last executing test programs:

14m14.382974852s ago: executing program 4 (id=1046):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$inet6(0x10, 0x3, 0x0)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x110e22fff6)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1980, 0x0)
r4 = socket(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
getsockname$packet(r6, &(0x7f00000003c0)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r7, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x585d4d9346027f5c}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000b80)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {}, {0xd, 0x1fff}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}}, 0x0)
close(r3)
syz_mount_image$ext4(&(0x7f0000000340)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x2104000, &(0x7f0000000600)={[{@sysvgroups}, {@resuid}, {@norecovery}, {@dax}, {@init_itable_val={'init_itable', 0x3d, 0x45}}, {@errors_remount}], [{@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@smackfshat={'smackfshat', 0x3d, ']#:'}}, {@smackfsroot={'smackfsroot', 0x3d, '@o'}}, {@defcontext={'defcontext', 0x3d, 'system_u'}}]}, 0xfe, 0x48d, &(0x7f00000006c0)="$eJzs3M1vFOUfAPDvbLel5eVXfogvIGgVjcSXlpYXOXjRaOJBo4keMJ5qWwiyUENrIoQoesAYD4bEu/Fo4l/gSS9GPZl41bshMaYX0IMZM7sz2F12y25Z2IX9fJKB55mZ5Xm+M/PsPPM8OwQwsCayP5KIzRHxa0SMR0S5cYeJ2l9XVs7N/bVybi6JNH3tzyT7WFxeOTeX/xPVJbOptiJN8/yGJuVeeDNitlJZOJ3np5ZPvjO1dObsU8dPzh5bOLZwaubw4QP7d48cmjnYlTizuC7vfH9x144X37j48tyRi2/9+HVW38359iKODjQLq85E7eg29WiHhfW7LavSSbmHFaEjW/L2Plxt/+MxFGNXt43HCx/1tHLATZWmabrGjex8CtzBkuh1DYDeKG702fNvsdyirkdf+OPZ2gNQFveVfKltKUcp32e44fm2m0Yj4sj5v7/IlljfOAQAQEe+zfo/Tzbr/5XinlX7/S+fQ9kaEf+PiG0RcVdEbI+IuyOq+94bEfd1WH7jDMm1/Z/SpXUF1qas//dMPrdV3/8ren+xdSjPbanGP5wcPV5Z2Jcfk70xvCHLT9d9pN53z//yWeO6T/Nh9olV/b9sycov+oJ5PS6VGwbo5meXZ7sSfBb/hxE7y83iT67OAyYRsSMidq6zjOOPf7Wr1bbrx7+GLswzpV9GPFY7/+ejIf5C0nJ+cvrpQzMHp0Y3VRb2TRVXxbV++vnCq63Kv6H4uyA7/xubXv+1+LNnxGQ0YunMP2maVhZOL3VexoXfPp5LWmzbvs7rfyR5vZoeyde9N7u8fHo6YiR5KcuO1a2f+e+zRb7YP4t/757m7X9b7fGseiTuj4jsIt4dEQ9ExIP5uXsoIh6OiD1rxP/Dc4+83WrbxKrLuD7+604vd0UW//wa5z/7ystSS2fOnqjO168jMXTi+29alZ+2df4PVFN78zXtfP+1W8EbOXYAAABwuyhVfwOflCavpkulycnab/i3x8ZSZXFp+Ymji++emq/9Vn5rDJeKka7xVeOh0/nYcJGfacjvz8eNPx8aq+Yn5xYr870OHgbcphbtP/P7UK9rB9x03teCwaX9w+DS/mFwtWj/Kw3vCAF3IPd/GFAjzVd/cKvrAfRE5/f/0ZtSD+DW0/+HwaX9w+DS/mEgtXw3vnRDr/zfrolyf1SjaWKsP6pRJKLUF9XoTmI0Il75pNYk+qE+qxPltv8zi/YSI41rNjTdudffTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//CGLpxQ==")

14m12.551179703s ago: executing program 4 (id=1052):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0xc)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000100)={0x35}, 0x10)
write(r4, &(0x7f0000000040)="1c0000001a009b8a14e5f40700426e2400000000ff", 0x15)

14m12.139877973s ago: executing program 4 (id=1057):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='.\x00', 0x0, &(0x7f0000002a00)=ANY=[@ANYBLOB="ae9043979191048239ea3a2ab5d2268ab0079c2c1778098c1a2be54127977cebfd0f53df19758ac5778888fe3e745a", @ANYRESHEX=0x0, @ANYRES16=0x0], 0x1, 0x37c, &(0x7f0000001680)="$eJzs3c+LG2UYwPEnu7PZZEs3OYiiIPugF70Mu6tnJUgL4oJl24itIEy7Ew0Zk2UmRCLiriev4s1/QLD0WPBQUG+e9uKtXrx4ci+CoEXEkfnx5ldnN9k0JWn7/UCbJ3nfJ/O+ySQ8b9i8OX73y48atcCuOW1ZKqjkRETuiZRlSYxccpGXDIfy8rk/7z5/+eq1tyo7Oxd2VS9WrryyrarrG99//GnRSrrdWZWj8vvHUvjt6OmjZ4//u/JhPdB6oM1WWx293vq17Vz3XN2rBw1b9ZLnOoGr9Wbg+kl7K2mvea39/a46zb3za/u+GwTqNLvacLvabmnb76rzgVNvqm3ben4ta7iPscIUOdWbu7tOZcoD3pgyD7P2TxiGpzT7fsVZFrGL97VUbz7UcQEAgIU0Uv9/bWqEsiz1CspcuhbIx/HwMiCq/03ca+nX/7de+LF97p3b62n9fyffr/+lbOr/V39J0obq/+joM6//vx25fn9F9Mg7OEvnB6r/sRg2hl+Rv/dX7Kmo/o9eDb0V/efv3dqMA+p/AAAAAAAAAAAAAAAAAAAAAAAeBffCsBSGYclcmn/9rxCk18219IvGq/MZLmbshOe/992v3vmAx9Llq9ekEG/cYa2LeF90qp1qcpm2m46bUpJ/4/MhlWw4cRg3aqQsP3gHnepKmrAc/18RUfHElS0pSXkoP44vvrlzYUsTSX58/INONWetRfk1qcf521KSp7LztzPz8/LSiwP5tpTk5xvSEk/20vcxk//Zluobb++M5Bfjfllef7hPCQAAAAAAM2erFtLlc3l4/Zus321bNas9WsvL4Po8+XzgJ8lYn29mrs+t0nPWfOcOAAAAAMCTIsh/0nA8z/WD7olBUcb1MX8NNNJkyZh7jgJrgj5Dwd04WDmtz/LADCe953z6CxqTDsMPujLxmE3w16pkPphmC9foFrMpsVfIflQnDMz8J+hcOOtT4AdLZ5+76wcb0Xh0qukMBPHHRjlLTuojl6LAPKQPdqwkMDvnjuv8zFff/D3dIXLprr2DTa/dNmfAqem5kVsOx5y0f4Th2PGsZL9bfDfNj8wAAAAAWBCm6C8G8x4JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABPrlnsjjYumPccAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEXxfwAAAP//3RHskQ==")
ioctl$VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x0, &(0x7f0000000080)})
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000bb00551a00000000000000001812", @ANYRES16=0x0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='xprtrdma_frwr_maperr\x00', 0xffffffffffffffff, 0x0, 0xe172ee5}, 0x18)
restart_syscall()
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000001680))
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f00000000c0)=0x1)
socket$inet6_tcp(0xa, 0x1, 0x0)

14m11.153845541s ago: executing program 4 (id=1059):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
utimensat(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000003c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001000000b7050000020000006a0a00fe00000000850000000b000000b70000000000000095000000000000009cc6b3fcd62c7d376238975d43a4505f80fc88943c4f0cf08e467b592f868ee30a0e8c1bf176db2a6b2feb4b6fd3d5707bfd2d84aaa3b1d4e984c46ea7e2a447a36f5662403e1b2be4cc7c2683908a0d411a9872971c7c56f0979bd10b97163c1d6d0e196bf02f46e8955bab512645cbe8d0d26ba98f7dc8f76b74635fc9f9de9ca3c00cb9bf4e418d07fa22f0610a70f2bdf4000000000000b0c2940dd8e263aa743f7555193161f45346b1004006000000e1ffff8816326d7d35c32aac1c7d5b5be399f6609876b5887437a172fbc02a74067529194e533583412dff048f0000000000000000b2728a04816cfb851cd364ff19ffcafe3e64be033c9d2f002cc93c1c13caec04a347383420336bec88c24a9fb6a6991ddb737d527d6acb15426415b6e8b14fdfa2c6e94bd0339454c13ad30000000000000003626165866c154e2514890000b515a1000000000000000eb2e9c15b6c8f6198282d0086fa0000c2ccf3f6d69cfcf1e15ea7a9e57aee78e12ace55736fa42811654e19a7e9b531636794a718b4766d744263b6681da2b2204d848619a3eb62e77460c048df8e72bfe31438163ec4270439b350274e5aa941bfc32ce08e3790dfb0c59bbe45cd27264669c187eed6d67b3be191137814bcb226b2078a1bc45502705d538d8723113445b08b0ac8dc2dfa17fd79ed5fd33b14b0adabf72df024dcde1ef330b927ce1a80474ce4f99a292c71456ec1abbfbb61dc9f0f71395a1751d35fa1000000"], &(0x7f0000000340)='GPL\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0xffff0000, 0xb00, 0x0, &(0x7f0000001a40)="2b206d074843b397737ea49da2aa", 0x0, 0xf000, 0x720e, 0x0, 0x0, 0x0, 0x0}, 0x48)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x1010000, &(0x7f0000000880)={[{@iocharset={'iocharset', 0x3d, 'cp864'}}, {@iocharset={'iocharset', 0x3d, 'ascii'}}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@iocharset={'iocharset', 0x3d, 'iso8859-15'}}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'iso8859-7'}}, {@uni_xlate}, {@uni_xlateno}, {@uni_xlate}, {@shortname_winnt}, {@fat=@codepage={'codepage', 0x3d, '737'}}, {@utf8no}, {@uni_xlate}, {@utf8no}, {@fat=@check_strict}, {@numtail}]}, 0x1, 0x371, &(0x7f0000000980)="$eJzs3UtoY1UYAOA/vWnSGdB2JwpCdCdomc5ON7ZIBwa7UQk+FmJwOipJFVostotJ60JxKbjUlTsFXbgQlyIo4s6FW0eRUXGhsxtw8Ehy87hN0seIrRS/D5qcnnP+c/77ILkNN6fPLUbz0nRcvn79WszMlKK8+Mhi3CjFXGTRtxPjKhPqAIDT4UZK8UfKjbbNTA4pnUBaAMAx6r7/vxARtZjLa17/8qD+ybs/AJx6vb//zxzUZ5/PASJeOZaUAIBjNvb5/717mivdn3L/13LhrgAA4LR64ulnHl1aiXi8VpuJWHtzs75Zj4eG7UuX46VoxWqci9m4GZFfKHQeSt3HCxdXls/VarV2/DwX9YiY6gXW8yuFpawbX42FmI25XnzvaiOllF34ZGV5odYVETvt7vyxVtqsT8fZ3vzfn43V4YVHf5DuU8TFleXztd4A9bV+fDtid3ijQif/+ZiNb58fDJNS/w7GleUrC/2kh/Gb9WpcGuyFfT8BAQAAAAAAAAAAAAAAAAAAAACAf2S+NjA3WD8ndZ7zlXLm5ye0d9fHyeN76wPt5usDpWqKlH5/7YH6W1nsWR9odH2eTQsJAgAAAAAAAAAAAAAAAAAAwMDGViUardbq+sbWdrNYaK9vbE1FRKfm5a8/+uJMjPc5pFDOp6hGDKao9abdbjZS1u+csojx8Kwzeb/mg08HGRf7VAdbMTGN6v5NrdZt9/z07rDm7qw/8l/DPllM3sCskMbDIyOv3Z6ndCs7alA4X6ypjs9+NaVUqHmjGH7l2fEBoxRRvvUDt92civ37pE7hq2sv3tnf+43PU+6++2efvPrO+782G63OzNE9gpX1jZup2Sj1Ox9h9t5wqXsIhudGKfJCqXgmlA8acHdvTSP77ren7nr7m6PthFSsebVzPo/0yfLN+Xg0vJIXOmmONJ0Zhk/3NqK1Oj3h5D+sUDymP27lIx0Sdcd7n32Y0g+/HHmKoamxl43Sv/DSAwAAAAAAAAAAAAAAAAAAjCh8V7z3pet23jB9UNSDj51QegAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwIob//79Q2N2JkZqjFP5sT4iqrq5vRFT+680EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB/7u8AAAD///APZHU=")
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c0000001200576d100000000000000007000000", @ANYRES32=0x0, @ANYBLOB="000002000000000008001d00ca0e00000a000100bbbbbbbb"], 0x3c}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x7, 0x4, 0x100, 0xe}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x9, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000070000850000001b000000b700000000000000850000000500000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x18)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@bridge_delneigh={0x24, 0x1e, 0x1, 0x0, 0x0, {0x7}, [@NDA_VLAN={0x6, 0x5, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
r6 = dup(r4)
sendto$inet(0xffffffffffffffff, &(0x7f00000002c0)="01a4acc7cf28ab9f6c7fc745c30bfc165466072a660bbf56352083db9d40454a67f8010000004bd29585885c89773ca3ba28a1e85ffe2a9220e0ecd440e345b745bf2146835ad015c801f9", 0x4b, 0x52, 0x0, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r7, &(0x7f0000000300)=ANY=[@ANYBLOB="080086dd00031100"], 0xfdef)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)

14m10.372883558s ago: executing program 4 (id=1062):
socket$nl_route(0x10, 0x3, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, <r0=>0x0, 0x0, 0x0, <r1=>0x0}, 0x2020)
syz_pidfd_open(r1, 0x0)
write$FUSE_LSEEK(0xffffffffffffffff, &(0x7f0000002040)={0x18, 0xfffffffffffffffe, r0, {0x8001}}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0xb)
syncfs(r2)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000002080), 0x0, 0x0)
setsockopt$CAN_RAW_LOOPBACK(r3, 0x65, 0x3, 0x0, 0x0)
r4 = syz_open_dev$loop(&(0x7f00000020c0), 0x9, 0x20002)
fallocate(r4, 0x0, 0x4, 0x6)
r5 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_INIT(r5, 0x29, 0xc8, &(0x7f0000002100), 0x4)
mount$overlay(0x0, &(0x7f0000002140)='./file0\x00', &(0x7f0000002180), 0x1820c0, &(0x7f00000021c0)={[{@nfs_export_on}, {@uuid_on}, {@redirect_dir_nofollow}, {@default_permissions}, {@redirect_dir_on}, {@volatile}], [{@context={'context', 0x3d, 'root'}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@pcr={'pcr', 0x3d, 0x39}}, {@flag='dirsync'}, {@defcontext={'defcontext', 0x3d, 'user_u'}}]})
r6 = fcntl$getown(r4, 0x9)
fcntl$setownex(r4, 0xf, &(0x7f0000002280)={0x1, r6})
gettid()
r7 = syz_io_uring_setup(0x23d5, &(0x7f00000022c0)={0x0, 0x84e4, 0x4000, 0x3, 0x3d4, 0x0, r3}, &(0x7f0000002340), &(0x7f0000002380))
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r7, 0xc, 0x0, 0x0)
fallocate(r7, 0x6, 0x8, 0x4)
ioctl$PPPIOCSMAXCID(r3, 0x40047451, &(0x7f00000023c0)=0x8)
getsockopt$inet6_int(r4, 0x29, 0x46, &(0x7f0000002400), &(0x7f0000002440)=0x4)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000002480)={'vcan0\x00', <r8=>0x0})
sendmsg$can_raw(r3, &(0x7f00000025c0)={&(0x7f00000024c0)={0x1d, r8}, 0x10, &(0x7f0000002580)={&(0x7f0000002500)=@canfd={{0x4}, 0x13, 0x0, 0x0, 0x0, "b63093dceba62b98b9be7cefc632f8b8cfa7150a9f2d80232dd2c68e1ef92d6b011c8b98739387cc174fbd9e627189b1280dbb076a011ab3da79ecb5a3a6b72a"}, 0x48}, 0x1, 0x0, 0x0, 0x40100}, 0x40014)
mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffe000/0x2000)=nil)
pause()
renameat2(r3, &(0x7f0000002600)='./file0\x00', r3, &(0x7f0000002640)='./file0\x00', 0x0)
open(&(0x7f0000002680)='./file0\x00', 0x48840, 0x4)
fcntl$setsig(r3, 0xa, 0x17)
ioctl$TIOCL_GETKMSGREDIRECT(0xffffffffffffffff, 0x541c, &(0x7f00000026c0))

14m10.007129134s ago: executing program 4 (id=1069):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x55}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0)

14m9.924788542s ago: executing program 32 (id=1069):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x55}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0)

5m11.547168479s ago: executing program 0 (id=3397):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000480), r5)
socket$igmp(0x2, 0x3, 0x2)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$igmp(0x2, 0x3, 0x2)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='net/raw\x00')
preadv(r6, &(0x7f00000011c0)=[{&(0x7f00000012c0)=""/214, 0xd6}], 0x1, 0x3b, 0xfffefff6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0)
syz_open_procfs$pagemap(r4, &(0x7f0000000440))
recvmmsg(r7, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000004c0)='./file1\x00', 0x3000046, &(0x7f0000000140)={[{@dioread_nolock}, {@data_err_abort}, {@jqfmt_vfsold}, {@delalloc}, {@data_err_ignore}, {@usrjquota}, {@data_err_ignore}, {@debug}, {@noblock_validity}, {@user_xattr}, {@block_validity}, {@errors_remount}]}, 0x1, 0x567, &(0x7f0000000700)="$eJzs3c1rHOUfAPDvbDZ9//2aQikqIoEerNRumsSXCh7qUbRY0IO3uiTTULLpluymNLFge7AXL1IFEQviXe8ei/+Af0VBC0VK0IOXyGxm07TZzW7SzUu7nw9MeJ6d2Tzz3Znvs8/sM8sG0LeGsz+FiBcj4usk4nBEJPm6YuQrh5e3W3x4fSJbklha+vivpLFdVm/+r+bzDuaVFyLity8jThbWtlubX5guVyrpbF4fqc9cGanNL5y6NFOeSqfSy2Pj42feHB975+23ehbra+f/+f6ju++f+er44ne/3D9yO4mzcShftzqOp3BjdWU4hvPXZDDOPrHhaA8a202Snd4BNmUgz/PByPqAwzGQZz3w/PsiIpaAPpXIf+hTzXFA89q+R9fBz4wH7y1fAK2Nv7j82Ujsa1wbHVhMHrsyyq53h3rQftbGr3/euZ0t0bvPIQA6unEzIk4Xi2v7vyTv/zbvdBfbPNmG/g+2z91s/PN6q/FPYWX8Ey3GPwdb5O5mdM7/wv0eNNNWNv57t+X4d2XSamggr/2vMeYbTC5eqqRZ3/b/iDgRg3uz+nrzOWcW7y21W7d6/JctWfvNsWC+H/eLex9/zmS5Xn6amFd7cDPipZbj32Tl+Cctjn/2epzvso1j6Z1X2q3rHP/WWvop4tWWx//RjFay/vzkSON8GGmeFWv9fevY7+3a32D8bc+jzcqO/4H14x9KVs/X1jbexo/7/k3brXss/uj+/N+TfNIo78kfu1au12dHI/YkH659fOzRc5v15vZZ/CeOr9//tTr/90fEZ13Gf+vozy93Ff8OnP9Z/JMbOv4bL9z74PMf2rXfXf/3RqN0In+km/6v2x18mtcOAAAAAAAAdptCRByKpFBaKRcKpdLy/R1H40ChUq3VT16szl2ejMZ3ZYdisNCc6T686n6I0fx+2GZ97In6eEQciYhvB/Y36qWJamVyp4MHAAAAAAAAAAAAAAAAAACAXeJgm+//Z/4Y2Om9A7acn/yG/tUx/3vxS0/AruT9H/qX/If+Jf+hf8l/6F/yH/qX/If+1SH/v/l0u3YE2Hbe/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly1Liw+vT2T1yavzc9PVq6cm09p0aWZuojRRnb1SmqpWpyppaaI60+n/VarVK6NjMXdtpJ7W6iO1+YULM9W5y/ULl2bKU+mFdHBbogIAAAAAAAAAAAAAAAAAAIBnS21+YbpcqaSzCs9nobjVTRR3S6QKPS3sdM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8FwAA//9SSDk+")
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_MSRS_cpu(r9, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0x40000097, 0x0, 0x1}]})

5m10.070068495s ago: executing program 0 (id=3404):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000280), 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r7, <r8=>0xffffffffffffffff}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x10)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x3c8, 0x238, 0x238, 0x238, 0x98, 0x98, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev={0xfe, 0x80, '\x00', 0x18}, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x6c, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {}, {0x7, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x3c, 0x2, [@TCA_FLOW_EMATCHES={0x38, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x2}}, @TCA_EMATCH_TREE_LIST={0x2c, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x28, 0x1, 0x0, 0x0, {{0x8, 0x9, 0x40}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x3}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x7}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}]}]}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40}, 0x2008c014)

5m8.471066873s ago: executing program 0 (id=3411):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x240, 0x5}, 0x9, [0x6, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x5, 0x25cd, 0x1, 0xa4, 0x6, 0xa2b9, 0x6, 0x7, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x8, 0x9, 0xd, 0x4, 0x12a3, 0x9, 0x1, 0x2, 0x4, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x4, 0x0, 0x91, 0x4, 0x4, 0x7, 0x2, 0x5, 0x400, 0x7ff7, 0x5, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x3, 0x1, 0x1, 0x7ff, 0x4, 0x9, 0xffffffff, 0x6, 0x6], [0x9, 0x3, 0x6, 0x5f, 0x4, 0xc66, 0xa8a9, 0x73, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x9, 0x4, 0xa, 0x1000, 0x0, 0x200b398, 0x400000, 0x0, 0x2, 0x1c, 0x7, 0x1, 0x2, 0x54f5bad8, 0x8, 0xfffffffd, 0x7, 0xffff58b9, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00040, 0x5, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x3, 0x762, 0x1cb, 0x1, 0x4, 0x6, 0x438, 0x2, 0x9, 0x95, 0xfffff50f, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0x1, 0xffff, 0x3, 0x2, 0x2e6bf783, 0x80000001, 0xb, 0x5, 0x491, 0x8d3, 0x6, 0x8, 0x3ff, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x7, 0x5, 0x8000003, 0x5, 0x9, 0x0, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x100006, 0x8000, 0x400, 0x3e55, 0xff, 0xd3, 0x8, 0x3437, 0x3, 0x9, 0xfd, 0x401, 0x101, 0xdd80, 0x60a2, 0x17fc, 0x9d26, 0x0, 0x8, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x4, 0x10000, 0x1, 0x8, 0x1], [0xa772, 0xffffffff, 0x5, 0x1afa, 0xbfc, 0x8, 0x7c81, 0x7f, 0x56, 0x40, 0xff, 0x5, 0x7fffffff, 0x7, 0xe, 0x9, 0x81, 0x3, 0x9d86, 0xd, 0xfffffff7, 0x8, 0x40f1, 0x2, 0x3, 0x6, 0x80000001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x624dfaee, 0xc, 0x7f, 0x1000, 0x1ff, 0x2000003, 0xffffffff, 0x10000, 0x0, 0x8001, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x1, 0x8, 0x13ffd, 0x1, 0x1b18]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01080000000000000000070000000900010073797a300000000014000000890a010400000000000000000700000014000a0101000000000000000007000000140000001000010000000000000000000084000a"], 0x70}}, 0x0)
sendmsg$NFT_MSG_GETOBJ(0xffffffffffffffff, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2a, 0xc0, 0x7, 0x6, 0xfb, 0x2, 0xf, 0x4, 0x3, 0x0, 0x3, 0x58, 0x9e, 0x6, 0x6, 0x7f}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x180, 0x4, 0x14, 0xf1, 0x0, 0x7fffffffffffe, 0x7, 0x5, 0x3, 0xfffffffffffffffe, 0x45, 0x4, 0xbdb], 0x1, 0x1c4213})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
dup(r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f00000002c0)={[{@norecovery}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}]}, 0xee, 0x474, &(0x7f00000004c0)="$eJzs3EtsG0UfAPD/rvNo+viSr5RHSwuBgqh4JE36oAcuIJA4gIQEhyJOIUmrUrdBTZBoVUHhUI6oEnfEEYk7Eie4IOCAkLjCHVWqql5aOBmtvZs6jp06tRu3+PeT1p7ZXWfm79mxxzN2Auhb49lNErE1Iv6IiNFaduUJ47W7G9fOz/597fxsEpXKm1eT6nnXr52fLU4tHrellqlUIoaz5HCTci++EzFTLs+fyfOTS6fen1w8e+65E6dmjs8fnz89feTIwQN7hg5PH+oovjS/z+K6vuujhd07X3370uuzRy+9+/M3WX235sfr47gtWbQNxmvPbqNHs5snOyrsrvJrdrOtbkcy0PrkiQ2oEO0rRUTWXIPV/j8apRhZPjYar3za08oBd1SlUqk0e3/OXagA/2FJ9LoGQG8Ub/TZ599i26Chx13hyou1D0BZ3DfyrXZkYHnuYLDh8203jUfE0Qv/fJlt0Y15CACAW/g+G/8822z8l8YDdef9L19DGYuI/0fE9oi4LyJ2RMT9EdVzH4yIh9ZZfuMKyerxT3r5tgJrUzb+eyFf21o5/itGfzFWynPbqvEPJsdOlOf358/JvhgczvJTa5Txw8u/f16kNzUcqx//ZVtWfjEWzOtxeaBhgm5uZmmm07gLVz6J2DXQLP4kimWcJCJ2RsSu2yzjxNNf72517Nbxr2GNdaZ2Vb6KeKrW/hdiRfw3myppuT459fzh6UOTm6I8v3+yuCpW++W3i2+0Kr+j+Lsga//NTa//5VXgsWRTxOLZcyer67WL6y/j4p+f1fXpFavLWfzptxHrvv6Hkreq6aF834czS0tnpiKGktdW75+++dgiX5yfxb9vb/P+v72uxg9HRHYR74mIR/JF3KztHouIxyNi7xrx//TSE++1Oraq/UeK+NeYle+iLP65W7V/1Lf/+hOlkz9+13b8Tdv/YDW1L9/TzutfuxXs5LkDAACAe0Va/Q58kk4sp9N0YqL2Hf4dsTktLywuPXNs4YPTc7Xvyo/FYFrMdI3WzYdO5XPDRX66IX8gnzf+ojRSzU/MLpTneh089LktLfp/5q9Sr2sH3HFdWEcD7lH6P/Qv/R/6l/4P/Uv/h/7VrP9/3IN6ABvP+z/0L/0f+pf+D/1L/4e+1PK38WlHP/nvcaL43wkd/J2rvY+i48TInSwi0t4H2BeJgU4u43YSw00P9fiFCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv+DQAA//9L2OJW")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x28)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$EXT4_IOC_GROUP_ADD(r4, 0x40286608, &(0x7f0000000080)={0x40000009, 0xe74e, 0x80000006, 0x10009, 0x9, 0xed})

5m3.85098247s ago: executing program 0 (id=3414):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00'}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x4c, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x10, 0x3, 0x1, 0x3, 0x400, 0x8}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

5m3.591326825s ago: executing program 0 (id=3418):
r0 = socket$inet6(0xa, 0x2, 0x0)
pipe(&(0x7f0000000040)={<r1=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32, @ANYBLOB="000000000000000024001280110001006272696467655f736c617665000000000c000580"], 0x44}}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x2a, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000fff000/0x1000)=nil, 0x1000, &(0x7f0000000000)='%\x00')
mincore(&(0x7f0000ffd000/0x3000)=nil, 0x3000, &(0x7f0000001180)=""/4096)
splice(r1, 0x0, r2, 0x0, 0x4ffe6, 0x0)
pipe2$9p(&(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r5, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r6 = dup(r5)
write$FUSE_BMAP(r6, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r6, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r7}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r8}, 0x10)
write$FUSE_NOTIFY_RETRIEVE(r6, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./bus\x00', 0x10040d0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './file0/file1'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0/file1\x00', 0x200810, 0x0, 0x0, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
syz_emit_ethernet(0xfef3, &(0x7f0000000200)={@local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x64, 0x11, 0x0, @remote, @local, {[], {0x4e20, 0xe22, 0x64, 0x0, @wg=@response={0x2, 0x1, 0x100004, "628e0960f6d6d3f6ee6d6b84b345dccac643e7df3e526ff07833b291322d4a74", "882ed6741e7632daeaec0c95f2ad1cd6", {"8fb3d9fd3efe8e4ea8b5ec7448ddd6a3", "215990e1b896120966af96b22cf049f0"}}}}}}}}, 0x0)

5m2.096438822s ago: executing program 0 (id=3422):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000280), 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r7, <r8=>0xffffffffffffffff}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x10)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x3c8, 0x238, 0x238, 0x238, 0x98, 0x98, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev={0xfe, 0x80, '\x00', 0x18}, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x6c, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {}, {0x7, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x3c, 0x2, [@TCA_FLOW_EMATCHES={0x38, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x2}}, @TCA_EMATCH_TREE_LIST={0x2c, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x28, 0x1, 0x0, 0x0, {{0x8, 0x9, 0x40}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x3}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x7}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}]}]}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40}, 0x2008c014)

4m46.862137906s ago: executing program 33 (id=3422):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000280), 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r7, <r8=>0xffffffffffffffff}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x10)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x3c8, 0x238, 0x238, 0x238, 0x98, 0x98, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev={0xfe, 0x80, '\x00', 0x18}, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x6c, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {}, {0x7, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x3c, 0x2, [@TCA_FLOW_EMATCHES={0x38, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x2}}, @TCA_EMATCH_TREE_LIST={0x2c, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x28, 0x1, 0x0, 0x0, {{0x8, 0x9, 0x40}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x3}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x7}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}]}]}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40}, 0x2008c014)

2m38.25478966s ago: executing program 6 (id=3982):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x9031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net\x00')
fstat(r3, &(0x7f0000000080))
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$UI_SET_KEYBIT(r3, 0x40045565, 0x3b)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x18)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SHOW_PORTS(r5, &(0x7f0000000980)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000940)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x20044884)
sendmsg$NL80211_CMD_GET_REG(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x80)
wait4(r0, 0x0, 0x1, 0x0)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000580)={0xec, r6, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x10001}]}, @TIPC_NLA_SOCK={0x64, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7fc}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x10}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x10000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5e99}]}, @TIPC_NLA_BEARER={0x4}, @TIPC_NLA_MEDIA={0x4c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6d529237}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x49}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x200}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x34531a4f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3c}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fffffff}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_BEARER={0x8, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x4}]}, @TIPC_NLA_LINK={0x4}, @TIPC_NLA_PUBL={0x4}]}, 0xec}, 0x1, 0x0, 0x0, 0x40000}, 0x4000040)

2m37.792143016s ago: executing program 6 (id=3985):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f0000000200)='.\x00', 0x82000714) (async)
inotify_add_watch(r1, &(0x7f0000000200)='.\x00', 0x82000714)
close_range(r0, 0xffffffffffffffff, 0x0)

2m37.617490313s ago: executing program 6 (id=3987):
sendmsg$NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, &(0x7f0000002300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x240088c0}, 0x54)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
unshare(0x26020480)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x2000000, 0x4, 0x10000003, {0xa, 0x4e21, 0x8000008, @dev={0xfe, 0x80, '\x00', 0x94}, 0x9}}}, 0x3a)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
syz_emit_ethernet(0x3a, &(0x7f00000007c0)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x5, 0x0, @dev, @private=0xa010100, {[@ssrr={0x89, 0x3, 0xce}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)

2m37.617250423s ago: executing program 6 (id=3988):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
ftruncate(r0, 0x8800000) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000400)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
syz_clone(0x20002000, &(0x7f0000001e80)="4742c67309f6d886d34b570275b825925035ee3e038b6b2df386e27a47909dac416bdb5e3b5d12f0f4abdf6ebd557f9d4484d290bd25d928da34c9cde14d263f9732823fe89f5400f69f80210a1964560a0cff960768e45d232bc60bbadfe85b593ab58d727e94285a27f106e5cc9abed1b36c88bb68d975d806443e2271eb82922c92e9dbdfa95a2e8638ca95f9e4b3f68fad55709b5b177c3736b63c8659ed9b2205e52f7566588b1973ea7c193f9f40c2c30aaee370732d5e9239b531f607d818d831d1815b6d887068b7bdb8620506123917f47fe3b833df834863b6044dc7347c1caf77edde346fb7c14e7005c9a5c0c95d5da1996593673e702e63ebe6a5d44291e3ecdf6c85d4e8c190d93adfe09239b97fe557933d4243d0ce8d19e4ff3dc5e017285899f0bcc01ce90d36dbfaa7028130e366f5f3c99154bb1275ed9ce55f0ef5ec13e63212dac727faca539c351c76770bb58564219becdb932c90bf72514ee07c3f2382fee166d4862a06c6de972fceca0755270e0feca6ad21b4d73f257f2739aa9a5d5e26f2c100b584701c9b873f744de3652adbba162e5c44432660b5229c7cabddd0f13e031a6fc890a43df95692b11d504aa66633c1e80030edb3e2da7623c33d9fc37620003a92f4c416b5681212a5d12548dead91c53279328104f9a009d9945ca79875281c1edf4ef60911bbeea39cc1c8004c5b4f31c2fafa16cc39438dbb8641ddf417491193482014dc1f5401da729f4ec2d168787bf8dc3960a2c3f292198f7eae6003cf1cd45c6791b97451448827116240a71a509a2c75ac99bc2b0fd088cb1954727137c696bcb693a21eb61898228def44119663a8256c509188d0bc2311a401257dc6aeb155da4ca932a9657828f772326c71a13dd38ce0bbfc00067ccd42254b6539aad0e3a4016184ce272c083fe7404cb7f25b842794744382e54be6d37b85665142bd681e07f99fd7a4dcac1eeb75c8024532af78ebbb0b4441518c33ce80b9b39c756f4bb3ecfbca82dde6e70c83cdbe86adf295126c402b0aefddd89144bcc12787f1a054b88610cb13e31ece15b841e534257f781479bc0fac441a8cfb8ff48505a8f93cad71eb4dbff60fea1f212a6b79f196388ddd7243295c0624d66e8ab40fd1b8445bf6d11662f334b3aecb0498f10bde7f98a8c0fb4a768268094cdb19f7891645fe50934d40b72f043a17467a5779a9950027f39eda28fcc8cf24a3d01c270ac4e4cfcb148cf29fbde524ba8c8ec97d33e699ef6a8262362d4d2d1373236db6f3d6aec5915a37dfb712e74a99b8c5cfb8e79496a8ee53020a3bdc81d368d38fdd19d8641ed12779000b45d9a3919de45d2a7c9db80bb13248f13ba79a75017a8040e31a532ef73a548257f9d91c9ca8f54e495af1749ee79c90f3e95a0eec66e2f5d16a07c4050c34d688e222dca98e1c009657020a16fe8e97a65c7edf8ab8319665c46376df06028d2b7ca768df1e1c00eb10aec3e0f64a7d13e54021e203a9dd5e02ba22d7edcc5650a10bb90972c11df05379afd81b51d28e1afaa103c7cd23356a88fb96d1d199cc46d52fc4c359d2b9d6d42b35cf7816ce60668f3499fd97db9992ed9df964404a1d80097dcacdb677e85b923b52a28c02f917f32083f1842a22167ce5a2dd489ec740e8cf07721ee57f4e5d748b51284aade1556f5871d79dac2fcb7c42461bd14029f8d5242065ea94883075289e7dd1f38af86be98d90d4e216e0022364b462dde46d02e1367d40ea9620701c85b9bb02c9bdc09e097a1c7186f9b48627e847e644de3580da2578b7b6ed9781919b27caa08afab188bcd73b33ae280173569aec8f2e5776733ddaa715efa9ad86bc41c8f216b3930a18cb6dee95abec7a173c9a9333b6f470e90968f198fa683288187728fd595d2a482ebb665dcda6310913734e1f217cdb47e04516cd1623cd618d514c7e290070cabe0796ca3b20ee9a4039da58256c27da0a1ec3eef4c1d0d3cafe2d51c1c125c4888e4b4ec7ee006e909aeb23d1a01b9a45256c8cfe4dac2923b7bec9fe1506c3b133bf068d79c6696fc5055bfe045998ca3c8757c744116bbfa15c51029908ef31fe217acf330ec3375d8253759fd0277f3e657817307192c8d5005223f5b7e543d245ce00282f6c0454bb8f8c79859d11c55fdafbbfc1046a1a4f186d129ab38a9788dd67978cd774ca5b3e6e57db05598f46e4e070f2affe346290a8d8b757572ed50d29fe30deb61ae48fbea9e15472bce28d7c487d6e0097a87f9999ea4154102cf7a42f3ebb6b3a53d28c765dc09f30c57d5b5c3dd8669152d9d75212400b43bbf6d319b0f8de34ba2b9c46015bdb6dcb76c1859d0280815bbd5ccf4985ddc5409adcc0182074d6b736c383df1517013d236a19c18e888a3ceeea9ec35004ce21035ed0e77970f9e7828c58e7c099865ff5d5058f94cad55439f4fc9b34325c2924512c855b883faad91bd0507fd88d915dcc72c010bd4e51a3d66724fa4a96ba4a1bf4790f5908bed05996149d649130b95a52517a1ae5aa2ae8fe50234a4090dc1d42da92449412253c8e78844813c7fe0606145ecbffc2c728fce8afe76f7049084525558ce3a16471df55f841ed4f4629aeb8ece080d8a52dc823fdc5f9b59713a331c4544575dd0074bf63f80afec47836ca66850bc44e83143235fbd3deee7ecfb3d7c4f5bfaa4f4b8fede7213265a45ad5f1c0d04b6dbea75fccc9ca0277623c9cda9d13b412b2ccb853eece5d3b020f4830989dd31094eecb0dd17e5f0bca9c22d402d7aa5d6bc6e5a3951a9b37262c3174cabc771083fc23a6c72f519a15c4a0d0cea52e7aa61bd7a552f54b1de621ff4f5ab6916c9a4094d90e23db594ccde050aaa8712243f201691fb623b898c81d9cc717d2bce55f59c5d12498bd3220bcc03f2040a92e41971b5fd29857212fad9934a0e515be457da983698d963215c94cbc4d533867f82468ed4ce8877a79d7ee2a8d35c45a29c498ca86bb4f6f581bbc419b0f641eb36535c325d4b056d5a89bdfa45ee3f09a2749fa81e8655b050d3f30e14933a65e1a8cc442b8bf5f717eb10b2685688207a2e61bbd2e5c63d4388c0ca4600a169ffbd288ab587ebfdfaa9d7146934eab9c0e0d631ac5016a41cab36bec6f5f87f1af6b3e96fcba670774896654b081b07e07f1e651116f50d72410a985e713578458fe1393a61220b3c7215229628a49efa1b46a938f28ddfe42742511ec55ef7956acdb4b4746720d5c69dbe7975cc10643053740ba82887f418e95ae995e15cd1ff34c30196dc3c2b48696945a35a5ca76c97788f6e983a68b36d9df7900e50fc5553614c65a08f225879b0df02a9f8bf26effa897037cf38930f7e95e8f5a6ec7292afb3f15a2c0d336a2ebc6f8626fd6b0755301f1f23167ed2ff2c99a71681f6f5dc180ef6c7063d93ef3a871308e0e02fb358cc00585c60b94ad8bf748d8ffe3d46a04580b1cc1180ce44a8dd23a9dc1cb3e436c22f1a4ffe2e72493c26aff071862de3e3835a850be303af274b926ab3e1d857a8a1adf397e26fe00cd406bef1319b7b5c926c9e5e1f5f2a6bbb65121c9150a084fbc8d6535063c155702428f82c8ce9238262fdb12f9228043ba87272b3a5611e395e25e4086450322a7aad920d378e1aebaf40c4a0cbf1c5b3874e7239dcb2e326392832cc50e00517c6fc9bec3a6dc0b83f6e5ec6a4b144179e8d379126d1228e943d02f0d30341ca0f4112522602fcb9a905048c9a644efb434984dc3b872355e811256e395f439fa8a35820dab2320a0cb9c8e150788e0ef12a2d9eb58b20435bd2027912b0f6955f6fc4fe4bd063adc73f199ca71e5210d70ca6a8fba73b126d902b41c496840386f60e69fee9941cb8d84a340cb142ee9b4f98901c83a434674d8310864e0508e45ebedf6dde4ec08cbeb60048e81076f2687ad42761b8a01b2d58a41ff0946b788dacc2194cae8f959feabc854e8b1660fa6aa48c938d403d99ac78158a972f325c6be27f5bd19571e48b2f107f5812a99912a3142c8b8d2ca9d91322016a1b337877ac9b0ebe1fa85e4ac8f5057f0f231da5c4eec83db4ef81cf6d9c03a8e9726c31ec059e02084521fb7c76af23b5fa52c52dfa5e9af0c2826ffe128bb120fa780c966317b34eae418a6b0183abfb0c302be79f72fc9abd6a47b0815ec97a54549b79f4561a42abd582e17bbca9a5bc3f5a4e6e739fac30d6bdaf75acc53e8369bc5a9a55c34845c7bee7a14acd717e8e5b4e891e1caa9b8bc766cdb3c7c4e5811bb09f034aba71fb3ccda79946f5f90412179b6e269b3146098ebfcd6590753fbf2b19a81374c1abebad4ced143e37853180f8db6bb8df93ce6d05c1652b16d27098986026d7c5398cb0173cd62999e64e343a27fd7f8919d6eb1f2d535ed19adabe1e70bee81b8ac9383d8dbccf3d5009d85d2ffa86f5fbaebe9a4a75a3381b3a22ae124a90b290a15185a03f515bf51fe74d13c7502e393a5fdca8c9ae539c5ffcac053a3a3197333befe84f386f7ca1d949563dfc76d11ddb5b06ab72f7982c5645602b3c090c30fc61c57668078be5b25b26e4ae7faec665f4cd86a8f6de8180516b3d38a145535803b49808781835e7d1cdbbab596b35f836f4ea6614d6bf35f0bb182954546d17ef4bc2c8ff031fd13bbf46a68c74645f7eae3e9665bdf25de80f1bfdca4ad2a0ad01de4c9d1bd8bac244ba7104ecedb033c0f09b3445ff307a9cf8148129c7db1e48b0007abf628d1c3ca48e25585a02fe2c45ba8858c5ac0278e88a3e4f1a1fd32f9455c74c6ef21fc720da15742ed928c1e9255cda122314fbbf9016d0a8240d1560e69d92cfc6c63b52783a6f08c6ec2cdf71adb7d79f332ea94934b9684adf24cb6337663f7419378266e41aaa554d5a0382a0d7293cd80765d64ab1aa02d0da15ce809d5d1b1e83250acdc879dcf00aaee8d43967fb505d2f39d06b2b4d051873810bbbfc8bdeec5c0fcb114375e3c4e5927084aea8ff950c59fcd3d6478be2efe6a640be4eb8fd55d593ac04fe76a8c6171d8a8d142745f1e27c1f65e00c2843fad5cffc60d187ab5cd477fa584d724061a659667300958cf048c3c49efb01427f299f84784e974783a05880859ee61d95819660019066f716795215f1ac35223ebeaa60511a390419c037ddd9dd48b01985766778aa234be28601116bc64d0020ba9e6b1b0e70a48f23e54dadf5624077c91e3b5836fd0327b1b71f2ff3b2467957fbfc01b720ae32531b94776822839d0e02145df4d82fade1bd42d7e30a2930d2baaf765cd28e5bc1e970445d467d4de9cac00b2d6923d7ab6f2a0f8d3f5c0aede410b51f27ad5d630abaf7f5dec6c71d6bb8a88119268d96fe4d336e230d450f225df7ff3d91733b1aaf215e2755d78ec29703aed4295ee1c49866b3ed10cd93034cd84b1bf4719142755aad92d14ac967404dcc0ec05c9237d00e1ce57ac889dc414830bc40e66b8ebbfb83e5676745d8d5853366b0abd81d706fd151af0c98a167abb0d70d738aeda1949fdadb87ecb10858603626de6492e88aebbb855d256e3139cd54a440df73b1453cc6d83466a9cee5b7f69535b8ebb05bf6a562bb272b9b4794db7b38800bba0d5c397cdec21da7fe8aafaadc817d2b77a70c785ad96d04342515b2351200866ba9dc2f761af4ddc4621c62953c7a1d7d59be3d0ad0a99196368fe15e46a436162c6ca109b2b58353e3c860e206cb558a2cb1420e3d5cefd1d013701a9831438", 0x1000, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000003500)="c285f35ff5513dc34e51d7ffb63e5e674ebddb596d3eee7276ba1986162d5e5070afe9d256a45c4ecbc9f8a731113dd06c5e32f3a181e8b7dd5adb3c2f277fb4d387540ed4d164dba41c637ee73dc0da804278e72994c4447dd0be7189778bc8715c59ef1b2c98992f0cdbdbce3c5a147e911d9d01b82fb565efb25fd2c2d2ba69bd131cf4a54fd149402bc467f3601d3fb221d7cff7a358e39715f32143af441973d3bae8be1f49a960d66427e783b79327ec2379eb96b146f4708b05715fdd130d5ae5761083836237c5ca8a9fcea04861fdc4516ab968a8a2802df9a35f6290bf1c88349b7931555d429c872d5f8f5bec73a7481fac40d9b32bdbca04e401041aad4b9ffc161c7db193684a6b28868cbaebc087db0d5c5a5297ac678a1cfb144e70b2ecaab9a56416b3ec7bd6db3d917c00db4d2b7a8dfa7b4855939e82148bf6e643860a5a579bb091bd6c037771dab20647e7ec051585963146f445b5ad04f07d662abe82e18e033cfd439550bbfc3ee00aae6346acc184b7b508e3e8f089836ede890682533265d080b77f4a707f7e411fe0020c07bc09f9691bde67beaa97055843d9b4242fea942b0e110c3a5b942ee12bc0f7cd24c2aad311e0664ec718adef85e6d2e0dfcea22c445a44b5c026aa3030bb1d7abf778a92380ee6383d36bc7d2da4c54724ad61ea842555d21c4539693fe7237aedf63206345419816adad41da2f6e8c312912d9ca24fb17ad1475cffa6c24d3724e46b302b42ccd8d369000c87b12fd5fe3127328f383827942db1d9b0018e24e8c57879b78c720795c6ba3c625c4ce742531d1369b38158e28913e87b87b3dd6cd45968d9c7e53af7cd12fc9825af53675d96e88453ac036ae04aeaa51930f89ca789522ba1e5c16be61137ae0bb11275b92be8c646b3554fbc770f5f71bd60ae0da2ffa837331df8d38c15f145deb0242088e0a6dcb8e700227f2eec071e31f4ee5b1ea299da7e96b483490dc35926da009e780f6cf5e4e0e5b6aea8b59b37cf912e75ee1715ad73d3439ed57f8c67bbea3cf185982b25ea5e0e8b74d1fda8df39a1822e34696f45ef0021275f31ccdac35a5aeeb70caca856fe4d0938a72eb8831d330d022dc5882b2dd3102a46b06eeaaff6d0fae21539d12d5276411ad7777f5f21d5ee9ac9e7b0b5e6742933e4812b6200a6161bcdf3096e025c0e9c269a6e2ee8174db4867290d4b3e491a3318fff3da4d4024d72f4e38e9ad8a6820aa6fe0afe72a14ec051db9236955ebf950f4f94052907df773d6cc25f622999ab8dbd0fbe87495a3f4b36fffd19b9c959103fcb0f021fa80dd0ff1a7401f65a644756667c265c89bdd87e89a9ed6fe9ac3530ec9fb3f355d7bd76be32ad546f1aaa91b5a65cf85d7e684ec340b52a08ce9d9f12e5f43887942cb4f324a1e1874971b45458d0ed57d6bdf0b7516529f52d937465af943b6fc50373d02be21e2d558f84966c3a5406d4c556458434db1986fd5aaf618e52b8edec325c5d8e2ea50528f87ce704b7321f4bf64e5bf73b893e85d96ae4462bc0b60e201af5ce97a320dab4319655c09885a8c82610f845d2afb7c80ad038c8c886cecf907a7632c9c816fa3069e6a1da21dbf5f0164b087c803ccd309936aac9e3ee03b442382382a85b87c84b919c0e753ef8a924bbae10dbfeabd0787208a13cc85f1e7b84cd97352e6aa8a4d6e85aa0dbe2fbb399b14ac1c1dd3eebcfd25ff49d23682ec31e688554be83174099b4c1bdcfad6d3e5e66e5d3d67a7cec0f4dac3adf5e23b2738ab6db3f9eba1c27567f68b8c9e4698092ac6af995fb3488d558f83c1fa459835bea1bef9207496fb9057987bddeee3b4507552efda6d92f39e6ba7b05ed39d012e8182bd09e78a4ff2bc12fd131dd1b9560f064ea028030dd1d7e5981c22cf5e46878265c9818b09a05a60e424155ff647ee3350e204e626d41dca7163049a0748a33d4fc18d3658e50b2fba2a0a5bce237b2c5f00063c8b613f20848665766dff3ff9bef0688d173b094a4e9296c6b0803d3bd886f62ad6a027eacfa063358d5ab492d93e8c6268e14cd9c12030d27ff26346b0e7ca6245a4e836a7cd45a1bbbf0bfcbdbb18d1e93b1cf3059fd8c82b477d4e8c4ad1e2010f22d802e1096d70af3a3e39401c6464f99e23add78dc7bcc9bf6a74ea1dac535267e822ccbdac3e4d903d175bb57bd46aed681e60c13422f901b088e46fa9e46777c38b96a325e56f0990bd45a9f36aea1357dbbba18429eb0882a10c4d700392bdfb45473136564071545bcbbf0d7069a0e36aae7ec222278dcddd6f1d388759e79763924608254f4037aa1487454363297222b4a0b622671e5e3368a6a8b527a820e5931ce4ac20a302facf5b896e8010940633fa2e0a465cd69803531498782d0ae9ab7c1108be3b80554dd2ffa3313cba5bdf34b05078c7454feccb18fac5de35d178935d6f0152164d5f41d804535447380c8dcd69cf7bef065125c560181b4847391210e2a0fff9c33564a2d954fead6a4eabfa7b2099f745c060a688317f801b5614674b0fa059f4b2589346511097a36c67c2585a6b642bc458eb7b1e3d13eb0a92b7cc8844f9f1fcfdfaf6004462aa5f8c9984329c61487c169ede3e88194a06d2da2f97af027e52dec2d7fa1e4a998bdf3a511ce00ab40f143c630ffd72dda046b470d3d676fe41f608d8dee263754285fa58aaa2201217a77ad3bf0ae9c0f651b1e4b3e9cb581ae2e6ab713aa5440374c64aab36f1b322d2595b4675b8b03903487491c8b290299e5cc4f2e9113f0efb7268f6f18c625a33f9c3b0fbae1d50693bf8f3b60706cd1313fdf5e5986fdbc46170da2da126538bdd494373e8cdad82ebcc99c93adf6ede3d00796269eaedffd2a12fdcd870c9503b43014fbe5ddd7429452fc36325c232d997c50b40b04c289459be566131cf249e383e97b864f90e23815457292f34a63226881132b3c3c2bdff39c6c134d3eeff0a18d84753b3ccfd38ce70d5a164d08b986c5235e0c7de8fa3df0213fc9bff22254fe2411747381d87e149f766798ae8a740681be3aee469bd72945f5b5dfbea6040a26e0a18786b59524b5f75bc0b1254f716e695728a7b9ced469ad7a58ae679697c7fec7549cb16bbff82cd623052c2fc29d0673f0b256ff25fa621ad5215b6bc8a4cb3750710b1a92e9ba0e9af776cfd331e52ce168ba31751e97fbd75d84ba626db3b8cb0608213ed287071dcea5d59e78a2cc7db8d321970614e327376b52d845c0566ff0880dca0321653b9037c7fbbab9d928dc4a21c65134fe0db2daf660adcb943999795bbd493b083a738e19c75dfb4f2c667e30d436d7a550a165a41d0586bd5e4b56eef3399f6a976c853f8c64295ffbe382dc2b5b696120b68cd07fc7d9c053f299f4428f6d6452f458335e795ad8f198077e35575cbbf54f5f6e46453167666a0e1f26c865c4958e1eab4b35ccd86b20cadf5c383db8c5ad940ed1050ed784caa133bffb4fda67862e087b4060bcbaf9ae806c6b381d1ae9352c07f0770ade37bf946795de817b62af499100f9f397f6fcb63d940b35864733667d70414a47ffb4f9cd2aa0452941149764b6adea0530b0bb905a05b52db3830d302a7c32000502f0adc108adc9f48699e4eb35af0d957ff8269128c4a4d8cc4682dd90bf6de86c858236bd06304d91394fe7ab87da51a71c35cfaf73c50e07c6585337d47ee8301ac3812cc58820a8fbcabbb466ba885e54bb7a45356d4b9c9a3b714101a190357f125eb88c8fb933dc858acb9c49988e7e5b56ab5fae367842aee5c9ebba29ad4cf0c84aa71e18b8e18172826e93455eab8b3a15a4b4852fab30c07009a83eacb1edb64e8bc17e345a3230128cc07f079254fec40fcd8adb2d2d8cb5d33e9278c320e2d2d1cba45e3cadc52b6551790ee8da5c4abe402167b97071a181794d8c206b34f0cbe6ac97a4d5e7c769f201ce88637ba5f9f491d7ab5f637e0187b69b70b3bc3028bb5ae345aa369d6ce5570428ea0fdbddce245f4f3eaf23862119b012e2e0a0c2bc1aa7a078670971282719e1a319329463b407f4a6029f778ee373e5efbdd7cd426be3a63efa1fb58d520ac720d76554fcf37380408a12235643962957dddf81c6a4139754f44a6adeebb1fcd0475dc53e69af938a501f0535c3f34bc8965ee5d23d503f9faa34f55138598282c76d9a4883bcd5e7082fe0b9ea3451e42ba4ac1039c5bc10591f6cec2a1bd80c56186e414d4fb3220cf1657e59734a21c162170326bd3aa78765a76b4511ae1a7c9ec8212b12a481df2d91d05f9835b14021df4c5ecdb2ee3d490da1432de858a9edb5797bbb69aae4be4c3494348e84b2550d7f239a52ecbf1f39fb353607dbecda4b12f086ea3621407ca3a4ec6cbdc99156407d6ef04f37a3ba7d1dcfeea6ed16270aef812510b9b25171dd20e70c435f5bd5774c6bab54eda5a73f9f043ff4730480c67814d1bb2d20ba8f42b88829852e48828d576c753a1fb9d63bbcba80a2845993eb9674e4b4b8534a7033328d4d8d13d0a3ff7b35d8fa56dcdf291b770a24f4da03a893d77eb3de82531d03af8df6bbf17f87919b6fea69183eefcc2a6112f8add3012d515ac1fc22a92e36c4e2a828742ad43eeda83afe0dd7cea0cd21114e7b686c1f70721fd0199201776524bde0d90c9416034ec1d62e0b2370c7e4d5657c0afd735f46f14b4df51a9fa734ae34aed6ed9abd707ecc3b26898c49c123975b50c7dfa1935dcc74f857eaadbea5ef702d34b0618691f5b28dc7c80787d178a737df61f1b81c07093d3b2297b8fdd3a294560cd823a45340658462b23c53edad23abcf2955745b42af53c1701d2e5f630b234b6f271278bfb72dc864075452a7d1cb078ffc5b386ae81d9d5b435f9e013363fe7e55dddf6d2c144d6422b0411ac54a011bac66ddcac2cee6f2454d90d78142a2b38c0b05e84974f5690389ea2e72bf11a3bfc62dff4195cdacab27b70c4427f678bc38acad1e7975938a2111d808b5255df3defef158a065ffb3f34e9ebb07165465c4582a9b15c9e5006c409daff39d46e407ab0b7fef4f1474f50f2a381a5692cb331c67250170b81575fc8361f8f98b22efd83f86474bef61c5495496f84f4449fea3dd2213d38976dfd10215ae14ddf257f18ee83e07eae7d430465a261cabfe5a6034f296e4104c32788e0c3e3acb25573887ceea36b8bfbc7688ff0f6bee6350a9924a8b409bbb2f1fe54e41448cebcbb6642b74f659bb47d2c1982103aa49797908588f0ab3824e4e2026441db0d0c7ba00543958acc0f8288e86709eefc054a57dce02c359f7c61309ec52fdcfd4479a48a0d29d7a974c0c7786de354bc2789c69bcfb16703004bba2a2b90caa300f831de15107c2209ef1b5d783eafd584abbdd1b73176f24a7ce51474fdf95084446ab489fc456dbbb5ec024408f0d304d1feafa4c1ab0276ca2e32b666cb153c855c5955cc653603ee92658a0e6a2c621fcb00e27156c00af40b2c0b668c2641a1835df9a78f84656b8de972bb2629fc985fcb25805ebc04c503a43cd86639d4aa7554f923d18be81e04f7ca6fbab4af1935f115a33f7db5618c750dfb1fe4c2fc4a2e93539fe40aba04c1afea3cb1de17d442bf47c7e2b34ef09a0f912bbc75183b6447b27c3b055f1e376321d405523071f84b7eb95ffaea54b39559af3631c9655d08f72e18856291f2c37c125e24d0652756836a4cfeaf4de438d6d31a7fbe38587595659cfcf05ee06a038") (async)
recvmmsg(r2, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0) (async)
sendfile(r1, r0, 0x0, 0x578410e9) (async)
sendfile(r1, r0, 0x0, 0x1c3ffffff)

2m37.107959433s ago: executing program 6 (id=3989):
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f00000002c0)={[{@norecovery}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}]}, 0xee, 0x474, &(0x7f00000004c0)="$eJzs3EtsG0UfAPD/rvNo+viSr5RHSwuBgqh4JE36oAcuIJA4gIQEhyJOIUmrUrdBTZBoVUHhUI6oEnfEEYk7Eie4IOCAkLjCHVWqql5aOBmtvZs6jp06tRu3+PeT1p7ZXWfm79mxxzN2Auhb49lNErE1Iv6IiNFaduUJ47W7G9fOz/597fxsEpXKm1eT6nnXr52fLU4tHrellqlUIoaz5HCTci++EzFTLs+fyfOTS6fen1w8e+65E6dmjs8fnz89feTIwQN7hg5PH+oovjS/z+K6vuujhd07X3370uuzRy+9+/M3WX235sfr47gtWbQNxmvPbqNHs5snOyrsrvJrdrOtbkcy0PrkiQ2oEO0rRUTWXIPV/j8apRhZPjYar3za08oBd1SlUqk0e3/OXagA/2FJ9LoGQG8Ub/TZ599i26Chx13hyou1D0BZ3DfyrXZkYHnuYLDh8203jUfE0Qv/fJlt0Y15CACAW/g+G/8822z8l8YDdef9L19DGYuI/0fE9oi4LyJ2RMT9EdVzH4yIh9ZZfuMKyerxT3r5tgJrUzb+eyFf21o5/itGfzFWynPbqvEPJsdOlOf358/JvhgczvJTa5Txw8u/f16kNzUcqx//ZVtWfjEWzOtxeaBhgm5uZmmm07gLVz6J2DXQLP4kimWcJCJ2RsSu2yzjxNNf72517Nbxr2GNdaZ2Vb6KeKrW/hdiRfw3myppuT459fzh6UOTm6I8v3+yuCpW++W3i2+0Kr+j+Lsga//NTa//5VXgsWRTxOLZcyer67WL6y/j4p+f1fXpFavLWfzptxHrvv6Hkreq6aF834czS0tnpiKGktdW75+++dgiX5yfxb9vb/P+v72uxg9HRHYR74mIR/JF3KztHouIxyNi7xrx//TSE++1Oraq/UeK+NeYle+iLP65W7V/1Lf/+hOlkz9+13b8Tdv/YDW1L9/TzutfuxXs5LkDAACAe0Va/Q58kk4sp9N0YqL2Hf4dsTktLywuPXNs4YPTc7Xvyo/FYFrMdI3WzYdO5XPDRX66IX8gnzf+ojRSzU/MLpTneh089LktLfp/5q9Sr2sH3HFdWEcD7lH6P/Qv/R/6l/4P/Uv/h/7VrP9/3IN6ABvP+z/0L/0f+pf+D/1L/4e+1PK38WlHP/nvcaL43wkd/J2rvY+i48TInSwi0t4H2BeJgU4u43YSw00P9fiFCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv+DQAA//9L2OJW")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x28)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$EXT4_IOC_GROUP_ADD(r3, 0x40286608, &(0x7f0000000080)={0x40000009, 0xe74e, 0x80000006, 0x10009, 0x9, 0xed})

2m36.912768653s ago: executing program 6 (id=3993):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200)={[{@nodiscard}, {@disable_ext_identify}, {@discard_unit_section}, {@noheap}, {@whint_mode_user}, {@background_gc_on}, {@background_gc_on}, {@four_active_logs}, {@jqfmt_vfsold}, {@block_mode}, {@data_flush}, {@heap}, {@jqfmt_vfsold}, {@noinline_dentry}]}, 0x1, 0x550f, &(0x7f000000cf00)="$eJzs3E1vG1UXAODjpGn69faNEAt2HalCSqTaivNRwS5AKz5EqqjAghU4tmO5tT1R7DghKxYsEQv+CQKJFUt+AwvW7BALEDskkGcm0FAQlXBskj6PND5zr6/PnGtVlc5M5ACeWgvJzz+W4npcjojZiLgWkZ2XiiOzkYfnIuJGRMw8cpSK+d8nLkbElYi4Pkqe5ywVb316a3hz/Yc3fvrqm/kLVz/78tvp7RqYtucjorubnx9085i28vigmK8N21nsrg2LmL/RfViM0zweNLezDAe143W1LK628vXp7n5/FHc6tfootto72fxuL79gf9g6zpN94EFtLxs3mttZbPfTLLaO8roOj/L/2476gzxPo8j3QZY+BoPjmM83D5v5fnYfZrHeGxTzed600TwcxWERi8tFPe00sjq2/803/d/2Zru3f5gMm3v9dtpL1ivVFyrV2+XqXtpoDppr5Vq3cXstWWx1RsvKg2atu9FK01anWamn3aVksVWvl6vVZPFOc7td6yXVamW1slxeXyrObiWv3nsn6TSSxVF8ud3bH7Q7/WQn3UvyTywlK5XVF5eSm9Xkrc2tZOv+3bubW2+/d+fdey9tvv5KseixspLFleWVlXJ1ubxSXXp8T/Pndf8fFUX/w/5hYkrTLgDg7NH/A9Nwev3/3v2I0+//Q/8/Fmeq/33C/t/+YUL0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAT63v5j5/LTtZyMdXi/n/FVPPFONSRMxExK9/YTYunsg5W+SZ+5v1c3+q4etSZBlG15gvjisRsVEcv/z/tL8FAAAAOL+++PDGJ3m3nr8sTLsgJim/aTNz7f0x5StFxNzC92PKNjN6eXZMybJ/3xficEzZshtYl8aUbD675XZhTNmezOyJcOmRUMrDzETLAQAAJuJkJzDZLgQAAIBJ+njaBTAdpTh+lHn8LDj7y/s/HghePjECAAAAzqDStAsAAAAATl3W//v9PwAAADjf8t//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnbnKWBuI4AP9b3r7gVyTGvVdxB8fwCC5dGg7gJTiAC7yCF+AMuPMIBgydEUG6MOm0jeZ5kjJMW37MELqYmWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgSN+a3frLxzef+uYcT/2U6Q0AAADQ5dDs1u2bZao/y+df5FOvcr2KiDoiusbus3i8yZzlnOb3/Z+v72/+aMPXiDbh/B3zfDyNiLf5+PFy6F8BAAAA/l/7zXaVRuvpZTl1gxhTmrSpn78rlFdFRLP8XiitPue9LhTW/r8f4kOhtHYCa1EoLE25PZRK+yvt436ZtVtcFVUq6s6PXRpZrO8AAMCIZjfFuKMQAAAAxvR+6gYwjSp+LWVelgLnqcjLe09uagAAAMA/qJq6AQAAAMDg2vH/SPv/nez/BwAAANNI+/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwpEOzW+8321XfnOPp3mO+1nHpTv+eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2Z93FAiBMAiDves7k7n/YaVBY0OTKhA+/sZgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjzu7/8n5gaZ5K518bS80iydmpsnRp758bRH8bXrwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBif15SIASCIArmjP+d9P0PKwl6BhEioOFRRS0aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvuh3v/yfmBpnkrnTxtLxSLJ21di6auw9aBw9GG//BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBi535e46jiAIB/Z2Zna6pijJJDRBQ86MWm29ram3hQggf/BCGk2xq79Uebgy1FzMWb5NyL6FFEUOKt/0PPLfRSbz3soYJnZWZnstM24PprZpt8PvDmfXcY5n3fBEK+814WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2fnsaZ8VhcRKn1blb969tFP3th/rCjZ07K0Ur4qTNpB8PLzY/JMvdJQIAAMDhkdX1fUTczXfXij5dLOv/vL6mqPm/fXoS1/X8w3V/3de1f9F++fne83sDLU7GKW56bnM0PP5oKr3/b5bz7Zm/vKJXPvny3UsWC5FG+t72c+O8fJ7J1zdvvtMvwyNtZAsA/BPH6r4K6r+Hin7QZWIAHBq9RuFd1//ZYrc5AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALRhvB1P1nESESu9aVy4ff/axn79jZ07K3U7ff36Tnw5vWdxizwizm2Ohsdbnc18u3zl6oX10Wh4qf3gpYjoavS3qulf+GCGiyM6eT6C/yhIqx/2vOTzeAQd/lICAOBAyqtW1PV389214lyyFPHHdw/W/6824pix/r/34elbzbGa9f+gtRnOv9Wti5+uXr5y9fXNi+vnh+eHH79xYvDm4OSZU6fOrJbvSla9MQEAAODf6VetWf+nS4+u/x9txDFj/f/ZN4MvmmNl6v99TRf9us4EAADgcHv25d9/S/Y5n/T78fn61talweS49/nE5NhBqn/bkao16/9sqeusAAAAgDaMt5MH1v/PNuKYcf3/qe9f+LF5zywiFqr1/2Mbn4zOtjedudbGvxN3PUcAAAC6tVC15vp/Xu7/T/e2PKQR8dork7j6GsCZ6v/s3a9+aI7V3P9/sr0pzqV0efI8yn45orfcdUYAAAAcZE9UrSj2f8131z766ej7ffv/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANr2ZwAAAP//uCM2tw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r2, 0x0, 0x22, &(0x7f0000000180)=0x2, 0x2)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
exit(0x100000000000035)
tkill(r3, 0x12)
wait4(r3, 0x0, 0x8, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000001000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
alarm(0x54)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)=ANY=[], 0x50)
socket$inet(0x2, 0x4000000000000001, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lseek(r5, 0x3, 0x1)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003})
truncate(&(0x7f0000000040)='./file0\x00', 0x0)

2m21.560255898s ago: executing program 34 (id=3993):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200)={[{@nodiscard}, {@disable_ext_identify}, {@discard_unit_section}, {@noheap}, {@whint_mode_user}, {@background_gc_on}, {@background_gc_on}, {@four_active_logs}, {@jqfmt_vfsold}, {@block_mode}, {@data_flush}, {@heap}, {@jqfmt_vfsold}, {@noinline_dentry}]}, 0x1, 0x550f, &(0x7f000000cf00)="$eJzs3E1vG1UXAODjpGn69faNEAt2HalCSqTaivNRwS5AKz5EqqjAghU4tmO5tT1R7DghKxYsEQv+CQKJFUt+AwvW7BALEDskkGcm0FAQlXBskj6PND5zr6/PnGtVlc5M5ACeWgvJzz+W4npcjojZiLgWkZ2XiiOzkYfnIuJGRMw8cpSK+d8nLkbElYi4Pkqe5ywVb316a3hz/Yc3fvrqm/kLVz/78tvp7RqYtucjorubnx9085i28vigmK8N21nsrg2LmL/RfViM0zweNLezDAe143W1LK628vXp7n5/FHc6tfootto72fxuL79gf9g6zpN94EFtLxs3mttZbPfTLLaO8roOj/L/2476gzxPo8j3QZY+BoPjmM83D5v5fnYfZrHeGxTzed600TwcxWERi8tFPe00sjq2/803/d/2Zru3f5gMm3v9dtpL1ivVFyrV2+XqXtpoDppr5Vq3cXstWWx1RsvKg2atu9FK01anWamn3aVksVWvl6vVZPFOc7td6yXVamW1slxeXyrObiWv3nsn6TSSxVF8ud3bH7Q7/WQn3UvyTywlK5XVF5eSm9Xkrc2tZOv+3bubW2+/d+fdey9tvv5KseixspLFleWVlXJ1ubxSXXp8T/Pndf8fFUX/w/5hYkrTLgDg7NH/A9Nwev3/3v2I0+//Q/8/Fmeq/33C/t/+YUL0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAT63v5j5/LTtZyMdXi/n/FVPPFONSRMxExK9/YTYunsg5W+SZ+5v1c3+q4etSZBlG15gvjisRsVEcv/z/tL8FAAAAOL+++PDGJ3m3nr8sTLsgJim/aTNz7f0x5StFxNzC92PKNjN6eXZMybJ/3xficEzZshtYl8aUbD675XZhTNmezOyJcOmRUMrDzETLAQAAJuJkJzDZLgQAAIBJ+njaBTAdpTh+lHn8LDj7y/s/HghePjECAAAAzqDStAsAAAAATl3W//v9PwAAADjf8t//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnbnKWBuI4AP9b3r7gVyTGvVdxB8fwCC5dGg7gJTiAC7yCF+AMuPMIBgydEUG6MOm0jeZ5kjJMW37MELqYmWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgSN+a3frLxzef+uYcT/2U6Q0AAADQ5dDs1u2bZao/y+df5FOvcr2KiDoiusbus3i8yZzlnOb3/Z+v72/+aMPXiDbh/B3zfDyNiLf5+PFy6F8BAAAA/l/7zXaVRuvpZTl1gxhTmrSpn78rlFdFRLP8XiitPue9LhTW/r8f4kOhtHYCa1EoLE25PZRK+yvt436ZtVtcFVUq6s6PXRpZrO8AAMCIZjfFuKMQAAAAxvR+6gYwjSp+LWVelgLnqcjLe09uagAAAMA/qJq6AQAAAMDg2vH/SPv/nez/BwAAANNI+/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwpEOzW+8321XfnOPp3mO+1nHpTv+eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2Z93FAiBMAiDves7k7n/YaVBY0OTKhA+/sZgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjzu7/8n5gaZ5K518bS80iydmpsnRp758bRH8bXrwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBif15SIASCIArmjP+d9P0PKwl6BhEioOFRRS0aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvuh3v/yfmBpnkrnTxtLxSLJ21di6auw9aBw9GG//BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBi535e46jiAIB/Z2Zna6pijJJDRBQ86MWm29ram3hQggf/BCGk2xq79Uebgy1FzMWb5NyL6FFEUOKt/0PPLfRSbz3soYJnZWZnstM24PprZpt8PvDmfXcY5n3fBEK+814WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2fnsaZ8VhcRKn1blb969tFP3th/rCjZ07K0Ur4qTNpB8PLzY/JMvdJQIAAMDhkdX1fUTczXfXij5dLOv/vL6mqPm/fXoS1/X8w3V/3de1f9F++fne83sDLU7GKW56bnM0PP5oKr3/b5bz7Zm/vKJXPvny3UsWC5FG+t72c+O8fJ7J1zdvvtMvwyNtZAsA/BPH6r4K6r+Hin7QZWIAHBq9RuFd1//ZYrc5AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALRhvB1P1nESESu9aVy4ff/axn79jZ07K3U7ff36Tnw5vWdxizwizm2Ohsdbnc18u3zl6oX10Wh4qf3gpYjoavS3qulf+GCGiyM6eT6C/yhIqx/2vOTzeAQd/lICAOBAyqtW1PV389214lyyFPHHdw/W/6824pix/r/34elbzbGa9f+gtRnOv9Wti5+uXr5y9fXNi+vnh+eHH79xYvDm4OSZU6fOrJbvSla9MQEAAODf6VetWf+nS4+u/x9txDFj/f/ZN4MvmmNl6v99TRf9us4EAADgcHv25d9/S/Y5n/T78fn61talweS49/nE5NhBqn/bkao16/9sqeusAAAAgDaMt5MH1v/PNuKYcf3/qe9f+LF5zywiFqr1/2Mbn4zOtjedudbGvxN3PUcAAAC6tVC15vp/Xu7/T/e2PKQR8dork7j6GsCZ6v/s3a9+aI7V3P9/sr0pzqV0efI8yn45orfcdUYAAAAcZE9UrSj2f8131z766ej7ffv/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANr2ZwAAAP//uCM2tw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r2, 0x0, 0x22, &(0x7f0000000180)=0x2, 0x2)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
exit(0x100000000000035)
tkill(r3, 0x12)
wait4(r3, 0x0, 0x8, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000001000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
alarm(0x54)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)=ANY=[], 0x50)
socket$inet(0x2, 0x4000000000000001, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lseek(r5, 0x3, 0x1)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003})
truncate(&(0x7f0000000040)='./file0\x00', 0x0)

8.793371852s ago: executing program 3 (id=4642):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="30000000ffffffff00000000000000000a0020003a2a5e00", @ANYRES32, @ANYBLOB="0c001c8008000000e0000002"], 0x30}], 0x1}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
r3 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r3}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, 0x0, &(0x7f00000002c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r4}, 0x10)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="02"], 0xfe44, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000004080)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000280)={0x8, &(0x7f0000000100)=[{0xe7, 0xea, 0xb, 0x9d}, {0x9, 0x7, 0x8, 0x9}, {0x6, 0x4, 0x0, 0x4}, {0x0, 0x6, 0x7, 0x3}, {0x3, 0x8, 0x27, 0x7}, {0x5, 0xc, 0x6, 0x5d}, {0xc, 0x8, 0x2, 0x3}, {0xd79, 0x5, 0x6, 0x5}]})
mount$overlay(0x0, 0x0, 0x0, 0x10000, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2210886, &(0x7f00000001c0)={[{}, {@dioread_nolock}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
stat(0x0, &(0x7f00000008c0))
socket$can_bcm(0x1d, 0x2, 0x2)
io_submit(0x0, 0x0, 0x0)
removexattr(&(0x7f0000000600)='./file0\x00', 0x0)

5.433772984s ago: executing program 1 (id=4645):
r0 = userfaultfd(0x80001)
prlimit64(0x0, 0x8, &(0x7f0000000140)={0x44, 0x3}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x8, 0x5, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3000}, [@alu={0x7, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2f22}, @jmp={0x5, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe}]}, &(0x7f0000000000)='syzkaller\x00'}, 0x78)
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x28}}, 0x200440c0)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="180000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
r4 = accept(r1, 0x0, &(0x7f00000001c0))
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
ioctl$KDSIGACCEPT(r5, 0x4b4e, 0x7)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@remote}, {@in6=@remote, 0x4d3, 0x32}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}}, 0x0)
r7 = syz_genetlink_get_family_id$mptcp(0x0, r6)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r5, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, r7, 0x1, 0x70bd29, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x3c, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xe}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x80)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x6c, r7, 0x100, 0x70bd2d, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x2}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xb8}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xd804}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x81}, @MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xa}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}]}, 0x6c}, 0x1, 0x0, 0x0, 0x810}, 0x20008025)
r8 = syz_io_uring_setup(0x4f0e, &(0x7f0000000480)={0x0, 0x0, 0x1}, &(0x7f0000000080)=<r9=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r8, 0x62dd, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@orlov}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=")
r10 = open(&(0x7f00000000c0)='.\x00', 0xc8000, 0x0)
getdents(r10, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

5.402503767s ago: executing program 7 (id=4646):
syz_mount_image$fuse(0x0, &(0x7f0000002440)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r1)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_INIT(r3, &(0x7f00000003c0)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x4, 0x800000, 0x4, 0x400, 0x5, 0x1, 0x0, 0x0, 0x1, 0x74}}, 0x50)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
open$dir(&(0x7f0000000140)='./file0\x00', 0x500, 0x40)

5.088124058s ago: executing program 3 (id=4647):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="30000000ffffffff00000000000000000a0020003a2a5e00", @ANYRES32, @ANYBLOB="0c001c8008000000e0000002"], 0x30}], 0x1}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
r3 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r3}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, 0x0, &(0x7f00000002c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r4}, 0x10)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="02"], 0xfe44, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000004080)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000280)={0x8, &(0x7f0000000100)=[{0xe7, 0xea, 0xb, 0x9d}, {0x9, 0x7, 0x8, 0x9}, {0x6, 0x4, 0x0, 0x4}, {0x0, 0x6, 0x7, 0x3}, {0x3, 0x8, 0x27, 0x7}, {0x5, 0xc, 0x6, 0x5d}, {0xc, 0x8, 0x2, 0x3}, {0xd79, 0x5, 0x6, 0x5}]})
mount$overlay(0x0, 0x0, 0x0, 0x10000, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2210886, &(0x7f00000001c0)={[{}, {@dioread_nolock}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
stat(0x0, &(0x7f00000008c0))
socket$can_bcm(0x1d, 0x2, 0x2)
io_submit(0x0, 0x0, 0x0)
personality(0x6)
removexattr(&(0x7f0000000600)='./file0\x00', 0x0)

4.96113919s ago: executing program 7 (id=4648):
syz_mount_image$fuse(0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r1)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
open$dir(&(0x7f0000000140)='./file0\x00', 0x500, 0x40)

4.721486994s ago: executing program 7 (id=4650):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400), 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000100), 0x4502, 0x0)
write$cgroup_int(r2, &(0x7f00000003c0)=0x5, 0x12)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r3}, 0x10)
ustat(0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, 0x0, 0x0)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001e000100fdffff082e947eff00000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\n\x00\r'], 0x28}}, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x3000009, 0x0, 0x1, 0x0, 0x0)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r7, &(0x7f0000000080), 0x10)

4.508256045s ago: executing program 2 (id=4651):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000280), 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r7, <r8=>0xffffffffffffffff}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x10)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x24, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {}, {0x7, 0x10}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x2008c014)

4.435726722s ago: executing program 5 (id=4652):
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./bus\x00', 0x804, &(0x7f00000003c0)={[{@uni_xlateno}, {@shortname_lower}, {@shortname_winnt}, {@uni_xlateno}, {@shortname_mixed}, {@utf8no}, {@shortname_winnt}, {@uni_xlateno}, {@utf8}, {@fat=@errors_remount}, {@fat=@check_strict}, {@shortname_win95}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'iso8859-3'}}, {@utf8no}, {@numtail}]}, 0x1, 0x27c, &(0x7f00000008c0)="$eJzs3U9qA2UUAPA3zaRJdJEsXInQAV24Kq0naJEKYkFQslAXWmwK0oRCC4GqGLvyBJ7A87gRL+ABFHd2IY4kM/lTmURb00bs77fp433v5XuTGdrVfP3klcH56cXV2c2XP0WzmcTWQRzEbRKd2Iqpr6PSj79U5wGA/7jbPI9f80KjSF3fragv6Uy3Hn04AOBRLP793/QsAMDTeP+DD985PD4+ei/LmhGDb4bdJIqfxfrhWXwW/ejFXrTj94h8pojfevv4KNJsrBOvDUbD7rhz8PH35ecf/hwx6d+PdnSq+/ezwkL/aNitxwvl/gf96L37XbTjper+Nyr6o7sdr7+6MP9utOOHT+Mi+nFazjbt/2o/y97Mv/3ti4/G2XF/Mhp2G7O6tKiuPfnNAQAAAAAAAAAAAAAAAAAAAADgf2s3m+ncPX9nevD/ivUV5wONFs7n2cuyLE+K+nl/Gi+n5dE6AAAAAAAAAAAAAAAAAAAA8MxdXX9+ftLv9y7XGkxf669Yij/uZhoR8fC9dv5RcX2eiVo5Wj+JuN9e9WhMOv++uHbPq2iN5+ldJmms7xYks0xrcWknir3GmVYRLGT+9e7NmATTp+v8JFl+c9NJ0Kx6SNYQ5BWPX21p1/ZfM63yCiqKWyt2337xQTPn7SVLSUTUZ1/m6s+pr/c7fLrfQQAAAAAAAAAAAAAAAAAAQGH+0m/F4s0GBgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACADZj///97BKOyeVlNXhsHaZSZDV8iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz8CfAQAA//+jfWcq")
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000efffffff850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000000)={[{@nomblk_io_submit}, {@bh}]}, 0x1, 0x47a, &(0x7f0000000180)="$eJzs3M9vVEUcAPDv222L/LIV8QeIgqKRaGxpQeXgAYwmHjQx0QMe67YQpFBDqxFCtHrAoyHxbjya8Bd40otRTyZe9W5IiOECenrm7b7Xvl1217ZsXXA/n2TpzM5bZr7MTHfmDbsBDKx92R9JxLaI+C0iRhvZ5gv2NX7cvH6x9tf1i7Uk0vStP5P6dTeuX6wVlxav21pklpqfL1s4f+H09Nzc7Lk8P7F45v2JhfMXnjt1Zvrk7MnZs1NHjhw+NPniC1PP9yTOrE03dn88v2fXa+9cfqN2/PK7P11Jivib4viwJ/WV/uqyapF4qle13CG2l9LJUB8bwppkAzLrruH6/B+Naqx03mi8+llfGwdsqDRN002di5dS4H8siX63AOiP/H0+iViqZXvg8n5+EFw71tgAZXHfzB+NkqGo5NcMt+xveynbbR1f+vur7BEt91MAADbCd8caP4u138r6o9J0F/9ofjY0FhH3RcSOiLg/InZGxAMR8WBEPBQRD5de0+7cp1XrIcmt65/K1XUFtkrZ+u+l/Gyref1XrP5irJrnttfjH05OnJqbPRgR90bEgRjelOUnu9Tx/Su/ftGpbF9p/Zc9svqLtWDejqtDLTfoZqYXp28n5rJrn0bsHmoXf7J8EpD1466I2L13fXWceuabPZ3K/j3+LnpwzpR+HfF0o/+XoiX+QtL9fHLinpibPThRjIpb/fzLpTdL2dpoKXNb8fdA1v9b2o7/5fjHkvJ57cLa67j0++cd9zSrHP8j5ddk438kebueLgo+ml5cPDcZMZK8nj9/NH++ub76dVMr12fxH9jffv7viJV/iUciIhvEj0bEYxGxN2/74xHxRETs7xL/jy8/+d76499YWfwza+r/jonibPuWourpH76tlxSdNdYl/iTa9P/heupA/ky733+jzUMkurb03O2MZgAAALj7VCJiWySV8eV0pTI+3vj/8jtjS2VufmHx2RPzH5ydaXxGYCyGK8WdrtHl+6GxNJlv669UI7LyqTxf3C89lN83/rK6uZ4fr83PzfQ7eBhwWzvM/8wf1X63DthwPq8Fg2u98z9N00963BTgP+b9HwaX+Q+Dq83839yS7/IdAcDdrN37v409DAbrfxhc5j8MLvMfBpf5DwMp/yT80Go+4L9hiez3T/9qX3siTftU+0j/Y19ORKVvtUe/Y19bIsm/SyO9Q9qzukS9yU4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu94/AQAA//8QtN5n")
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet6(0xa, 0x8000b, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x8, 0x3, &(0x7f0000000000)=ANY=[], &(0x7f0000000480)='GPL\x00'}, 0x94)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="1800"/14], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x94)
r11 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
r12 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
sendmmsg$unix(r12, &(0x7f0000005100)=[{{&(0x7f00000006c0)=@file={0x1, './file1\x00'}, 0x6e, &(0x7f0000000d40)=[{&(0x7f0000000b40)="5f4c608a6a79444e20f113cefc295c221957d8786ba79a0dc8bbe7c5d4d4ea8defe92763a7bb7e5911414d89fda478c7802f80888180e87f13ad966075ef195f3530bd07c43342261ddd9c8c49e3e02c15e382389d6fe3fc741a1a26d4d90a604b01068c1130326ae81cd08388f20f96468d81b6be4b9c1bdea6ffafe119e8b91728", 0x82}, {&(0x7f0000000840)="e2496d17d808e9408fc9741d17a0ddc591283489e001cd8b446a066ecb4fceb2ef64705490918d06da2b414a4268b427cf935eb0d4f6295473403da1ba99752a17fda6e224d54842075645841ff7c0dc367c4038e32abc38e933f1b8101df2a855a3ec", 0x63}, {&(0x7f0000000740)="a43d64a5", 0x4}, {&(0x7f0000000c00)="ed623c1e817fbc7c37fced14ff547a5ecf8e4cee94f926b5c66ce93fb1e81fc2a03cfd3af71e0e6b297a5464fa026ff97f21561d3ca31de3f4586512e31ee551c83c1a01aa2bfb2c674d6ea08919d2032f69bb3a60891831bd00403c86bc098db3368f9f2c57aa7bac78c5a2889565f12ba0d2fe6d7bf9694612ed9b330f41a638b23175ba5ec9c529709e069c214f43c367ae62bec1f105317feca8ff92429f3bf8646359f4fc5eba9ed6795cf65939d1bde9460e1030722539cd48d0", 0xbd}, {&(0x7f0000000cc0)="9b2b73727bb2ac14ba8fe8424ed700d76b73bde6962b9eb4159decf2f07da1b3171b50f7614c9e2d428508a1cbc3a0b57e01a5a3e7ed5e88f98a0fb1217ddf80b8eb3dfd4818acb4cc8b25", 0x4b}], 0x5, &(0x7f0000000f00)=[@rights={{0x18, 0x1, 0x1, [r0, r5]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r3, 0x0, 0xffffffffffffffff}}}, @rights={{0x34, 0x1, 0x1, [r11, r9, r8, r12, r6, r12, r11, 0xffffffffffffffff, r0]}}, @cred={{0x1c, 0x1, 0x2, {r3, 0x0, 0xee01}}}, @rights={{0x30, 0x1, 0x1, [r6, r11, r8, r2, r8, 0xffffffffffffffff, r7, r5]}}], 0xe0, 0x1}}, {{&(0x7f0000001000)=@file={0x0, './bus\x00'}, 0x6e, &(0x7f0000001180)=[{&(0x7f0000001080)="e6c8d8f250dc76bf67d5cf221d1c1016df0fddcf4f791f8ba5ed935af4e02111e524ff8e02c968f5952d40a479ca4459951fc2312a4969894b9935bbfdb8ef5ce1cf06442fe8adcc7d422f84ddc9ac2ad30ed0f63fde454bafafbf74c858ba790d36001738f35dac80798dccddd0d2609b7a2a4cc8dc2b1fb25d78495fefddb59780f36bdeb927b64435ecd09e0df2cc3ce75282230cae74708fb77479de3856a4e81160bf7c0894e0ff82f969b2ed52892e0770a3e8078252669b73815231236de4799ba6d7acc63983a0b555aa86673cb6", 0xd2}], 0x1, &(0x7f0000003440)=[@rights={{0x10}}, @rights={{0x18, 0x1, 0x1, [r6, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, r11, r9, 0xffffffffffffffff, r2, r2, r1, r6]}}, @cred={{0x1c, 0x1, 0x2, {r3}}}, @cred={{0x1c, 0x1, 0x2, {r3}}}], 0x98, 0x50}}, {{0x0, 0x0, &(0x7f00000035c0)=[{&(0x7f0000003500)="2e95067604dae478c9c880d34b898080155619fc917329765195b2c07dd66010abddeff231a571228e7b141ad8472f7123f0c3e73e72900ca0fadc5163d07364a6528b8960b21c1dd0dd734a0a0d", 0x4e}, {&(0x7f0000003580)="8b16df86d3291e", 0x7}], 0x2, &(0x7f0000003600), 0x0, 0x8040}}, {{&(0x7f0000003640)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f00000039c0)=[{&(0x7f00000036c0)="67e055d1d72959cbc0940234b8e280ee2015d6ec12f87ca71d2a592fc943be197b8b49b84ff743ea99c31e0ace90770b43d0f6c6cf4c68", 0x37}, {&(0x7f0000003700)="4d136f66604ef1c32ddbddf377bb8c332dd67758c2a5d28f2fd14fcb623b4d2a8b7012552aeec92cea5c72a679800f58a6ee9074b445023487a090b96d15e449d92e5a8c90b5fcd46faa79cca12330f2e2c224f2d056d5d605a7158f7388977adb168089dc7f0cd1286369b2747a28e283a74b0e6ac6b2ac62cf99051fc70f1a048b09bd04e819b5d0f0b0fa9ab7320013cdcbfa60eaf15ace139065cd3e5bfe408043a094ab9ad6e162e9eac58b4364f15a4682a8bb1b8655680629d94d", 0xbe}, {&(0x7f00000037c0)="db8d4e573028abe37fa7f4fa6a8bc63737f25a012efb6a963e272015cf6b7b8061fdebfec2dcf74ec43c1f6a44c085faca2f54965845408eba8cd91258ab8413ba3e1179b2bba8474ac9312ceb58d85dd40ac4466af8070ec581382acd816f91505c625636cfbb49ed52532e96f12c7c4bc9fb99d9a7145a29c9fbe9ad3384006d7c1acbc4eeee696681c35831812efaaa260773a85bede85c46def77e5fd90b", 0xa0}, {&(0x7f0000003880)="301d416d0d4edebd317c0a24", 0xc}, {&(0x7f00000038c0)="3d51c3d7cad32dab3d7a06e34672e3d2fbe3e6d3155033c5cb1eb4ce930cab23f7b98ec280c1cc1188852868570910077466f18e3aa9fda897dcd1183f770a48c374e0351b57f6b903e756ff6cdb42eff84226917b960046f61b0af3b9f02e57a2692f78571c076f6adb39dc1cd3d731cfac65fe6fce3c91b2a976818898513f703608d083b3554f53fef118eaa39ec46327944a410a04811cc27d3d8a2a6b5e5a20", 0xa2}, {&(0x7f0000003980)="0d99a4ad", 0x4}], 0x6, 0x0, 0x0, 0x4004050}}, {{&(0x7f0000003a40)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000003c00)=[{&(0x7f0000003ac0)="1564f0cdaa200ce68370518fcffdf3260f94e5b538", 0x15}, {&(0x7f0000003b00)="05f0cf4169118755656c88c9c650bd9984b28db0838fb2b202ad713e5c1941f87ea695948871cd2b1befc22645d425be895e8a3503578741e61a5bb6e1ec33e003fea8c26738b3acb663322b3a99b2abb51b4b1a2d02d7cb3cc794e2be8c1c1f744cf355f793254380b15d7ec1a92d7e0f388314265159bef4d2f34a300665bd2b25f744f9ec5c8a82e44848cd010a220d39f0e99ed292ba9ebfcc825fa25ef00474c108dcf2d41cd0dfb1e69d4014df", 0xb0}, {&(0x7f0000003bc0)="45e9206c1e431b9faa", 0x9}], 0x3, &(0x7f0000003f80)=[@rights={{0x18, 0x1, 0x1, [r6, r9]}}, @cred={{0x1c, 0x1, 0x2, {r3, 0xee01}}}, @rights={{0x18, 0x1, 0x1, [r8, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r3}}}, @cred={{0x1c, 0x1, 0x2, {r3}}}, @cred={{0x1c, 0x1, 0x2, {r3, 0x0, 0xffffffffffffffff}}}], 0xd0, 0x4004818}}, {{&(0x7f0000004080)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000004140)=[{&(0x7f0000004100)="7ff5b5f2dc317db2b0fdeb7d3c89e93f2a82084a8bee17bf6da4d8d696b7b3cb202db884ab38ee335294ac57", 0x2c}], 0x1, &(0x7f0000004380)=[@cred={{0x1c, 0x1, 0x2, {r3, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r3, 0xffffffffffffffff, 0xffffffffffffffff}}}, @rights={{0x1c, 0x1, 0x1, [r12, r10, r5]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {r3}}}], 0xa0, 0x4000}}, {{&(0x7f0000004440)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f00000046c0)=[{&(0x7f00000044c0)="9f9faa90a54f44323bcedae577c35ab00c639cd18c7d8d04108178da66901c93c490e1caef56fb9fceac47d7fb1c760f0edf075e4d849f3519fb2d3264db1e8570dcd7a7fb69374f23ffbe3bb155d36ab28348ec95e3696081fd14b7e4e88b", 0x5f}, {&(0x7f0000004540)="aa0f42955f588a964c66074f5ea2bb35ced7cebc95", 0x15}, {&(0x7f0000004580)="b7af7c18abbd3a250a1f7bf2e69724716fe45842610956f32602359c13f65c5f2b8730d61e6ca16ba3ba2e735f5db9b53b6d243ffea0f4feebdbfbc0d0769a42036e4e94fdd6cdd92083c9fac79ab8f58291667693faf4e1cb0d69dbce336c74d86d9cd64d3a9dd0c93f130a8ae0e86d57c7d2cb7b6000a349ca7e919c6c8b7408230ab39be44995c68cce433bf2e49e8917d7d3283005372c5f6c2855b39c957a65fa012d75c86c5752d59aea4e586e9028da95a695d86fd84ba65620501b80bf98951dd154e950a175c4f2731ebb5b82feae213e29845422c78ac6959c8a23e4a4c340d4291f31cd7dbacd3eb6c6278f8438c66e888395b45d7eac", 0xfc}, {&(0x7f0000004680)="98b1894db79c3425eb57fbe24e0b8144d2d9ec5eb0e25a4f85dbd73d", 0x1c}], 0x4, 0x0, 0x0, 0xc4}}, {{&(0x7f0000004700)=@file={0x1, './bus\x00'}, 0x6e, &(0x7f0000004d80)=[{&(0x7f0000004780)="5c734f2341e2a9eaccf3c5f893f4ab8ada7ed4c9599ba095daa6c73795f02dcf81e2f79cdf49ddc460e8c9bc30", 0x2d}, {&(0x7f00000047c0)="066e52974d54628e1dff1674dac965966866f6fe6d343a48281f7c24394fc87a18d05a1fe1417a5ead44718ca26c95e68a5e54abb4ec84a098119eb080ece1a0b8eea9c60ea7ddaa7c070094e1d29f536e9605f60b69049ac6cdae593ff50ec20d33110eeea3ee8a088bca9fb2c30618cf236c72e6cbbd8b29fe93cbd281dec82ee5c717cef9d16b65085b671ef1e18dbc0359fa48d24e373f02f615545a32186460a4b47a4b5f876470aca6c4c7aa132c49a47f8283247d71043e", 0xbb}, {&(0x7f0000004880)="5237272cd74174553e5d094ba4c3d281103c785c92cb990250ffe7eded9d0ee31c27d86cb5e482996d403732fa155635b0e159b24c", 0x35}, {&(0x7f00000048c0)="a79c4c8923e0e2522a53daa15eea83766d4e3445400b1e3a89c7e209a4efab43b0c1baa42fec92466ad03a23956a5dcaedf0839544bb23da43c766f4cc1aef58dbbc621b920689783a6f060d274e724ea47a22297814447be0c26cc558859541145183e9a4d6e11c6f701caeaa1081eb5271f28da079d5a0f6b10cd7b2a3aa5a2e62922c957d3a960d9bdf5cf1b0add9af5b1440d666f3038615f48e51ef6c819567e5ca035d9594ba4de40fd9f4e5962abcc867dc8bbbe932a2f0b006fbd4ca67e047fd05ca7719b1fbb5a20d96f3a13f80ff6fb26006a6b9a759efb69ed611e06141ae0ee597fca14109f517600950c8788f6c25b40b9666b1", 0xfa}, {&(0x7f00000049c0)="61765db606f1c080b2b28a5a9b3954949a9ce03e797639e8d3c23da2af2eb2de6405e1c17d40a2445769d76af9c5ca3a46beac17e6ca6e279fc5a474c7438a46d74d07b5bae3498ed8afce651e453abd26b690eeb663295227f6b748bb51feaa06984f130562ebe6a8471837e731be5da5d9f7d03151995e7ea047b3d8d613ac1744bc347a916eb1dac89d1b0e8266f794e425b8dba604b838ead07c97fa3307a69c3279476db3f15753d4a43f039e545f97492c116ee55fe53035e829e4ea05e45dea31f08a76c11c81c9ab3fd602bef49fc255706c119cb78d7e31801e2114f461b02c687f923a85e1", 0xea}, {&(0x7f0000004ac0)="8c20068497a77c456a9d162dd678895d4563f05f325888087b8581790e3eaecb1280ea64add5e41b769d66457a5c9e86e4ded4171ec05db07db50165081574c9dc06f353ba443ecbc8e56617d97913e2565896d4490facffd3b70b3582e2cb4c33f96fc971ba48ecedde5fe50d5fb0bed092cb1c215d2d3a3f860a357a200a225dafe82e7c059d474aa3f704e2d1e019f0d5ae09e98ab88ad68085f0c50a17edfb6c7d0ae232acb810d629d5b50c6581024f80e7edc0e21af6390a42b0243f83a4218279f541ad9c70e5c736d2339710055c24eaa1ab9baffb13bc41019fa505d78ffa87d0af5b23", 0xe8}, {&(0x7f0000004bc0)="96bd777bb71788a6684fcd25e89c028fd74e9a1910dd10d2c1cd110c41a956f92d8868f96376dd1072062c0e61106efbabc290c66d6c1e57d6f65d14506f58113d6240e09f7b187cbe2f15b62b187b68de5e2b575328f275c7b85d415c1f2f15070cc2bccdb893a4c9659aa68079d7cafe137abb1dd86eb8a02512873b6bf86b16cbe994a7821e5be52627c139ad6d91117068fbe913652c67fc60d6a4742859cd721cd039d43c14ee0f3e83deea8ffb60db4ccba5e32b1c6cb6007082f9fe204b9539d15b784243ca1298ec90019eaed9a31a2babbcc0753677db764544496100f9f9e091814f281ac908461087568e", 0xf0}, {&(0x7f0000004cc0)="1bc8cf6301fee171dd", 0x9}, {&(0x7f0000004d00)="915d88b4777c1884a63f43042aed912f05b934d886fe1d0e1c8a8e08a9ccec553a79a8cb311444e4b66ff4475879f49aad4c022da7fd02cb3da7bb333e7d4770532be0aab9aa577203b5c0284d9ec7317492070e80b6a2390c", 0x59}], 0x9, &(0x7f00000050c0)=[@cred={{0x1c, 0x1, 0x2, {r3, 0x0, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {r3, 0x0, 0xffffffffffffffff}}}], 0x40, 0x20080880}}], 0x8, 0x20000000)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)

4.405370245s ago: executing program 1 (id=4653):
r0 = userfaultfd(0x80001)
prlimit64(0x0, 0x8, &(0x7f0000000140)={0x44, 0x3}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x8, 0x5, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3000}, [@alu={0x7, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2f22}, @jmp={0x5, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe}]}, &(0x7f0000000000)='syzkaller\x00'}, 0x78)
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x28}}, 0x200440c0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x404c80c}, 0x0)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300000003000085"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = accept(r1, 0x0, &(0x7f00000001c0))
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
ioctl$KDSIGACCEPT(r4, 0x4b4e, 0x7)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newsa={0x19c, 0x10, 0x713, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@remote}, {@in6=@remote, 0x4d3, 0x32}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @algo_auth_trunc={0x64, 0x14, {{'cmac(aes)\x00'}, 0xc0, 0x0, "e80c857b65087dea03da4c290569c738c39dac5defb806ba"}}]}, 0x19c}}, 0x0)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000400), r5)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r4, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, r6, 0x1, 0x70bd29, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x3c, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xe}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x80)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x6c, r6, 0x100, 0x70bd2d, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x2}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xb8}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xd804}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x81}, @MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xa}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}]}, 0x6c}, 0x1, 0x0, 0x0, 0x810}, 0x20008025)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x62dd, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@orlov}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=")
r7 = open(&(0x7f00000000c0)='.\x00', 0xc8000, 0x0)
getdents(r7, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

4.172198998s ago: executing program 3 (id=4654):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000000000002)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000300)=@abs={0x0, 0x0, 0xb}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TIOCL_SETVESABLANK(r5, 0x541c, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000000085000000730000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x101c088, &(0x7f0000000c00)=ANY=[@ANYBLOB="757466383d302c696f636861727365743d69736f383835392d312c666d61736b3d30303030303030303030303030303030303030303036362c756e695f786c6174653d312c756e695f786c6174653d302c726f6469722c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d302c757466383d312c73686f72746e616d653d77696e39352c726f6469722c6e66733d6e6f7374616c655f726f2c726f6469722c757466383d312c73686f72746e616d653d77696e6e742c636865636b3d72656c617865642c00c63b831754d4eeec4cf38c28cf1e3409b9950bbab09abe8d407d1c7c935e034461a37ac3113829124efad15a202673b20ad011cb0f0cedb0cef9f6ec5e2634db26ef8581fd506844d0133ac021c0172b4b36a109949512e8dc6a8c7d603e3ef3cd57451eaee1b0e4804b9ea88fcad7afb59594dcfeaf8d34935fa0e54a36c57d964429e7ec869287810e5d97759017ace0c3f5"], 0x6, 0x2c3, &(0x7f0000000900)="$eJzs3T+LHGUcB/Df7M3OrlrsFlYiOKCFVciltdlDEhCvMmyhFnqYC8jtItzBgX9wTWVrY2HhKxAEX4iN70CwFeyMEHhkZmeyu5dlcxuyJyafT5MnzzzfeX7Ps8PdXHHPffzq9OROGXfvffV79PtZdEYxivtZDKMTrW9ixei7AAD+z+6nFH+luW1yWUT0d1cWALBDl/v+ny+av1xJWQDADt1+/4N3Dw4Pb75Xlv24Nf32fFz9ZF/9O79+cDc+jUkcx/UYxIOI+kWhG/XbQtW8lVKa5WVlGG9MZ+fjKjn96Nfm/gd/RtT5/RjEsO56+LZR5985vLlfzi3lZ1UdLzbzj6r8jRjEyw/DK/kba/IxLuLN15fqvxaD+O2T+CwmcacuYpH/er8s307f//3lh1V5VT6bnY979biFtHfFHw0AAAAAAAAAAAAAAAAAAAAAAM+wa83ZOb2oz++puprzd/YeVP/pRtkarp7PM89n7Y2WzwdKKc1S/Nier3O9LMvUDFzk83glXz5YEAAAAAAAAAAAAAAAAAAAAJ5fZ59/cXI0mRyfPpVGexpAHhH/3I540vuMlnpei82De82cR5NJp2mujsmXe2KvHZNFbCyjWsST7kYeW639hUdqbho//bzt7P3Hj+mun+tpNtqn6+QoW7+HvWh7+s1G/VBELMYUccm5ios9aTC/T9rqIyjWXhpsvfbipbox2zAmsk2FvfXHfOeanuziKop6V9fGu01jKX7h2bjU8xz9efzRrxWZ0zoAAAAAAAAAAAAAAAAAAGCnFr/9u+bivY3RTurtrCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuFKLv/+/RWPWhI9Pz/LHDC7i9Ow/XiIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPgX8DAAD//x0KWZ8=")
statfs(&(0x7f0000000180)='./file1\x00', &(0x7f0000000080)=""/214)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_udp_int(r1, 0x11, 0x0, &(0x7f0000000280)=0x5, 0x4)
listen(r7, 0x3)

3.803781945s ago: executing program 7 (id=4655):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000005c40)=ANY=[@ANYBLOB="6e6f657874656e745f63616368652c6a71666d743d7666736f6c642c6e6f71756f74612c6e6f71756f74612c66617374626f6f742c6e6f696e6c696e655f64656e7472792c6a71666d743d76667376312c6673796e635f6d6f64653d7374726963742c6772706a71756f74613d278c006c6c6f635f6d6f64653d64656661756c742c696e6c696e655f78617474722c00a2b4db502b6ba8210424f7f797a6ddd50d26e73f72a841707ea019cc81c223d959a991615e17b58a4e3ec9b2e54b87aafbaf0036421993a261bd97b95beab3b8db73ad782b6009737439da6f1d157405f23efa22e2b774ebcf1fbf96b0f516775ed21aecaa6ba0f6d45e71", @ANYRES16=0x0, @ANYRESDEC], 0x1, 0x550f, &(0x7f00000001c0)="$eJzs3M9rI+UbAPAn7XZ/f/dbxIO3HViEFjZh0x+L3qru4g/sUlY9eNI0SUN2k0xp0rT25MGjePA/EQVPHv0bPHj2Jh4Ub0IlM1PdqgtC08RtPx+YPPO+efPM84Zl4ZkpCeDcmk9+/bkUN+JKRMxGxPWI7LxUHJm1PLwQETcjYuaJo1TM/zFxMSKuRsSNUfI8Z6l46/Pbw1urP731yzffXbpw7Yuvv5/eroFpezEiutv5+V43j2krj4+K+dqwncXuyrCI+Rvdx8U4zeNeczPLsFc7WlfL4nIrX59u7/ZHcatTq49iq72VzW/38gv2h62jPNkHHtV2snGjuZnFdj/NYusgr2v/IP+/7aA/yPM0inwfZeljMDiK+Xxzv5nvZ/txFuu9QTGf500bzf1RHBaxuFzU004jq2PzJN/0f9vb7d7ufjJs7vTbaS9ZrVRfqlTvlqs7aaM5aK6Ua93G3ZVkodUZLSsPmrXuWitNW51mpZ52F5OFVr1erlaThXvNzXatl1SrleXKnfLqYnF2O3n9wXtJp5EsjOKr7d7uoN3pJ1vpTpJ/YjFZqiy/vJjcqibvrG8kGw/v31/feDfuvf/glfU3XysW/a2sZGHpztJSuXqnvFRdPIP7/+Ap+/+kKHqM+4cTKU27AIBnj/4fmIbT6/93HsbhYTZ/mv1/6P/HYlz97+Ek+t/z3v+fwv7hRPT/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn1g9zX76Rnczn42vF/P+KqeeKcSkiZiLi8B/MxsVjOWeLPHNPWT/3lxq+LUWWYXSNS8VxNSLWiuO3/5/2twAAAABn11cf3/ws79bzl/lpF8Qk5TdtZq5/OKZ8pYiYm/9xTNlmRi/PjylZ9u/7QuyPKVt2A+vymJLlt9wujCvbvzJ7LFx+IpTyMDPRcgAAgIk43glMtgsBAABgkj6ddgFMRymOHmUePQvO/vL+zweCV46NAAAAgGdQadoFAAAAAKcu6//9/h8AAACcbfnv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/M7O/dyoDURxAH62cSD/FBTlnla4QRkpIcccIwpIE5RAWkgD1EBuKSGCFR4vWlbsaiWP7d3V90kwjAU/ZhA+zBtpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjT33q7+v3z66+uOYdjN3lmAwAAAFyzr7er5sU89d+31z+2lz63/SIiyoi4tnav4s1FZtXm1A+8v743hj8RTcLpO6bt411ELKqIRUT8/9T3rwAAAACv1269WabVenqajz0ghpSKNuWHb5nyioio5/8ypZWnvC+Zwpr/9yR+ZEprClizTGGp5DbJlfYkze1+rtrN7jRFasrHP59t7gAAwICqi2bYVQgAAABD+j72ABhHEbdbmeetwGlq2u29txc9AAAA4AUqxh4AAAAA0Ltm/f+sz/8L5/8BAABAV+n8PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPq0r7er3Xqz7JpzOHaTZzYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3LA/7ygQAmEQBnvXdyZz/8NKg6amJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb373l/8TU+NMMvfaWHoeSdZOja1TY+/cOPrD+Po1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAX/e6X/xNT40wyd9pYOh5J1q4aW1eNvQeNowfj7d8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxc79u0ZSxQEAfzOzs/FOxTXKFhFRsNDGy+2dd14nFkqw8E8QQm7vjLcqnim84xDS2Enqa0RLEUGJ3f0PVyeQJnYptohgYbUyszPJ5Ae4/prZZD8fePO+Owzzvm8WQr7zXgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKXh24dxkh064zguzm3tP1jJ+u1jfebRxs5C1rI4qjPps+HF6oeo21wiAAAAzI6krO9DCLvp5lLWx528/k/La7Ka/9unx3FZzx+v+8u+rP2z9svPe88fDNQZj5Pd9NbqoH/5ZCqt/2+W0+2Zv7yilT/5/N1Lkn8h8Xvrzw3T/HlGXz9+/E47D+fqyBYA+CculX0RlL8PZX2vycQAmBmtSuFd1v9Jp9mcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOowXA9PlnEUQlhoHcaZ7f0HK6f1jzZ2Fsp2/eHDjeo9s1ukIYRbq4P+5RrnMu0+v3f/zvJg0L9bf/BSCKGp0d8qpn/ngwkuDqGR5yP4j4K4+LKnJZ+zETT4QwkAgHMpLVpW1++mm0vZuWg+hNF3R+v/VytxmLD+3/vw+lZ1rGr936tthg2am+yyxbU/RqPRvfuvr368fLt/u//JG1d6b/au3rh27cZi/q5k0RsTAAAA/p120ar1fzx/cv3/YiUOE9b/n33T+7I6VjJr9f+EDhf9ms4EAABgtj378u+/Raecj9rt8MXy2trd3vh48PnK+NhAqn/bXNGq9X8y33RWAAAAQB2G69GR9f+blThMuP7/1Pcv/Fi9ZxJCuFCs/19a+XRws77pTLU6/py46TkCAADQrAtFq67/p/n+//hgy0McQnjtlXFc/BvAier/5N2vfqiOVd3/f7W+KU6luDt+HnnfDaHVbTojAAAAzrMnipYV+7+mm0sf/XTx/bb9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1+zMAAP//H1NCtw==")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0xffffffffffffffff, 0x58, &(0x7f0000000340)}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000005780)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2800053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x82)
renameat2(r2, &(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r2, &(0x7f0000000200)='./file0\x00', 0x4)

3.769972678s ago: executing program 5 (id=4656):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000480), r4)
socket$igmp(0x2, 0x3, 0x2)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$igmp(0x2, 0x3, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0)
syz_open_procfs$pagemap(r3, &(0x7f0000000440))
recvmmsg(r5, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000004c0)='./file1\x00', 0x3000046, &(0x7f0000000140)={[{@dioread_nolock}, {@data_err_abort}, {@jqfmt_vfsold}, {@delalloc}, {@data_err_ignore}, {@usrjquota}, {@data_err_ignore}, {@debug}, {@noblock_validity}, {@user_xattr}, {@block_validity}, {@errors_remount}]}, 0x1, 0x567, &(0x7f0000000700)="$eJzs3c1rHOUfAPDvbDZ9//2aQikqIoEerNRumsSXCh7qUbRY0IO3uiTTULLpluymNLFge7AXL1IFEQviXe8ei/+Af0VBC0VK0IOXyGxm07TZzW7SzUu7nw9MeJ6d2Tzz3Znvs8/sM8sG0LeGsz+FiBcj4usk4nBEJPm6YuQrh5e3W3x4fSJbklha+vivpLFdVm/+r+bzDuaVFyLity8jThbWtlubX5guVyrpbF4fqc9cGanNL5y6NFOeSqfSy2Pj42feHB975+23ehbra+f/+f6ju++f+er44ne/3D9yO4mzcShftzqOp3BjdWU4hvPXZDDOPrHhaA8a202Snd4BNmUgz/PByPqAwzGQZz3w/PsiIpaAPpXIf+hTzXFA89q+R9fBz4wH7y1fAK2Nv7j82Ujsa1wbHVhMHrsyyq53h3rQftbGr3/euZ0t0bvPIQA6unEzIk4Xi2v7vyTv/zbvdBfbPNmG/g+2z91s/PN6q/FPYWX8Ey3GPwdb5O5mdM7/wv0eNNNWNv57t+X4d2XSamggr/2vMeYbTC5eqqRZ3/b/iDgRg3uz+nrzOWcW7y21W7d6/JctWfvNsWC+H/eLex9/zmS5Xn6amFd7cDPipZbj32Tl+Cctjn/2epzvso1j6Z1X2q3rHP/WWvop4tWWx//RjFay/vzkSON8GGmeFWv9fevY7+3a32D8bc+jzcqO/4H14x9KVs/X1jbexo/7/k3brXss/uj+/N+TfNIo78kfu1au12dHI/YkH659fOzRc5v15vZZ/CeOr9//tTr/90fEZ13Gf+vozy93Ff8OnP9Z/JMbOv4bL9z74PMf2rXfXf/3RqN0In+km/6v2x18mtcOAAAAAAAAdptCRByKpFBaKRcKpdLy/R1H40ChUq3VT16szl2ejMZ3ZYdisNCc6T686n6I0fx+2GZ97In6eEQciYhvB/Y36qWJamVyp4MHAAAAAAAAAAAAAAAAAACAXeJgm+//Z/4Y2Om9A7acn/yG/tUx/3vxS0/AruT9H/qX/If+Jf+hf8l/6F/yH/qX/If+1SH/v/l0u3YE2Hbe/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly1Liw+vT2T1yavzc9PVq6cm09p0aWZuojRRnb1SmqpWpyppaaI60+n/VarVK6NjMXdtpJ7W6iO1+YULM9W5y/ULl2bKU+mFdHBbogIAAAAAAAAAAAAAAAAAAIBnS21+YbpcqaSzCs9nobjVTRR3S6QKPS3sdM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8FwAA//9SSDk+")
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)

3.391592445s ago: executing program 1 (id=4657):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000005c40)=ANY=[@ANYBLOB="6e6f657874656e745f63616368652c6a71666d743d7666736f6c642c6e6f71756f74612c6e6f71756f74612c66617374626f6f742c6e6f696e6c696e655f64656e7472792c6a71666d743d76667376312c6673796e635f6d6f64653d7374726963742c6772706a71756f74613d278c006c6c6f635f6d6f64653d64656661756c742c696e6c696e655f78617474722c00a2b4db502b6ba8210424f7f797a6ddd50d26e73f72a841707ea019cc81c223d959a991615e17b58a4e3ec9b2e54b87aafbaf0036421993a261bd97b95beab3b8db73ad782b6009737439da6f1d157405f23efa22e2b774ebcf1fbf96b0f516775ed21aecaa6ba0f6d45e71", @ANYRES16=0x0, @ANYRESDEC], 0x1, 0x550f, &(0x7f00000001c0)="$eJzs3M9rI+UbAPAn7XZ/f/dbxIO3HViEFjZh0x+L3qru4g/sUlY9eNI0SUN2k0xp0rT25MGjePA/EQVPHv0bPHj2Jh4Ub0IlM1PdqgtC08RtPx+YPPO+efPM84Zl4ZkpCeDcmk9+/bkUN+JKRMxGxPWI7LxUHJm1PLwQETcjYuaJo1TM/zFxMSKuRsSNUfI8Z6l46/Pbw1urP731yzffXbpw7Yuvv5/eroFpezEiutv5+V43j2krj4+K+dqwncXuyrCI+Rvdx8U4zeNeczPLsFc7WlfL4nIrX59u7/ZHcatTq49iq72VzW/38gv2h62jPNkHHtV2snGjuZnFdj/NYusgr2v/IP+/7aA/yPM0inwfZeljMDiK+Xxzv5nvZ/txFuu9QTGf500bzf1RHBaxuFzU004jq2PzJN/0f9vb7d7ufjJs7vTbaS9ZrVRfqlTvlqs7aaM5aK6Ua93G3ZVkodUZLSsPmrXuWitNW51mpZ52F5OFVr1erlaThXvNzXatl1SrleXKnfLqYnF2O3n9wXtJp5EsjOKr7d7uoN3pJ1vpTpJ/YjFZqiy/vJjcqibvrG8kGw/v31/feDfuvf/glfU3XysW/a2sZGHpztJSuXqnvFRdPIP7/+Ap+/+kKHqM+4cTKU27AIBnj/4fmIbT6/93HsbhYTZ/mv1/6P/HYlz97+Ek+t/z3v+fwv7hRPT/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn1g9zX76Rnczn42vF/P+KqeeKcSkiZiLi8B/MxsVjOWeLPHNPWT/3lxq+LUWWYXSNS8VxNSLWiuO3/5/2twAAAABn11cf3/ws79bzl/lpF8Qk5TdtZq5/OKZ8pYiYm/9xTNlmRi/PjylZ9u/7QuyPKVt2A+vymJLlt9wujCvbvzJ7LFx+IpTyMDPRcgAAgIk43glMtgsBAABgkj6ddgFMRymOHmUePQvO/vL+zweCV46NAAAAgGdQadoFAAAAAKcu6//9/h8AAACcbfnv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/M7O/dyoDURxAH62cSD/FBTlnla4QRkpIcccIwpIE5RAWkgD1EBuKSGCFR4vWlbsaiWP7d3V90kwjAU/ZhA+zBtpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjT33q7+v3z66+uOYdjN3lmAwAAAFyzr7er5sU89d+31z+2lz63/SIiyoi4tnav4s1FZtXm1A+8v743hj8RTcLpO6bt411ELKqIRUT8/9T3rwAAAACv1269WabVenqajz0ghpSKNuWHb5nyioio5/8ypZWnvC+Zwpr/9yR+ZEprClizTGGp5DbJlfYkze1+rtrN7jRFasrHP59t7gAAwICqi2bYVQgAAABD+j72ABhHEbdbmeetwGlq2u29txc9AAAA4AUqxh4AAAAA0Ltm/f+sz/8L5/8BAABAV+n8PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPq0r7er3Xqz7JpzOHaTZzYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3LA/7ygQAmEQBnvXdyZz/8NKg6amJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb373l/8TU+NMMvfaWHoeSdZOja1TY+/cOPrD+Po1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAX/e6X/xNT40wyd9pYOh5J1q4aW1eNvQeNowfj7d8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxc79u0ZSxQEAfzOzs/FOxTXKFhFRsNDGy+2dd14nFkqw8E8QQm7vjLcqnim84xDS2Enqa0RLEUGJ3f0PVyeQJnYptohgYbUyszPJ5Ae4/prZZD8fePO+Owzzvm8WQr7zXgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKXh24dxkh064zguzm3tP1jJ+u1jfebRxs5C1rI4qjPps+HF6oeo21wiAAAAzI6krO9DCLvp5lLWx528/k/La7Ka/9unx3FZzx+v+8u+rP2z9svPe88fDNQZj5Pd9NbqoH/5ZCqt/2+W0+2Zv7yilT/5/N1Lkn8h8Xvrzw3T/HlGXz9+/E47D+fqyBYA+CculX0RlL8PZX2vycQAmBmtSuFd1v9Jp9mcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOowXA9PlnEUQlhoHcaZ7f0HK6f1jzZ2Fsp2/eHDjeo9s1ukIYRbq4P+5RrnMu0+v3f/zvJg0L9bf/BSCKGp0d8qpn/ngwkuDqGR5yP4j4K4+LKnJZ+zETT4QwkAgHMpLVpW1++mm0vZuWg+hNF3R+v/VytxmLD+3/vw+lZ1rGr936tthg2am+yyxbU/RqPRvfuvr368fLt/u//JG1d6b/au3rh27cZi/q5k0RsTAAAA/p120ar1fzx/cv3/YiUOE9b/n33T+7I6VjJr9f+EDhf9ms4EAABgtj378u+/Raecj9rt8MXy2trd3vh48PnK+NhAqn/bXNGq9X8y33RWAAAAQB2G69GR9f+blThMuP7/1Pcv/Fi9ZxJCuFCs/19a+XRws77pTLU6/py46TkCAADQrAtFq67/p/n+//hgy0McQnjtlXFc/BvAier/5N2vfqiOVd3/f7W+KU6luDt+HnnfDaHVbTojAAAAzrMnipYV+7+mm0sf/XTx/bb9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1+zMAAP//H1NCtw==")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r0, 0x0)
ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0xe, 0x1c})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0xffffffffffffffff, 0x58, &(0x7f0000000340)}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000005780)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2800053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
renameat2(0xffffffffffffffff, &(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x4)

3.352843559s ago: executing program 2 (id=4658):
syz_mount_image$fuse(0x0, &(0x7f0000002440)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r1)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_INIT(r3, &(0x7f00000003c0)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x4, 0x800000, 0x4, 0x400, 0x5, 0x1, 0x0, 0x0, 0x1, 0x74}}, 0x50)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
open$dir(&(0x7f0000000140)='./file0\x00', 0x500, 0x40)

2.989655595s ago: executing program 3 (id=4659):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="30000000ffffffff00000000000000000a0020003a2a5e00", @ANYRES32, @ANYBLOB="0c001c8008000000e0000002"], 0x30}], 0x1}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
r3 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r3}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, 0x0, &(0x7f00000002c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r4}, 0x10)
creat(&(0x7f0000000080)='./bus\x00', 0x18b)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000004080)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000280)={0x8, &(0x7f0000000100)=[{0xe7, 0xea, 0xb, 0x9d}, {0x9, 0x7, 0x8, 0x9}, {0x6, 0x4, 0x0, 0x4}, {0x0, 0x6, 0x7, 0x3}, {0x3, 0x8, 0x27, 0x7}, {0x5, 0xc, 0x6, 0x5d}, {0xc, 0x8, 0x2, 0x3}, {0xd79, 0x5, 0x6, 0x5}]})
mount$overlay(0x0, 0x0, 0x0, 0x10000, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2210886, &(0x7f00000001c0)={[{}, {@dioread_nolock}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
stat(0x0, &(0x7f00000008c0))
socket$can_bcm(0x1d, 0x2, 0x2)
io_submit(0x0, 0x0, 0x0)
personality(0x6)
removexattr(&(0x7f0000000600)='./file0\x00', 0x0)

2.574134556s ago: executing program 2 (id=4660):
syz_mount_image$fuse(0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r1)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
open$dir(&(0x7f0000000140)='./file0\x00', 0x500, 0x40)

2.423603671s ago: executing program 5 (id=4661):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x88)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
listxattr(0x0, 0x0, 0x0)

2.387965705s ago: executing program 2 (id=4662):
r0 = socket$inet6(0xa, 0x2, 0x0)
pipe(&(0x7f0000000040)={<r1=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32, @ANYBLOB="000000000000000024001280110001006272696467655f736c617665000000000c000580"], 0x44}}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x2a, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000fff000/0x1000)=nil, 0x1000, &(0x7f0000000000)='%\x00')
mincore(&(0x7f0000ffd000/0x3000)=nil, 0x3000, &(0x7f0000001180)=""/4096)
splice(r1, 0x0, r2, 0x0, 0x4ffe6, 0x0)
pipe2$9p(&(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r5, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r6 = dup(r5)
write$FUSE_BMAP(r6, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r6, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r7}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r8}, 0x10)
write$FUSE_NOTIFY_RETRIEVE(r6, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./bus\x00', 0x10040d0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './file0/file1'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}]})
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0/file1\x00', 0x200810, 0x0, 0x0, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
syz_emit_ethernet(0xfef3, &(0x7f0000000200)={@local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x64, 0x11, 0x0, @remote, @local, {[], {0x4e20, 0xe22, 0x64, 0x0, @wg=@response={0x2, 0x1, 0x100004, "628e0960f6d6d3f6ee6d6b84b345dccac643e7df3e526ff07833b291322d4a74", "882ed6741e7632daeaec0c95f2ad1cd6", {"8fb3d9fd3efe8e4ea8b5ec7448ddd6a3", "215990e1b896120966af96b22cf049f0"}}}}}}}}, 0x0)

2.277278056s ago: executing program 5 (id=4663):
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000003100)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x9200000000000000)
sendmmsg(0xffffffffffffffff, &(0x7f0000002c00)=[{{0x0, 0x0, &(0x7f0000002580)=[{&(0x7f00000002c0)="aaacaec3a21f4d8f782e5c86f91caa2cc9db63d222ef3f63f8db04720d519e4f9dffc585eb3f0f1e931758728c999f273a089f5d46c53b4eb45a53462ef7dd734e70f55c03eb057233d00d9db32308c431472d03a847f1d5d2f8d58a817376f47c1752e4a926ebe66acbe9c8a5978349c6e96d4ab900586df93b3b8487438fb0af8c0d0ab0d4cf3aedcee7ca8ecfa0c41e50affd4deb3118d24819f43ea3bfa028", 0xa1}, {&(0x7f0000001480)="776a9242b8e370289ff8f907a59877198548c0c7662416a6c40c4e8991389bb438952e9a7e04f8da0159d1f23064c5d33ec4e94d5e4b98d1f324a22de5f84ebaf0f398333ffbb3f9844d766d4d953009bd163f3c4f361ee54004bf5297b5cbae76978e1edaaf2d381e8463a30212895e947cdb5e90532cedf16b54402acd64b98606c04a74f748ca6115f9f4eae7cab73c72d7d8d4b7c723ce804f7345f834f8b229c3a56e1ec7f99a912e4c819fa4f535e5fba5a5140a22370d3ceaafb0e1f3b1c0dde228ea69b97df58d36ae57272bb542aaa1a919e1be72b94e65b6a7b8c930cacaa16aa3211ec9619be65b6c1c79c1e2a57e85d4b079d9a8da0feff23b61882bcb0ab0656d05ac9985ffa21aeb4c300b26e3e7ba10c94c9f6a82e06fd5bc10b61a2d99a9f411eee37cea2584634609d72c722eec0e0ee7a4f279883118b0f292ef7372d750c723332ade9108ccf0653ced9f0b3d5a5362ce50078fd2600232e0040981212a7cce10e5f1e5201a24e62aa915a384c1f63e8e4a156d9e7d83e56c575930e9f21af37f11161517d9caf4f6da6bebaf793a22f790a07b30132905399fbfe22d83488d187f206ad5a10826203e8bf149a683bdaa33d8f930624714827573d4019b033fe13a06c5128304e3f123d5be2c5d770a1c452b3574dc136ac5603db9028c6d5712e1886d5504ff8f6b197ffbbdea4f16a7d5e95751c82065c655d94e9272649de16d0c571cf5e3a879009d0385efee79238d0117f4fe94721cf290afd083b560cfe8306c4eba8ebc69241368d52e7c547d942c76338f131ad811194115b79cdd876810ca372e669b24abc1bc8ccb8e6ae2d353ddd485445af77fa5837b66f94c5bd6f69f06ebe54bf2a76a2e98c7ef891d99772a81d552ba15c527199c5ec24f0f817b7a3372bc48ceb9b6a4c9bae63f96acf70f63d1c9be8c2a19679ea8fe889964dd36ac3ad0404476eef60013c34d4d6a17d53683179fb43f193a1f82c407204e35ea828ef7c3f0e106c700ef8d6e932164d32acb090aa33b98cd07f7be8d04102f13002b1986419e35f580265beea7862681a14eb7285311889dc3b684e044f45789fc46fd06606cfbed58b5a971d9cc1cbc3810a7a4855c29876c3e6de406593c583e20b4d61cbd9caa908ef56fae349fd72417ea59870a8eb789f4f7ddef64f09893ac50f6c05697eef28e9045b89658030598b791672f5b2729917827efe2766dc920b65080db66609345b299b6ddb66575c3fb9c651f411423a9b6d20607bffb8dc7de2ae687f41427aa4567428909ac92e3654e37422c8df590dd196a743effdc533705ab2c3657c2f20accd9a0f4b096ae6cb1454df710207de1d4323e5037f05b694248cae29dfc15c0535236bbd4680673631b4a11efb91be20c80aa367badf5bfffe50f274747411ab61ea48c60262930522600806378c9b3736dc7f0fc23a974d866de03d14446732f131ded87ec435b807bd440fc895cf48aace0922e3f3cf399c85b1a55e4e4498929318fb035528a7a375a779e37fee6085037a2f5dc23a7567206064ba1d90a9fb3d9bb4160b411174c99a52a60562b72b2c4ed74f9e94031910432e117170b9cb5f0f96a6c5d93d243118a36e448a68282e6490420038064c1788816429ffe3467327df28ba1e1b73c00c809ccc488cdd0535341dbf97f89f9f8feb85984fbc0edbd52128420ae2e8551b0b2bdbc3e66a2d040fb9b7cf95e59af7b90d70f07fe6eaa69d10d43157e0870e37efcbf65cfd5ceb0ee46244e421cd1efdaaaa05b78b977b99a4d76b44c2afe77c5f045cab31bfbda389af76a75c814f781763c1600de859d277f3a4829177f192253084e947d49077015e3074c61819c41eb16cb88ab10b3bdfa494797d46028214da3714d9a58458fdb4ed8cc186d4ff7c492ec8e8e77b84343934cfa68faa4c90226ba4e930b63b7875eba72834787fddf09c8053fcf802684a08dc68dba8c9f2084fb11f6f149388b2134af90dfbc1bc5d9b855b622be6e1c0a5c076f4f30120b3a7dee9857ca109fdb97a10ed3eeba985d0a4063285659d9938ae6b95520274ad2aceba2632b1b333b712e0aebb243f77055f5435936b5be97195e7e9bc49e398ee20d052ea6f699eb6dfc06fc840b294226a758de7a43d2ab738584485fe46b88bac5ecf87795ee847c5f79605639b8fa11a45410ac71e706a8afc3c02517ff5710483f2fbd8d82e97d91f3f91d1538135ca1ca391d7076894622967371565dcd234b32e28c60b3b9482ca6fca76f63675a8ff227b96bb90ca0fecd98d0c7c1780659557f73dbedb86bb2d96bcbe8107555ce6c80924ffbe3df3647c443105ad39374e5d2fec06378395522a7107184690e244385a27e8a169b6c0a077ef319ace2088c58179a91c361ce0e759ad1eb15d930c754982bc4b1f2e33bb3fd4e11c4d0bc04519c4f421ac41cebec36373f556f61dc9cce9779c60db4409522968c9df2d8dc8d5d56b93ffbdad706b2063d38c2493f832131977aa3a9fcce0651cfb10ff6faac20563c52356c7e8301b9696649a7833f0bfcb69cb302b1291214f5f660b474950b48ede065025f3f50fd2606567ff3a901cad198678501d7781ad59de3316f7a286394c5cb62f4864e1cf6b845dcc3eb7dd9d76706722b1dc197b52e1b758bcd5f536323826913c41a4703d779e4def3a6f31636e28232f28e1ff15f0ad21773f0a832022f41b7e4052f26255b3f84998ff809aa0f0eb54ac95e15f5b7a87d88157ecc63e2b4da59ff4385053a717f459c5b2eddbdcac9b23f9cf8a6646d3b2a0b208a7f23752ac2b0dc58d9ca0f8c857821f0cfe052d7788c56bb3b67655325d459b9ae769d94fcb0e77044f2a8fa9afb796115466b290719bd41ba265ba00a94c00c2f1cb17deb899faedaf2731e5005f9e9c738efc19fab4b8c1552eb0bae5b3e3727cbbeed636c09844beca40eab4acadf063fe39d23de8a8b09135bad999f9ab63e946e8286e2a25cfb443c10eabdfa0f074a50aa536bb9a4b07d32d53b816b5e54c77fd381567992c6d27085373e465a0bd3452a38dc199e141fb9149b8029dc94c7d67c5008c6324d00d40c34e467317825c6b4293a62fd4a718d2211f943b252d7b50b5dba2cc66f85aacf37f4ce8a6d61b04caa20c0bb8b5f8ff0f321891499909635959a4f124d74d0edce79070369b56b396ed30bb0eb4db0e28a46db9a2a2503fae7e910c0c960abebf5a45f6f541a80a512efc994524c7f0112358d3dc2e455e0c4d904d21aebeeaf39365871fe1357647b399a647e96f6c5bba04813aee324dcf8d6eaa1fb762e88d946d50545dc0b530ff9f8a77624c8326b010309dbe117ea4f2a1bc24e5252dfcfca371559e8913c88d7b2536cf13fe83040fa4d4474c9d3ab0dd420ed580072e0373707125678a8e5954c70f37b4705907f2c27bf0d32847b35021ff5941362156652c1441ac9adf56add64167f704e3498782cfdda194c0345311a432635799fead1aab8c503d3ccf56f5be1e410772f8b57f20dd7757567f2249735703e8396e638c0f61cc389c3b48cae1c208b44de77ac0933aa6d4f3f9dfa300b2bd24971825086a938db4dc346fe067772de34007371c25208f4d9a45575cecec3ccc59e6d636bfa8dad071f60d1aa36872718bb59c0d895743d1a155891742e8e237c3ddd9017f400ba9c684e92260960c9545c33ff837be3700703f7693d9a1f1e632de5621950460a1f030c6bd6e8aaf35d738fd767310a667cc627868c45df108fee2a2ac1863436697ef799e973d963afce1e6f5fd2d044db15ee1a975c9889f2505b5f3367a3ab566205c10b335141ac02b01c9055b29c509097c6d9a9528f5a0c2fa780774d856db7bdeae29875fb70fa0a4926713898842a4688362d526a48b676e563c65201ad51809139b7ee85da03c0c2cd88cc9913928ae7daaef02cc02845a9242ff95f968aa19a44a2994de343b535a25d5f443808f00c6d8b22421528cffede2303559ffa6511012e5eb3c0e72782fdfc91c242a26f731f1f0775f692c25d2a8d01aeabee20087dc1df70adc21877ba3df7faa286790f5b86b44bbef8bca2549efc8883f7cd8bbc8a19213198bb2325fda526cef808de85c2d65a2c93cc01d67a896ee1b6618b05233ca5cc2f363ed8a4aa102e3f6999945fa1623df5a324b53bdd2353d50e9691bb25caf5f454653a147e8dfa807ec80f5e853010773ac57579e7ef242842eb33cae83ac09b067cecf54120317a8bddd83a98e8dca832115b7ceae17d1a76b77bb27557fbc8e29da571f9d77ce354a086cdca519a40558107e7527a8e7d70eefd591f3f6158a171a6ff494662dcbbbcdd6bd712edce155fee686033112e774bed529b9971a080c20bb69879bc911ffc47716ce14aa61fe87819bf1a86f62e1d8f3faa4b536d3fcc91d5fa51ed49e85013a99329e230129f21f31845bee8847f87ce64e94c31697ef55d93d52dd96c9b5a7f57dfbf9ffb261db2abad462fcab3150deaef158654a4974bb7a4833948d5ba9346b8e2aac04e32d85e47787dd18fa3f529f6bf70f5269f98abe5274b3e4b30b0da88f7db566db5801e9e9106eb55b0b951e3a3a04ea1f67fdf63b64caecf3013db7829eac5c802202baa9f29137551b19e48b6fb1891e42bc0c6f66c350d14143c68a756271604491c4f3a82a460d3d70f77534a5ce6d7b983a20a264449974fe9794c90ff22e8f385b6fe1fc69d545367480cf7173bd12600e55d57b6ae7940bce450e786e4885eb746ca3d2358b435f646e50b69ed7045b3d3ad10de08cc806c6b73991763fc8a3591db8fe42df2acf7776c9765b5fd8137504daef4f20aa9107a121b3048a2f9b332d092eb6dc9b83317c6e721f923af74ee4fb5a2e9d21c83e082d8e37e3298f96392a441c5979903f47bfb217a8b2ad200cdf18c2d165841e8ee7b1349c59b212eddf4d6fad54ad10b20b3fe7b6b5ba7ed9799e5711887137d766fa2241b80eec01917d8b4f36db8a8a860289d6cac3059e908c3a8d5f314db3d591fceccc24f149b0403c6c939de325cfbbb612a83d617cfb94ab4be59071fee8e10d260bea8a8cb4d1178147f8aa914530cec172914b73189fd9ed8ed3c43f13f0972b8bb077e00d30f3260ef97b8ac33852c56813534291fdda9257e8791873b8c70d4c2bf42511dfedb62ebc0cdc3150bbd6345d1976d964cc198cabfe44582f6531d5eb4487fc5fae245a643821b92de3bfe3b726fc4ef8f32df36997ebde6cf9913e3c9fbe57ed232297d68d74ec1a575542de9e7ad7bf4556f2bc2e6248d9a436ea37091e9517113fb7b418d1a58f909a658714f084a90307a2c2991ab1cda1c2d1708ed1c614cfb7e02772903ca14396fd32472fa62ed92473a259a5268ae5b75cbf3a9d6ba98679efee9d34b3280be6678a77660d94f3377a3c1d60eb36971e14921681eba0ffb6e0f3caac03d2f07523f225ef57a1d428beff7b394d91b0e0c43d3b3e145fe4f507735f23f09d0ed9e7981fdeb36e124469d573f0ed3498a7573d070b6ce7fb18035f6dbdce32264295865ca689666962a4b640d5ec337f3b1e8fccfb73434a1150012ccdb5cbdc87a1e4411a036747322028a936aa2776699b6813cade7484368d67c7f8927d340dfc6b6760bc3879fb395e8dc706525a10089bec57791a8e70266a22f7d8a4398c4a5f4be3fdd447bbc0cf653a94aa19b025a8b41e2f3b75ae9ad43f078cc15fdcba20557a2bf4b1f1802e3f902e74946d26937", 0x1000}, {&(0x7f0000000440)="27852c4b2ea19673e3398648ccc09b63e8aebfdfe7d84e5e7c465a88a7856b36d4247e49afe2890d2ed4cc8836b902042c2783818db21a62624b87", 0x3b}, {&(0x7f0000002480)="76cd2e10af4397a014bd7688bb439cbdbca4edd4426452734c5ed79cb0ee8e1c01eefcaa5d24cfb43aca34740d4c8aa02901823e0a8855e469ecb682", 0x3c}, {&(0x7f00000024c0)='0', 0x1}, {&(0x7f0000002500)="7a16b5f579606aaf4e1dc5a02d59", 0xe}], 0x6, &(0x7f0000002600)}}, {{&(0x7f0000002640)=@isdn={0x22, 0x2, 0xfd, 0x4, 0x8}, 0x80, &(0x7f0000002b80)=[{&(0x7f00000026c0)="0a9ee98a7463abf17b2388e7d1212c5cc45241b2c14ae7b174dd60f678ee738439bf8a21ff8f11e68785a0d674c9503171259790822b01d7476629e0959dead675f2749c81d932bba85d9d73bc51e4320b9097b0ef31522f30b751ddf7d9b5120c76e32a006c01314767239eccd8afcffb674e51a8da5aff63295cebd476531a4fffab2afaab917d2e9cd21fabb3fa9e6460754a", 0x94}, {&(0x7f0000002780)="08c218ec53afe67378540b8bd22b379ea6cd1d3e155865eef65122734e1ffbdd67a43c16bd2fb4a95b38fcf04e4633152199f308c14631f6aa35bc9a6a0e6989537c79bc91f179817258042384c543820ddbd36eef057f887bc6d4af71b9f9c90910794340b93fa27adb3c11a3b8ca44e7dc7ac100", 0x75}, {&(0x7f0000002880)="959952271561f5fff12c1913656e18ad0ef4ae79c7756e3b5762ca35c6e98dc17976745eebfc9f34207082d66003cb6bb90485fd231377c7bcddd025cb76a0bcfe0284ea9678089ff4e8b6ad87608072dbf94d7883e57b49c282a8c3d8466cde02ae7d47c90435f92eae3525602c4787d73890e1e578835c7d218176787132d4416e33943e85878fcb5969a3fc194699f89d34319d5e9e94029981ebac75b67e2a69e22c1f778c9a1110f98e339ef4b985c8980b13e5c0d91b7f6f3e12cc0f9b47e25ae8812bd6ee42040d02c9e7777dd610bccbc0538be4f89fa0b34c469f1a6d304ec5bb69302e485edd8dc91ca554473bd123bad3bff4e5453953", 0xfc}, {&(0x7f0000002980)="337f313a9ed272bade477a3f2cc71ee5d32896709a8d3e428b9cdb028f05d90a998641af56d664e82b8d3c94d5c65d9a7cf2cca5a5153dda960ed5838f4d442eccd8bb35cd6546b2439f6baccb8c1ac749975802e814f264dd15470306ac328a7a1d6d777c14560526fcbc210c244e9141bcecb6405fb557e5e0a2278a31ecfe72bf75df5dfe248ddbc16b18d299ebbf52cf1ed5d7d05442b74374b5a2a0ed678ccc0dbfce25a620e4", 0xa9}, {&(0x7f0000002a40)="b7a846dfc5e8b4bc5ea6db097e14928352935623b9fc08d674de82d4c559a3fb3512c13ec99510eb6b62c46b902ee47ee83eda8a30481bf898468253f44e6a3e9b5415", 0x43}, {&(0x7f0000002ac0)="2ea0773590da13cf21bf6ff2305d6ae26d80405f1252f97e73ef3100346e55c679e5988cf1c91390beb2b9e1558cf2d5ddbf1a23d32ed99746885fa4aae38ff6d1d9909f338b1aac56b26fc85a5aee9ca2a9186e9034ac4b2768db1780344e20ee0708b0cfc4dc51590e3321de175de2e98017490af155092e5b6874c5e0996fcce63ef183915c88c6f2e8f6b1100ab8314aa23cffea7755627987", 0x9b}], 0x6}}], 0x2, 0x2404c011)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.memory_pressure\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[], 0x10448)
getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000002ec0)=""/131, &(0x7f0000002f80)=0x83)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000002e00)={0xffffffffffffffff, r1, 0x8001, 0xc2, &(0x7f0000002d00)="2beb24c8b0f30de7eae3327b78942520eb6e79eeb102fe0fd0b537216267c363e00c179dc17ba059d2630392a9806eaeb8277938fad5a643c451c0459695f9d061d3798ae37b8b6daea2296dc564eb2d8519f1857ababdc1b3b4805a8cd97b6bae0b569185d55207b23ff452840e558b958e300cbd60427f5e67da1e22bda3d9ae1e981c9cb945902e03d65ed75fe01796f84dd9f2c7cbbdc93074ad12d84824ba8bb5655d1dfe11833f16563c1e5eb5b6097ea300ce6f8d9b7db0fd969a99b8c7ec", 0xf, 0xae, 0x2, 0x1, 0xfffa, 0x3, 0x2, 'syz0\x00'})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002c80)=ANY=[@ANYBLOB="5800009f09914de991000002000000000000ffff861a8663b3a0efe267", @ANYRES32=0x0, @ANYBLOB="421c00000000000024001280090001007866726d000000001400028008000200010000000800010002000000140003007866726d3000"/64], 0x58}}, 0x0)
openat$pfkey(0xffffffffffffff9c, 0x0, 0x8080, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000100)="d8df0f23b3b9ce000000b807000000ba000000000f301b8154fea900c1210680320000c4e28ddc8dcd000000c182fd3f0000c8b950020000b801000400b9a6080000b80000010066b87a000f00d80f300f300fc79d53bf0000c4b9e16dc30101220f01c3", 0x64}], 0x1, 0x14, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r6, 0x4400ae8f, &(0x7f00000001c0)={"04dfc86351907bcbc9293982262169af775bedfb0a63cb8031ecdc5351097e022d45a9640a4a4b506dc328f61ac030dacac442d82b9e81e6847961e65610b8f6e25f9eaf1a9f48ac011b67d68f8725991345a1f8ed6450a11246c6424cd7837f6bfc47209662ba0d0f44149fcefbbf6fa5b40644bce6cf7210107f57b850d0c9af06c766af1c637aa057167a6910e2e185b8d972e49eeda481d9a58394ef43958ce7407e73d6460653fc672aa4ab6a26bd1a631fa3a0f2b025ba137b8e3f933af28e1ea9984bc0438ea00b5f5b16893a22bb83ff1c92407a946d4dc7d347d526db0e71bb38f873937ca7343fb7248867adf5decd52e74f05c768c3b1c8282b9b1b1bc0f7ae08917b2abe3d3305e32b8db562d19dd7c83fde6dbe03ef72aa7ddc00144895b2a1981105046a28ca0852521afbcd560c15cd9f33e36417a251af7100392b6cdb0bbed4670d746c45fb5589f279cfd594911cb11f2a7336af10b2332e731f2eec8287c735f2346449f1629fde95d6c78bed90645bb280e222976d5721ee6dd6068cfd6174d2382e524672a2656eed5cf34eff27c2974deebf2aa6226e3fa2f15ea8db5891a062d422607a450a32cfdfaaeadfb2498e79fe9e47089b2a8bbdbdcbb076ebbd9c8fdc6246c00a34176a1c46a924ab4c3877215e5666c7b384e9238b3ad6ac559d90e22170d6915c7150a1858eb3f20a1847642018840b49c335074496991fb3193914f5213846ff8bf5b389298d797dfdd4a1d116caec17f13152c9699caab72a96d364134266030e67ada0de8d2bb05091f7d855fe1c435574856b0f8de9dc6af14ce179e3c0b6b563ccb8e02900fa9412784b0e5fa71a6e4499fecd1343d289daeb929d0cbd96f9f4501bc9d6d9d0b4f462aaf2556ce92ae6438bb3e3aa258c8c4ba6646f99f5a3d4f14f677353722cc81a8ef1f68d41ad1bef785b248faee830613461239487bee1b53724eb28301420ced16a8110a8680c91c665f8eff65e2d48f95db7ad4f30d079a39a2286fb3df3472d330f6f11fc7d1939a923c50263b3e0314037ec808df7cec279df5785fa2124d1650563799defc378cb9506ee7142eb108b3f4125ade3d9a73646bfdac795c753895b2ad51d358eff496d1c1a885c30b85b50eca89bf14ee50ae3301805f1691b3a391d7575c9a0a514710ad3e590491c60bdab122222c66cbb155452a01cb9750d14ffdc77ad11d4495c53bf38c8185c769c1409eb0b1c613eac8101d6784c9510790dd1df8fa6f2b4dbdbde3bdcbf6bfc456f68b680f2595853178e89a32e9c56d66fd2210fb0fc0e3cda61e6980e16e47ae8071182af80950c43ba221fe072e6945107a6edcd38bfeb201a657969bf340960a67e30987e56c953a177404fdf67b5d99bbc06d705a0fc9659336b458ea0d575ddfe59706738d1e65c50527200"})
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fchown(r7, 0x0, 0xee01)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c})
removexattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000240)=@known='system.posix_acl_access\x00')

2.189632004s ago: executing program 3 (id=4664):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000000000002)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000300)=@abs={0x0, 0x0, 0xb}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TIOCL_SETVESABLANK(r5, 0x541c, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b7030000000000008500000073000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x101c088, &(0x7f0000000c00)=ANY=[@ANYBLOB="757466383d302c696f636861727365743d69736f383835392d312c666d61736b3d30303030303030303030303030303030303030303036362c756e695f786c6174653d312c756e695f786c6174653d302c726f6469722c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d302c757466383d312c73686f72746e616d653d77696e39352c726f6469722c6e66733d6e6f7374616c655f726f2c726f6469722c757466383d312c73686f72746e616d653d77696e6e742c636865636b3d72656c617865642c00c63b831754d4eeec4cf38c28cf1e3409b9950bbab09abe8d407d1c7c935e034461a37ac3113829124efad15a202673b20ad011cb0f0cedb0cef9f6ec5e2634db26ef8581fd506844d0133ac021c0172b4b36a109949512e8dc6a8c7d603e3ef3cd57451eaee1b0e4804b9ea88fcad7afb59594dcfeaf8d34935fa0e54a36c57d964429e7ec869287810e5d97759017ace0c3f5"], 0x6, 0x2c3, &(0x7f0000000900)="$eJzs3T+LHGUcB/Df7M3OrlrsFlYiOKCFVciltdlDEhCvMmyhFnqYC8jtItzBgX9wTWVrY2HhKxAEX4iN70CwFeyMEHhkZmeyu5dlcxuyJyafT5MnzzzfeX7Ps8PdXHHPffzq9OROGXfvffV79PtZdEYxivtZDKMTrW9ixei7AAD+z+6nFH+luW1yWUT0d1cWALBDl/v+ny+av1xJWQDADt1+/4N3Dw4Pb75Xlv24Nf32fFz9ZF/9O79+cDc+jUkcx/UYxIOI+kWhG/XbQtW8lVKa5WVlGG9MZ+fjKjn96Nfm/gd/RtT5/RjEsO56+LZR5985vLlfzi3lZ1UdLzbzj6r8jRjEyw/DK/kba/IxLuLN15fqvxaD+O2T+CwmcacuYpH/er8s307f//3lh1V5VT6bnY979biFtHfFHw0AAAAAAAAAAAAAAAAAAAAAAM+wa83ZOb2oz++puprzd/YeVP/pRtkarp7PM89n7Y2WzwdKKc1S/Nier3O9LMvUDFzk83glXz5YEAAAAAAAAAAAAAAAAAAAAJ5fZ59/cXI0mRyfPpVGexpAHhH/3I540vuMlnpei82De82cR5NJp2mujsmXe2KvHZNFbCyjWsST7kYeW639hUdqbho//bzt7P3Hj+mun+tpNtqn6+QoW7+HvWh7+s1G/VBELMYUccm5ios9aTC/T9rqIyjWXhpsvfbipbox2zAmsk2FvfXHfOeanuziKop6V9fGu01jKX7h2bjU8xz9efzRrxWZ0zoAAAAAAAAAAAAAAAAAAGCnFr/9u+bivY3RTurtrCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuFKLv/+/RWPWhI9Pz/LHDC7i9Ow/XiIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPgX8DAAD//x0KWZ8=")
statfs(&(0x7f0000000180)='./file1\x00', &(0x7f0000000080)=""/214)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_udp_int(r1, 0x11, 0x0, &(0x7f0000000280)=0x5, 0x4)
listen(r7, 0x3)

2.104355332s ago: executing program 5 (id=4665):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400), 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000100), 0x4502, 0x0)
write$cgroup_int(r2, &(0x7f00000003c0)=0x5, 0x12)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r3}, 0x10)
ustat(0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, 0x0, 0x0)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001e000100fdffff082e947eff00000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\n\x00\r'], 0x28}}, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x3000009, 0x0, 0x1, 0x0, 0x0)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r7, &(0x7f0000000080), 0x10)

1.759941266s ago: executing program 7 (id=4666):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x20000, 0x1)
close(r0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xc1103000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000280), 0x9)
r5 = openat$cgroup_pressure(0xffffffffffffffff, 0x0, 0x2, 0x0)
write$cgroup_pressure(r5, 0x0, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000c40), 0x12)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_clone(0x5000000, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
write$cgroup_pid(0xffffffffffffffff, &(0x7f00000001c0), 0x12)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r6)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)

1.753807757s ago: executing program 1 (id=4667):
bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)

1.505560322s ago: executing program 2 (id=4668):
r0 = userfaultfd(0x80001)
prlimit64(0x0, 0x8, &(0x7f0000000140)={0x44, 0x3}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x8, 0x5, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3000}, [@alu={0x7, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2f22}, @jmp={0x5, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe}]}, &(0x7f0000000000)='syzkaller\x00'}, 0x78)
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x28}}, 0x200440c0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x404c80c}, 0x0)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b7"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = accept(r1, 0x0, &(0x7f00000001c0))
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
ioctl$KDSIGACCEPT(r4, 0x4b4e, 0x7)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newsa={0x19c, 0x10, 0x713, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@remote}, {@in6=@remote, 0x4d3, 0x32}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @algo_auth_trunc={0x64, 0x14, {{'cmac(aes)\x00'}, 0xc0, 0x0, "e80c857b65087dea03da4c290569c738c39dac5defb806ba"}}]}, 0x19c}}, 0x0)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000400), r5)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r4, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, r6, 0x1, 0x70bd29, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x3c, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xe}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x80)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x6c, r6, 0x100, 0x70bd2d, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x2}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xb8}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xd804}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x81}, @MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xa}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}]}, 0x6c}, 0x1, 0x0, 0x0, 0x810}, 0x20008025)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x62dd, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@orlov}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=")
r7 = open(&(0x7f00000000c0)='.\x00', 0xc8000, 0x0)
getdents(r7, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.267447775s ago: executing program 3 (id=4669):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="30000000ffffffff00000000000000000a0020003a2a5e00", @ANYRES32, @ANYBLOB="0c001c8008000000e0000002"], 0x30}], 0x1}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
r3 = ioctl$KVM_GET_STATS_FD_cpu(r0, 0xaece)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r3}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, 0x0, &(0x7f00000002c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r4}, 0x10)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="02"], 0xfe44, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000004080)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000280)={0x8, &(0x7f0000000100)=[{0xe7, 0xea, 0xb, 0x9d}, {0x9, 0x7, 0x8, 0x9}, {0x6, 0x4, 0x0, 0x4}, {0x0, 0x6, 0x7, 0x3}, {0x3, 0x8, 0x27, 0x7}, {0x5, 0xc, 0x6, 0x5d}, {0xc, 0x8, 0x2, 0x3}, {0xd79, 0x5, 0x6, 0x5}]})
mount$overlay(0x0, 0x0, 0x0, 0x10000, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2210886, &(0x7f00000001c0)={[{}, {@dioread_nolock}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
stat(0x0, &(0x7f00000008c0))
socket$can_bcm(0x1d, 0x2, 0x2)
io_submit(0x0, 0x0, 0x0)
personality(0x6)
removexattr(&(0x7f0000000600)='./file0\x00', 0x0)

753.670956ms ago: executing program 5 (id=4670):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="200000001e00431b000000000000000007000000", @ANYRES32=0x0, @ANYBLOB="bcdbdaef33d2462b95006436ea2f1818abef7b712adaa94fab188380426ac5c0a8d07465dfad4c20"], 0x20}}, 0x0)
close(0xffffffffffffffff)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = socket(0x10, 0x3, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000011c0)=@newtaction={0x64, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x50, 0x1, [@m_bpf={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1}}, @TCA_ACT_BPF_FD={0x8, 0x5, r7}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x40954}, 0x20040814)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
sendmmsg(r6, &(0x7f0000000000), 0x400000000000235, 0x0)
r8 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000340)={0xb0, 0x0, &(0x7f00000004c0)=[@exit_looper, @reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000140)={@fd={0x66642a85, 0x0, r8}, @flat=@weak_handle={0x77682a85, 0xb, 0x1}, @fd}, &(0x7f00000001c0)={0x0, 0x18, 0x30}}}, @acquire_done={0x40106309, 0x3}, @reply_sg={0x40486312, {0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x58, 0x18, &(0x7f00000002c0)={@fd, @flat=@binder={0x73622a85, 0x100b, 0x2}, @ptr={0x70742a85, 0x1, &(0x7f0000000200)=""/60, 0x3c, 0x1, 0x33}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}, 0x40}, @release={0x40046306, 0x1}], 0xe1, 0x0, &(0x7f0000000680)="d1d52f79c25a0e08afe998a8190506dcd934b9b751ac0fa77a3de094511e140b5a9deacaa68002644b7d3d09bd3c520d52b84e224899024ddb0202e957e5aca89dedc6ad33aa6bd6c0359f912809440d9af007572fa2397220ebcb1de56a68b8e4ef54d1075a7785e053794ae2f97e8d8380bb516b321dff8fe35e3e1651ecf4a050ad7129731f1857107e0770fc28c7576ad57a792a147307f6db57dc1f11d187b2af21d2c2deb9a34c2e6f699ecf0a37d19f3d897c30136d9339686fe402a16b6da025424aaa25e4f6f5b0f1d81287f58560f13cb5054564581822e28b1d332b"})
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r8, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/net\x00')

445.312886ms ago: executing program 1 (id=4671):
syz_mount_image$fuse(0x0, &(0x7f0000002440)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r1)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_INIT(r3, &(0x7f00000003c0)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x4, 0x800000, 0x4, 0x400, 0x5, 0x1, 0x0, 0x0, 0x1, 0x74}}, 0x50)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
open$dir(&(0x7f0000000140)='./file0\x00', 0x500, 0x40)

277.451473ms ago: executing program 7 (id=4672):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000480), r4)
socket$igmp(0x2, 0x3, 0x2)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$igmp(0x2, 0x3, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0)
syz_open_procfs$pagemap(r3, &(0x7f0000000440))
recvmmsg(r5, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000004c0)='./file1\x00', 0x3000046, &(0x7f0000000140)={[{@dioread_nolock}, {@data_err_abort}, {@jqfmt_vfsold}, {@delalloc}, {@data_err_ignore}, {@usrjquota}, {@data_err_ignore}, {@debug}, {@noblock_validity}, {@user_xattr}, {@block_validity}, {@errors_remount}]}, 0x1, 0x567, &(0x7f0000000700)="$eJzs3c1rHOUfAPDvbDZ9//2aQikqIoEerNRumsSXCh7qUbRY0IO3uiTTULLpluymNLFge7AXL1IFEQviXe8ei/+Af0VBC0VK0IOXyGxm07TZzW7SzUu7nw9MeJ6d2Tzz3Znvs8/sM8sG0LeGsz+FiBcj4usk4nBEJPm6YuQrh5e3W3x4fSJbklha+vivpLFdVm/+r+bzDuaVFyLity8jThbWtlubX5guVyrpbF4fqc9cGanNL5y6NFOeSqfSy2Pj42feHB975+23ehbra+f/+f6ju++f+er44ne/3D9yO4mzcShftzqOp3BjdWU4hvPXZDDOPrHhaA8a202Snd4BNmUgz/PByPqAwzGQZz3w/PsiIpaAPpXIf+hTzXFA89q+R9fBz4wH7y1fAK2Nv7j82Ujsa1wbHVhMHrsyyq53h3rQftbGr3/euZ0t0bvPIQA6unEzIk4Xi2v7vyTv/zbvdBfbPNmG/g+2z91s/PN6q/FPYWX8Ey3GPwdb5O5mdM7/wv0eNNNWNv57t+X4d2XSamggr/2vMeYbTC5eqqRZ3/b/iDgRg3uz+nrzOWcW7y21W7d6/JctWfvNsWC+H/eLex9/zmS5Xn6amFd7cDPipZbj32Tl+Cctjn/2epzvso1j6Z1X2q3rHP/WWvop4tWWx//RjFay/vzkSON8GGmeFWv9fevY7+3a32D8bc+jzcqO/4H14x9KVs/X1jbexo/7/k3brXss/uj+/N+TfNIo78kfu1au12dHI/YkH659fOzRc5v15vZZ/CeOr9//tTr/90fEZ13Gf+vozy93Ff8OnP9Z/JMbOv4bL9z74PMf2rXfXf/3RqN0In+km/6v2x18mtcOAAAAAAAAdptCRByKpFBaKRcKpdLy/R1H40ChUq3VT16szl2ejMZ3ZYdisNCc6T686n6I0fx+2GZ97In6eEQciYhvB/Y36qWJamVyp4MHAAAAAAAAAAAAAAAAAACAXeJgm+//Z/4Y2Om9A7acn/yG/tUx/3vxS0/AruT9H/qX/If+Jf+hf8l/6F/yH/qX/If+1SH/v/l0u3YE2Hbe/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly1Liw+vT2T1yavzc9PVq6cm09p0aWZuojRRnb1SmqpWpyppaaI60+n/VarVK6NjMXdtpJ7W6iO1+YULM9W5y/ULl2bKU+mFdHBbogIAAAAAAAAAAAAAAAAAAIBnS21+YbpcqaSzCs9nobjVTRR3S6QKPS3sdM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8FwAA//9SSDk+")
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)

31.478697ms ago: executing program 2 (id=4673):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b000000080000000100010009"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
socket$igmp(0x2, 0x3, 0x2)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$igmp(0x2, 0x3, 0x2)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='net/raw\x00')
preadv(r5, &(0x7f00000011c0)=[{&(0x7f00000012c0)=""/214, 0xd6}], 0x1, 0x3b, 0xfffefff6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000004c0)='./file1\x00', 0x3000046, &(0x7f0000000140)={[{@dioread_nolock}, {@data_err_abort}, {@jqfmt_vfsold}, {@delalloc}, {@data_err_ignore}, {@usrjquota}, {@data_err_ignore}, {@debug}, {@noblock_validity}, {@user_xattr}, {@block_validity}, {@errors_remount}]}, 0x1, 0x567, &(0x7f0000000700)="$eJzs3c1rHOUfAPDvbDZ9//2aQikqIoEerNRumsSXCh7qUbRY0IO3uiTTULLpluymNLFge7AXL1IFEQviXe8ei/+Af0VBC0VK0IOXyGxm07TZzW7SzUu7nw9MeJ6d2Tzz3Znvs8/sM8sG0LeGsz+FiBcj4usk4nBEJPm6YuQrh5e3W3x4fSJbklha+vivpLFdVm/+r+bzDuaVFyLity8jThbWtlubX5guVyrpbF4fqc9cGanNL5y6NFOeSqfSy2Pj42feHB975+23ehbra+f/+f6ju++f+er44ne/3D9yO4mzcShftzqOp3BjdWU4hvPXZDDOPrHhaA8a202Snd4BNmUgz/PByPqAwzGQZz3w/PsiIpaAPpXIf+hTzXFA89q+R9fBz4wH7y1fAK2Nv7j82Ujsa1wbHVhMHrsyyq53h3rQftbGr3/euZ0t0bvPIQA6unEzIk4Xi2v7vyTv/zbvdBfbPNmG/g+2z91s/PN6q/FPYWX8Ey3GPwdb5O5mdM7/wv0eNNNWNv57t+X4d2XSamggr/2vMeYbTC5eqqRZ3/b/iDgRg3uz+nrzOWcW7y21W7d6/JctWfvNsWC+H/eLex9/zmS5Xn6amFd7cDPipZbj32Tl+Cctjn/2epzvso1j6Z1X2q3rHP/WWvop4tWWx//RjFay/vzkSON8GGmeFWv9fevY7+3a32D8bc+jzcqO/4H14x9KVs/X1jbexo/7/k3brXss/uj+/N+TfNIo78kfu1au12dHI/YkH659fOzRc5v15vZZ/CeOr9//tTr/90fEZ13Gf+vozy93Ff8OnP9Z/JMbOv4bL9z74PMf2rXfXf/3RqN0In+km/6v2x18mtcOAAAAAAAAdptCRByKpFBaKRcKpdLy/R1H40ChUq3VT16szl2ejMZ3ZYdisNCc6T686n6I0fx+2GZ97In6eEQciYhvB/Y36qWJamVyp4MHAAAAAAAAAAAAAAAAAACAXeJgm+//Z/4Y2Om9A7acn/yG/tUx/3vxS0/AruT9H/qX/If+Jf+hf8l/6F/yH/qX/If+1SH/v/l0u3YE2Hbe/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly1Liw+vT2T1yavzc9PVq6cm09p0aWZuojRRnb1SmqpWpyppaaI60+n/VarVK6NjMXdtpJ7W6iO1+YULM9W5y/ULl2bKU+mFdHBbogIAAAAAAAAAAAAAAAAAAIBnS21+YbpcqaSzCs9nobjVTRR3S6QKPS3sdM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8FwAA//9SSDk+")
r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_MSRS_cpu(r8, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0x40000097, 0x0, 0x1}]})

0s ago: executing program 1 (id=4674):
bpf$ITER_CREATE(0xb, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="200000001e00431b00000000000000", @ANYRES32=0x0, @ANYBLOB="bcdbdaef33d2462b95006436ea2f1818abef7b712adaa94fab188380426a"], 0x20}}, 0x0)

kernel console output (not intermixed with test programs):

f ff ff 89 d1 <f3> a4 31 c0 0f 01 ca c3 90 90 90 90 90 90 90 90 90 90 89 d1 83 f8
[  994.218009][   T30] audit: type=1326 audit(1761214215.939:3482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16810 comm="syz.5.4381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[  994.228082][T16861] RSP: 0018:ffffc90000a37540 EFLAGS: 00050206
[  994.228102][T16861] RAX: ffffffff81ad5514 RBX: ffff888135590060 RCX: 0000000000000200
[  994.228113][T16861] RDX: 0000000000000200 RSI: ffffc90000a378c0 RDI: 0000200000ff3e00
[  994.228124][T16861] RBP: ffffc90000a375a0 R08: ffff88811f674f00 R09: 0000000000000002
[  994.281454][T16861] R10: 0000000000000001 R11: 0000000000000000 R12: 1ffff11026ab200c
[  994.289426][T16861] R13: 0000200000ff3e00 R14: ffff888135590010 R15: 0000000000000200
[  994.297404][T16861]  ? __check_object_size+0x84/0x3c0
[  994.302622][T16861]  ? __kvm_write_guest_page+0x19a/0x3b0
[  994.308182][T16861]  kvm_vcpu_write_guest+0xa8/0x1b0
[  994.310051][   T30] audit: type=1326 audit(1761214215.939:3483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16810 comm="syz.5.4381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[  994.313303][T16861]  vcpu_enter_guest+0x3759/0x67a0
[  994.313328][T16861]  ? local_bh_enable+0x30/0x30
[  994.346481][T16861]  ? avc_has_perm+0x158/0x240
[  994.351163][T16861]  ? 0xffffffffa0028000
[  994.355311][T16861]  ? unwind_get_return_address+0x4d/0x90
[  994.360939][T16861]  ? rcu_segcblist_merge+0x9a0/0x9c0
[  994.366233][T16861]  ? __local_bh_enable_ip+0x58/0x80
[  994.367111][   T30] audit: type=1326 audit(1761214215.939:3484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16810 comm="syz.5.4381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[  994.371424][T16861]  ? local_bh_enable+0x1f/0x30
[  994.371442][T16861]  ? kvm_load_guest_fpu+0x12a/0x240
[  994.371459][T16861]  kvm_arch_vcpu_ioctl_run+0xfab/0x2010
[  994.371480][T16861]  kvm_vcpu_ioctl+0x882/0xb80
[  994.416284][T16861]  ? kvm_clear_stat_per_vcpu+0x200/0x200
[  994.421921][T16861]  ? selinux_file_ioctl+0x377/0x480
[  994.427118][T16861]  ? selinux_file_alloc_security+0x120/0x120
[  994.433097][T16861]  ? mutex_unlock+0x89/0x220
[  994.437692][T16861]  ? __mutex_lock_slowpath+0x10/0x10
[  994.442972][T16861]  ? __fget_files+0x2c4/0x320
[  994.447651][T16861]  ? security_file_ioctl+0x84/0xa0
[  994.452765][T16861]  ? kvm_clear_stat_per_vcpu+0x200/0x200
[  994.458392][T16861]  __se_sys_ioctl+0x121/0x1a0
[  994.463074][T16861]  __x64_sys_ioctl+0x7b/0x90
[  994.467665][T16861]  x64_sys_call+0x2f/0x9a0
[  994.472074][T16861]  do_syscall_64+0x4c/0xa0
[  994.476486][T16861]  ? clear_bhb_loop+0x50/0xa0
[  994.481153][T16861]  ? clear_bhb_loop+0x50/0xa0
[  994.485815][T16861]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  994.491692][T16861] RIP: 0033:0x7f912c5eefc9
[  994.496098][T16861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  994.515681][T16861] RSP: 002b:00007f912b057038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  994.524073][T16861] RAX: ffffffffffffffda RBX: 00007f912c845fa0 RCX: 00007f912c5eefc9
[  994.532024][T16861] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  994.539974][T16861] RBP: 00007f912b057090 R08: 0000000000000000 R09: 0000000000000000
[  994.547927][T16861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  994.555882][T16861] R13: 00007f912c846038 R14: 00007f912c845fa0 R15: 00007fff4ccdbda8
[  994.563841][T16861]  </TASK>
[  994.864586][T16877] loop2: detected capacity change from 0 to 1024
[  995.071299][T16877] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  995.172476][T16882] loop1: detected capacity change from 0 to 256
[  995.207762][T16877] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[  995.216348][T16877] System zones: 1-12
[  995.223367][T16877] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[  995.659678][T15289] handle_bad_sector: 37692 callbacks suppressed
[  995.659700][T15289] attempt to access beyond end of device
[  995.659700][T15289] loop6: rw=0, want=128632, limit=40427
[  995.703567][T15289] attempt to access beyond end of device
[  995.703567][T15289] loop6: rw=0, want=128640, limit=40427
[  995.714926][T15289] attempt to access beyond end of device
[  995.714926][T15289] loop6: rw=0, want=128656, limit=40427
[  995.728594][T16885] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=16885 comm=syz.7.4398
[  995.733455][T15289] attempt to access beyond end of device
[  995.733455][T15289] loop6: rw=0, want=128664, limit=40427
[  995.754003][T15289] attempt to access beyond end of device
[  995.754003][T15289] loop6: rw=0, want=128672, limit=40427
[  995.765546][T15289] attempt to access beyond end of device
[  995.765546][T15289] loop6: rw=0, want=128680, limit=40427
[  995.802679][T16889] loop5: detected capacity change from 0 to 512
[  995.804925][T16890] loop7: detected capacity change from 0 to 512
[  995.815657][T15289] attempt to access beyond end of device
[  995.815657][T15289] loop6: rw=0, want=128704, limit=40427
[  995.846143][T15289] attempt to access beyond end of device
[  995.846143][T15289] loop6: rw=0, want=128712, limit=40427
[  995.885754][T16889] EXT4-fs (loop5): Ignoring removed orlov option
[  995.898158][T15289] attempt to access beyond end of device
[  995.898158][T15289] loop6: rw=0, want=128720, limit=40427
[  995.914367][T16889] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  995.934070][T15289] attempt to access beyond end of device
[  995.934070][T15289] loop6: rw=0, want=128728, limit=40427
[  995.970817][T16890] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  996.056417][T16889] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  996.076622][T16889] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2228: inode #15: comm syz.5.4392: corrupted in-inode xattr
[  996.337936][T16890] EXT4-fs (loop7): mounted filesystem without journal. Opts: bsddf,dioread_nolock,quota,,errors=continue. Quota mode: writeback.
[  996.358679][T16889] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.4392: couldn't read orphan inode 15 (err -117)
[  996.380262][T16889] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[  996.402303][T16890] ext4 filesystem being mounted at /65/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  996.577986][T16905] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=16905 comm=syz.7.4402
[  996.730282][T16905] loop7: detected capacity change from 0 to 512
[  996.824016][T16911] loop1: detected capacity change from 0 to 1024
[  996.922902][T16911] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  997.008116][T16905] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  997.064250][T16911] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[  997.072735][T16911] System zones: 1-12
[  997.078922][T16911] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[  997.344633][T16905] EXT4-fs (loop7): mounted filesystem without journal. Opts: bsddf,dioread_nolock,quota,,errors=continue. Quota mode: writeback.
[  997.403997][T16905] ext4 filesystem being mounted at /66/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  997.563142][T16899] loop3: detected capacity change from 0 to 40427
[  997.717223][T16899] F2FS-fs (loop3): Found nat_bits in checkpoint
[  997.759360][T16925] loop1: detected capacity change from 0 to 256
[  997.777409][T16927] loop7: detected capacity change from 0 to 256
[  997.845832][T16908] loop5: detected capacity change from 0 to 40427
[  997.868833][T16908] F2FS-fs (loop5): invalid crc value
[  997.889481][T16899] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  998.120879][T16908] F2FS-fs (loop5): Found nat_bits in checkpoint
[  998.216494][T16908] F2FS-fs (loop5): Cannot turn on quotas: -2 on 1
[  998.316388][T16908] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  999.183576][T16951] loop5: detected capacity change from 0 to 1024
[  999.212999][T16951] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  999.433887][T16951] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[  999.442459][T16951] System zones: 1-12
[  999.494919][T16951] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[  999.640938][T16954] loop7: detected capacity change from 0 to 512
[  999.742268][T16954] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  999.770292][T16954] EXT4-fs (loop7): invalid journal inode
[  999.796300][T16954] EXT4-fs (loop7): can't get journal size
[  999.848231][T16954] EXT4-fs (loop7): 1 truncate cleaned up
[  999.864137][T16954] EXT4-fs (loop7): mounted filesystem without journal. Opts: norecovery,max_batch_time=0x0000000000000003,,errors=continue. Quota mode: none.
[  999.884870][T16966] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=16966 comm=syz.1.4413
[  999.899551][   T30] kauditd_printk_skb: 180 callbacks suppressed
[  999.899567][   T30] audit: type=1326 audit(1761214222.079:3665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16964 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[  999.955123][   T30] audit: type=1326 audit(1761214222.079:3666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16964 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[  999.978930][   T30] audit: type=1326 audit(1761214222.079:3667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16964 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1000.033807][T16966] loop1: detected capacity change from 0 to 512
[ 1000.110991][T16966] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1000.145664][   T30] audit: type=1326 audit(1761214222.079:3668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16964 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1000.250307][T16974] loop5: detected capacity change from 0 to 512
[ 1000.350875][T16974] EXT4-fs (loop5): Unrecognized mount option "euid=00000000000000000000" or missing value
[ 1000.429333][   T30] audit: type=1326 audit(1761214222.079:3669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16964 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1000.443027][T16966] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsddf,dioread_nolock,quota,,errors=continue. Quota mode: writeback.
[ 1000.466744][T16966] ext4 filesystem being mounted at /307/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1000.486438][   T30] audit: type=1326 audit(1761214222.079:3670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16964 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1000.531562][   T30] audit: type=1326 audit(1761214222.099:3671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16964 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1000.562433][   T30] audit: type=1326 audit(1761214222.099:3672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16964 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1000.590416][   T30] audit: type=1326 audit(1761214222.099:3673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16964 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1000.632812][   T30] audit: type=1326 audit(1761214222.099:3674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16964 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1000.693153][T16980] loop2: detected capacity change from 0 to 1024
[ 1000.707098][T15289] handle_bad_sector: 24024 callbacks suppressed
[ 1000.707143][T15289] attempt to access beyond end of device
[ 1000.707143][T15289] loop6: rw=524288, want=129872, limit=40427
[ 1000.727769][T15289] attempt to access beyond end of device
[ 1000.727769][T15289] loop6: rw=524288, want=129880, limit=40427
[ 1000.743323][T16980] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1000.797414][T15289] attempt to access beyond end of device
[ 1000.797414][T15289] loop6: rw=524288, want=129912, limit=40427
[ 1000.811763][T16980] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1000.820187][T16980] System zones: 1-12
[ 1000.826545][T16980] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1001.093314][T15289] attempt to access beyond end of device
[ 1001.093314][T15289] loop6: rw=524288, want=129952, limit=40427
[ 1001.717684][T15289] attempt to access beyond end of device
[ 1001.717684][T15289] loop6: rw=524288, want=129960, limit=40427
[ 1001.729388][T15289] attempt to access beyond end of device
[ 1001.729388][T15289] loop6: rw=524288, want=130000, limit=40427
[ 1001.743230][T15289] attempt to access beyond end of device
[ 1001.743230][T15289] loop6: rw=524288, want=130008, limit=40427
[ 1001.793922][T15289] attempt to access beyond end of device
[ 1001.793922][T15289] loop6: rw=524288, want=130016, limit=40427
[ 1001.805623][T15289] attempt to access beyond end of device
[ 1001.805623][T15289] loop6: rw=524288, want=130024, limit=40427
[ 1001.817382][T15289] attempt to access beyond end of device
[ 1001.817382][T15289] loop6: rw=524288, want=130064, limit=40427
[ 1001.927211][T16993] loop2: detected capacity change from 0 to 1024
[ 1001.936340][T16995] netlink: 'syz.7.4418': attribute type 27 has an invalid length.
[ 1002.636323][T16997] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=16997 comm=syz.3.4417
[ 1002.660298][T16993] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1002.777347][T16997] loop3: detected capacity change from 0 to 512
[ 1002.823742][T16997] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1002.942173][T16997] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsddf,dioread_nolock,quota,,errors=continue. Quota mode: writeback.
[ 1003.017394][T16997] ext4 filesystem being mounted at /259/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1003.064983][T17021] loop5: detected capacity change from 0 to 1024
[ 1003.452978][T17021] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1003.516648][T17015] loop2: detected capacity change from 0 to 512
[ 1003.566740][T17021] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1003.575142][T17021] System zones: 1-12
[ 1003.581872][T17021] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1003.818869][T17015] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[ 1004.020059][T17015] EXT4-fs (loop2): invalid journal inode
[ 1004.025747][T17015] EXT4-fs (loop2): can't get journal size
[ 1004.044654][T17015] EXT4-fs (loop2): 1 truncate cleaned up
[ 1004.057587][T17015] EXT4-fs (loop2): mounted filesystem without journal. Opts: norecovery,max_batch_time=0x0000000000000003,,errors=continue. Quota mode: none.
[ 1004.165623][T17040] fuse: Unknown parameter 'Iroup_id'
[ 1004.172242][T17040] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[ 1004.714111][T17047] loop1: detected capacity change from 0 to 512
[ 1004.805473][T17047] EXT4-fs (loop1): Ignoring removed orlov option
[ 1004.811995][ T5498] usb 6-1: new full-speed USB device number 28 using dummy_hcd
[ 1004.820810][T17047] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[ 1005.160094][T17047] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1005.173292][T17047] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2228: inode #15: comm syz.1.4433: corrupted in-inode xattr
[ 1005.200422][T17047] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.4433: couldn't read orphan inode 15 (err -117)
[ 1005.222718][T17047] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1005.247262][T17042] loop3: detected capacity change from 0 to 40427
[ 1005.420792][T17042] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1005.535513][T17064] netlink: 'syz.1.4437': attribute type 27 has an invalid length.
[ 1005.730067][ T5498] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1005.736132][T15289] handle_bad_sector: 22533 callbacks suppressed
[ 1005.736152][T15289] attempt to access beyond end of device
[ 1005.736152][T15289] loop6: rw=524288, want=126984, limit=40427
[ 1005.743533][ T5498] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1005.773076][T17042] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1005.782663][T15289] attempt to access beyond end of device
[ 1005.782663][T15289] loop6: rw=524288, want=126992, limit=40427
[ 1005.810938][T17067] loop7: detected capacity change from 0 to 512
[ 1005.830191][T15289] attempt to access beyond end of device
[ 1005.830191][T15289] loop6: rw=524288, want=127000, limit=40427
[ 1005.854188][T15289] attempt to access beyond end of device
[ 1005.854188][T15289] loop6: rw=524288, want=127016, limit=40427
[ 1005.864202][ T5498] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1005.876742][T17057] loop2: detected capacity change from 0 to 40427
[ 1005.883324][T17067] EXT4-fs (loop7): Ignoring removed orlov option
[ 1005.883342][T15289] attempt to access beyond end of device
[ 1005.883342][T15289] loop6: rw=524288, want=127024, limit=40427
[ 1005.896205][T17067] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[ 1005.904198][T15289] attempt to access beyond end of device
[ 1005.904198][T15289] loop6: rw=524288, want=127032, limit=40427
[ 1005.918123][ T5498] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1005.921129][T15289] attempt to access beyond end of device
[ 1005.921129][T15289] loop6: rw=524288, want=127072, limit=40427
[ 1005.942592][T15289] attempt to access beyond end of device
[ 1005.942592][T15289] loop6: rw=524288, want=127080, limit=40427
[ 1005.954964][T17067] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1005.960858][ T5498] usb 6-1: config 1 interface 0 has no altsetting 0
[ 1005.963600][T17057] F2FS-fs (loop2): Invalid SB checksum offset: 0
[ 1005.976167][T17057] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[ 1005.987513][T17067] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2228: inode #15: comm syz.7.4438: corrupted in-inode xattr
[ 1006.000907][T17067] EXT4-fs error (device loop7): ext4_orphan_get:1406: comm syz.7.4438: couldn't read orphan inode 15 (err -117)
[ 1006.010161][T15289] attempt to access beyond end of device
[ 1006.010161][T15289] loop6: rw=524288, want=127096, limit=40427
[ 1006.024968][T15289] attempt to access beyond end of device
[ 1006.024968][T15289] loop6: rw=524288, want=127104, limit=40427
[ 1006.025070][T17067] EXT4-fs (loop7): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1006.058920][T17057] F2FS-fs (loop2): invalid crc value
[ 1006.060106][ T5498] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1006.085595][T17057] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[ 1006.105824][ T5498] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1006.130040][ T5498] usb 6-1: SerialNumber: syz
[ 1006.157256][T17057] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[ 1006.166406][T17057] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1006.180579][ T5498] cdc_acm 6-1:1.0: Control and data interfaces are not separated!
[ 1006.242966][   T30] kauditd_printk_skb: 103 callbacks suppressed
[ 1006.242979][   T30] audit: type=1326 audit(1761214228.439:3778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17074 comm="syz.7.4439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1006.319484][   T30] audit: type=1326 audit(1761214228.469:3779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17074 comm="syz.7.4439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1006.380812][T17081] loop7: detected capacity change from 0 to 1024
[ 1006.482607][T17083] loop1: detected capacity change from 0 to 1024
[ 1006.547465][T17083] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1006.761387][T17083] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1006.769800][T17083] System zones: 1-12
[ 1006.776218][T17083] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1006.954126][T17081] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1007.008751][   T30] audit: type=1326 audit(1761214228.469:3780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17074 comm="syz.7.4439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1007.260236][T17040] 9pnet: Insufficient options for proto=fd
[ 1007.269690][T11433] usb 6-1: USB disconnect, device number 28
[ 1007.404229][   T30] audit: type=1326 audit(1761214229.599:3781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17088 comm="syz.7.4442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1007.429341][T17089] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=17089 comm=syz.7.4442
[ 1007.448927][   T30] audit: type=1326 audit(1761214229.599:3782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17088 comm="syz.7.4442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1007.501027][T17089] loop7: detected capacity change from 0 to 512
[ 1007.527548][   T30] audit: type=1326 audit(1761214229.619:3783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17088 comm="syz.7.4442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1007.570550][   T30] audit: type=1326 audit(1761214229.619:3784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17088 comm="syz.7.4442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1007.572665][T17089] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1007.620346][   T30] audit: type=1326 audit(1761214229.619:3785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17088 comm="syz.7.4442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1007.685518][T17089] EXT4-fs (loop7): mounted filesystem without journal. Opts: bsddf,dioread_nolock,quota,,errors=continue. Quota mode: writeback.
[ 1007.698600][   T30] audit: type=1326 audit(1761214229.619:3786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17088 comm="syz.7.4442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1007.699188][T17089] ext4 filesystem being mounted at /77/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1007.771322][   T30] audit: type=1326 audit(1761214229.619:3787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17088 comm="syz.7.4442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1009.261460][T17121] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4449'.
[ 1009.264837][T17120] loop2: detected capacity change from 0 to 1024
[ 1009.293408][T17120] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1009.335401][T17120] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1009.343804][T17120] System zones: 1-12
[ 1009.349911][T17120] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1010.192791][T17128] loop5: detected capacity change from 0 to 1024
[ 1010.246911][T17128] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1010.419565][T17128] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1010.428014][T17128] System zones: 1-12
[ 1010.434562][T17128] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1010.953923][T15289] handle_bad_sector: 20408 callbacks suppressed
[ 1010.953944][T15289] attempt to access beyond end of device
[ 1010.953944][T15289] loop6: rw=524288, want=128344, limit=40427
[ 1011.034740][T15289] attempt to access beyond end of device
[ 1011.034740][T15289] loop6: rw=524288, want=128352, limit=40427
[ 1011.048494][T17137] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4448'.
[ 1011.057560][T15289] attempt to access beyond end of device
[ 1011.057560][T15289] loop6: rw=524288, want=128384, limit=40427
[ 1011.072815][T17133] loop7: detected capacity change from 0 to 1024
[ 1011.084682][T15289] attempt to access beyond end of device
[ 1011.084682][T15289] loop6: rw=524288, want=128424, limit=40427
[ 1011.109823][T15289] attempt to access beyond end of device
[ 1011.109823][T15289] loop6: rw=524288, want=128432, limit=40427
[ 1011.132692][T15289] attempt to access beyond end of device
[ 1011.132692][T15289] loop6: rw=524288, want=128472, limit=40427
[ 1011.145159][T15289] attempt to access beyond end of device
[ 1011.145159][T15289] loop6: rw=524288, want=128504, limit=40427
[ 1011.156998][T15289] attempt to access beyond end of device
[ 1011.156998][T15289] loop6: rw=524288, want=128512, limit=40427
[ 1011.176182][T15289] attempt to access beyond end of device
[ 1011.176182][T15289] loop6: rw=524288, want=128520, limit=40427
[ 1011.195126][T17141] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=17141 comm=syz.5.4456
[ 1011.220997][T17133] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1011.230158][T15289] attempt to access beyond end of device
[ 1011.230158][T15289] loop6: rw=524288, want=128528, limit=40427
[ 1011.263084][   T30] kauditd_printk_skb: 64 callbacks suppressed
[ 1011.263097][   T30] audit: type=1326 audit(1761214233.459:3852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17140 comm="syz.5.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1011.314786][T17141] loop5: detected capacity change from 0 to 512
[ 1011.398884][   T30] audit: type=1326 audit(1761214233.459:3853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17140 comm="syz.5.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1011.422963][T17141] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1011.448138][   T30] audit: type=1326 audit(1761214233.489:3854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17140 comm="syz.5.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1011.492581][T17141] EXT4-fs (loop5): mounted filesystem without journal. Opts: bsddf,dioread_nolock,quota,,errors=continue. Quota mode: writeback.
[ 1011.513437][   T30] audit: type=1326 audit(1761214233.489:3855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17140 comm="syz.5.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1011.514267][T17141] ext4 filesystem being mounted at /93/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1011.570126][   T30] audit: type=1326 audit(1761214233.489:3856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17140 comm="syz.5.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1011.602219][   T30] audit: type=1326 audit(1761214233.489:3857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17140 comm="syz.5.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1011.626858][   T30] audit: type=1326 audit(1761214233.489:3858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17140 comm="syz.5.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1011.651083][   T30] audit: type=1326 audit(1761214233.489:3859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17140 comm="syz.5.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1011.687188][   T30] audit: type=1326 audit(1761214233.489:3860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17140 comm="syz.5.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1011.764529][   T30] audit: type=1326 audit(1761214233.489:3861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17140 comm="syz.5.4456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1012.098803][T17170] loop1: detected capacity change from 0 to 256
[ 1012.119602][T17166] loop5: detected capacity change from 0 to 512
[ 1012.200143][T17166] EXT4-fs (loop5): Ignoring removed orlov option
[ 1012.206638][T17166] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[ 1012.216381][T17166] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1012.225617][T17166] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2228: inode #15: comm syz.5.4463: corrupted in-inode xattr
[ 1012.237919][T17166] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.4463: couldn't read orphan inode 15 (err -117)
[ 1012.250987][T17166] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1012.401383][T17175] loop3: detected capacity change from 0 to 1024
[ 1012.476107][T17175] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1013.059830][T17175] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1013.068262][T17175] System zones: 1-12
[ 1013.074785][T17175] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1013.444566][T17188] loop7: detected capacity change from 0 to 256
[ 1013.582544][T17193] loop3: detected capacity change from 0 to 256
[ 1013.861994][T17196] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4468'.
[ 1014.618029][T17211] loop1: detected capacity change from 0 to 256
[ 1014.661265][T17209] loop3: detected capacity change from 0 to 512
[ 1014.710129][T17209] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[ 1014.758988][T17209] EXT4-fs (loop3): invalid journal inode
[ 1016.075532][T17209] EXT4-fs (loop3): can't get journal size
[ 1016.284440][T17220] loop5: detected capacity change from 0 to 512
[ 1016.287488][T15289] handle_bad_sector: 16235 callbacks suppressed
[ 1016.287505][T15289] attempt to access beyond end of device
[ 1016.287505][T15289] loop6: rw=524288, want=127232, limit=40427
[ 1016.308795][T15289] attempt to access beyond end of device
[ 1016.308795][T15289] loop6: rw=524288, want=127264, limit=40427
[ 1016.321535][T15289] attempt to access beyond end of device
[ 1016.321535][T15289] loop6: rw=524288, want=127272, limit=40427
[ 1016.334750][T17220] EXT4-fs (loop5): Ignoring removed orlov option
[ 1016.341219][T17220] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[ 1016.353116][T17209] EXT4-fs (loop3): 1 truncate cleaned up
[ 1016.358785][T17209] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,max_batch_time=0x0000000000000003,,errors=continue. Quota mode: none.
[ 1016.373474][T15289] attempt to access beyond end of device
[ 1016.373474][T15289] loop6: rw=524288, want=127280, limit=40427
[ 1016.385190][T15289] attempt to access beyond end of device
[ 1016.385190][T15289] loop6: rw=524288, want=127304, limit=40427
[ 1016.396786][T15289] attempt to access beyond end of device
[ 1016.396786][T15289] loop6: rw=524288, want=127312, limit=40427
[ 1016.407629][T17220] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1016.409265][T15289] attempt to access beyond end of device
[ 1016.409265][T15289] loop6: rw=524288, want=127320, limit=40427
[ 1016.419191][T17231] loop2: detected capacity change from 0 to 512
[ 1016.428415][T15289] attempt to access beyond end of device
[ 1016.428415][T15289] loop6: rw=524288, want=127352, limit=40427
[ 1016.466113][T17220] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2228: inode #15: comm syz.5.4477: corrupted in-inode xattr
[ 1016.489647][T15289] attempt to access beyond end of device
[ 1016.489647][T15289] loop6: rw=524288, want=127360, limit=40427
[ 1016.501516][T15289] attempt to access beyond end of device
[ 1016.501516][T15289] loop6: rw=524288, want=127368, limit=40427
[ 1016.505946][T17220] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.4477: couldn't read orphan inode 15 (err -117)
[ 1016.536011][T17231] EXT4-fs (loop2): Ignoring removed orlov option
[ 1016.543350][T17231] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[ 1016.584956][T17220] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1016.642616][T17231] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1016.655252][T17231] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2228: inode #15: comm syz.2.4479: corrupted in-inode xattr
[ 1016.741411][T17243] loop3: detected capacity change from 0 to 1024
[ 1016.755187][T17231] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.4479: couldn't read orphan inode 15 (err -117)
[ 1017.504646][T17243] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1017.777952][T17243] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1017.786387][T17243] System zones: 1-12
[ 1017.792954][T17243] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1017.960696][T17231] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1018.004785][T17252] loop1: detected capacity change from 0 to 256
[ 1018.747382][T17259] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4068521576 (4068521576 ns) > initial count (2794446801 ns). Using initial count to start timer.
[ 1018.766966][T17259] overlayfs: unrecognized mount option "(ÊRRûÍVÍŸ3ãd¢Q¯q" or missing value
[ 1018.996026][T17274] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4490'.
[ 1019.067353][   T30] kauditd_printk_skb: 49 callbacks suppressed
[ 1019.067367][   T30] audit: type=1326 audit(1761214241.259:3911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17275 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1019.236298][T17279] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=17279 comm=syz.5.4492
[ 1019.355328][   T30] audit: type=1326 audit(1761214241.449:3912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17275 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1019.380101][   T30] audit: type=1326 audit(1761214241.449:3913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17275 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1019.436514][T17276] loop5: detected capacity change from 0 to 512
[ 1019.452819][   T30] audit: type=1326 audit(1761214241.459:3914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17275 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1019.478306][T17276] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1019.491533][   T30] audit: type=1326 audit(1761214241.479:3915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17275 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1019.515799][   T30] audit: type=1326 audit(1761214241.489:3916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17275 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1019.528146][T17272] loop2: detected capacity change from 0 to 40427
[ 1019.539842][   T30] audit: type=1326 audit(1761214241.489:3917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17275 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1019.571236][T17276] EXT4-fs (loop5): mounted filesystem without journal. Opts: bsddf,dioread_nolock,quota,,errors=continue. Quota mode: writeback.
[ 1019.584784][T17276] ext4 filesystem being mounted at /100/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1019.605572][T17272] F2FS-fs (loop2): invalid crc value
[ 1019.609520][   T30] audit: type=1326 audit(1761214241.509:3918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17275 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1019.643551][T17272] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1019.662126][   T30] audit: type=1326 audit(1761214241.509:3919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17275 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1019.722466][T17272] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1
[ 1019.729277][T17272] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1019.763352][   T30] audit: type=1326 audit(1761214241.509:3920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17275 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1019.848850][T17292] loop1: detected capacity change from 0 to 512
[ 1019.864076][T17294] loop3: detected capacity change from 0 to 512
[ 1019.874200][T17292] EXT4-fs (loop1): Ignoring removed orlov option
[ 1019.881419][T17292] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[ 1020.111474][T17295] loop7: detected capacity change from 0 to 256
[ 1020.122481][T17294] EXT4-fs (loop3): Ignoring removed orlov option
[ 1020.129230][T17294] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[ 1020.433006][T17292] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1020.444229][T17292] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2228: inode #15: comm syz.1.4494: corrupted in-inode xattr
[ 1020.450314][T17294] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1020.456658][T17292] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.4494: couldn't read orphan inode 15 (err -117)
[ 1020.489080][T17294] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2228: inode #15: comm syz.3.4496: corrupted in-inode xattr
[ 1020.505607][T17292] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1020.514520][T17294] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.4496: couldn't read orphan inode 15 (err -117)
[ 1020.539704][T17294] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1020.689003][T17306] loop5: detected capacity change from 0 to 256
[ 1020.734770][T17308] 9pnet: Insufficient options for proto=fd
[ 1020.897523][T17314] loop7: detected capacity change from 0 to 1024
[ 1020.934958][T17315] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4503'.
[ 1021.150720][T17314] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1021.539685][T15289] handle_bad_sector: 15698 callbacks suppressed
[ 1021.539827][T15289] attempt to access beyond end of device
[ 1021.539827][T15289] loop6: rw=0, want=128240, limit=40427
[ 1021.725887][T17314] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1021.734381][T17314] System zones: 1-12
[ 1021.768985][T17314] EXT4-fs (loop7): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1022.394648][T17326] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4504'.
[ 1022.421062][T15289] attempt to access beyond end of device
[ 1022.421062][T15289] loop6: rw=0, want=128264, limit=40427
[ 1022.443336][T15289] attempt to access beyond end of device
[ 1022.443336][T15289] loop6: rw=0, want=128272, limit=40427
[ 1022.454629][T15289] attempt to access beyond end of device
[ 1022.454629][T15289] loop6: rw=0, want=128304, limit=40427
[ 1022.466765][T15289] attempt to access beyond end of device
[ 1022.466765][T15289] loop6: rw=0, want=128344, limit=40427
[ 1022.481038][T15289] attempt to access beyond end of device
[ 1022.481038][T15289] loop6: rw=0, want=128352, limit=40427
[ 1022.494164][T15289] attempt to access beyond end of device
[ 1022.494164][T15289] loop6: rw=0, want=128384, limit=40427
[ 1022.507629][T15289] attempt to access beyond end of device
[ 1022.507629][T15289] loop6: rw=0, want=128424, limit=40427
[ 1022.511413][T17331] loop2: detected capacity change from 0 to 512
[ 1022.526103][T15289] attempt to access beyond end of device
[ 1022.526103][T15289] loop6: rw=0, want=128432, limit=40427
[ 1022.617591][T15289] attempt to access beyond end of device
[ 1022.617591][T15289] loop6: rw=0, want=128472, limit=40427
[ 1022.661289][T17331] EXT4-fs (loop2): Ignoring removed orlov option
[ 1022.694944][T17331] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[ 1022.802136][T17337] 9pnet: Could not find request transport: fd0x0000000000000007
[ 1022.869051][T17331] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1022.888573][T17331] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2228: inode #15: comm syz.2.4497: corrupted in-inode xattr
[ 1022.894042][T17337] overlayfs: failed to resolve './file0/file1': -2
[ 1022.910125][T17331] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.4497: couldn't read orphan inode 15 (err -117)
[ 1022.949833][T17331] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1023.291078][T17346] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=17346 comm=syz.2.4509
[ 1023.316110][T17346] loop2: detected capacity change from 0 to 512
[ 1023.339891][T17322] loop3: detected capacity change from 0 to 40427
[ 1023.350813][T17346] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1023.357189][T17322] F2FS-fs (loop3): invalid crc value
[ 1023.389680][T17322] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1023.396332][T17346] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsddf,dioread_nolock,quota,,errors=continue. Quota mode: writeback.
[ 1023.418060][T17346] ext4 filesystem being mounted at /308/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1023.518004][T17322] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1
[ 1023.533427][T17354] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4068521576 (4068521576 ns) > initial count (2794446801 ns). Using initial count to start timer.
[ 1023.554903][T17354] overlayfs: unrecognized mount option "(ÊRRûÍVÍŸ3ãd¢Q¯q" or missing value
[ 1023.564150][T17322] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1023.718456][T17364] loop2: detected capacity change from 0 to 512
[ 1023.745156][T17364] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[ 1023.820847][T17364] EXT4-fs (loop2): invalid journal inode
[ 1023.847024][T17364] EXT4-fs (loop2): can't get journal size
[ 1023.877933][T17364] EXT4-fs (loop2): 1 truncate cleaned up
[ 1023.892872][T17364] EXT4-fs (loop2): mounted filesystem without journal. Opts: norecovery,max_batch_time=0x0000000000000003,,errors=continue. Quota mode: none.
[ 1023.902747][T17369] loop5: detected capacity change from 0 to 512
[ 1023.986115][T17369] EXT4-fs (loop5): Ignoring removed orlov option
[ 1024.004090][T17360] loop1: detected capacity change from 0 to 40427
[ 1024.016519][T17369] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[ 1024.031690][T17360] F2FS-fs (loop1): invalid crc value
[ 1024.057504][T17360] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1024.064670][T17369] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1024.083017][T17369] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2228: inode #15: comm syz.5.4516: corrupted in-inode xattr
[ 1024.135226][T17369] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.4516: couldn't read orphan inode 15 (err -117)
[ 1024.151407][T17378] loop3: detected capacity change from 0 to 256
[ 1024.801709][T17369] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1024.896196][T17360] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1
[ 1025.095139][T17360] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1025.108013][T17383] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4518'.
[ 1025.150117][   T30] kauditd_printk_skb: 203 callbacks suppressed
[ 1025.150132][   T30] audit: type=1326 audit(1761214247.349:4124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1025.184588][   T30] audit: type=1326 audit(1761214247.379:4125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1025.209768][   T30] audit: type=1326 audit(1761214247.379:4126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1025.233466][   T30] audit: type=1326 audit(1761214247.379:4127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1025.363881][   T30] audit: type=1326 audit(1761214247.379:4128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1025.590060][   T30] audit: type=1326 audit(1761214247.379:4129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1025.599780][T17393] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4068521576 (4068521576 ns) > initial count (2794446801 ns). Using initial count to start timer.
[ 1025.620807][T17391] loop3: detected capacity change from 0 to 512
[ 1025.638385][T17397] loop2: detected capacity change from 0 to 512
[ 1025.650687][T17391] EXT4-fs (loop3): Ignoring removed orlov option
[ 1025.655773][T17398] overlayfs: unrecognized mount option "(ÊRRûÍVÍŸ3ãd¢Q¯q" or missing value
[ 1025.657162][T17391] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[ 1025.693007][   T30] audit: type=1326 audit(1761214247.399:4130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1025.730568][T17397] EXT4-fs (loop2): Ignoring removed orlov option
[ 1025.737298][T17391] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1025.742171][T17397] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[ 1025.754220][   T30] audit: type=1326 audit(1761214247.399:4131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1025.778692][   T30] audit: type=1326 audit(1761214247.449:4132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1025.780027][T17391] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2228: inode #15: comm syz.3.4519: corrupted in-inode xattr
[ 1025.802232][   T30] audit: type=1326 audit(1761214247.459:4133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17359 comm="syz.1.4512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1025.839392][T17397] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1025.859736][T17397] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2228: inode #15: comm syz.2.4523: corrupted in-inode xattr
[ 1025.871939][T17397] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.4523: couldn't read orphan inode 15 (err -117)
[ 1025.884594][T17397] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1025.890284][T17391] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.4519: couldn't read orphan inode 15 (err -117)
[ 1025.953338][T17391] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1025.985702][T17408] loop7: detected capacity change from 0 to 512
[ 1026.028894][T17411] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=17411 comm=syz.2.4525
[ 1026.046809][T17412] 9pnet: Could not find request transport: fd0x0000000000000007
[ 1026.050670][T17408] EXT4-fs (loop7): Ignoring removed orlov option
[ 1026.066094][T17412] overlayfs: failed to resolve './file0/file1': -2
[ 1026.067274][T17408] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[ 1026.089921][T17411] loop2: detected capacity change from 0 to 512
[ 1026.188986][T17408] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1026.194846][T17411] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1026.209425][T17408] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2228: inode #15: comm syz.7.4526: corrupted in-inode xattr
[ 1026.226888][T17408] EXT4-fs error (device loop7): ext4_orphan_get:1406: comm syz.7.4526: couldn't read orphan inode 15 (err -117)
[ 1026.261152][T17411] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsddf,dioread_nolock,quota,,errors=continue. Quota mode: writeback.
[ 1026.275627][T17408] EXT4-fs (loop7): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1026.519742][T17411] ext4 filesystem being mounted at /314/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1026.540036][T15289] handle_bad_sector: 32167 callbacks suppressed
[ 1026.540053][T15289] attempt to access beyond end of device
[ 1026.540053][T15289] loop6: rw=524288, want=130240, limit=40427
[ 1026.557883][T15289] attempt to access beyond end of device
[ 1026.557883][T15289] loop6: rw=524288, want=130280, limit=40427
[ 1026.569589][T15289] attempt to access beyond end of device
[ 1026.569589][T15289] loop6: rw=524288, want=130288, limit=40427
[ 1026.752730][T15289] attempt to access beyond end of device
[ 1026.752730][T15289] loop6: rw=524288, want=130296, limit=40427
[ 1026.844017][T15289] attempt to access beyond end of device
[ 1026.844017][T15289] loop6: rw=524288, want=130304, limit=40427
[ 1026.844254][T17428] loop7: detected capacity change from 0 to 256
[ 1026.857211][T15289] attempt to access beyond end of device
[ 1026.857211][T15289] loop6: rw=524288, want=130320, limit=40427
[ 1026.875648][T17430] loop1: detected capacity change from 0 to 256
[ 1026.885306][T15289] attempt to access beyond end of device
[ 1026.885306][T15289] loop6: rw=524288, want=130328, limit=40427
[ 1026.897440][T15289] attempt to access beyond end of device
[ 1026.897440][T15289] loop6: rw=524288, want=130344, limit=40427
[ 1026.909508][T15289] attempt to access beyond end of device
[ 1026.909508][T15289] loop6: rw=524288, want=130376, limit=40427
[ 1026.921228][T15289] attempt to access beyond end of device
[ 1026.921228][T15289] loop6: rw=524288, want=130384, limit=40427
[ 1026.934512][T17432] netlink: 'syz.2.4532': attribute type 27 has an invalid length.
[ 1027.365096][T17442] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4068521576 (4068521576 ns) > initial count (2794446801 ns). Using initial count to start timer.
[ 1027.396106][T17442] overlayfs: unrecognized mount option "(ÊRRûÍVÍŸ3ãd¢Q¯q" or missing value
[ 1027.963308][T17456] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4537'.
[ 1028.069033][T17455] loop7: detected capacity change from 0 to 512
[ 1028.230240][T17455] EXT4-fs (loop7): Ignoring removed orlov option
[ 1028.236714][T17455] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[ 1028.330502][T17455] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1028.347470][T17439] loop2: detected capacity change from 0 to 40427
[ 1028.361414][T17455] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2228: inode #15: comm syz.7.4536: corrupted in-inode xattr
[ 1028.464611][T17455] EXT4-fs error (device loop7): ext4_orphan_get:1406: comm syz.7.4536: couldn't read orphan inode 15 (err -117)
[ 1028.530550][T17439] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1028.538663][T17455] EXT4-fs (loop7): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1028.690078][T17439] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1028.725436][T17467] loop5: detected capacity change from 0 to 512
[ 1028.765097][T17467] EXT4-fs (loop5): Ignoring removed orlov option
[ 1028.780647][T17471] loop7: detected capacity change from 0 to 512
[ 1028.789258][T17467] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[ 1028.821191][T17471] EXT4-fs (loop7): Ignoring removed orlov option
[ 1028.838614][T17467] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1028.847199][T17471] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[ 1028.861451][T17467] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2228: inode #15: comm syz.5.4540: corrupted in-inode xattr
[ 1028.861497][T17471] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1028.890236][T17467] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.4540: couldn't read orphan inode 15 (err -117)
[ 1028.911536][T17471] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2228: inode #15: comm syz.7.4539: corrupted in-inode xattr
[ 1028.938146][T17467] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1028.970355][T17471] EXT4-fs error (device loop7): ext4_orphan_get:1406: comm syz.7.4539: couldn't read orphan inode 15 (err -117)
[ 1028.994763][T17471] EXT4-fs (loop7): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1029.028644][T17476] 9pnet: Could not find request transport: fd0x0000000000000007
[ 1029.047090][T17476] overlayfs: failed to resolve './file0/file1': -2
[ 1029.218793][T17478] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4542'.
[ 1029.340198][T17483] netlink: 'syz.3.4543': attribute type 27 has an invalid length.
[ 1029.692484][T17489] loop5: detected capacity change from 0 to 256
[ 1030.150487][T17495] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4068521576 (4068521576 ns) > initial count (2794446801 ns). Using initial count to start timer.
[ 1030.189331][T17495] overlayfs: unrecognized mount option "(ÊRRûÍVÍŸ3ãd¢Q¯q" or missing value
[ 1030.264951][   T30] kauditd_printk_skb: 93 callbacks suppressed
[ 1030.264966][   T30] audit: type=1326 audit(1761214252.459:4227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17501 comm="syz.1.4550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1030.267606][T17503] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=17503 comm=syz.1.4550
[ 1030.271373][   T30] audit: type=1326 audit(1761214252.459:4228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17501 comm="syz.1.4550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1030.354117][T17504] loop1: detected capacity change from 0 to 512
[ 1030.376939][   T30] audit: type=1326 audit(1761214252.459:4229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17501 comm="syz.1.4550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1030.401204][T17504] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1030.419380][   T30] audit: type=1326 audit(1761214252.459:4230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17501 comm="syz.1.4550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1030.485154][T17508] loop3: detected capacity change from 0 to 512
[ 1030.500404][   T30] audit: type=1326 audit(1761214252.459:4231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17501 comm="syz.1.4550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1030.579698][T17512] loop7: detected capacity change from 0 to 1024
[ 1030.646179][T17504] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsddf,dioread_nolock,quota,,errors=continue. Quota mode: writeback.
[ 1030.662859][T17512] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1030.792582][T17508] EXT4-fs (loop3): Ignoring removed orlov option
[ 1030.822913][T17504] ext4 filesystem being mounted at /341/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1030.884333][   T30] audit: type=1326 audit(1761214252.459:4232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17501 comm="syz.1.4550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1030.921806][T17512] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1030.930324][T17512] System zones: 1-12
[ 1030.936450][T17512] EXT4-fs (loop7): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1031.079364][   T30] audit: type=1326 audit(1761214252.569:4233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17501 comm="syz.1.4550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1031.106512][T17508] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[ 1031.252085][   T30] audit: type=1326 audit(1761214252.569:4234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17501 comm="syz.1.4550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1031.327110][T17508] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1031.341306][T17508] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2228: inode #15: comm syz.3.4552: corrupted in-inode xattr
[ 1031.396227][T17508] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.4552: couldn't read orphan inode 15 (err -117)
[ 1031.423938][T17507] loop5: detected capacity change from 0 to 40427
[ 1031.483324][T17508] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1031.486420][   T30] audit: type=1326 audit(1761214253.679:4235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17501 comm="syz.1.4550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1031.587379][T17519] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4553'.
[ 1031.671397][   T31] INFO: task syz.6.3993:15292 blocked for more than 124 seconds.
[ 1031.693813][T17507] F2FS-fs (loop5): invalid crc value
[ 1031.772696][   T30] audit: type=1326 audit(1761214253.679:4236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17501 comm="syz.1.4550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1031.781886][T15289] handle_bad_sector: 30384 callbacks suppressed
[ 1031.781908][T15289] attempt to access beyond end of device
[ 1031.781908][T15289] loop6: rw=524288, want=126984, limit=40427
[ 1031.796510][   T31]       Not tainted syzkaller #0
[ 1031.818151][T15289] attempt to access beyond end of device
[ 1031.818151][T15289] loop6: rw=524288, want=126992, limit=40427
[ 1031.830434][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1031.839206][   T31] task:syz.6.3993      state:D stack:28896 pid:15292 ppid: 13212 flags:0x00004004
[ 1031.846082][T17507] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1031.848670][   T31] Call Trace:
[ 1031.858186][   T31]  <TASK>
[ 1031.861123][   T31]  __schedule+0xb6e/0x14c0
[ 1031.865534][   T31]  ? release_firmware_map_entry+0x190/0x190
[ 1031.871429][   T31]  ? __kasan_check_write+0x14/0x20
[ 1031.876527][   T31]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 1031.881545][   T31]  ? _raw_spin_lock_irqsave+0x110/0x110
[ 1031.887080][   T31]  schedule+0x11e/0x1e0
[ 1031.891234][   T31]  rwsem_down_write_slowpath+0xae5/0x1930
[ 1031.896942][   T31]  ? rwsem_down_read_slowpath+0x1230/0x1230
[ 1031.902947][   T31]  ? memcpy+0x56/0x70
[ 1031.906926][   T31]  ? avc_has_perm_noaudit+0x2f4/0x460
[ 1031.912299][   T31]  ? rwsem_write_trylock+0x130/0x300
[ 1031.917572][   T31]  ? clear_nonspinnable+0x60/0x60
[ 1031.922596][   T31]  down_write+0x29/0x30
[ 1031.927182][   T31]  do_truncate+0x183/0x220
[ 1031.931637][   T31]  ? put_page_bootmem+0x1a0/0x1a0
[ 1031.936657][   T31]  ? capable_wrt_inode_uidgid+0xdd/0x120
[ 1031.942293][   T31]  ? security_inode_permission+0xb0/0x100
[ 1031.948004][   T31]  ? break_lease+0x7b/0xd0
[ 1031.952418][   T31]  vfs_truncate+0x26a/0x300
[ 1031.956913][   T31]  do_sys_truncate+0xdc/0x190
[ 1031.961585][   T31]  ? break_lease+0xd0/0xd0
[ 1031.965988][   T31]  ? debug_smp_processor_id+0x17/0x20
[ 1031.971388][   T31]  __x64_sys_truncate+0x5b/0x70
[ 1031.976232][   T31]  x64_sys_call+0x212/0x9a0
[ 1031.980731][   T31]  do_syscall_64+0x4c/0xa0
[ 1031.985138][   T31]  ? clear_bhb_loop+0x50/0xa0
[ 1031.989807][   T31]  ? clear_bhb_loop+0x50/0xa0
[ 1031.994491][   T31]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1032.000392][   T31] RIP: 0033:0x7f4529d4efc9
[ 1032.004794][   T31] RSP: 002b:00007f4528775038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[ 1032.013206][   T31] RAX: ffffffffffffffda RBX: 00007f4529fa6180 RCX: 00007f4529d4efc9
[ 1032.021179][   T31] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[ 1032.029137][   T31] RBP: 00007f4529dd1f91 R08: 0000000000000000 R09: 0000000000000000
[ 1032.037109][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1032.045076][   T31] R13: 00007f4529fa6218 R14: 00007f4529fa6180 R15: 00007ffecaf9e5c8
[ 1032.053065][   T31]  </TASK>
[ 1032.067866][T15289] attempt to access beyond end of device
[ 1032.067866][T15289] loop6: rw=524288, want=127000, limit=40427
[ 1032.068238][   T31] NMI backtrace for cpu 0
[ 1032.083660][   T31] CPU: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0
[ 1032.090873][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1032.095074][T15289] attempt to access beyond end of device
[ 1032.095074][T15289] loop6: rw=524288, want=127016, limit=40427
[ 1032.100918][   T31] Call Trace:
[ 1032.100925][   T31]  <TASK>
[ 1032.100932][   T31]  __dump_stack+0x21/0x30
[ 1032.100955][   T31]  dump_stack_lvl+0xee/0x150
[ 1032.100970][   T31]  ? show_regs_print_info+0x20/0x20
[ 1032.132617][   T31]  dump_stack+0x15/0x20
[ 1032.133326][T17507] F2FS-fs (loop5): Cannot turn on quotas: -2 on 1
[ 1032.136772][   T31]  nmi_cpu_backtrace+0x2b4/0x2c0
[ 1032.143276][T15289] attempt to access beyond end of device
[ 1032.143276][T15289] loop6: rw=524288, want=127024, limit=40427
[ 1032.148091][   T31]  ? rcu_read_unlock_special+0xab/0x460
[ 1032.160426][T17507] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 1032.165046][   T31]  ? nmi_trigger_cpumask_backtrace+0x240/0x240
[ 1032.178619][   T31]  ? __rcu_read_unlock+0xa0/0xa0
[ 1032.183586][   T31]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[ 1032.189636][   T31]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[ 1032.195686][   T31]  nmi_trigger_cpumask_backtrace+0x138/0x240
[ 1032.201650][   T31]  arch_trigger_cpumask_backtrace+0x10/0x20
[ 1032.207534][   T31]  watchdog+0xd64/0xea0
[ 1032.211679][   T31]  ? hungtask_pm_notify+0x50/0x50
[ 1032.216683][   T31]  ? __kasan_check_read+0x11/0x20
[ 1032.221690][   T31]  ? __kthread_parkme+0xac/0x200
[ 1032.226607][   T31]  ? preempt_count_add+0x90/0x1b0
[ 1032.231616][   T31]  kthread+0x411/0x500
[ 1032.235666][   T31]  ? hungtask_pm_notify+0x50/0x50
[ 1032.240671][   T31]  ? kthread_blkcg+0xd0/0xd0
[ 1032.245242][   T31]  ret_from_fork+0x1f/0x30
[ 1032.249643][   T31]  </TASK>
[ 1032.252745][   T31] Sending NMI from CPU 0 to CPUs 1:
[ 1032.258275][    C1] NMI backtrace for cpu 1
[ 1032.258288][    C1] CPU: 1 PID: 273 Comm: syz-executor Not tainted syzkaller #0
[ 1032.258302][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1032.258311][    C1] RIP: 0010:memset_erms+0xb/0x10
[ 1032.258333][    C1] Code: 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 f3 48 ab 89 d1 f3 aa 4c 89 c8 c3 90 49 89 f9 40 88 f0 48 89 d1 f3 aa <4c> 89 c8 c3 90 49 89 fa 40 0f b6 ce 48 b8 01 01 01 01 01 01 01 01
[ 1032.258346][    C1] RSP: 0018:ffffc90000aa7c70 EFLAGS: 00000202
[ 1032.258359][    C1] RAX: ffffc90000aa7d00 RBX: 0000000000000010 RCX: 0000000000000000
[ 1032.258370][    C1] RDX: 0000000000000010 RSI: 0000000000000000 RDI: ffffc90000aa7d40
[ 1032.258380][    C1] RBP: ffffc90000aa7c90 R08: dffffc0000000000 R09: ffffc90000aa7d30
[ 1032.258391][    C1] R10: fffff52000154fa8 R11: 1ffff92000154fa6 R12: 0000000000000000
[ 1032.258401][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: ffffc90000aa7d30
[ 1032.258410][    C1] FS:  0000555579d81500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1032.258423][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1032.258433][    C1] CR2: 000000110c2f82a6 CR3: 000000011de52000 CR4: 00000000003506a0
[ 1032.258446][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1032.258454][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1032.258463][    C1] Call Trace:
[ 1032.258468][    C1]  <TASK>
[ 1032.258472][    C1]  ? memset+0x35/0x40
[ 1032.258488][    C1]  vfs_read+0x5a9/0xbe0
[ 1032.258502][    C1]  ? kernel_read+0x1f0/0x1f0
[ 1032.258518][    C1]  ? __kasan_check_read+0x11/0x20
[ 1032.258531][    C1]  ? __fdget_pos+0x1f7/0x380
[ 1032.258548][    C1]  ksys_read+0x140/0x240
[ 1032.258560][    C1]  ? vfs_write+0xf70/0xf70
[ 1032.258573][    C1]  ? debug_smp_processor_id+0x17/0x20
[ 1032.258588][    C1]  __x64_sys_read+0x7b/0x90
[ 1032.258601][    C1]  x64_sys_call+0x96d/0x9a0
[ 1032.258620][    C1]  do_syscall_64+0x4c/0xa0
[ 1032.258635][    C1]  ? clear_bhb_loop+0x50/0xa0
[ 1032.258647][    C1]  ? clear_bhb_loop+0x50/0xa0
[ 1032.258659][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1032.258675][    C1] RIP: 0033:0x7ffb3cb7699d
[ 1032.258687][    C1] Code: a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb bd e8 a8 48 00 00 0f 1f 84 00 00 00 00 00 80 3d c1 ab 22 00 00 74 17 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 5b c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec
[ 1032.258699][    C1] RSP: 002b:00007ffcde85a4f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1032.258712][    C1] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007ffb3cb7699d
[ 1032.258722][    C1] RDX: 0000000000000bcc RSI: 0000555579da0860 RDI: 0000000000000003
[ 1032.258732][    C1] RBP: 0000000000000000 R08: 0000000000000408 R09: 000da528578ce890
[ 1032.258741][    C1] R10: 00000211ebaec290 R11: 0000000000000246 R12: 00007ffcde85a920
[ 1032.258751][    C1] R13: 0000000000000bcc R14: 0000555579da0860 R15: 00007ffcde85a5a0
[ 1032.258765][    C1]  </TASK>
[ 1032.296602][T15289] attempt to access beyond end of device
[ 1032.296602][T15289] loop6: rw=524288, want=127032, limit=40427
[ 1032.555609][T15163] attempt to access beyond end of device
[ 1032.555609][T15163] loop5: rw=2049, want=45120, limit=40427
[ 1032.562489][T15289] attempt to access beyond end of device
[ 1032.562489][T15289] loop6: rw=524288, want=127072, limit=40427
[ 1032.578403][T15289] attempt to access beyond end of device
[ 1032.578403][T15289] loop6: rw=524288, want=127080, limit=40427
[ 1032.590837][T15289] attempt to access beyond end of device
[ 1032.590837][T15289] loop6: rw=524288, want=127096, limit=40427
[ 1032.629432][T17531] 9pnet: Insufficient options for proto=fd
[ 1032.962529][T17532] loop3: detected capacity change from 0 to 512
[ 1032.987003][T17532] EXT4-fs (loop3): Ignoring removed orlov option
[ 1032.995009][T17532] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[ 1033.028205][T17539] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4556'.
[ 1033.043981][T17532] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1033.054806][T17542] 9pnet: Insufficient options for proto=fd
[ 1033.061041][T17532] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2228: inode #15: comm syz.3.4555: corrupted in-inode xattr
[ 1033.080762][T17532] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.4555: couldn't read orphan inode 15 (err -117)
[ 1033.120079][T17532] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1033.242098][T17544] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4068521576 (4068521576 ns) > initial count (2794446801 ns). Using initial count to start timer.
[ 1033.393340][T17544] overlayfs: unrecognized mount option "(ÊRRûÍVÍŸ3ãd¢Q¯q" or missing value
[ 1033.771974][T17558] loop3: detected capacity change from 0 to 256
[ 1034.255258][T17559] loop1: detected capacity change from 0 to 512
[ 1034.302455][T17559] EXT4-fs (loop1): Ignoring removed orlov option
[ 1034.347811][T17559] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[ 1034.393483][T17563] loop7: detected capacity change from 0 to 1024
[ 1034.463379][T17563] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1034.615801][T17559] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1034.663593][T17563] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1034.672130][T17563] System zones: 1-12
[ 1034.746082][T17563] EXT4-fs (loop7): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1035.250279][T17559] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2228: inode #15: comm syz.1.4564: corrupted in-inode xattr
[ 1035.312451][T17559] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.4564: couldn't read orphan inode 15 (err -117)
[ 1035.411312][T17559] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1035.466184][T17575] loop3: detected capacity change from 0 to 1024
[ 1035.477531][T17574] loop2: detected capacity change from 0 to 1024
[ 1035.524130][T17575] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1035.556617][T17574] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1035.631301][T17574] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1035.639455][T17574] System zones: 1-12
[ 1035.643902][T17574] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1035.675080][T17575] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1035.683268][T17575] System zones: 1-12
[ 1035.687658][T17575] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1035.874478][T17561] loop5: detected capacity change from 0 to 40427
[ 1035.974001][T17561] F2FS-fs (loop5): invalid crc value
[ 1035.998600][T17561] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1036.034749][T17561] F2FS-fs (loop5): Cannot turn on quotas: -2 on 1
[ 1036.108326][T17591] 9pnet: Insufficient options for proto=fd
[ 1036.126851][T17561] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 1036.244550][T17584] loop1: detected capacity change from 0 to 512
[ 1036.430329][T17596] loop2: detected capacity change from 0 to 512
[ 1036.438147][T17596] EXT4-fs (loop2): Ignoring removed orlov option
[ 1036.445087][T17584] EXT4-fs (loop1): Ignoring removed orlov option
[ 1036.451586][T17596] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[ 1036.459738][T17584] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[ 1036.473684][T17584] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1036.473953][   T30] kauditd_printk_skb: 76 callbacks suppressed
[ 1036.473964][   T30] audit: type=1326 audit(1761214258.669:4313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17560 comm="syz.5.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1036.511652][T17584] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2228: inode #15: comm syz.1.4569: corrupted in-inode xattr
[ 1036.530050][T17584] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.4569: couldn't read orphan inode 15 (err -117)
[ 1036.542890][T17596] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1036.561022][T17596] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2228: inode #15: comm syz.2.4572: corrupted in-inode xattr
[ 1036.578251][T17584] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1036.600763][T17596] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.4572: couldn't read orphan inode 15 (err -117)
[ 1036.613151][   T30] audit: type=1326 audit(1761214258.669:4314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17560 comm="syz.5.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1036.637336][T17596] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1036.681250][   T30] audit: type=1326 audit(1761214258.709:4315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17560 comm="syz.5.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1036.705051][   T30] audit: type=1326 audit(1761214258.709:4316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17560 comm="syz.5.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1036.728663][   T30] audit: type=1326 audit(1761214258.709:4317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17560 comm="syz.5.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1036.752580][   T30] audit: type=1326 audit(1761214258.709:4318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17560 comm="syz.5.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1036.776003][   T30] audit: type=1326 audit(1761214258.709:4319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17560 comm="syz.5.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1036.799599][   T30] audit: type=1326 audit(1761214258.709:4320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17560 comm="syz.5.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1036.812233][T15289] handle_bad_sector: 27275 callbacks suppressed
[ 1036.812252][T15289] attempt to access beyond end of device
[ 1036.812252][T15289] loop6: rw=0, want=130696, limit=40427
[ 1036.841263][T15289] attempt to access beyond end of device
[ 1036.841263][T15289] loop6: rw=0, want=130720, limit=40427
[ 1036.852634][T15289] attempt to access beyond end of device
[ 1036.852634][T15289] loop6: rw=0, want=130728, limit=40427
[ 1036.858957][   T30] audit: type=1326 audit(1761214258.709:4321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17560 comm="syz.5.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1036.863992][T15289] attempt to access beyond end of device
[ 1036.863992][T15289] loop6: rw=0, want=130736, limit=40427
[ 1036.905103][T15289] attempt to access beyond end of device
[ 1036.905103][T15289] loop6: rw=0, want=130760, limit=40427
[ 1036.940948][   T30] audit: type=1326 audit(1761214258.709:4322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17560 comm="syz.5.4565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a2d66bfc9 code=0x7ffc0000
[ 1036.963928][T15289] attempt to access beyond end of device
[ 1036.963928][T15289] loop6: rw=0, want=130784, limit=40427
[ 1036.976288][T15289] attempt to access beyond end of device
[ 1036.976288][T15289] loop6: rw=0, want=130792, limit=40427
[ 1036.988096][T15289] attempt to access beyond end of device
[ 1036.988096][T15289] loop6: rw=0, want=130832, limit=40427
[ 1037.003619][T17609] 9pnet: Insufficient options for proto=fd
[ 1037.010603][T17609] overlayfs: failed to resolve './file0/file1': -2
[ 1037.017281][T15289] attempt to access beyond end of device
[ 1037.017281][T15289] loop6: rw=0, want=130856, limit=40427
[ 1037.033868][T15289] attempt to access beyond end of device
[ 1037.033868][T15289] loop6: rw=0, want=130864, limit=40427
[ 1037.172577][T17614] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4575'.
[ 1037.471904][T17616] loop5: detected capacity change from 0 to 1024
[ 1037.523299][T17616] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1037.571927][T17617] loop7: detected capacity change from 0 to 1024
[ 1037.601216][T17617] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1037.731460][T17616] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1037.739811][T17616] System zones: 1-12
[ 1037.746274][T17616] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1037.964628][T17623] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4577'.
[ 1038.044056][T17617] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1038.052260][T17617] System zones: 1-12
[ 1038.056661][T17617] EXT4-fs (loop7): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1038.265225][T17633] loop1: detected capacity change from 0 to 256
[ 1038.296138][T17636] loop5: detected capacity change from 0 to 512
[ 1038.397323][T17636] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[ 1038.413912][T17636] EXT4-fs (loop5): invalid journal inode
[ 1038.431907][T17636] EXT4-fs (loop5): can't get journal size
[ 1038.699816][T17636] EXT4-fs (loop5): 1 truncate cleaned up
[ 1038.707057][T17636] EXT4-fs (loop5): mounted filesystem without journal. Opts: norecovery,max_batch_time=0x0000000000000003,,errors=continue. Quota mode: none.
[ 1038.721774][T17630] loop3: detected capacity change from 0 to 40427
[ 1038.740973][T17630] F2FS-fs (loop3): invalid crc value
[ 1038.773775][T17630] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1038.852243][T17630] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1
[ 1038.921904][T17630] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1038.944222][T17646] loop2: detected capacity change from 0 to 512
[ 1038.971981][T17646] EXT4-fs (loop2): Ignoring removed orlov option
[ 1038.986673][T17646] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[ 1039.115827][T17646] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1039.145410][T17646] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2228: inode #15: comm syz.2.4585: corrupted in-inode xattr
[ 1039.198473][T17646] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.4585: couldn't read orphan inode 15 (err -117)
[ 1039.260216][T17646] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1039.461230][T17661] loop3: detected capacity change from 0 to 512
[ 1039.487061][T17661] EXT4-fs (loop3): Ignoring removed orlov option
[ 1039.498678][T17661] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[ 1039.520343][T17661] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1039.534539][T17661] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2228: inode #15: comm syz.3.4586: corrupted in-inode xattr
[ 1039.568874][T17661] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.4586: couldn't read orphan inode 15 (err -117)
[ 1039.605564][T17661] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1039.692377][T17660] loop2: detected capacity change from 0 to 40427
[ 1039.766333][T17668] 9pnet: Insufficient options for proto=fd
[ 1039.775945][T17660] F2FS-fs (loop2): invalid crc value
[ 1039.794027][T17668] overlayfs: failed to resolve './file0/file1': -2
[ 1039.882586][T17660] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1040.148569][T17660] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1
[ 1040.220077][T17660] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1040.290350][T17680] loop1: detected capacity change from 0 to 1024
[ 1040.331085][T17680] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1040.368171][T17680] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1040.376790][T17680] System zones: 1-12
[ 1040.384289][T17680] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1040.706739][T17691] loop5: detected capacity change from 0 to 512
[ 1040.741509][T17691] EXT4-fs (loop5): Ignoring removed orlov option
[ 1040.743072][T17697] loop2: detected capacity change from 0 to 512
[ 1040.765864][T17691] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[ 1040.780352][T17691] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1040.791137][T17697] EXT4-fs (loop2): Ignoring removed orlov option
[ 1040.799235][T17697] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[ 1040.808697][T17691] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2228: inode #15: comm syz.5.4598: corrupted in-inode xattr
[ 1040.832737][T17697] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1040.843901][T17691] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.4598: couldn't read orphan inode 15 (err -117)
[ 1040.856159][T17691] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1040.869689][T17697] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2228: inode #15: comm syz.2.4599: corrupted in-inode xattr
[ 1040.905307][T17697] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.4599: couldn't read orphan inode 15 (err -117)
[ 1040.931005][T17697] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1040.975971][T17689] loop1: detected capacity change from 0 to 40427
[ 1041.101887][T17708] loop3: detected capacity change from 0 to 1024
[ 1041.239758][T17689] F2FS-fs (loop1): invalid crc value
[ 1041.248547][T17708] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1041.594444][T17708] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1041.603020][T17708] System zones: 1-12
[ 1041.609605][T17708] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1041.719794][T17689] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1041.880469][T15289] handle_bad_sector: 38510 callbacks suppressed
[ 1041.880574][T15289] attempt to access beyond end of device
[ 1041.880574][T15289] loop6: rw=0, want=130008, limit=40427
[ 1042.023512][T15289] attempt to access beyond end of device
[ 1042.023512][T15289] loop6: rw=0, want=130016, limit=40427
[ 1042.034793][T15289] attempt to access beyond end of device
[ 1042.034793][T15289] loop6: rw=0, want=130024, limit=40427
[ 1042.042891][T17722] loop7: detected capacity change from 0 to 256
[ 1042.046156][T15289] attempt to access beyond end of device
[ 1042.046156][T15289] loop6: rw=0, want=130064, limit=40427
[ 1042.204420][T15289] attempt to access beyond end of device
[ 1042.204420][T15289] loop6: rw=0, want=130072, limit=40427
[ 1042.308042][T15289] attempt to access beyond end of device
[ 1042.308042][T15289] loop6: rw=0, want=130080, limit=40427
[ 1042.320602][T15289] attempt to access beyond end of device
[ 1042.320602][T15289] loop6: rw=0, want=130088, limit=40427
[ 1042.326667][T17689] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1
[ 1042.332801][T15289] attempt to access beyond end of device
[ 1042.332801][T15289] loop6: rw=0, want=130128, limit=40427
[ 1042.350281][T15289] attempt to access beyond end of device
[ 1042.350281][T15289] loop6: rw=0, want=130136, limit=40427
[ 1042.362681][T15289] attempt to access beyond end of device
[ 1042.362681][T15289] loop6: rw=0, want=130176, limit=40427
[ 1042.470091][T17689] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1042.761793][   T30] kauditd_printk_skb: 108 callbacks suppressed
[ 1042.761809][   T30] audit: type=1326 audit(1761214264.959:4431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17687 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1042.867753][T17733] loop3: detected capacity change from 0 to 1024
[ 1042.937743][T17733] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1043.058141][T17733] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1043.066552][T17733] System zones: 1-12
[ 1043.073074][T17733] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1043.400058][   T30] audit: type=1326 audit(1761214265.169:4432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17687 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1043.533161][   T30] audit: type=1326 audit(1761214265.179:4433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17687 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1043.797801][   T30] audit: type=1326 audit(1761214265.179:4434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17687 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1043.827717][   T30] audit: type=1326 audit(1761214265.179:4435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17687 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1043.851376][   T30] audit: type=1326 audit(1761214265.179:4436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17687 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1043.875911][T17752] 9pnet: Insufficient options for proto=fd
[ 1043.885880][T17752] overlayfs: failed to resolve './file0/file1': -2
[ 1043.893490][   T30] audit: type=1326 audit(1761214265.189:4437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17687 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1043.924886][   T30] audit: type=1326 audit(1761214265.189:4438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17687 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1043.973748][   T30] audit: type=1326 audit(1761214265.189:4439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17687 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1044.033007][   T30] audit: type=1326 audit(1761214265.189:4440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17687 comm="syz.1.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca57cffc9 code=0x7ffc0000
[ 1044.208556][T17762] overlayfs: missing 'lowerdir'
[ 1044.229511][T17766] loop5: detected capacity change from 0 to 256
[ 1044.973143][T17772] loop2: detected capacity change from 0 to 1024
[ 1045.255599][T17772] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1045.543989][T17772] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1045.552424][T17772] System zones: 1-12
[ 1045.638734][T17772] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1045.819850][T17784] loop3: detected capacity change from 0 to 128
[ 1045.830665][T17781] loop5: detected capacity change from 0 to 256
[ 1045.866794][T17786] loop1: detected capacity change from 0 to 256
[ 1045.900207][T17787] loop7: detected capacity change from 0 to 256
[ 1046.023928][T17784] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1046.052793][T17784] ext4 filesystem being mounted at /288/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1046.622289][T17780] netlink: 'syz.3.4619': attribute type 13 has an invalid length.
[ 1046.830883][T17799] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=17799 comm=syz.1.4624
[ 1046.890158][T15289] handle_bad_sector: 24477 callbacks suppressed
[ 1046.890176][T15289] attempt to access beyond end of device
[ 1046.890176][T15289] loop6: rw=524288, want=130656, limit=40427
[ 1046.911753][T15289] attempt to access beyond end of device
[ 1046.911753][T15289] loop6: rw=524288, want=130688, limit=40427
[ 1046.925950][T15289] attempt to access beyond end of device
[ 1046.925950][T15289] loop6: rw=524288, want=130696, limit=40427
[ 1046.955237][T15289] attempt to access beyond end of device
[ 1046.955237][T15289] loop6: rw=524288, want=130720, limit=40427
[ 1046.970578][T15289] attempt to access beyond end of device
[ 1046.970578][T15289] loop6: rw=524288, want=130728, limit=40427
[ 1047.066873][T15289] attempt to access beyond end of device
[ 1047.066873][T15289] loop6: rw=524288, want=130736, limit=40427
[ 1047.079381][T15289] attempt to access beyond end of device
[ 1047.079381][T15289] loop6: rw=524288, want=130760, limit=40427
[ 1047.091167][T17799] loop1: detected capacity change from 0 to 512
[ 1047.098051][T15289] attempt to access beyond end of device
[ 1047.098051][T15289] loop6: rw=524288, want=130784, limit=40427
[ 1047.109910][T15289] attempt to access beyond end of device
[ 1047.109910][T15289] loop6: rw=524288, want=130792, limit=40427
[ 1047.122004][T15289] attempt to access beyond end of device
[ 1047.122004][T15289] loop6: rw=524288, want=130832, limit=40427
[ 1047.143057][T17799] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1047.166382][T17805] loop3: detected capacity change from 0 to 512
[ 1047.181767][T17812] 9pnet: Insufficient options for proto=fd
[ 1047.222643][T17805] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[ 1047.225894][T17799] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsddf,dioread_nolock,quota,,errors=continue. Quota mode: writeback.
[ 1047.244662][T17799] ext4 filesystem being mounted at /356/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1047.247980][T17812] overlayfs: failed to resolve './file0/file1': -2
[ 1047.263174][T17805] EXT4-fs (loop3): invalid journal inode
[ 1047.264069][T17817] loop2: detected capacity change from 0 to 256
[ 1047.268847][T17805] EXT4-fs (loop3): can't get journal size
[ 1047.283468][T17805] EXT4-fs (loop3): 1 truncate cleaned up
[ 1047.289120][T17805] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,max_batch_time=0x0000000000000003,,errors=continue. Quota mode: none.
[ 1047.846280][T17829] overlayfs: option "workdir=./file0/file1" is useless in a non-upper mount, ignore
[ 1047.856789][T17829] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1048.178200][   T30] kauditd_printk_skb: 87 callbacks suppressed
[ 1048.178215][   T30] audit: type=1326 audit(1761214270.369:4528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17833 comm="syz.7.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1048.211656][T17834] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=17834 comm=syz.7.4631
[ 1048.233203][   T30] audit: type=1326 audit(1761214270.399:4529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17833 comm="syz.7.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1048.318365][   T30] audit: type=1326 audit(1761214270.399:4530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17833 comm="syz.7.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1048.348801][T17834] loop7: detected capacity change from 0 to 512
[ 1048.367130][T17834] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1048.381094][   T30] audit: type=1326 audit(1761214270.399:4531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17833 comm="syz.7.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1048.484808][T17840] loop2: detected capacity change from 0 to 1024
[ 1048.548750][T17840] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1048.613006][T17840] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1048.621512][T17840] System zones: 1-12
[ 1048.628188][T17840] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1048.668507][T17834] EXT4-fs (loop7): mounted filesystem without journal. Opts: bsddf,dioread_nolock,quota,,errors=continue. Quota mode: writeback.
[ 1048.790108][   T30] audit: type=1326 audit(1761214270.399:4532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17833 comm="syz.7.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1048.820427][T17834] ext4 filesystem being mounted at /117/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1048.860124][   T30] audit: type=1326 audit(1761214270.409:4533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17833 comm="syz.7.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1048.914191][   T30] audit: type=1326 audit(1761214270.409:4534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17833 comm="syz.7.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1048.958132][   T30] audit: type=1326 audit(1761214270.429:4535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17833 comm="syz.7.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1049.002478][   T30] audit: type=1326 audit(1761214270.509:4536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17833 comm="syz.7.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1049.031078][   T30] audit: type=1326 audit(1761214270.509:4537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17833 comm="syz.7.4631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50e8198fc9 code=0x7ffc0000
[ 1049.168894][T17850] loop2: detected capacity change from 0 to 128
[ 1049.176800][T17854] overlayfs: missing 'lowerdir'
[ 1049.252209][T17850] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1049.258969][T17859] loop1: detected capacity change from 0 to 256
[ 1049.286667][T17855] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4068521576 (4068521576 ns) > initial count (2794446801 ns). Using initial count to start timer.
[ 1049.330855][T17850] ext4 filesystem being mounted at /333/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1049.355512][T17861] loop7: detected capacity change from 0 to 256
[ 1049.607886][T17850] netlink: 'syz.2.4635': attribute type 13 has an invalid length.
[ 1049.714184][T17868] loop3: detected capacity change from 0 to 512
[ 1049.746869][T17868] EXT4-fs (loop3): Ignoring removed orlov option
[ 1049.760191][T17868] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[ 1049.793542][T17868] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1049.807121][T17868] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2228: inode #15: comm syz.3.4639: corrupted in-inode xattr
[ 1049.821142][T17868] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.4639: couldn't read orphan inode 15 (err -117)
[ 1049.962941][T17868] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1050.235324][T17883] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=17883 comm=syz.3.4642
[ 1050.412114][T17885] loop5: detected capacity change from 0 to 1024
[ 1051.154568][T17887] loop1: detected capacity change from 0 to 1024
[ 1052.640369][T15289] handle_bad_sector: 35106 callbacks suppressed
[ 1052.640419][T15289] attempt to access beyond end of device
[ 1052.640419][T15289] loop6: rw=524288, want=128504, limit=40427
[ 1052.665205][T17885] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1052.679926][T17887] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1052.780480][   T31] INFO: task syz.6.3993:15292 blocked for more than 145 seconds.
[ 1052.788264][   T31]       Not tainted syzkaller #0
[ 1052.814225][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1052.835114][T15289] attempt to access beyond end of device
[ 1052.835114][T15289] loop6: rw=524288, want=128512, limit=40427
[ 1052.923248][T17887] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1052.931741][T17887] System zones: 1-12
[ 1052.938221][T17887] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1053.006295][T17885] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1053.014791][T17885] System zones: 1-12
[ 1053.021489][T17885] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1053.317612][   T31] task:syz.6.3993      state:D stack:28896 pid:15292 ppid: 13212 flags:0x00004004
[ 1053.326918][   T31] Call Trace:
[ 1053.330232][   T31]  <TASK>
[ 1053.333191][   T31]  __schedule+0xb6e/0x14c0
[ 1053.337649][   T31]  ? release_firmware_map_entry+0x190/0x190
[ 1053.343585][   T31]  ? __kasan_check_write+0x14/0x20
[ 1053.348735][   T31]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 1053.353798][   T31]  ? _raw_spin_lock_irqsave+0x110/0x110
[ 1053.359412][   T31]  schedule+0x11e/0x1e0
[ 1053.363784][   T31]  rwsem_down_write_slowpath+0xae5/0x1930
[ 1053.369506][   T31]  ? rwsem_down_read_slowpath+0x1230/0x1230
[ 1053.369780][   T30] kauditd_printk_skb: 62 callbacks suppressed
[ 1053.369793][   T30] audit: type=1326 audit(1761214275.559:4600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17882 comm="syz.3.4642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1053.375414][   T31]  ? memcpy+0x56/0x70
[ 1053.381667][   T30] audit: type=1326 audit(1761214275.579:4601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17882 comm="syz.3.4642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1053.405086][   T31]  ? avc_has_perm_noaudit+0x2f4/0x460
[ 1053.409208][T15289] attempt to access beyond end of device
[ 1053.409208][T15289] loop6: rw=524288, want=128520, limit=40427
[ 1053.432499][   T31]  ? rwsem_write_trylock+0x130/0x300
[ 1053.432524][   T31]  ? clear_nonspinnable+0x60/0x60
[ 1053.432542][   T31]  down_write+0x29/0x30
[ 1053.463811][   T31]  do_truncate+0x183/0x220
[ 1053.468288][   T31]  ? put_page_bootmem+0x1a0/0x1a0
[ 1053.473570][   T31]  ? capable_wrt_inode_uidgid+0xdd/0x120
[ 1053.479570][   T31]  ? security_inode_permission+0xb0/0x100
[ 1053.484145][T15289] attempt to access beyond end of device
[ 1053.484145][T15289] loop6: rw=524288, want=128528, limit=40427
[ 1053.485646][   T31]  ? break_lease+0x7b/0xd0
[ 1053.501524][   T31]  vfs_truncate+0x26a/0x300
[ 1053.506157][   T31]  do_sys_truncate+0xdc/0x190
[ 1053.506215][T15289] attempt to access beyond end of device
[ 1053.506215][T15289] loop6: rw=524288, want=128552, limit=40427
[ 1053.510975][   T31]  ? break_lease+0xd0/0xd0
[ 1053.522914][T15289] attempt to access beyond end of device
[ 1053.522914][T15289] loop6: rw=524288, want=128568, limit=40427
[ 1053.526838][   T31]  ? debug_smp_processor_id+0x17/0x20
[ 1053.538476][T15289] attempt to access beyond end of device
[ 1053.538476][T15289] loop6: rw=524288, want=128576, limit=40427
[ 1053.543582][   T31]  __x64_sys_truncate+0x5b/0x70
[ 1053.543608][   T31]  x64_sys_call+0x212/0x9a0
[ 1053.555580][T15289] attempt to access beyond end of device
[ 1053.555580][T15289] loop6: rw=524288, want=128584, limit=40427
[ 1053.560090][   T31]  do_syscall_64+0x4c/0xa0
[ 1053.564888][T15289] attempt to access beyond end of device
[ 1053.564888][T15289] loop6: rw=524288, want=128600, limit=40427
[ 1053.576025][   T31]  ? clear_bhb_loop+0x50/0xa0
[ 1053.576051][   T31]  ? clear_bhb_loop+0x50/0xa0
[ 1053.576067][   T31]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1053.607107][   T31] RIP: 0033:0x7f4529d4efc9
[ 1053.611537][   T31] RSP: 002b:00007f4528775038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[ 1053.619940][   T31] RAX: ffffffffffffffda RBX: 00007f4529fa6180 RCX: 00007f4529d4efc9
[ 1053.627916][   T31] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[ 1053.635885][   T31] RBP: 00007f4529dd1f91 R08: 0000000000000000 R09: 0000000000000000
[ 1053.643850][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1053.651823][   T31] R13: 00007f4529fa6218 R14: 00007f4529fa6180 R15: 00007ffecaf9e5c8
[ 1053.659790][   T31]  </TASK>
[ 1053.666764][   T31] NMI backtrace for cpu 0
[ 1053.669140][T15289] attempt to access beyond end of device
[ 1053.669140][T15289] loop6: rw=524288, want=128632, limit=40427
[ 1053.671100][   T31] CPU: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0
[ 1053.671119][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1053.671127][   T31] Call Trace:
[ 1053.671133][   T31]  <TASK>
[ 1053.671138][   T31]  __dump_stack+0x21/0x30
[ 1053.671160][   T31]  dump_stack_lvl+0xee/0x150
[ 1053.671176][   T31]  ? show_regs_print_info+0x20/0x20
[ 1053.671197][   T31]  dump_stack+0x15/0x20
[ 1053.671213][   T31]  nmi_cpu_backtrace+0x2b4/0x2c0
[ 1053.729213][   T31]  ? rcu_read_unlock_special+0xab/0x460
[ 1053.734749][   T31]  ? nmi_trigger_cpumask_backtrace+0x240/0x240
[ 1053.740888][   T31]  ? __rcu_read_unlock+0xa0/0xa0
[ 1053.745804][   T31]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[ 1053.751854][   T31]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[ 1053.757905][   T31]  nmi_trigger_cpumask_backtrace+0x138/0x240
[ 1053.763866][   T31]  arch_trigger_cpumask_backtrace+0x10/0x20
[ 1053.769741][   T31]  watchdog+0xd64/0xea0
[ 1053.773880][   T31]  ? hungtask_pm_notify+0x50/0x50
[ 1053.778884][   T31]  ? __kasan_check_read+0x11/0x20
[ 1053.783890][   T31]  ? __kthread_parkme+0xac/0x200
[ 1053.788808][   T31]  ? preempt_count_add+0x90/0x1b0
[ 1053.793811][   T31]  kthread+0x411/0x500
[ 1053.797866][   T31]  ? hungtask_pm_notify+0x50/0x50
[ 1053.802878][   T31]  ? kthread_blkcg+0xd0/0xd0
[ 1053.807446][   T31]  ret_from_fork+0x1f/0x30
[ 1053.811845][   T31]  </TASK>
[ 1053.814947][   T31] Sending NMI from CPU 0 to CPUs 1:
[ 1053.820401][    C1] NMI backtrace for cpu 1
[ 1053.820420][    C1] CPU: 1 PID: 17892 Comm: syz.2.4644 Not tainted syzkaller #0
[ 1053.820435][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1053.820443][    C1] RIP: 0033:0x7fa934938130
[ 1053.820457][    C1] Code: 01 00 48 83 c0 01 48 39 f0 72 ef e9 cb fe ff ff 66 2e 0f 1f 84 00 00 00 00 00 48 c7 43 50 04 00 00 00 e9 06 fe ff ff 0f 1f 00 <48> 8b 0d 41 2f 37 00 48 81 ce ff ff ff 3f 31 c0 48 3b 34 c1 74 5b
[ 1053.820469][    C1] RSP: 002b:00007ffd39763e80 EFLAGS: 00000202
[ 1053.820483][    C1] RAX: 0000000000000000 RBX: 00007fa9357de720 RCX: ffffffff81abda30
[ 1053.820493][    C1] RDX: 0000000000001a30 RSI: ffffffff81761a30 RDI: 0000000000000011
[ 1053.820503][    C1] RBP: ffffffff81761a30 R08: 00007fa934caf128 R09: 00007fa934c9b000
[ 1053.820512][    C1] R10: 00007fa9340c6008 R11: 0000000000000011 R12: 0000000000000011
[ 1053.820522][    C1] R13: 0000000000000000 R14: ffffffff81761771 R15: 000000000000024a
[ 1053.820531][    C1] FS:  000055558f2e0500 GS:  0000000000000000
[ 1053.923723][   T30] audit: type=1326 audit(1761214276.119:4602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17898 comm="syz.3.4647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1053.962347][T17900] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=17900 comm=syz.3.4647
[ 1053.970207][   T30] audit: type=1326 audit(1761214276.139:4603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17898 comm="syz.3.4647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1054.018908][   T30] audit: type=1326 audit(1761214276.139:4604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17898 comm="syz.3.4647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1054.054024][   T30] audit: type=1326 audit(1761214276.139:4605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17898 comm="syz.3.4647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1054.100169][T17899] overlayfs: option "workdir=./file0/file1" is useless in a non-upper mount, ignore
[ 1054.109221][   T30] audit: type=1326 audit(1761214276.159:4606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17898 comm="syz.3.4647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1054.123178][T17900] loop3: detected capacity change from 0 to 512
[ 1054.133746][   T30] audit: type=1326 audit(1761214276.189:4607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17898 comm="syz.3.4647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1054.139606][T17899] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1054.196356][T17906] loop1: detected capacity change from 0 to 512
[ 1054.210240][T17900] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1054.230647][T17906] EXT4-fs (loop1): Ignoring removed orlov option
[ 1054.234363][T17911] loop7: detected capacity change from 0 to 128
[ 1054.250088][T17906] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[ 1054.259550][   T30] audit: type=1326 audit(1761214276.189:4608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17898 comm="syz.3.4647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1054.288826][   T30] audit: type=1326 audit(1761214276.189:4609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17898 comm="syz.3.4647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1054.313416][T17906] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1054.322757][T17913] overlayfs: unrecognized mount option "(ÊRRûÍVÍŸ3ãd¢Q¯q" or missing value
[ 1054.334734][T17911] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1054.340733][T17906] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2228: inode #15: comm syz.1.4645: corrupted in-inode xattr
[ 1054.345706][T17911] ext4 filesystem being mounted at /122/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1054.358489][T17900] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsddf,dioread_nolock,quota,,errors=continue. Quota mode: writeback.
[ 1054.409015][T17906] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.4645: couldn't read orphan inode 15 (err -117)
[ 1054.421963][T17906] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1054.454199][T17900] ext4 filesystem being mounted at /294/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1054.509029][T17920] loop5: detected capacity change from 0 to 256
[ 1054.524209][T17900] EXT4-fs error (device loop3): ext4_lookup:1858: inode #12: comm syz.3.4647: iget: bad i_size value: 2533274857506816
[ 1054.580477][T17925] netlink: 'syz.7.4650': attribute type 13 has an invalid length.
[ 1054.711097][T17928] loop1: detected capacity change from 0 to 512
[ 1054.786056][T17928] EXT4-fs (loop1): Ignoring removed orlov option
[ 1054.983865][T17928] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[ 1055.111101][T17928] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1055.120587][T17928] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2228: inode #15: comm syz.1.4653: corrupted in-inode xattr
[ 1055.138513][T17928] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.4653: couldn't read orphan inode 15 (err -117)
[ 1055.223774][T17936] loop3: detected capacity change from 0 to 256
[ 1055.428938][T17928] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1055.637132][T17944] loop5: detected capacity change from 0 to 1024
[ 1055.672782][T17944] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1055.809336][T17944] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1055.817875][T17944] System zones: 1-12
[ 1055.824282][T17944] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1056.349317][T17951] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=17951 comm=syz.3.4659
[ 1056.377546][T17952] loop3: detected capacity change from 0 to 512
[ 1056.470937][T17952] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1056.541198][T17952] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsddf,dioread_nolock,quota,,errors=continue. Quota mode: writeback.
[ 1056.570202][T17952] ext4 filesystem being mounted at /296/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1056.607052][T17943] loop1: detected capacity change from 0 to 40427
[ 1056.625002][T17943] F2FS-fs (loop1): invalid crc value
[ 1056.647209][T17940] loop7: detected capacity change from 0 to 40427
[ 1056.654607][T17963] overlayfs: option "workdir=./file0/file1" is useless in a non-upper mount, ignore
[ 1056.673237][T17943] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1056.692598][T17965] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4068521576 (4068521576 ns) > initial count (2794446801 ns). Using initial count to start timer.
[ 1056.704792][T17940] F2FS-fs (loop7): invalid crc value
[ 1056.727214][T17963] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1056.731050][T17965] overlayfs: unrecognized mount option "(ÊRRûÍVÍŸ3ãd¢Q¯q" or missing value
[ 1056.804291][T17940] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1056.821077][T17943] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1
[ 1056.833110][T17977] loop5: detected capacity change from 0 to 128
[ 1056.839473][T17940] F2FS-fs (loop7): Cannot turn on quotas: -2 on 1
[ 1056.846459][T17940] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 1056.923446][T17979] loop3: detected capacity change from 0 to 256
[ 1057.062832][T17977] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1057.107309][T17943] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1057.107939][T17977] ext4 filesystem being mounted at /140/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1057.324490][T17983] netlink: 'syz.5.4665': attribute type 13 has an invalid length.
[ 1057.618268][T17987] loop2: detected capacity change from 0 to 512
[ 1057.650024][T15289] handle_bad_sector: 33155 callbacks suppressed
[ 1057.650044][T15289] attempt to access beyond end of device
[ 1057.650044][T15289] loop6: rw=0, want=127072, limit=40427
[ 1057.667901][T15289] attempt to access beyond end of device
[ 1057.667901][T15289] loop6: rw=0, want=127080, limit=40427
[ 1057.671624][T17987] EXT4-fs (loop2): Ignoring removed orlov option
[ 1058.192318][T17987] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[ 1058.203996][T17996] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=17996 comm=syz.3.4669
[ 1058.206539][T15289] attempt to access beyond end of device
[ 1058.206539][T15289] loop6: rw=0, want=127096, limit=40427
[ 1058.221692][T17987] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 1058.236725][T15289] attempt to access beyond end of device
[ 1058.236725][T15289] loop6: rw=0, want=127104, limit=40427
[ 1058.240362][T17987] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2228: inode #15: comm syz.2.4668: corrupted in-inode xattr
[ 1058.249560][T15289] attempt to access beyond end of device
[ 1058.249560][T15289] loop6: rw=0, want=127144, limit=40427
[ 1058.270845][T15289] attempt to access beyond end of device
[ 1058.270845][T15289] loop6: rw=0, want=127152, limit=40427
[ 1058.282065][T15289] attempt to access beyond end of device
[ 1058.282065][T15289] loop6: rw=0, want=127184, limit=40427
[ 1058.293628][T15289] attempt to access beyond end of device
[ 1058.293628][T15289] loop6: rw=0, want=127192, limit=40427
[ 1058.304812][T15289] attempt to access beyond end of device
[ 1058.304812][T15289] loop6: rw=0, want=127232, limit=40427
[ 1058.317326][T15289] attempt to access beyond end of device
[ 1058.317326][T15289] loop6: rw=0, want=127264, limit=40427
[ 1058.370071][   T30] kauditd_printk_skb: 158 callbacks suppressed
[ 1058.370088][   T30] audit: type=1326 audit(1761214280.529:4768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.3.4669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1058.665953][T17987] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.4668: couldn't read orphan inode 15 (err -117)
[ 1058.677985][   T30] audit: type=1326 audit(1761214280.529:4769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.3.4669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1058.701252][T17996] loop3: detected capacity change from 0 to 512
[ 1058.701512][T17987] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1058.734416][   T30] audit: type=1326 audit(1761214280.779:4770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.3.4669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1058.740632][T17996] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1058.758503][   T30] audit: type=1326 audit(1761214280.779:4771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.3.4669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1058.794048][   T30] audit: type=1326 audit(1761214280.779:4772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.3.4669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1058.878951][   T30] audit: type=1326 audit(1761214280.799:4773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.3.4669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1058.908087][   T30] audit: type=1326 audit(1761214280.799:4774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.3.4669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1058.909438][T17996] ==================================================================
[ 1058.931991][   T30] audit: type=1326 audit(1761214280.809:4775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.3.4669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1058.939877][T17996] BUG: KASAN: use-after-free in __ext4_iget+0x2b8/0x3d80
[ 1058.963356][   T30] audit: type=1326 audit(1761214280.809:4776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.3.4669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1058.970275][T17996] Read of size 8 at addr ffff8881322baf78 by task syz.3.4669/17996
[ 1058.970293][T17996] 
[ 1058.970299][T17996] CPU: 0 PID: 17996 Comm: syz.3.4669 Not tainted syzkaller #0
[ 1058.993761][   T30] audit: type=1326 audit(1761214280.809:4777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17995 comm="syz.3.4669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f912c5eefc9 code=0x7ffc0000
[ 1059.001566][T17996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1059.001578][T17996] Call Trace:
[ 1059.048025][T17996]  <TASK>
[ 1059.050950][T17996]  __dump_stack+0x21/0x30
[ 1059.055288][T17996]  dump_stack_lvl+0xee/0x150
[ 1059.059877][T17996]  ? show_regs_print_info+0x20/0x20
[ 1059.065079][T17996]  ? load_image+0x3a0/0x3a0
[ 1059.069665][T17996]  ? _raw_spin_lock+0x8e/0xe0
[ 1059.074337][T17996]  print_address_description+0x7f/0x2c0
[ 1059.079888][T17996]  ? __ext4_iget+0x2b8/0x3d80
[ 1059.084568][T17996]  kasan_report+0xf1/0x140
[ 1059.088984][T17996]  ? __ext4_iget+0x2b8/0x3d80
[ 1059.093659][T17996]  __asan_report_load8_noabort+0x14/0x20
[ 1059.099294][T17996]  __ext4_iget+0x2b8/0x3d80
[ 1059.103800][T17996]  ? ext4_init_orphan_info+0x155/0xf50
[ 1059.109261][T17996]  ? __kasan_check_write+0x14/0x20
[ 1059.114373][T17996]  ? _raw_write_lock+0x8e/0xe0
[ 1059.119138][T17996]  ? _raw_write_trylock+0x140/0x140
[ 1059.124336][T17996]  ? __kasan_check_write+0x14/0x20
[ 1059.129447][T17996]  ? ext4_get_projid+0x140/0x140
[ 1059.134389][T17996]  ? _raw_write_unlock+0x2b/0x60
[ 1059.139324][T17996]  ? ext4_orphan_file_block_trigger+0x400/0x400
[ 1059.145564][T17996]  ext4_enable_quotas+0x33b/0x6d0
[ 1059.150590][T17996]  ext4_fill_super+0x87c3/0x9090
[ 1059.155535][T17996]  ? ext4_mount+0x40/0x40
[ 1059.159858][T17996]  ? set_blocksize+0x1fc/0x380
[ 1059.164706][T17996]  ? sb_set_blocksize+0xaa/0xf0
[ 1059.169553][T17996]  ? ext4_mount+0x40/0x40
[ 1059.173878][T17996]  mount_bdev+0x2ae/0x3e0
[ 1059.178208][T17996]  ? ext4_mount+0x40/0x40
[ 1059.182538][T17996]  ext4_mount+0x34/0x40
[ 1059.186693][T17996]  legacy_get_tree+0xed/0x190
[ 1059.191368][T17996]  ? ext4_errno_to_code+0x160/0x160
[ 1059.196562][T17996]  vfs_get_tree+0x89/0x260
[ 1059.200979][T17996]  do_new_mount+0x25a/0xa20
[ 1059.205580][T17996]  path_mount+0x675/0x1020
[ 1059.209999][T17996]  ? user_path_at_empty+0x161/0x1c0
[ 1059.215313][T17996]  __se_sys_mount+0x318/0x380
[ 1059.219997][T17996]  ? __x64_sys_mount+0xd0/0xd0
[ 1059.224762][T17996]  ? __secure_computing+0xea/0x290
[ 1059.229967][T17996]  __x64_sys_mount+0xbf/0xd0
[ 1059.234574][T17996]  x64_sys_call+0x6bf/0x9a0
[ 1059.239082][T17996]  do_syscall_64+0x4c/0xa0
[ 1059.243500][T17996]  ? clear_bhb_loop+0x50/0xa0
[ 1059.248173][T17996]  ? clear_bhb_loop+0x50/0xa0
[ 1059.252849][T17996]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1059.258743][T17996] RIP: 0033:0x7f912c5f076a
[ 1059.263158][T17996] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1059.282855][T17996] RSP: 002b:00007f912b056e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1059.291270][T17996] RAX: ffffffffffffffda RBX: 00007f912b056ef0 RCX: 00007f912c5f076a
[ 1059.299247][T17996] RDX: 0000200000000180 RSI: 0000200000000040 RDI: 00007f912b056eb0
[ 1059.307219][T17996] RBP: 0000200000000180 R08: 00007f912b056ef0 R09: 0000000002210886
[ 1059.315218][T17996] R10: 0000000002210886 R11: 0000000000000246 R12: 0000200000000040
[ 1059.323197][T17996] R13: 00007f912b056eb0 R14: 00000000000004fa R15: 00002000000001c0
[ 1059.331362][T17996]  </TASK>
[ 1059.334376][T17996] 
[ 1059.336693][T17996] Allocated by task 17940:
[ 1059.341107][T17996]  __kasan_slab_alloc+0xbd/0xf0
[ 1059.345965][T17996]  slab_post_alloc_hook+0x4f/0x2b0
[ 1059.351075][T17996]  kmem_cache_alloc+0xf7/0x260
[ 1059.355839][T17996]  f2fs_alloc_inode+0x26/0x330
[ 1059.360598][T17996]  new_inode_pseudo+0x62/0x210
[ 1059.365363][T17996]  new_inode+0x28/0x1e0
[ 1059.369524][T17996]  f2fs_new_inode+0xd2/0x12b0
[ 1059.374198][T17996]  __f2fs_tmpfile+0xae/0x380
[ 1059.378789][T17996]  f2fs_rename2+0x8b2/0x2370
[ 1059.383376][T17996]  vfs_rename+0xbb6/0x10d0
[ 1059.387787][T17996]  do_renameat2+0x7ed/0xf60
[ 1059.392287][T17996]  __x64_sys_renameat2+0xd8/0xf0
[ 1059.397219][T17996]  x64_sys_call+0x258/0x9a0
[ 1059.401721][T17996]  do_syscall_64+0x4c/0xa0
[ 1059.406134][T17996]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1059.412026][T17996] 
[ 1059.414338][T17996] Freed by task 13:
[ 1059.418131][T17996]  kasan_set_track+0x4a/0x70
[ 1059.422716][T17996]  kasan_set_free_info+0x23/0x40
[ 1059.427645][T17996]  ____kasan_slab_free+0x125/0x160
[ 1059.432794][T17996]  __kasan_slab_free+0x11/0x20
[ 1059.437553][T17996]  slab_free_freelist_hook+0xc2/0x190
[ 1059.442925][T17996]  kmem_cache_free+0x100/0x320
[ 1059.447689][T17996]  f2fs_free_inode+0x24/0x30
[ 1059.452277][T17996]  i_callback+0x4c/0x70
[ 1059.456429][T17996]  rcu_do_batch+0x51d/0xba0
[ 1059.460932][T17996]  rcu_core+0x5e4/0xf80
[ 1059.465130][T17996]  rcu_core_si+0x9/0x10
[ 1059.469286][T17996]  handle_softirqs+0x250/0x560
[ 1059.474049][T17996]  run_ksoftirqd+0x28/0x40
[ 1059.478462][T17996]  smpboot_thread_fn+0x45a/0x8c0
[ 1059.483498][T17996]  kthread+0x411/0x500
[ 1059.487562][T17996]  ret_from_fork+0x1f/0x30
[ 1059.491971][T17996] 
[ 1059.494285][T17996] Last potentially related work creation:
[ 1059.499998][T17996]  kasan_save_stack+0x3a/0x60
[ 1059.504672][T17996]  __kasan_record_aux_stack+0xd2/0x100
[ 1059.510125][T17996]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1059.515932][T17996]  call_rcu+0x105/0xfe0
[ 1059.520087][T17996]  evict+0x7da/0x870
[ 1059.523977][T17996]  evict_inodes+0x5de/0x650
[ 1059.528478][T17996]  generic_shutdown_super+0x96/0x330
[ 1059.533758][T17996]  kill_block_super+0x7f/0xf0
[ 1059.538432][T17996]  kill_f2fs_super+0x2e7/0x390
[ 1059.543212][T17996]  deactivate_locked_super+0xa0/0x100
[ 1059.548584][T17996]  deactivate_super+0xaf/0xe0
[ 1059.553253][T17996]  cleanup_mnt+0x446/0x500
[ 1059.557668][T17996]  __cleanup_mnt+0x19/0x20
[ 1059.562078][T17996]  task_work_run+0x127/0x190
[ 1059.566673][T17996]  exit_to_user_mode_loop+0xd0/0xe0
[ 1059.571869][T17996]  exit_to_user_mode_prepare+0x87/0xd0
[ 1059.577328][T17996]  syscall_exit_to_user_mode+0x1a/0x30
[ 1059.582784][T17996]  do_syscall_64+0x58/0xa0
[ 1059.587209][T17996]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1059.593106][T17996] 
[ 1059.595416][T17996] Second to last potentially related work creation:
[ 1059.601987][T17996]  kasan_save_stack+0x3a/0x60
[ 1059.606662][T17996]  __kasan_record_aux_stack+0xd2/0x100
[ 1059.612137][T17996]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1059.617942][T17996]  call_rcu+0x105/0xfe0
[ 1059.622095][T17996]  evict+0x7da/0x870
[ 1059.625992][T17996]  evict_inodes+0x5de/0x650
[ 1059.630489][T17996]  generic_shutdown_super+0x96/0x330
[ 1059.635771][T17996]  kill_block_super+0x7f/0xf0
[ 1059.640448][T17996]  kill_f2fs_super+0x2e7/0x390
[ 1059.645211][T17996]  deactivate_locked_super+0xa0/0x100
[ 1059.650600][T17996]  deactivate_super+0xaf/0xe0
[ 1059.655277][T17996]  cleanup_mnt+0x446/0x500
[ 1059.659694][T17996]  __cleanup_mnt+0x19/0x20
[ 1059.664108][T17996]  task_work_run+0x127/0x190
[ 1059.668691][T17996]  exit_to_user_mode_loop+0xd0/0xe0
[ 1059.673891][T17996]  exit_to_user_mode_prepare+0x87/0xd0
[ 1059.679348][T17996]  syscall_exit_to_user_mode+0x1a/0x30
[ 1059.684804][T17996]  do_syscall_64+0x58/0xa0
[ 1059.689303][T17996]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1059.695200][T17996] 
[ 1059.697533][T17996] The buggy address belongs to the object at ffff8881322baa70
[ 1059.697533][T17996]  which belongs to the cache f2fs_inode_cache of size 1424
[ 1059.712104][T17996] The buggy address is located 1288 bytes inside of
[ 1059.712104][T17996]  1424-byte region [ffff8881322baa70, ffff8881322bb000)
[ 1059.725648][T17996] The buggy address belongs to the page:
[ 1059.731268][T17996] page:ffffea0004c8ae00 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8881322be100 pfn:0x1322b8
[ 1059.742806][T17996] head:ffffea0004c8ae00 order:3 compound_mapcount:0 compound_pincount:0
[ 1059.751124][T17996] flags: 0x4000000000010200(slab|head|zone=1)
[ 1059.757213][T17996] raw: 4000000000010200 0000000000000000 0000000100000001 ffff8881081f6a80
[ 1059.765796][T17996] raw: ffff8881322be100 000000008015000f 00000001ffffffff 0000000000000000
[ 1059.774370][T17996] page dumped because: kasan: bad access detected
[ 1059.780768][T17996] page_owner tracks the page as allocated
[ 1059.786474][T17996] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 1613, ts 96844894366, free_ts 73590146250
[ 1059.807921][T17996]  post_alloc_hook+0x192/0x1b0
[ 1059.812700][T17996]  prep_new_page+0x1c/0x110
[ 1059.817208][T17996]  get_page_from_freelist+0x2cc5/0x2d50
[ 1059.822761][T17996]  __alloc_pages+0x18f/0x440
[ 1059.827353][T17996]  new_slab+0xa1/0x4d0
[ 1059.831422][T17996]  ___slab_alloc+0x381/0x810
[ 1059.836010][T17996]  __slab_alloc+0x49/0x90
[ 1059.840338][T17996]  kmem_cache_alloc+0x138/0x260
[ 1059.845189][T17996]  f2fs_alloc_inode+0x26/0x330
[ 1059.849957][T17996]  iget_locked+0x16c/0x7e0
[ 1059.854368][T17996]  f2fs_iget+0x55/0x5230
[ 1059.858612][T17996]  f2fs_fill_super+0x46a7/0x6d10
[ 1059.863547][T17996]  mount_bdev+0x2ae/0x3e0
[ 1059.867873][T17996]  f2fs_mount+0x34/0x40
[ 1059.872023][T17996]  legacy_get_tree+0xed/0x190
[ 1059.876696][T17996]  vfs_get_tree+0x89/0x260
[ 1059.881107][T17996] page last free stack trace:
[ 1059.885769][T17996]  free_unref_page_prepare+0x542/0x550
[ 1059.891228][T17996]  free_unref_page+0xa2/0x550
[ 1059.895906][T17996]  __free_pages+0x6c/0x100
[ 1059.900330][T17996]  __free_slab+0xe8/0x1e0
[ 1059.904669][T17996]  discard_slab+0x29/0x40
[ 1059.909000][T17996]  __slab_free+0x211/0x290
[ 1059.913412][T17996]  ___cache_free+0x104/0x120
[ 1059.918001][T17996]  qlink_free+0x4d/0x90
[ 1059.922162][T17996]  qlist_free_all+0x5f/0xb0
[ 1059.926671][T17996]  kasan_quarantine_reduce+0x14a/0x170
[ 1059.932133][T17996]  __kasan_slab_alloc+0x2f/0xf0
[ 1059.936989][T17996]  slab_post_alloc_hook+0x4f/0x2b0
[ 1059.942104][T17996]  kmem_cache_alloc_trace+0xfb/0x270
[ 1059.947401][T17996]  usb_control_msg+0x74/0x3f0
[ 1059.952073][T17996]  usbhid_parse+0x696/0xc70
[ 1059.956571][T17996]  hid_add_device+0x11b/0x4b0
[ 1059.961253][T17996] 
[ 1059.963566][T17996] Memory state around the buggy address:
[ 1059.969188][T17996]  ffff8881322bae00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1059.977249][T17996]  ffff8881322bae80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1059.985305][T17996] >ffff8881322baf00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1059.993360][T17996]                                                                 ^
[ 1060.001331][T17996]  ffff8881322baf80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1060.009389][T17996]  ffff8881322bb000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1060.017448][T17996] ==================================================================
[ 1060.025507][T17996] Disabling lock debugging due to kernel taint
[ 1060.167870][T18010] loop7: detected capacity change from 0 to 1024
[ 1060.253024][T18010] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1060.334689][T17996] EXT4-fs error (device loop3): ext4_quota_enable:6408: inode #3: comm syz.3.4669: unexpected EA_INODE flag
[ 1060.412375][T18010] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1060.420876][T18010] System zones: 1-12
[ 1060.427384][T18010] EXT4-fs (loop7): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1060.724014][T17996] EXT4-fs error (device loop3): ext4_quota_enable:6411: comm syz.3.4669: Bad quota inode: 3, type: 0
[ 1060.747046][T17996] EXT4-fs warning (device loop3): ext4_enable_quotas:6452: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[ 1060.802000][T17996] EXT4-fs (loop3): mount failed
[ 1060.825537][T18017] loop2: detected capacity change from 0 to 1024
[ 1060.884945][T18017] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1060.920291][T18017] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c028, mo2=0003]
[ 1060.928486][T18017] System zones: 1-12
[ 1060.933715][T18017] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,jqfmt=vfsold,delalloc,data_err=ignore,usrjquota=,data_err=ignore,debug,noblock_validity,user_xattr,block_validity,errors=remount-ro,. Quota mode: none.
[ 1061.107342][T18022] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4674'.
[ 1062.660013][T15289] handle_bad_sector: 118377 callbacks suppressed
[ 1062.660030][T15289] attempt to access beyond end of device
[ 1062.660030][T15289] loop6: rw=524288, want=130184, limit=40427
[ 1062.678098][T15289] attempt to access beyond end of device
[ 1062.678098][T15289] loop6: rw=524288, want=130192, limit=40427
[ 1062.689620][T15289] attempt to access beyond end of device
[ 1062.689620][T15289] loop6: rw=524288, want=130224, limit=40427
[ 1062.701145][T15289] attempt to access beyond end of device
[ 1062.701145][T15289] loop6: rw=524288, want=130240, limit=40427
[ 1062.712701][T15289] attempt to access beyond end of device
[ 1062.712701][T15289] loop6: rw=524288, want=130280, limit=40427
[ 1062.724321][T15289] attempt to access beyond end of device
[ 1062.724321][T15289] loop6: rw=524288, want=130288, limit=40427
[ 1062.735905][T15289] attempt to access beyond end of device
[ 1062.735905][T15289] loop6: rw=524288, want=130296, limit=40427
[ 1062.747426][T15289] attempt to access beyond end of device
[ 1062.747426][T15289] loop6: rw=524288, want=130304, limit=40427
[ 1062.758937][T15289] attempt to access beyond end of device
[ 1062.758937][T15289] loop6: rw=524288, want=130320, limit=40427
[ 1062.770594][T15289] attempt to access beyond end of device
[ 1062.770594][T15289] loop6: rw=524288, want=130328, limit=40427
[ 1067.670005][T15289] handle_bad_sector: 308145 callbacks suppressed
[ 1067.670021][T15289] attempt to access beyond end of device
[ 1067.670021][T15289] loop6: rw=524288, want=130688, limit=40427
[ 1067.687859][T15289] attempt to access beyond end of device
[ 1067.687859][T15289] loop6: rw=524288, want=130696, limit=40427
[ 1067.699413][T15289] attempt to access beyond end of device
[ 1067.699413][T15289] loop6: rw=524288, want=130720, limit=40427
[ 1067.710921][T15289] attempt to access beyond end of device
[ 1067.710921][T15289] loop6: rw=524288, want=130728, limit=40427
[ 1067.722423][T15289] attempt to access beyond end of device
[ 1067.722423][T15289] loop6: rw=524288, want=130736, limit=40427
[ 1067.733929][T15289] attempt to access beyond end of device
[ 1067.733929][T15289] loop6: rw=524288, want=130760, limit=40427
[ 1067.745458][T15289] attempt to access beyond end of device
[ 1067.745458][T15289] loop6: rw=524288, want=130784, limit=40427
[ 1067.756999][T15289] attempt to access beyond end of device
[ 1067.756999][T15289] loop6: rw=524288, want=130792, limit=40427
[ 1067.768536][T15289] attempt to access beyond end of device
[ 1067.768536][T15289] loop6: rw=524288, want=130832, limit=40427
[ 1067.780300][T15289] attempt to access beyond end of device
[ 1067.780300][T15289] loop6: rw=524288, want=130856, limit=40427