  ? __kasan_check_write+0x14/0x20
[  841.105755][ T8695]  ? mutex_lock+0x95/0x1a0
[  841.110185][ T8695]  ? wait_for_completion_killable_timeout+0x10/0x10
[  841.116789][ T8695]  ? __fget_files+0x2c4/0x320
[  841.121568][ T8695]  ? __fdget_pos+0x2d2/0x380
[  841.126173][ T8695]  ? ksys_read+0x71/0x240
[  841.130513][ T8695]  ksys_read+0x140/0x240
[  841.134768][ T8695]  ? vfs_write+0xf70/0xf70
[  841.139195][ T8695]  ? debug_smp_processor_id+0x17/0x20
[  841.144582][ T8695]  __x64_sys_read+0x7b/0x90
[  841.149092][ T8695]  x64_sys_call+0x96d/0x9a0
[  841.153603][ T8695]  do_syscall_64+0x4c/0xa0
[  841.158023][ T8695]  ? clear_bhb_loop+0x50/0xa0
[  841.162702][ T8695]  ? clear_bhb_loop+0x50/0xa0
[  841.167380][ T8695]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  841.173281][ T8695] RIP: 0033:0x7f330af6b33c
[  841.177700][ T8695] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  841.197412][ T8695] RSP: 002b:00007f33095b4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  841.205831][ T8695] RAX: ffffffffffffffda RBX: 00007f330b194080 RCX: 00007f330af6b33c
[  841.213913][ T8695] RDX: 000000000000000f RSI: 00007f33095b40a0 RDI: 0000000000000008
[  841.221886][ T8695] RBP: 00007f33095b4090 R08: 0000000000000000 R09: 0000000000000000
[  841.229880][ T8695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  841.237957][ T8695] R13: 0000000000000000 R14: 00007f330b194080 R15: 00007ffcc414e088
[  841.246300][ T8695]  </TASK>
[  841.345389][ T8697] usb usb8: usbfs: process 8697 (syz.1.2685) did not claim interface 0 before use
[  841.580536][ T8715] xt_hashlimit: max too large, truncated to 1048576
[  843.776882][   T30] kauditd_printk_skb: 105 callbacks suppressed
[  843.776903][   T30] audit: type=1326 audit(2000000399.071:5089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8728 comm="syz.1.2698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a27826929 code=0x7ffc0000
[  844.105846][   T30] audit: type=1326 audit(2000000399.071:5090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8728 comm="syz.1.2698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a27826929 code=0x7ffc0000
[  844.162666][   T30] audit: type=1326 audit(2000000399.071:5091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8728 comm="syz.1.2698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f8a27826929 code=0x7ffc0000
[  844.213876][   T30] audit: type=1326 audit(2000000399.071:5092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8728 comm="syz.1.2698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a27826929 code=0x7ffc0000
[  844.292324][   T30] audit: type=1326 audit(2000000399.071:5093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8728 comm="syz.1.2698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a27826929 code=0x7ffc0000
[  845.503277][ T8770] loop5: detected capacity change from 0 to 256
[  845.523674][   T30] audit: type=1326 audit(2000000400.718:5094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8767 comm="syz.1.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a27826929 code=0x7ffc0000
[  845.782818][   T30] audit: type=1326 audit(2000000400.811:5095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8767 comm="syz.1.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8a27826929 code=0x7ffc0000
[  846.023136][   T30] audit: type=1326 audit(2000000400.820:5096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8767 comm="syz.1.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a27826929 code=0x7ffc0000
[  846.388487][ T8783] FAULT_INJECTION: forcing a failure.
[  846.388487][ T8783] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  846.401917][ T8783] CPU: 1 PID: 8783 Comm: syz.1.2713 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  846.413218][ T8783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  846.423295][ T8783] Call Trace:
[  846.426587][ T8783]  <TASK>
[  846.429536][ T8783]  __dump_stack+0x21/0x30
[  846.434075][ T8783]  dump_stack_lvl+0xee/0x150
[  846.438698][ T8783]  ? show_regs_print_info+0x20/0x20
[  846.443939][ T8783]  dump_stack+0x15/0x20
[  846.448118][ T8783]  should_fail+0x3c1/0x510
[  846.452550][ T8783]  should_fail_usercopy+0x1a/0x20
[  846.457585][ T8783]  _copy_from_user+0x20/0xd0
[  846.462192][ T8783]  __copy_msghdr_from_user+0xaf/0x5e0
[  846.467579][ T8783]  ? __kasan_check_write+0x14/0x20
[  846.472709][ T8783]  ? push_rt_task+0x35f/0x5b0
[  846.477416][ T8783]  ? __ia32_sys_shutdown+0x1e0/0x1e0
[  846.482720][ T8783]  ? __switch_to_asm+0x3a/0x60
[  846.487515][ T8783]  ___sys_sendmsg+0x156/0x260
[  846.492217][ T8783]  ? __sys_sendmsg+0x250/0x250
[  846.497016][ T8783]  ? __fdget+0x1a1/0x230
[  846.501385][ T8783]  __x64_sys_sendmsg+0x1e2/0x2a0
[  846.506349][ T8783]  ? ___sys_sendmsg+0x260/0x260
[  846.511223][ T8783]  ? ksys_write+0x1eb/0x240
[  846.515745][ T8783]  ? __kasan_check_write+0x14/0x20
[  846.520873][ T8783]  ? switch_fpu_return+0x15d/0x2c0
[  846.526017][ T8783]  x64_sys_call+0x4b/0x9a0
[  846.530722][ T8783]  do_syscall_64+0x4c/0xa0
[  846.535159][ T8783]  ? clear_bhb_loop+0x50/0xa0
[  846.539871][ T8783]  ? clear_bhb_loop+0x50/0xa0
[  846.544574][ T8783]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  846.550481][ T8783] RIP: 0033:0x7f8a27826929
[  846.554919][ T8783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  846.574630][ T8783] RSP: 002b:00007f8a25e4d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  846.583152][ T8783] RAX: ffffffffffffffda RBX: 00007f8a27a4e160 RCX: 00007f8a27826929
[  846.591145][ T8783] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000008
[  846.599130][ T8783] RBP: 00007f8a25e4d090 R08: 0000000000000000 R09: 0000000000000000
[  846.607113][ T8783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  846.615096][ T8783] R13: 0000000000000000 R14: 00007f8a27a4e160 R15: 00007ffd2b684dc8
[  846.623086][ T8783]  </TASK>
[  846.728108][   T30] audit: type=1326 audit(2000000400.820:5097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8767 comm="syz.1.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f8a27826929 code=0x7ffc0000
[  846.912431][   T30] audit: type=1326 audit(2000000400.830:5098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8767 comm="syz.1.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a27826929 code=0x7ffc0000
[  849.037091][ T8829] FAULT_INJECTION: forcing a failure.
[  849.037091][ T8829] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  849.104297][ T8829] CPU: 1 PID: 8829 Comm: syz.5.2730 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  849.115630][ T8829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  849.125714][ T8829] Call Trace:
[  849.129014][ T8829]  <TASK>
[  849.131978][ T8829]  __dump_stack+0x21/0x30
[  849.136344][ T8829]  dump_stack_lvl+0xee/0x150
[  849.140958][ T8829]  ? show_regs_print_info+0x20/0x20
[  849.146180][ T8829]  dump_stack+0x15/0x20
[  849.150360][ T8829]  should_fail+0x3c1/0x510
[  849.154816][ T8829]  should_fail_usercopy+0x1a/0x20
[  849.159985][ T8829]  _copy_to_user+0x20/0x90
[  849.164515][ T8829]  simple_read_from_buffer+0xe9/0x160
[  849.169964][ T8829]  proc_fail_nth_read+0x19a/0x210
[  849.175016][ T8829]  ? proc_fault_inject_write+0x2f0/0x2f0
[  849.180675][ T8829]  ? security_file_permission+0x83/0xa0
[  849.186244][ T8829]  ? proc_fault_inject_write+0x2f0/0x2f0
[  849.191901][ T8829]  vfs_read+0x282/0xbe0
[  849.196180][ T8829]  ? kernel_read+0x1f0/0x1f0
[  849.200811][ T8829]  ? __kasan_check_write+0x14/0x20
[  849.205952][ T8829]  ? mutex_lock+0x95/0x1a0
[  849.210393][ T8829]  ? wait_for_completion_killable_timeout+0x10/0x10
[  849.217112][ T8829]  ? __fget_files+0x2c4/0x320
[  849.221819][ T8829]  ? __fdget_pos+0x2d2/0x380
[  849.226433][ T8829]  ? ksys_read+0x71/0x240
[  849.230786][ T8829]  ksys_read+0x140/0x240
[  849.235054][ T8829]  ? vfs_write+0xf70/0xf70
[  849.239490][ T8829]  ? debug_smp_processor_id+0x17/0x20
[  849.244891][ T8829]  __x64_sys_read+0x7b/0x90
[  849.249419][ T8829]  x64_sys_call+0x96d/0x9a0
[  849.254028][ T8829]  do_syscall_64+0x4c/0xa0
[  849.258460][ T8829]  ? clear_bhb_loop+0x50/0xa0
[  849.263152][ T8829]  ? clear_bhb_loop+0x50/0xa0
[  849.267853][ T8829]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  849.273766][ T8829] RIP: 0033:0x7f330af6b33c
[  849.278204][ T8829] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  849.297827][ T8829] RSP: 002b:00007f33095d5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  849.306269][ T8829] RAX: ffffffffffffffda RBX: 00007f330b193fa0 RCX: 00007f330af6b33c
[  849.314267][ T8829] RDX: 000000000000000f RSI: 00007f33095d50a0 RDI: 0000000000000008
[  849.322274][ T8829] RBP: 00007f33095d5090 R08: 0000000000000000 R09: 0000000000000000
[  849.330370][ T8829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  849.338376][ T8829] R13: 0000000000000000 R14: 00007f330b193fa0 R15: 00007ffcc414e088
[  849.346400][ T8829]  </TASK>
[  849.584417][ T8832] loop5: detected capacity change from 0 to 8192
[  850.502851][   T30] kauditd_printk_skb: 53 callbacks suppressed
[  850.502868][   T30] audit: type=1326 audit(2000000405.385:5152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8849 comm="syz.5.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  850.580523][   T30] audit: type=1326 audit(2000000405.385:5153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8849 comm="syz.5.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  850.650248][   T30] audit: type=1326 audit(2000000405.413:5154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8849 comm="syz.5.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  850.759301][   T30] audit: type=1326 audit(2000000405.413:5155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8849 comm="syz.5.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  850.811413][   T30] audit: type=1326 audit(2000000405.413:5156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8849 comm="syz.5.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  850.842181][   T30] audit: type=1326 audit(2000000405.413:5157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8849 comm="syz.5.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  850.865821][   T30] audit: type=1326 audit(2000000405.413:5158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8849 comm="syz.5.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  850.912650][   T30] audit: type=1326 audit(2000000405.413:5159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8849 comm="syz.5.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  851.193473][   T30] audit: type=1326 audit(2000000405.413:5160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8849 comm="syz.5.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  851.238522][   T30] audit: type=1326 audit(2000000405.413:5161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8849 comm="syz.5.2738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  851.342904][ T8870] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2745'.
[  852.618664][ T8912] bridge0: port 1(bridge_slave_0) entered blocking state
[  852.626407][ T8912] bridge0: port 1(bridge_slave_0) entered disabled state
[  852.636750][ T8912] device bridge_slave_0 entered promiscuous mode
[  852.644185][ T8912] bridge0: port 2(bridge_slave_1) entered blocking state
[  852.651413][ T8912] bridge0: port 2(bridge_slave_1) entered disabled state
[  852.659250][ T8912] device bridge_slave_1 entered promiscuous mode
[  852.680060][ T8921] fuse: Bad value for 'fd'
[  852.785270][ T8912] bridge0: port 2(bridge_slave_1) entered blocking state
[  852.792496][ T8912] bridge0: port 2(bridge_slave_1) entered forwarding state
[  852.799933][ T8912] bridge0: port 1(bridge_slave_0) entered blocking state
[  852.807005][ T8912] bridge0: port 1(bridge_slave_0) entered forwarding state
[  852.913844][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  852.927899][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  852.953161][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  852.983663][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  853.007808][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  853.014900][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  853.050829][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  853.078209][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  853.085319][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  853.124333][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  853.145559][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  853.174683][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  853.184383][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  853.193580][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  853.201622][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  853.210288][ T8912] device veth0_vlan entered promiscuous mode
[  853.233184][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  853.250857][ T8943] loop5: detected capacity change from 0 to 1024
[  853.261101][ T8912] device veth1_macvtap entered promiscuous mode
[  853.276904][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  853.292037][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  853.329419][ T8945] bridge: RTM_DELNEIGH with unconfigured vlan 3 on bridge0
[  853.344782][ T8943] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  853.358645][ T8945] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2769'.
[  853.367925][ T8943] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  853.382241][ T8943] JBD2: no valid journal superblock found
[  853.395126][ T8943] EXT4-fs (loop5): error loading journal
[  853.607048][  T330] device bridge_slave_1 left promiscuous mode
[  853.613242][  T330] bridge0: port 2(bridge_slave_1) entered disabled state
[  853.621532][  T330] device bridge_slave_0 left promiscuous mode
[  853.627854][  T330] bridge0: port 1(bridge_slave_0) entered disabled state
[  853.641802][  T330] device veth1_macvtap left promiscuous mode
[  853.648294][  T330] device veth0_vlan left promiscuous mode
[  853.708663][ T8960] FAULT_INJECTION: forcing a failure.
[  853.708663][ T8960] name failslab, interval 1, probability 0, space 0, times 0
[  853.721632][ T8960] CPU: 0 PID: 8960 Comm: syz.2.2771 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  853.732943][ T8960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  853.743011][ T8960] Call Trace:
[  853.746299][ T8960]  <TASK>
[  853.749243][ T8960]  __dump_stack+0x21/0x30
[  853.753586][ T8960]  dump_stack_lvl+0xee/0x150
[  853.758182][ T8960]  ? show_regs_print_info+0x20/0x20
[  853.763386][ T8960]  ? unwind_get_return_address+0x4d/0x90
[  853.769029][ T8960]  ? stack_trace_save+0xe0/0xe0
[  853.773883][ T8960]  ? arch_stack_walk+0xee/0x140
[  853.778741][ T8960]  dump_stack+0x15/0x20
[  853.782901][ T8960]  should_fail+0x3c1/0x510
[  853.787321][ T8960]  __should_failslab+0xa4/0xe0
[  853.792086][ T8960]  should_failslab+0x9/0x20
[  853.796587][ T8960]  slab_pre_alloc_hook+0x3b/0xe0
[  853.801525][ T8960]  __kmalloc+0x6d/0x2c0
[  853.805681][ T8960]  ? kvmalloc_node+0x242/0x330
[  853.810449][ T8960]  ? kasan_set_track+0x5b/0x70
[  853.815219][ T8960]  kvmalloc_node+0x242/0x330
[  853.819811][ T8960]  ? __x64_sys_openat+0x136/0x160
[  853.824838][ T8960]  ? x64_sys_call+0x219/0x9a0
[  853.829519][ T8960]  ? vm_mmap+0xb0/0xb0
[  853.833591][ T8960]  traverse+0xd6/0x510
[  853.837657][ T8960]  ? wait_for_completion_killable_timeout+0x10/0x10
[  853.844255][ T8960]  seq_read_iter+0xc57/0xd30
[  853.848848][ T8960]  ? __kasan_check_write+0x14/0x20
[  853.853956][ T8960]  ? proc_fail_nth_write+0x17a/0x1f0
[  853.859244][ T8960]  ? avc_policy_seqno+0x1b/0x70
[  853.864096][ T8960]  proc_reg_read_iter+0x1be/0x290
[  853.869122][ T8960]  vfs_read+0x68b/0xbe0
[  853.873277][ T8960]  ? kernel_read+0x1f0/0x1f0
[  853.877867][ T8960]  ? __fget_files+0x2c4/0x320
[  853.882544][ T8960]  ? __fdget+0x1a1/0x230
[  853.886876][ T8960]  ? __x64_sys_pread64+0xec/0x220
[  853.891902][ T8960]  __x64_sys_pread64+0x191/0x220
[  853.896837][ T8960]  ? ksys_pread64+0x1b0/0x1b0
[  853.901516][ T8960]  ? fpregs_assert_state_consistent+0xb1/0xe0
[  853.907582][ T8960]  x64_sys_call+0x3a1/0x9a0
[  853.912086][ T8960]  do_syscall_64+0x4c/0xa0
[  853.916500][ T8960]  ? clear_bhb_loop+0x50/0xa0
[  853.921175][ T8960]  ? clear_bhb_loop+0x50/0xa0
[  853.925849][ T8960]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  853.931826][ T8960] RIP: 0033:0x7fe0322bd929
[  853.936241][ T8960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  853.955844][ T8960] RSP: 002b:00007fe0308e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  853.964348][ T8960] RAX: ffffffffffffffda RBX: 00007fe0324e5160 RCX: 00007fe0322bd929
[  853.972327][ T8960] RDX: 0000000000000049 RSI: 0000200000000180 RDI: 0000000000000006
[  853.980299][ T8960] RBP: 00007fe0308e4090 R08: 0000000000000000 R09: 0000000000000000
[  853.988274][ T8960] R10: 000000000000ac8c R11: 0000000000000246 R12: 0000000000000001
[  853.996251][ T8960] R13: 0000000000000000 R14: 00007fe0324e5160 R15: 00007ffe989f7c18
[  854.004233][ T8960]  </TASK>
[  854.706334][ T8983] loop2: detected capacity change from 0 to 8192
[  855.400810][ T8997] loop2: detected capacity change from 0 to 8192
[  855.479919][ T8995] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2782'.
[  855.807117][ T9007] loop5: detected capacity change from 0 to 1024
[  855.840242][ T9007] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  855.851412][ T9007] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  855.862552][ T9007] JBD2: no valid journal superblock found
[  855.868378][ T9007] EXT4-fs (loop5): error loading journal
[  858.290984][   T30] kauditd_printk_skb: 128 callbacks suppressed
[  858.291000][   T30] audit: type=1326 audit(2000000412.672:5290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.5.2796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  858.451959][   T30] audit: type=1326 audit(2000000412.700:5291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.5.2796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  858.547776][ T9043] loop5: detected capacity change from 0 to 256
[  858.589738][ T9043] exfat: Deprecated parameter 'utf8'
[  858.595472][ T9043] exfat: Deprecated parameter 'utf8'
[  858.723521][ T9043] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[  858.857474][   T30] audit: type=1326 audit(2000000412.700:5292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.5.2796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  858.885330][   T30] audit: type=1326 audit(2000000412.700:5293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.5.2796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  858.984038][   T30] audit: type=1326 audit(2000000412.700:5294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.5.2796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  859.059626][   T30] audit: type=1326 audit(2000000412.700:5295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.5.2796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  859.164570][  T836] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  859.196297][   T30] audit: type=1326 audit(2000000412.700:5296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.5.2796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  859.276358][   T30] audit: type=1326 audit(2000000412.700:5297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.5.2796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  859.313175][   T30] audit: type=1326 audit(2000000412.700:5298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.5.2796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  859.634879][  T836] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  859.712564][  T836] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  859.757008][   T30] audit: type=1326 audit(2000000412.700:5299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9036 comm="syz.5.2796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f330af6c929 code=0x7ffc0000
[  859.862569][  T836] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  859.944592][  T836] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  859.953676][  T836] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  859.975093][  T836] usb 6-1: config 0 descriptor??
[  861.197450][ T9063] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  861.215340][ T9063] SELinux: failed to load policy
[  861.295614][ T9074] loop2: detected capacity change from 0 to 1024
[  861.356304][ T9074] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  861.373733][ T9074] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  861.454400][ T9074] JBD2: no valid journal superblock found
[  861.460262][ T9074] EXT4-fs (loop2): error loading journal
[  862.516485][  T291] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  863.238498][ T9095] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2813'.
[  863.248114][  T836] usbhid 6-1:0.0: can't add hid device: -71
[  863.254590][  T836] usbhid: probe of 6-1:0.0 failed with error -71
[  863.270226][  T836] usb 6-1: USB disconnect, device number 2
[  863.336976][ T9101] loop5: detected capacity change from 0 to 1024
[  863.356374][ T9101] EXT4-fs (loop5): Ignoring removed orlov option
[  863.362835][ T9101] EXT4-fs (loop5): Ignoring removed nomblk_io_submit option
[  863.418429][ T9109] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2814'.
[  863.440652][  T291] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  863.450348][ T9101] EXT4-fs (loop5): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  863.483127][  T291] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  863.491957][  T291] usb 4-1: config 0 descriptor??
[  863.750789][   T30] kauditd_printk_skb: 237 callbacks suppressed
[  863.750806][   T30] audit: type=1326 audit(2000000417.779:5537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9071 comm="syz.3.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  863.781429][   T30] audit: type=1326 audit(2000000417.779:5538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9071 comm="syz.3.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  863.805496][   T30] audit: type=1326 audit(2000000417.807:5539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9071 comm="syz.3.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f025cf1252b code=0x7ffc0000
[  863.829059][  T836] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  863.836656][   T30] audit: type=1326 audit(2000000417.807:5540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9071 comm="syz.3.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f025cf1252b code=0x7ffc0000
[  863.860472][   T30] audit: type=1326 audit(2000000417.835:5541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9071 comm="syz.3.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f025cf451e5 code=0x7ffc0000
[  864.019294][   T30] audit: type=1326 audit(2000000418.032:5542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9071 comm="syz.3.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  864.043228][   T30] audit: type=1326 audit(2000000418.032:5543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9071 comm="syz.3.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  864.067418][   T30] audit: type=1326 audit(2000000418.051:5544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9071 comm="syz.3.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f025cf1252b code=0x7ffc0000
[  864.091211][   T30] audit: type=1326 audit(2000000418.051:5545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9071 comm="syz.3.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f025cf1252b code=0x7ffc0000
[  864.115230][   T30] audit: type=1326 audit(2000000418.069:5546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9071 comm="syz.3.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f025cf451e5 code=0x7ffc0000
[  864.260275][  T836] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  864.271284][  T836] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  864.282292][  T836] usb 6-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  864.292041][  T836] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  864.301608][  T836] usb 6-1: config 0 descriptor??
[  864.411528][ T9120] syz.2.2818[9120] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  864.411901][ T9120] syz.2.2818[9120] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  864.457160][ T9120] loop2: detected capacity change from 0 to 256
[  864.521793][ T9120] exfat: Unknown parameter ''
[  864.990321][ T9073] UDC core: couldn't find an available UDC or it's busy: -16
[  864.997780][ T9073] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  865.033656][  T291] usb 4-1: Cannot set autoneg
[  865.043647][  T836] arvo 0003:1E7D:30D4.001D: unknown main item tag 0x0
[  865.051055][  T291] MOSCHIP usb-ethernet driver: probe of 4-1:0.0 failed with error -71
[  865.061314][  T836] arvo 0003:1E7D:30D4.001D: item fetching failed at offset 5/7
[  865.074078][  T291] usb 4-1: USB disconnect, device number 23
[  865.082176][  T836] arvo 0003:1E7D:30D4.001D: parse failed
[  865.091756][  T836] arvo: probe of 0003:1E7D:30D4.001D failed with error -22
[  865.550980][ T9139] xt_hashlimit: size too large, truncated to 1048576
[  865.643960][ T9142] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3758424113 (240539143232 ns) > initial count (196541296192 ns). Using initial count to start timer.
[  866.551752][  T971] usb 6-1: USB disconnect, device number 3
[  866.651218][ T9178] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2839'.
[  866.673757][ T9178] netlink: 'syz.5.2839': attribute type 4 has an invalid length.
[  866.850856][ T9184] xt_hashlimit: max too large, truncated to 1048576
[  867.615635][ T9191] loop5: detected capacity change from 0 to 8192
[  869.041028][ T9215] syz.3.2851[9215] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  869.041150][ T9215] syz.3.2851[9215] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  869.071000][ T9215] syz.3.2851[9215] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  869.100253][ T9215] syz.3.2851[9215] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  869.116842][   T30] kauditd_printk_skb: 85 callbacks suppressed
[  869.116858][   T30] audit: type=1326 audit(2000000422.793:5632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9214 comm="syz.3.2851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  869.185179][   T30] audit: type=1326 audit(2000000422.793:5633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9214 comm="syz.3.2851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  869.252048][   T30] audit: type=1326 audit(2000000422.840:5634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9214 comm="syz.3.2851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  869.306875][   T30] audit: type=1326 audit(2000000422.840:5635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9214 comm="syz.3.2851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  869.320198][  T287] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  869.461837][   T30] audit: type=1326 audit(2000000422.840:5636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9214 comm="syz.3.2851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  869.512676][   T30] audit: type=1326 audit(2000000422.840:5637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9214 comm="syz.3.2851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  869.587930][ T9229] loop5: detected capacity change from 0 to 256
[  869.606411][   T30] audit: type=1326 audit(2000000422.840:5638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9214 comm="syz.3.2851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  869.724101][   T30] audit: type=1326 audit(2000000422.840:5639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9214 comm="syz.3.2851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  870.032181][   T30] audit: type=1326 audit(2000000422.840:5640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9214 comm="syz.3.2851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  870.662930][   T30] audit: type=1326 audit(2000000422.840:5641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9214 comm="syz.3.2851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f025cf12929 code=0x7ffc0000
[  870.728049][ T9237] device veth1_macvtap left promiscuous mode
[  870.745046][ T9237] device macsec0 entered promiscuous mode
[  870.795491][  T287] usb 3-1: Using ep0 maxpacket: 16
[  870.802492][ T9242] loop5: detected capacity change from 0 to 8192
[  870.934514][  T287] usb 3-1: config 0 has an invalid interface number: 104 but max is 1
[  870.942764][  T287] usb 3-1: config 0 has an invalid interface number: 104 but max is 1
[  870.960006][  T287] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[  870.976429][  T287] usb 3-1: config 0 has no interface number 0
[  870.986983][  T287] usb 3-1: config 0 interface 104 altsetting 0 endpoint 0x8 has an invalid bInterval 0, changing to 7
[  871.014480][  T287] usb 3-1: config 0 interface 104 has no altsetting 1
[  871.206951][  T287] usb 3-1: New USB device found, idVendor=1189, idProduct=0893, bcdDevice= 0.00
[  871.216151][  T287] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  871.224682][  T287] usb 3-1: Product: syz
[  871.228928][  T287] usb 3-1: Manufacturer: syz
[  871.233638][  T287] usb 3-1: SerialNumber: syz
[  871.239553][  T287] usb 3-1: config 0 descriptor??
[  871.597338][  T287] asix 3-1:0.104 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  871.616156][  T287] asix: probe of 3-1:0.104 failed with error -71
[  871.637219][  T287] usb 3-1: USB disconnect, device number 20
[  871.820757][ T9279] FAULT_INJECTION: forcing a failure.
[  871.820757][ T9279] name failslab, interval 1, probability 0, space 0, times 0
[  871.836962][ T9276] FAULT_INJECTION: forcing a failure.
[  871.836962][ T9276] name failslab, interval 1, probability 0, space 0, times 0
[  871.849658][ T9279] CPU: 1 PID: 9279 Comm: syz.0.2874 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  871.849691][ T9279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  871.849702][ T9279] Call Trace:
[  871.849708][ T9279]  <TASK>
[  871.849716][ T9279]  __dump_stack+0x21/0x30
[  871.849741][ T9279]  dump_stack_lvl+0xee/0x150
[  871.886161][ T9279]  ? show_regs_print_info+0x20/0x20
[  871.891373][ T9279]  dump_stack+0x15/0x20
[  871.895551][ T9279]  should_fail+0x3c1/0x510
[  871.899992][ T9279]  __should_failslab+0xa4/0xe0
[  871.904763][ T9279]  should_failslab+0x9/0x20
[  871.909270][ T9279]  slab_pre_alloc_hook+0x3b/0xe0
[  871.914228][ T9279]  __kmalloc+0x6d/0x2c0
[  871.918388][ T9279]  ? kvmalloc_node+0x242/0x330
[  871.923161][ T9279]  kvmalloc_node+0x242/0x330
[  871.927755][ T9279]  ? vm_mmap+0xb0/0xb0
[  871.931829][ T9279]  btf_parse_type_sec+0x1b0/0x1b70
[  871.936948][ T9279]  ? kvmalloc_node+0x242/0x330
[  871.941716][ T9279]  ? btf_verifier_log+0x2a0/0x2a0
[  871.946742][ T9279]  ? kvmalloc_node+0x26d/0x330
[  871.951557][ T9279]  ? btf_parse_hdr+0x60e/0x7f0
[  871.956329][ T9279]  btf_new_fd+0x4c5/0x920
[  871.960686][ T9279]  bpf_btf_load+0x6f/0x90
[  871.965021][ T9279]  __sys_bpf+0x515/0x730
[  871.969269][ T9279]  ? bpf_link_show_fdinfo+0x310/0x310
[  871.974771][ T9279]  ? debug_smp_processor_id+0x17/0x20
[  871.980152][ T9279]  __x64_sys_bpf+0x7c/0x90
[  871.984582][ T9279]  x64_sys_call+0x4b9/0x9a0
[  871.989097][ T9279]  do_syscall_64+0x4c/0xa0
[  871.993519][ T9279]  ? clear_bhb_loop+0x50/0xa0
[  871.998203][ T9279]  ? clear_bhb_loop+0x50/0xa0
[  872.002888][ T9279]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  872.008792][ T9279] RIP: 0033:0x7fa2055e2929
[  872.013217][ T9279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  872.032834][ T9279] RSP: 002b:00007fa203c4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  872.041352][ T9279] RAX: ffffffffffffffda RBX: 00007fa205809fa0 RCX: 00007fa2055e2929
[  872.049327][ T9279] RDX: 0000000000000028 RSI: 00002000000001c0 RDI: 0000000000000012
[  872.057329][ T9279] RBP: 00007fa203c4b090 R08: 0000000000000000 R09: 0000000000000000
[  872.065304][ T9279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  872.073275][ T9279] R13: 0000000000000000 R14: 00007fa205809fa0 R15: 00007fff5c609c68
[  872.081261][ T9279]  </TASK>
[  872.084697][ T9276] CPU: 0 PID: 9276 Comm: syz.5.2872 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  872.096013][ T9276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  872.106083][ T9276] Call Trace:
[  872.109369][ T9276]  <TASK>
[  872.112304][ T9276]  __dump_stack+0x21/0x30
[  872.116643][ T9276]  dump_stack_lvl+0xee/0x150
[  872.121237][ T9276]  ? show_regs_print_info+0x20/0x20
[  872.126447][ T9276]  dump_stack+0x15/0x20
[  872.130615][ T9276]  should_fail+0x3c1/0x510
[  872.135048][ T9276]  __should_failslab+0xa4/0xe0
[  872.139822][ T9276]  should_failslab+0x9/0x20
[  872.144331][ T9276]  slab_pre_alloc_hook+0x3b/0xe0
[  872.149275][ T9276]  kmem_cache_alloc_trace+0x48/0x270
[  872.154569][ T9276]  ? sk_psock_skb_ingress_self+0x5f/0x330
[  872.160307][ T9276]  ? migrate_disable+0x180/0x180
[  872.165256][ T9276]  sk_psock_skb_ingress_self+0x5f/0x330
[  872.170808][ T9276]  ? migrate_disable+0xd6/0x180
[  872.175676][ T9276]  sk_psock_verdict_recv+0x636/0x800
[  872.180974][ T9276]  unix_read_sock+0x10a/0x2c0
[  872.185662][ T9276]  ? sk_psock_skb_redirect+0x440/0x440
[  872.191133][ T9276]  ? unix_stream_splice_actor+0x120/0x120
[  872.196863][ T9276]  ? __kasan_check_write+0x14/0x20
[  872.201984][ T9276]  ? unix_stream_splice_actor+0x120/0x120
[  872.207713][ T9276]  sk_psock_verdict_data_ready+0x115/0x170
[  872.213539][ T9276]  ? sk_psock_start_verdict+0xc0/0xc0
[  872.218927][ T9276]  ? _raw_spin_lock+0x8e/0xe0
[  872.223669][ T9276]  ? _raw_spin_unlock_irqrestore+0x5b/0x80
[  872.229571][ T9276]  ? skb_queue_tail+0xcb/0xf0
[  872.234260][ T9276]  unix_dgram_sendmsg+0x11e6/0x1880
[  872.239469][ T9276]  ? stack_trace_save+0xe0/0xe0
[  872.244330][ T9276]  ? unix_dgram_poll+0x6b0/0x6b0
[  872.249279][ T9276]  ? security_socket_sendmsg+0x82/0xa0
[  872.254757][ T9276]  ? unix_dgram_poll+0x6b0/0x6b0
[  872.259709][ T9276]  ____sys_sendmsg+0x5a2/0x8c0
[  872.264480][ T9276]  ? __sys_sendmsg_sock+0x40/0x40
[  872.269508][ T9276]  ? kstrtouint_from_user+0x1a0/0x200
[  872.274885][ T9276]  ? import_iovec+0x7c/0xb0
[  872.279415][ T9276]  ___sys_sendmsg+0x1f0/0x260
[  872.284115][ T9276]  ? __sys_sendmsg+0x250/0x250
[  872.288914][ T9276]  ? __fdget+0x1a1/0x230
[  872.293183][ T9276]  __x64_sys_sendmsg+0x1e2/0x2a0
[  872.298140][ T9276]  ? ___sys_sendmsg+0x260/0x260
[  872.303007][ T9276]  ? ksys_write+0x1eb/0x240
[  872.307526][ T9276]  ? fpregs_assert_state_consistent+0xb1/0xe0
[  872.313647][ T9276]  x64_sys_call+0x4b/0x9a0
[  872.318071][ T9276]  do_syscall_64+0x4c/0xa0
[  872.322491][ T9276]  ? clear_bhb_loop+0x50/0xa0
[  872.327183][ T9276]  ? clear_bhb_loop+0x50/0xa0
[  872.331868][ T9276]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  872.337768][ T9276] RIP: 0033:0x7f330af6c929
[  872.342193][ T9276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  872.361806][ T9276] RSP: 002b:00007f3309593038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  872.370225][ T9276] RAX: ffffffffffffffda RBX: 00007f330b194160 RCX: 00007f330af6c929
[  872.378200][ T9276] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000008
[  872.386177][ T9276] RBP: 00007f3309593090 R08: 0000000000000000 R09: 0000000000000000
[  872.394150][ T9276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  872.402132][ T9276] R13: 0000000000000000 R14: 00007f330b194160 R15: 00007ffcc414e088
[  872.410114][ T9276]  </TASK>
[  872.432716][ T9281] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  872.480235][ T9281] overlayfs: failed to resolve './bus': -2
[  872.527547][ T9272] ==================================================================
[  872.535645][ T9272] BUG: KASAN: use-after-free in consume_skb+0x3a/0x1f0
[  872.542530][ T9272] Read of size 4 at addr ffff8881159ae22c by task syz.5.2872/9272
[  872.550335][ T9272] 
[  872.552662][ T9272] CPU: 1 PID: 9272 Comm: syz.5.2872 Tainted: G        W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  872.563945][ T9272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  872.574004][ T9272] Call Trace:
[  872.577286][ T9272]  <TASK>
[  872.580219][ T9272]  __dump_stack+0x21/0x30
[  872.584555][ T9272]  dump_stack_lvl+0xee/0x150
[  872.589150][ T9272]  ? show_regs_print_info+0x20/0x20
[  872.594351][ T9272]  ? load_image+0x3a0/0x3a0
[  872.598865][ T9272]  print_address_description+0x7f/0x2c0
[  872.604413][ T9272]  ? consume_skb+0x3a/0x1f0
[  872.608925][ T9272]  kasan_report+0xf1/0x140
[  872.613351][ T9272]  ? consume_skb+0x3a/0x1f0
[  872.617860][ T9272]  kasan_check_range+0x280/0x290
[  872.622799][ T9272]  __kasan_check_read+0x11/0x20
[  872.627653][ T9272]  consume_skb+0x3a/0x1f0
[  872.631988][ T9272]  __sk_msg_free+0x4f4/0x560
[  872.636594][ T9272]  ? _raw_spin_lock_bh+0x8e/0xe0
[  872.641551][ T9272]  ? _raw_spin_lock_irq+0xe0/0xe0
[  872.646597][ T9272]  ? skb_dequeue+0x125/0x160
[  872.651215][ T9272]  sk_psock_stop+0x4c9/0x570
[  872.655846][ T9272]  ? sock_no_sendpage_locked+0x130/0x130
[  872.661498][ T9272]  sk_psock_drop+0x226/0x300
[  872.666102][ T9272]  sock_map_unref+0x3c2/0x420
[  872.670805][ T9272]  ? sk_psock_link_pop+0x154/0x170
[  872.675933][ T9272]  sock_map_remove_links+0x3cd/0x600
[  872.681322][ T9272]  ? sock_init_data+0xc0/0xc0
[  872.686004][ T9272]  ? sock_map_unhash+0x130/0x130
[  872.690953][ T9272]  sock_map_close+0x111/0x440
[  872.695644][ T9272]  ? unix_peer_get+0xe0/0xe0
[  872.700239][ T9272]  ? sock_map_remove_links+0x600/0x600
[  872.705703][ T9272]  ? clear_nonspinnable+0x60/0x60
[  872.710736][ T9272]  ? security_file_free+0xc7/0xe0
[  872.715772][ T9272]  unix_release+0x82/0xc0
[  872.720108][ T9272]  sock_close+0xe0/0x270
[  872.724361][ T9272]  ? sock_mmap+0xa0/0xa0
[  872.728604][ T9272]  __fput+0x20b/0x8b0
[  872.732590][ T9272]  ____fput+0x15/0x20
[  872.736574][ T9272]  task_work_run+0x127/0x190
[  872.741172][ T9272]  exit_to_user_mode_loop+0xd0/0xe0
[  872.746373][ T9272]  exit_to_user_mode_prepare+0x5a/0xa0
[  872.751842][ T9272]  syscall_exit_to_user_mode+0x1a/0x30
[  872.757305][ T9272]  do_syscall_64+0x58/0xa0
[  872.761734][ T9272]  ? clear_bhb_loop+0x50/0xa0
[  872.766414][ T9272]  ? clear_bhb_loop+0x50/0xa0
[  872.771095][ T9272]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  872.776995][ T9272] RIP: 0033:0x7f330af6c929
[  872.781415][ T9272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  872.801209][ T9272] RSP: 002b:00007ffcc414e1e8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  872.809629][ T9272] RAX: 0000000000000000 RBX: 00007f330b195ba0 RCX: 00007f330af6c929
[  872.817690][ T9272] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  872.825664][ T9272] RBP: 00007f330b195ba0 R08: 0000000000000000 R09: 00000017c414e4df
[  872.833645][ T9272] R10: 00007f330b195ac0 R11: 0000000000000246 R12: 00000000000cd2d9
[  872.841622][ T9272] R13: 00007f330b194160 R14: ffffffffffffffff R15: 00007ffcc414e300
[  872.849607][ T9272]  </TASK>
[  872.852630][ T9272] 
[  872.854990][ T9272] Allocated by task 9276:
[  872.859312][ T9272]  __kasan_slab_alloc+0xbd/0xf0
[  872.864167][ T9272]  slab_post_alloc_hook+0x4f/0x2b0
[  872.869283][ T9272]  kmem_cache_alloc+0xf7/0x260
[  872.874055][ T9272]  skb_clone+0x1cf/0x360
[  872.878299][ T9272]  sk_psock_verdict_recv+0x53/0x800
[  872.883506][ T9272]  unix_read_sock+0x10a/0x2c0
[  872.888192][ T9272]  sk_psock_verdict_data_ready+0x115/0x170
[  872.894000][ T9272]  unix_dgram_sendmsg+0x11e6/0x1880
[  872.899208][ T9272]  ____sys_sendmsg+0x5a2/0x8c0
[  872.903977][ T9272]  ___sys_sendmsg+0x1f0/0x260
[  872.908661][ T9272]  __x64_sys_sendmsg+0x1e2/0x2a0
[  872.913600][ T9272]  x64_sys_call+0x4b/0x9a0
[  872.918022][ T9272]  do_syscall_64+0x4c/0xa0
[  872.922444][ T9272]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  872.928347][ T9272] 
[  872.930674][ T9272] Freed by task 287:
[  872.934568][ T9272]  kasan_set_track+0x4a/0x70
[  872.939173][ T9272]  kasan_set_free_info+0x23/0x40
[  872.944114][ T9272]  ____kasan_slab_free+0x125/0x160
[  872.949225][ T9272]  __kasan_slab_free+0x11/0x20
[  872.953995][ T9272]  slab_free_freelist_hook+0xc2/0x190
[  872.959368][ T9272]  kmem_cache_free+0x100/0x320
[  872.964137][ T9272]  kfree_skbmem+0x10c/0x180
[  872.968645][ T9272]  kfree_skb+0xc1/0x2f0
[  872.972805][ T9272]  sk_psock_backlog+0xa85/0xd80
[  872.977657][ T9272]  process_one_work+0x6be/0xba0
[  872.982510][ T9272]  worker_thread+0xa59/0x1200
[  872.987192][ T9272]  kthread+0x411/0x500
[  872.991260][ T9272]  ret_from_fork+0x1f/0x30
[  872.995683][ T9272] 
[  872.998010][ T9272] The buggy address belongs to the object at ffff8881159ae140
[  872.998010][ T9272]  which belongs to the cache skbuff_head_cache of size 248
[  873.012584][ T9272] The buggy address is located 236 bytes inside of
[  873.012584][ T9272]  248-byte region [ffff8881159ae140, ffff8881159ae238)
[  873.025949][ T9272] The buggy address belongs to the page:
[  873.031592][ T9272] page:ffffea0004566b80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1159ae
[  873.041829][ T9272] flags: 0x4000000000000200(slab|zone=1)
[  873.047471][ T9272] raw: 4000000000000200 0000000000000000 0000000100000001 ffff8881081aa600
[  873.056066][ T9272] raw: 0000000000000000 00000000000c000c 00000001ffffffff 0000000000000000
[  873.064648][ T9272] page dumped because: kasan: bad access detected
[  873.071057][ T9272] page_owner tracks the page as allocated
[  873.076767][ T9272] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 7942, ts 802741954131, free_ts 802739680172
[  873.092916][ T9272]  post_alloc_hook+0x192/0x1b0
[  873.097696][ T9272]  prep_new_page+0x1c/0x110
[  873.102204][ T9272]  get_page_from_freelist+0x2cc5/0x2d50
[  873.107750][ T9272]  __alloc_pages+0x18f/0x440
[  873.112342][ T9272]  new_slab+0xa1/0x4d0
[  873.116415][ T9272]  ___slab_alloc+0x381/0x810
[  873.121011][ T9272]  __slab_alloc+0x49/0x90
[  873.125433][ T9272]  kmem_cache_alloc+0x138/0x260
[  873.130288][ T9272]  __alloc_skb+0xe0/0x740
[  873.134624][ T9272]  audit_log_start+0x3c7/0x8b0
[  873.139392][ T9272]  audit_seccomp+0x62/0x160
[  873.143901][ T9272]  __seccomp_filter+0xb06/0x1900
[  873.148846][ T9272]  __secure_computing+0xea/0x290
[  873.153814][ T9272]  syscall_trace_enter+0xcf/0x180
[  873.158839][ T9272]  syscall_enter_from_user_mode+0x1f/0x30
[  873.164566][ T9272]  do_syscall_64+0x24/0xa0
[  873.168993][ T9272] page last free stack trace:
[  873.173668][ T9272]  free_unref_page_prepare+0x542/0x550
[  873.179129][ T9272]  free_unref_page+0xa2/0x550
[  873.183815][ T9272]  __free_pages+0x6c/0x100
[  873.188231][ T9272]  free_pages+0x82/0x90
[  873.192388][ T9272]  tlb_finish_mmu+0x248/0x300
[  873.197071][ T9272]  unmap_region+0x315/0x360
[  873.201577][ T9272]  __do_munmap+0xa0e/0xfe0
[  873.205997][ T9272]  __vm_munmap+0x15b/0x2a0
[  873.210415][ T9272]  __x64_sys_munmap+0x6b/0x80
[  873.215103][ T9272]  x64_sys_call+0xc9/0x9a0
[  873.219524][ T9272]  do_syscall_64+0x4c/0xa0
[  873.223944][ T9272]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  873.229842][ T9272] 
[  873.232172][ T9272] Memory state around the buggy address:
[  873.237799][ T9272]  ffff8881159ae100: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[  873.245858][ T9272]  ffff8881159ae180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  873.253924][ T9272] >ffff8881159ae200: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc
[  873.261988][ T9272]                                   ^
[  873.267361][ T9272]  ffff8881159ae280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  873.275433][ T9272]  ffff8881159ae300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc
[  873.283504][ T9272] ==================================================================
[  873.291561][ T9272] Disabling lock debugging due to kernel taint
[  873.297802][ T9272] ==================================================================
[  873.305884][ T9272] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0x100/0x320
[  873.314471][ T9272] 
[  873.316821][ T9272] CPU: 1 PID: 9272 Comm: syz.5.2872 Tainted: G    B   W         5.15.185-syzkaller-00032-g0d918fa8e88d #0
[  873.328111][ T9272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  873.338174][ T9272] Call Trace:
[  873.341559][ T9272]  <TASK>
[  873.344504][ T9272]  __dump_stack+0x21/0x30
[  873.348843][ T9272]  dump_stack_lvl+0xee/0x150
[  873.353439][ T9272]  ? show_regs_print_info+0x20/0x20
[  873.358645][ T9272]  ? load_image+0x3a0/0x3a0
[  873.363185][ T9272]  print_address_description+0x7f/0x2c0
[  873.368738][ T9272]  ? kmem_cache_free+0x100/0x320
[  873.373685][ T9272]  kasan_report_invalid_free+0x58/0x90
[  873.379161][ T9272]  ? kmem_cache_free+0x100/0x320
[  873.384113][ T9272]  ____kasan_slab_free+0x13d/0x160
[  873.389325][ T9272]  __kasan_slab_free+0x11/0x20
[  873.394097][ T9272]  slab_free_freelist_hook+0xc2/0x190
[  873.399477][ T9272]  ? kfree_skbmem+0x10c/0x180
[  873.404163][ T9272]  kmem_cache_free+0x100/0x320
[  873.408934][ T9272]  ? skb_release_data+0x94f/0xa10
[  873.413968][ T9272]  kfree_skbmem+0x10c/0x180
[  873.418483][ T9272]  consume_skb+0xb3/0x1f0
[  873.422816][ T9272]  __sk_msg_free+0x4f4/0x560
[  873.427413][ T9272]  ? _raw_spin_lock_bh+0x8e/0xe0
[  873.432369][ T9272]  ? _raw_spin_lock_irq+0xe0/0xe0
[  873.437402][ T9272]  ? skb_dequeue+0x125/0x160
[  873.442153][ T9272]  sk_psock_stop+0x4c9/0x570
[  873.446771][ T9272]  ? sock_no_sendpage_locked+0x130/0x130
[  873.452423][ T9272]  sk_psock_drop+0x226/0x300
[  873.457030][ T9272]  sock_map_unref+0x3c2/0x420
[  873.461717][ T9272]  ? sk_psock_link_pop+0x154/0x170
[  873.466863][ T9272]  sock_map_remove_links+0x3cd/0x600
[  873.472159][ T9272]  ? sock_init_data+0xc0/0xc0
[  873.476865][ T9272]  ? sock_map_unhash+0x130/0x130
[  873.481811][ T9272]  sock_map_close+0x111/0x440
[  873.486509][ T9272]  ? unix_peer_get+0xe0/0xe0
[  873.491112][ T9272]  ? sock_map_remove_links+0x600/0x600
[  873.496582][ T9272]  ? clear_nonspinnable+0x60/0x60
[  873.501618][ T9272]  ? security_file_free+0xc7/0xe0
[  873.506683][ T9272]  unix_release+0x82/0xc0
[  873.511027][ T9272]  sock_close+0xe0/0x270
[  873.515280][ T9272]  ? sock_mmap+0xa0/0xa0
[  873.519704][ T9272]  __fput+0x20b/0x8b0
[  873.523695][ T9272]  ____fput+0x15/0x20
[  873.527684][ T9272]  task_work_run+0x127/0x190
[  873.532279][ T9272]  exit_to_user_mode_loop+0xd0/0xe0
[  873.537488][ T9272]  exit_to_user_mode_prepare+0x5a/0xa0
[  873.542956][ T9272]  syscall_exit_to_user_mode+0x1a/0x30
[  873.548430][ T9272]  do_syscall_64+0x58/0xa0
[  873.552856][ T9272]  ? clear_bhb_loop+0x50/0xa0
[  873.557538][ T9272]  ? clear_bhb_loop+0x50/0xa0
[  873.562308][ T9272]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  873.568206][ T9272] RIP: 0033:0x7f330af6c929
[  873.572641][ T9272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  873.592253][ T9272] RSP: 002b:00007ffcc414e1e8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  873.600682][ T9272] RAX: 0000000000000000 RBX: 00007f330b195ba0 RCX: 00007f330af6c929
[  873.608746][ T9272] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  873.616720][ T9272] RBP: 00007f330b195ba0 R08: 0000000000000000 R09: 00000017c414e4df
[  873.624695][ T9272] R10: 00007f330b195ac0 R11: 0000000000000246 R12: 00000000000cd2d9
[  873.632676][ T9272] R13: 00007f330b194160 R14: ffffffffffffffff R15: 00007ffcc414e300
[  873.640667][ T9272]  </TASK>
[  873.643695][ T9272] 
[  873.646025][ T9272] Allocated by task 9276:
[  873.650357][ T9272]  __kasan_slab_alloc+0xbd/0xf0
[  873.655248][ T9272]  slab_post_alloc_hook+0x4f/0x2b0
[  873.660386][ T9272]  kmem_cache_alloc+0xf7/0x260
[  873.665295][ T9272]  skb_clone+0x1cf/0x360
[  873.669563][ T9272]  sk_psock_verdict_recv+0x53/0x800
[  873.674800][ T9272]  unix_read_sock+0x10a/0x2c0
[  873.679511][ T9272]  sk_psock_verdict_data_ready+0x115/0x170
[  873.685336][ T9272]  unix_dgram_sendmsg+0x11e6/0x1880
[  873.690555][ T9272]  ____sys_sendmsg+0x5a2/0x8c0
[  873.695350][ T9272]  ___sys_sendmsg+0x1f0/0x260
[  873.700066][ T9272]  __x64_sys_sendmsg+0x1e2/0x2a0
[  873.705033][ T9272]  x64_sys_call+0x4b/0x9a0
[  873.709474][ T9272]  do_syscall_64+0x4c/0xa0
[  873.713904][ T9272]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  873.719818][ T9272] 
[  873.722156][ T9272] Freed by task 287:
[  873.726055][ T9272]  kasan_set_track+0x4a/0x70
[  873.730663][ T9272]  kasan_set_free_info+0x23/0x40
[  873.735611][ T9272]  ____kasan_slab_free+0x125/0x160
[  873.740730][ T9272]  __kasan_slab_free+0x11/0x20
[  873.745506][ T9272]  slab_free_freelist_hook+0xc2/0x190
[  873.750902][ T9272]  kmem_cache_free+0x100/0x320
[  873.755676][ T9272]  kfree_skbmem+0x10c/0x180
[  873.760309][ T9272]  kfree_skb+0xc1/0x2f0
[  873.764484][ T9272]  sk_psock_backlog+0xa85/0xd80
[  873.769344][ T9272]  process_one_work+0x6be/0xba0
[  873.774205][ T9272]  worker_thread+0xa59/0x1200
[  873.778892][ T9272]  kthread+0x411/0x500
[  873.782968][ T9272]  ret_from_fork+0x1f/0x30
[  873.787397][ T9272] 
[  873.789757][ T9272] The buggy address belongs to the object at ffff8881159ae140
[  873.789757][ T9272]  which belongs to the cache skbuff_head_cache of size 248
[  873.804337][ T9272] The buggy address is located 0 bytes inside of
[  873.804337][ T9272]  248-byte region [ffff8881159ae140, ffff8881159ae238)
[  873.817448][ T9272] The buggy address belongs to the page:
[  873.823077][ T9272] page:ffffea0004566b80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1159ae
[  873.833323][ T9272] flags: 0x4000000000000200(slab|zone=1)
[  873.838973][ T9272] raw: 4000000000000200 0000000000000000 0000000100000001 ffff8881081aa600
[  873.847562][ T9272] raw: 0000000000000000 00000000000c000c 00000001ffffffff 0000000000000000
[  873.856170][ T9272] page dumped because: kasan: bad access detected
[  873.862587][ T9272] page_owner tracks the page as allocated
[  873.868296][ T9272] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 7942, ts 802741954131, free_ts 802739680172
[  873.884541][ T9272]  post_alloc_hook+0x192/0x1b0
[  873.889322][ T9272]  prep_new_page+0x1c/0x110
[  873.893928][ T9272]  get_page_from_freelist+0x2cc5/0x2d50
[  873.899483][ T9272]  __alloc_pages+0x18f/0x440
[  873.904077][ T9272]  new_slab+0xa1/0x4d0
[  873.908158][ T9272]  ___slab_alloc+0x381/0x810
[  873.912749][ T9272]  __slab_alloc+0x49/0x90
[  873.917403][ T9272]  kmem_cache_alloc+0x138/0x260
[  873.922268][ T9272]  __alloc_skb+0xe0/0x740
[  873.926615][ T9272]  audit_log_start+0x3c7/0x8b0
[  873.931398][ T9272]  audit_seccomp+0x62/0x160
[  873.935917][ T9272]  __seccomp_filter+0xb06/0x1900
[  873.940861][ T9272]  __secure_computing+0xea/0x290
[  873.945974][ T9272]  syscall_trace_enter+0xcf/0x180
[  873.951000][ T9272]  syscall_enter_from_user_mode+0x1f/0x30
[  873.956727][ T9272]  do_syscall_64+0x24/0xa0
[  873.961411][ T9272] page last free stack trace:
[  873.966083][ T9272]  free_unref_page_prepare+0x542/0x550
[  873.971614][ T9272]  free_unref_page+0xa2/0x550
[  873.976307][ T9272]  __free_pages+0x6c/0x100
[  873.980736][ T9272]  free_pages+0x82/0x90
[  873.985025][ T9272]  tlb_finish_mmu+0x248/0x300
[  873.989705][ T9272]  unmap_region+0x315/0x360
[  873.994208][ T9272]  __do_munmap+0xa0e/0xfe0
[  873.998623][ T9272]  __vm_munmap+0x15b/0x2a0
[  874.003041][ T9272]  __x64_sys_munmap+0x6b/0x80
[  874.007761][ T9272]  x64_sys_call+0xc9/0x9a0
[  874.012192][ T9272]  do_syscall_64+0x4c/0xa0
[  874.016648][ T9272]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  874.022556][ T9272] 
[  874.024878][ T9272] Memory state around the buggy address:
[  874.030506][ T9272]  ffff8881159ae000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  874.038570][ T9272]  ffff8881159ae080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc
[  874.046637][ T9272] >ffff8881159ae100: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[  874.054693][ T9272]                                            ^
[  874.060841][ T9272]  ffff8881159ae180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  874.068910][ T9272]  ffff8881159ae200: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc
[  874.076962][ T9272] ==================================================================
[  874.259396][  T333] usb 1-1: new low-speed USB device number 31 using dummy_hcd
[  874.488402][   T30] kauditd_printk_skb: 57 callbacks suppressed
[  874.488419][   T30] audit: type=1326 audit(2000000427.825:5699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9288 comm="syz.0.2878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2055e2929 code=0x7ffc0000
[  874.539132][   T30] audit: type=1326 audit(2000000427.872:5700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9288 comm="syz.0.2878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2055e2929 code=0x7ffc0000