last executing test programs:

23.497656007s ago: executing program 4 (id=1223):
r0 = syz_open_dev$vcsa(&(0x7f0000000000), 0x7fff, 0x511002)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r0, 0x8008f511, &(0x7f0000000040))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0x0)
setuid(0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x1, 0x3, 0x7fff0001}]})
write$UHID_INPUT(r1, 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000001c0)=@filter={'filter\x00', 0x42, 0x4, 0x370, 0xffffffff, 0xf8, 0xf8, 0x1b8, 0xffffffff, 0xffffffff, 0x2d8, 0x2d8, 0x2d8, 0xffffffff, 0x4, 0x0, {[{{@ip={@empty, @loopback, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {}, 0x11}, 0x0, 0xd0, 0xf8, 0x0, {0x100000000000000}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x2, 0x0, 0xf}}, @common=@unspec=@connmark={{0x30}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@unspec=@state={{0x28}, {0x7}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@ip={@multicast2, @private=0xa010102, 0x0, 0x0, 'veth1_virt_wifi\x00', '\x00', {}, {}, 0x0, 0x1}, 0x0, 0xe0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00', 0x0, 0x9}}, @common=@socket0={{0x20}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3d0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f00000004c0)=ANY=[@ANYBLOB="6e6f626172726965722c6e6f657874656e745f63616368652c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474720000693a653d3078303030303030303030303030303766662c736d61636b6673726f6f080000006673f52b00e58abba2d0cc27be339f6f4fe5ad35a724e1531a622f050000008586eb5ba3614d2c24abf5a2614c0f111e057112dafd66336a5e3b6512b81cda80be6e9a34ccc2b88c0100008000000000e3f5def862b95c20ee847008000b0c22653d2ff39b36732e46b56357afe57094f42ba61c5e8b4e184d7dd50000000000000000c0469264c247cd3c7fcb39043dda97538456bc294ae31e525d3b664cf8e83b52b1885b866b58698b3f132aced62a4fc7c8c400b805173d7488a35708d2523190c0014689f57be6ee3f5d28935a0000000000000000000000000000000000000059c1403d010001008ab61fa90695a8b268c277645c1e357ec9316354f659d4244fe126a8364eaa0de6bf4ba21c767782a04bdbb8c86d0cc7e3f03f8ef15c0ee311768cccb8affb0ae5d7cd0000000097676c046a6c754c98dd5f400ad99a588d983ae6e07b4e0e0907266aca53b30a815a84295fb5eab2f263613d36994dc15562892c33ed149270907e9c2e4d0cac7dd9735621a0c6768d4f70c664699157854bb1b85ce3f6ea44456e4f1ae1575315d77f2b995ce4d6ce21b17ca891c155ddd9916e997c32e78231e8d54675e4edf480980023b9736180ff98cf93f888eb70abb728b7e91a5d75b7e43e54f92b6e679249576f12533bef1c93aa993977f15c0a7b595423444db6e87480c46c408f6d48afa1ba"], 0x1, 0x5514, &(0x7f0000005d80)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DCJmy67aK3qrv4gV3KqgdPmiZpyG6SKU2a1p48eBQPnv0nRMGTR/8GD569iQfFm6BkZqpbP8ClSWPb3w8mz7xv3jzzvGFZeGZKAjiz5pNffirFtbgUEbMRcTUiOy8VR2Y1D89FxPWImHnsKBXzf0ycj4jLEXFtlDzPWSre+vTm8MbKj2/8/PW3F85d+fyr76a3a2Dano+I7lZ+vtvNY9rK48NivjZsZ7G7PCxi/kb3UTFO87jb3Mgy7NYO1tWyeLuVr0+3dvqjuNmp1Uex1d7M5rd6+QX7w9ZBnuwDD2vb2bjR3Mhiu59msbWf17W3n//ftt8f5HkaRb4PsvQxGBzEfL6518z3s/Uoi/XeoJjP86aN5t4oDotYXC7qaaeR1bFxlG/6/+3Ndm9nLxk2t/vttJesVKovVKp3ytXttNEcNJfLtW7jznKy0OqMlpUHzVp3tZWmrU6zUk+7i8lCq14vV6vJwt3mRrvWS6rVyu3KrfLKYnF2M3n1/jtJp5EsjOLL7d7OoN3pJ5vpdpJ/YjFZqtx+cTG5UU3eWltP1h/cu7e2/vZ7d9+9/9La668Ui/5WVrKwdGtpqVy9VV6qLp6h/X9UFD3G/cORlJ5s+YVJ1QFwguj/gWmYXP+//SBi8v1/6P/H4kT1vxPr/z87s/uHI3nC/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNPj+7kvXstO5vPxlWL+qWLqmWJcioiZiPjtH8zG+UM5Z4s8c/+yfu4vNXxTiizD6BoXiuNyRKwWx69PT/pbAAAAgNPryw+vf5J36/nL/LQL4jjlN21mrr4/pnyliJib/2FM2WZGL8+OKVn27/tc7I0pW3YD6+KYkuW33M6NK9t/MnsoXHwslPIwc6zlAAAAx+JwJ3C8XQgAAADH6eNpF8B0lOLgUebBs+DsL+//fCB46dAIAAAAOIFK0y4AAAAAmLis//f7fwAAAHC65b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7lpA1EcgJ8NLvSfiqru26N0B8foEbrssuIAvQRHoFfIBTgD2eUIEUR4HBSiJIrisa2Q75PMMBb8/IzwYmakAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALp0Wa0X//9+/9c2Z7dv54WX/dG2bgAAAHgLttV6Ub+Zpf7H5vzn5tTXpl9ERBkRD43dR/HuJHPU5FSPfL66V8NFRJ1wuMakOT5ExM/muP7S9a8AAAAA52uzXM3TaD29zIYuiD6lSZvy069MeUVEVLOrTGnlIe9bprD6/z2OP5nS6gmsaaawNOU2zpX2LPXjfpy1m95pitSUT38/270DAAA9Gp00/Y5CAAAA6NPvoQtgGEXcLmUelwInqWmW996f9AAAAIBXqBi6AAAAAKBz9fjf/n8AAABw3tL+fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHRpW60Xm+Vq3jZnt28nz90AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADfvzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9tCoAgEIbBrezrX3j/w8YLeoYIZkB42EVBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBH7hnLOLXO2BJPVbVME3vGvaqOrBJnVokrF/p4sPUPfwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMvO/bzGUcUBAH8zs7NJq+IaZQ8RseBBLzbd1tbexIMSPPgnCCHd1titP9ocbClCLt4k515EjyKCEm/9H3puoZd662EPFTxX5lcy+XFYhZ3ZZD8fePO+Mwzzvm8WQr77XgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsM/5wL06yQ6+I4/Law2d317P+0YE+c3/78XLWsjhqMunj4Y36SdSvnSw2nwwAAADzIanq+xDCk3RnNevjXl7/p9U9Wc3/00tFXNXzB+v+qq9q/6z9+cfT13YH6hXjZA+9ujEanjucSmd6s5xhz1+e4KZO/ubz716S/AOJP9l6dZzm7zP64cGDj7p5uDD9dAGA/+ds1ZdB9ftQ1g/aTAyAudGpFd5V/Z/02s0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAnjrfBCFUchhOXOXpx59Ozu+lH9/e3Hy1W7dO/edv2Z2SPSEMLVjdHwXFhscDaz7dbtO9fXRqPhzeaDN0MIbY3+QTn9659NcHMIU0rjTEtvfs6CuPywZyWf4xG0+EMJAIATKS1bVtc/SXdWs2vRUgjPf95f/79di8OE9f/Tzy89rI9Vr/8Hjc1w9q1s3vh65dbtO+9u3Fi7Nrw2/PK984P3BxcuX7x4eSX/rqQ4tp0mAAAAx1i3bPX6P146vP5/uhaHCev/b34cfFcfK1H/H2lv0a/tTAAAAObbK2f++Ts64nrU7YZv1zY3bw6K4+75+eLYQqr/2ULZ6vV/stR2VgAAAEATxlvRvvX/K7U4TLj+/+Ivr/9Wf2YSQjhVrv+fXf9qdKW56cy0qfzx8EL5cDsLAAAAKOvxUwfW/9N8/3+8u+UhDiG881YRl/8GcKL6P/n4+1/rY9X3/19oboozKe4X7yPv+yF0+m1nBAAAwEm2mLdeXv//le6sfvH76U+79v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANO3fAAAA///FdTwZ")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
fdatasync(r4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$inet6(0xa, 0x80003, 0x6)
sendmmsg(r5, &(0x7f0000000480), 0x2e9, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r3, 0xc020662a, &(0x7f0000000880)={0x200000000000, 0x8, 0x3, 0x2000, 0x6, 0x0, [{0x1, 0x32, 0x8, '\x00', 0x1a89}, {0x2, 0xe, 0x3, '\x00', 0x102}, {0x10000, 0x40000000000, 0x0, '\x00', 0x1000}, {0x0, 0x7fffffff, 0x956, '\x00', 0x200}, {0x2, 0xfffffffffffffff8, 0x4d0, '\x00', 0x2002}, {0x212, 0xb826, 0x1, '\x00', 0x180}]})
sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000a00)=ANY=[@ANYRESOCT=r2], 0x10}}, 0x4000040)
connect$inet6(r5, &(0x7f0000000180)={0xa, 0x4e20, 0xffffffff, @empty, 0x5}, 0x1c)
syz_emit_ethernet(0x2e, &(0x7f0000000780)=ANY=[@ANYBLOB="aaaaaaaa430814870a26e5122288aaaaefdd0ec57a040800462e0020006a0000080190780a0101027f00000144043c830800907800050009b6b7e44a37404867daf2b46cb929de88232606cd17780c0a9067c5a204000000000000001204e12ec0de10ef54efe7fc5e762ed08aed171da8dfb3f5ca41428d9cb63505c8e500000000"], 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)

22.667412666s ago: executing program 1 (id=1226):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
close(r1)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
ioctl$sock_SIOCBRDELBR(r5, 0x89a2, &(0x7f0000000000)='bridge0\x00')
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newlink={0x20, 0x10, 0x44b, 0x70bd2d, 0x0, {0x7a, 0x0, 0x0, r7, 0xd84e2d4e0a85ad5b}}, 0x20}, 0x1, 0x0, 0x0, 0x40005}, 0x0)
syz_emit_ethernet(0x5a, &(0x7f0000000340)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x1b}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}, @val={@void, {0x8035, 0x7, 0x0, 0x3}}, {@canfd={0xd, {{0x3, 0x1}, 0x19, 0x0, 0x0, 0x0, "185dbb1cd7b284fee8cba2a31982503227a0ff346406455075b841f871b84b9dff1af3ba0a3fbfba7671ea11278096e5abfb374f6a01ec216cdde1aba35ee5e3"}}}}, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'bond_slave_1\x00', &(0x7f0000000000)=@ethtool_gfeatures={0x3a, 0x4, [{}, {}, {}, {}]}})

21.433230178s ago: executing program 1 (id=1229):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x29, 0x9, 0xffffffff90adedc4, 0x0, 0x3, 0x0, 0x4, 0x0, 0x0, 0x10}}, 0x50)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x18)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000083c0)="c91443d5daaf04b192358b692f84d66c60492a57cffd585b0068ccde45d94ded1e86d3670791c21f8e0b2153d10d45d37b72ee2fa06ad61b0a9354045a8dae1bd1cfb49f3c11fe54c17eee632d95574681e6c472eb8a1beaf3a4b88561847a0a0f05fa4a26639d7e74a0c1c2790d6a59d4073b1c55539b7c21b8550efbd5f835c56642f4be57d170e36a6bf3a995f418554f0cab342769089d0777b28daad5c0c4ba56a0bd6c0515d9bf488fdcf49a9a7bbfcf5ad78733f8119f2568daefbd0985a9916c0d048e38765cc7bb1c82e0f3c81d98e7179ec782331bc3cfb2caf58a99668420795e6a00ef41dcf5283bbb61ebaedbb7a675be4fb2d11c31f9b76936d1112c68978c73f42e145b094490d748c1456a14c23fe25e2fdaeaaa7dc0d35dcc9bbfe86361f99f4d04090d1e66aa9714ee9f4608ad66c60f500bf06a1b5b90fbe2f6c42c4b5f337393b0bb201473712c48f898c514fff84c46b50d3aaf44578f41d312bb5a73526db7818617dcb938ebdb17f92423ca2cf7ea2c611483e0baff012fd97e28558317049e4fe2d27f72796d7260b33900cd61f984c087d3c54f6aa11e389a49069ef99ca86c279598b42dd3485f09fc7e119f707438498316cf2f2bc8a293eeb1a35635989327d4f6c9ba6b2d5b9b8ee89a1e13d538b954479663223bb704af6a63ee497734410ea43bfdb0ad3708cb7155df2432c44e8468a7b77b807d345c9b94fedadfdeba12f4b6d11d16fd6dd5fff6cf896d0f40785ffca538dae61d8a5ffee814e96628cd945553e788b8d915762ca3b40124149b3c186ddd5f7af5b75f4725444f2f7e54b999c93e8c5fd4d4fbd7a3b3d7e85df3053c866f1dd247cac6912ed8b0e491101ca5a0b999a21014b573ba3996c76065c9d8bebf431f8be6435837193efd6e5a565b2ced30d04355435f166b09f9dc91ee50412d0daf72b28ec14c505cb155de1a46362f140ac2b633fa42b12109f0a29fa8ba271d6fc2a77af3b16032ee46b3ddead76a481ef52f6bd25cab4494681f0abc2ffc60ebb36cffcc058a067fcdae6c9de670cd6fde6eb8086a65fc05df17cf69f654516ba30ee04a1427b40fb8e81fe46787d557046854ad342442bacd781c7a6063892402fb0d765397448991206b28193e20f285e50d9219ace39b311e572ebcd80702164315656e7fa92960d0fd28c6489406f0b3061218417548e7e78b8aaaf5a623eb47c92aebfebd1c78343bc781f184e0122a28f56b18832da5646ee8405fa2fc040ab30377c447b42d0bfdddc65e064ccdf1ad52a94309a819caeb523e22b25d1ba288b7f2c726290d50021b9839c5d3c471aadb08025d97619935a9880942cf653508a0b2c43838e5aada8b84d22042928dd372dedec14672266ddceb0744c7464ab282d7fbfb2767e891832aa25d1425b33a60c6894a8d5292fdd73e05a868b8e50cb1a412d1249a77ccfc3d3eb35a67221f80bb8960fd93ceb74e102f2a6946b50caae3ccb86a8ec441d6e58dbf24b3eb962c8a28cffeded9b7cf4a54f524a1ef49fbdc91e125aad65a54df6a0f10cd8799f48aa144f7aec977b4a347c5c9628c4805ecf71f305adc9e5ca7c1f313f9ea3e99b3590efd94d831e1ff5cd7a26b72281109547facfa3abac2cfc9177b117a3757b778e95b5069236abb25d8fb032c38d296f87388fdd364b491cb828732177a2c6bcaaf831d138c898bb60c0d9d8a02d8b4b8e7efa87d3ed66221ac52e31ba9c2da488b999eaf82994bc8f1ac29d5e60b8b1cdc30a1c9829aca1cd7881c8aaac9ede0f5d8b85538d2b13751cfc6b37587b0223b9f6b6dd9340753106b1eecdf4f63c51cc2c63a1f86235bad7602e115d1e0ed78a6b170b88eb9584d2098b187695627612189998171d245797391b2b79bb690a79dac4b769e3f18c4d49359f7b460d997c03c793f51a830d5b21faed2ae1c3eb0fce0cdadde3c789ec931b6397c2a2fb2eda87756fec031e5f50f07619130f8e39f1e00004a1f204e5d87780542bdedf0b1ca5168779ad7cb2ebf27e0a5d760a2492b4d92eab24f2bc9af0a3e51140c415a6f885d0faa38ee6dcffc41652b28e628b859db0e7a0f961e37c5806df137e68c5316667f36051eb05c971e208721fdb8a49b8c49f85114be9dd7288f4e95c5f6fb8c1bc1bc7d79f32ba5419d90130a0328ba70d10c770a1540718f7d890dba9c39a116623d492275a1268c91149bfe026ca1c6a458449d4004d653f4b0a234eacd1f4da495fd1f936b4b335f64514fc8091b1dab132f599e26cb127e25011efa30a922b5a3e8807db9a00a9cc732fd323708767c905c8a3cd53e2e8d377d3b43cb971cbd0e66e2e47f3d601d49e29941b2ea4d3c8b7f5698e1a633ebba00f6c178d6d04b9f1544f04cd173e2d49f129a8725a647e1a9e798b5581c6a461b585012a302353178188e55f8102a49343c9c370ee505d09e4be8580d95f5bf39267b00e93adb6b52b2029160d78ac271e4e0c70ed835484e80302b93efd599707d4d22c806476fd04d18ebd6a9bf88c11dc2c96041ac8c3e04ac0aa5d2ac6740972717b543fb871884a7a0434a433571fd621977777984ea9c06914be966da9f349cb1ef3a116c49f0c716eae1df118cd3d5b350b917c06d853c1e1514213f5a29071e42eecee264ff20529c53c3a060a18a680ade2a08b4549e6998f06e61e4f4c36d578e9ad83dd38d1eeb100e7ab023edb38426d5165b867b9507a6b644aa0322da335b208105f2e74a9841ea7c629ea20cef740f6364e9d84a4485d3bb6b5f4e14c7764f78b65c0647870638a8f618381ec0823faed0424a448f753a59fb22e5138e0ca537b6935befb99fc6eea2d9457c01345afbbaaf3a7a96a39478b222af322f86730d137c3f570b38c7363bb9a89bb4b3b8979b9afd232927becbc91c8d4a276febe47bacd4a84c0bfdd54e685080f2c3be0b1e37bc6d21b13b7b1bfd507880f6ad7fa39bf99eaf6b7088d758d9383e38326381088e9e3e792f75d682cf61cf1176953960b0e160b2a535495d52c28f14fa45ed7a3f91e219dcd05afdda2b7e6c1b742b29f6c5f62a040a5fe6606433fce7de757ed76372dfc0b1af9af10c0128bcd335eff1c6c9660b0893730c3ef8de6e50dba419b35d1766eb9a5dce4c2fa518f8e3e2a27855e04d06b89e97578a4406ac03f3314575143db5e43ae3d03a7e90a590b4c188a5acbe1cf23cd4cf60ca98248d4e740122a55ac6e463511b4c4cd47040aafc0bed7878348a4caad4d977671cf4ac319773767ee28f8ccc4c9deae531b029eff5345470f20865549b2f2c4089306304e13e42ca37fbca6839bbcd2f10bd20c81d44ab73ad5ffcc55f51b53efb00d3c68d8d8505e005247ba23e86a803b199f36447fd01f192994b2fa27c9db59ae66b56b30c1ae5cd717407068a9b13ca941b82db254f4ecdbd1751a3f8f1061031bb41af5c04a33ffc98509f456830cf3c94c14451f04d84844e41c618e82958710d07daeba666329b914f2cc7c1d34ffbf6b50620b7c78c25c5d82a5aadcc4d824b3b68c34231fa7c0befe5241c447f90111c55848feed9d1ee67f61095ec2c0b4ac82f5cf169201516082a804c9d1775990d430d21bc65877041905caf385918f44191c134e493d960724b28f01e79fbf3b99eac1e75fbc8ab8dcfdd98b573fa6d7e6a6ead6b15ed78e2a8d564f61d8c52be8104306c104146696e16c9e9bff79a5fc1d92326cf0f2ff5e5c5c252773f2bd2c554bc409aaec03055f71d439daebc1d8b06c9ca0e1fe4729e8e6119616e8fb861b1e2694d1df267cbc496ba4a87013c3317a16b4c1e369748507794a20ad06aad20e4dbfc1834d789d2a8e9395ddad33a74c6c7cf54e61e533cae228909536eba8020f0c3845d2063270cae4d8e8dd8cfe3f112c46751444546ced9f6434741656dcda2185be13eebcc0392c256f384fc16353e89cbdeef8fb2e3cadc1ed2142f3b6485dc2d540fe799d027413128f624aaf8bc1933d3a0e6a954931bfc914921dec7ec822a31ebb652d4f312ab4068cedc6203b0de98e60c5f82296a3482132b288ba0a8eabdd8ac40faf145928e7563dbcb14d0625c92b542860993bb0388d8390dae727ae4086d4de1b7fea9d79f4844374bcd67fa5e1a3a28cd6d8da3f171fcf9d13062bb149fde18917c6650cdfa2be8de33b556ad34fad454db13a446e8a7c40167117e884d874c786768975df0b201ea0077ba735d31d65a832dc122d13c6559601b83899af1f14808f55f077ad465ed61378c63abff3ad742691168fe1e31bfd0dbb9f43d364ddf0bb185f69e69110c9eb1ab808354fdd2cf571838d5ec63bac3d70ca40878dc3c3cea26adffd5a197206d7c80d6a86c202338e72f17dc7185e1df0cfefa9475a2156738f90c6410c1698d1a160fd396548323c796ec5dca3cd59e468ff6a14caf34b4fdb16f1c92acb6bff2e859f9de1266dea0d1828598319b40a3edef657be02188fc94490c1da088d3ec2f315d6b5bb2f262764b67ba321379f4c93bb3ef9bc7db0c0e5f1e680ebfa84463e904d5351ecf25d1d22a98f81f7a1fc4c4fee3934b7672661f0bcd94109706644d0fdac4b7933b5db2acf39b98c0a8106a7a757408404a4c299a077379458e2118fb0a53b798adc1b85d3eb20b539e572741b9855e44a545809f897dde06730145b5caefe9db1c321783450d25d38834532c3e372fa92a53ac9cb4330eaaf65fe1b69a66459058e02d20c6641b7d8edfa8e356baaeb011b61208ef36ed33235144c86d6ce65da89d66da06291d4acc05e3136559ab77a7c4ad229c5307b48ed642d96c28cd06c82dedd4a16ed90bceda81292120438fd5c47b7b41b2646fe0899643f896ddb2d11e7311f8a0cbb9bfa38106507e06f35b3052ad6b6a11ac5f0129bedc59d04aee3737ebbf10f97c80f1a4e3f51ac8ac4488ad9e3f685a7c0dd4074b07774f4efe4b9f2cba400ef49f73b12fc7d96d8f3283a1eaf8c003931fc24a9248e201ac31bb49226c37d535592e00308d86ba0765a7eda13b72686101d352fb959598038b8dec44a0f18e5c8ec089912d325880390ce5186d4585df46e5662987c164f0ccfb8f12f6144f91349051d3ffa35ba597d2b5920e279ca8e139dfe2ba9923c0190fd444c8bf12a627618791a8781d6b54470777e6a5dac8cb505ae1e534b0c3af7db010dd602b1459964e1e15a812f3b4c8038e6bc1dc568ba482ee4944582abeeda1ed012391706ddb1e0ce60efd15acde8283d3612de5d0cf76185ad3a1ce89488e1cea4009573b55a2766d100ecefc5d53c99876cfec65daea82f55cf9687ec70e45cfdba9fe69fc3a822c29ff4be34857bdcd4313fb23d1d01d8a79cbd0057eeb5c1c0b39f75d5a753a2e10bd0ebb91dab1312bdf1a984332d566ab56dfd838d285995bec8726c5d1358fe10b0b6aaa99b9d9b08894c1dbd06356e5c693ddebb9d8b306062defb160db9d8f02ae3df59697866f5adeb34c8c5b27b63b09675030f344197b3bff097b996819dec9059aaf5ec1a6c585a86d16528091543a9e6bca4d850b7963fd1e7d981814dedb165c1a6444ec0a21743a4de8845b386ad4e1e9c9f2873f6a353487d9a8f8f56ae1d0f69124ee56b5c2b2a48c78cc6ba6b313b889adf0acfaebb4e2dc71054a4992366a2b6ff1f5972d7d2f0e9e3b17d7fbe931f43871819dc6e6040ba239ebce2cfa424ff7344b8a880040321909dcd16956594f5d99fdd39ea5d7209b906d2601572c56c72db899f986185194fe5aab45f27d9ac12aa8600b3c2728ef2e589a6886d711edf4d7f95b2e10d9adde3009560ad754f9e7a52808720a973dc475f8177fd5b199b69925f03a44a8bd9f3c3369861802ce5ca4b40cb47d19e2e1bda1b054f16b66ac7b7c0e5205112e011d6957f1df50505003544631ff4385d8128d46838338930aebc0496348045a7c05abd7a56e1079947d3eb1c50e4d8be001d03d8973f8f08f2f21a415174173ccb90f7ab615be5036947e164a434c059637bfeebb8b9f2e87b9774a4595c71122c9fac74347488b9a054e2e7b9c45b7b12fcca0fe789db614c70d4149d44e50fb64aabccee7447288a5b865a60c2640171f89afecda2cb18b7ecea214bd32f43d5ff66e90741697d085f3ee9bfd8662a3cc570999bb151090160d3bf5bf1d85e896d66276cba7ed97f341f595b13c02ac2a1352aec7a5980de2c8f9d890951108947b7602dcf2bdd2aef680667572b87aadf7c54338492eae763df73e89e3c438c196da83d98bc65233a242e08894f2390d8714f0abb801d9e5c42f169555284b6cf079005b373e9938db71a93ee5945c2a43a06e3df580d372318b3d203503c6e968206d7db8116cca2f2a1fae7f5b5195bea92914d66516bc3ceb2d9dc4de59d0d52ab80910aba7ebb696c7deaddcf0fedf56e2a88c3496bb79897c6420a0ef1b03ad89c76b24f67ffd41c9227d464565457bb25f0b32c83e676b0a3284f2acbed39c6875871c5e866a8284f12e383f87f12dd9bbe3078c68b3711eaa9bc17a7ac8413a8ef486922eddf43f01625671b7c3d0a4c6c2dc38217b4135c8cb46df7d936aabfd253e95e0816dd1f92b257e2f96d2a259a320756ba77d99b709711326f2ea42def974d60f817a1f6779121dd32a1cb194c7809e4c8fd052ba357323436491ec45a49fa601ed373aadd2199e4483704fb2f4edd7bf2815b552fb84d09094cab9700b5125887ee508570217c16799bc11d9e3658de8d9812f30dc8078bbecaf887a6527686b026eea70229df1e61759adf19c1b96673419decb382ae29bd685c5f32120b2d56d3e97c9ef00a2c0598c2181b8fa53172312590a9549ff55dffb9070b042c74654b2ae56371b2a6bac8e2808a40fd5d6d0af184c035101394e347521467e0ddb962e0d63614cf1461ac7b9d744084e9f6f26c88d515dbb1b7392b8e9384b81f186224d5c09e266682d8044d8afb1bd6483962b03ed6884759d2647b8f174a6695a437a1f1aac3e6a2f8ca658ee8a8ae44a77393cec61a9f335a1e859825e73df4125828fbde19d3695125992ddb2826ffbc6c7cfbfdbae19ba864c4170c79cce408e8b280a7632c855d802029ebac8627fbd6fec1c3bd858411c969ca035992f2ab909c423158dffd0dd5a407b3e0c2d9b180440996e09e15f17b4e42f365371d9dd58c4609455253c44c2ba73f592e360ab5fcccdb6e90ae0c60ada9325c4824242c0d866e7dfbefe091067d5c7ff0432814f733591eb0096659738b34cfa8c6c988ec628f34fe08f31dc0156dc39866412932d045168f4f3a48f24fb3b884be1384845d496c3009626f1c41b0189e95c9055d24eb5a0390596f6ccf50d3727e607875a3b2cf076a277e12ac07ddc59da78ee16e1952706ac6a1a9ade80b867d889789c935d196cc4da67aa35ba80ef2077ee4dd69c5f31a0410f7fd0739303ddcdbff2f53e0a44ec5de0f062e533444bd946959a1d9c25b297b6fc7675ca4add9e24e8ff390e0375f3b15e1d3e8129007d743e384659f191bd23ffe02140fa64d5c6d75937b28d51afcaa9d207f57c878f2f54493025e9eff5b5ce0c997d11c9690262e38e1e83c7f1a0ed3f200d9d0472739d59dea3cc6e8783758e3e3201731cf27211267702594356345449b42fa64b64c6f00a8f26665524fe2208b1a7c5fbdc822ea611c1811526471e4f52ab5e3a43de8fd4eba2fb2796a206e348de9b0be78ded78204dc82d9e9adccbe408d7ff538aab3d663eab189927a9cd597388e8dc5063d2db42cd65415fa32d20288da017c9f94e788dfe7cc3a0f6b6ab06116ed3f72f3c048cb1e51abf308ed7169908d1ad5b7ab3a86a3316d164084f8d88c6f96142d888ccb158efa586015914c116db114aa82c44a55d4c33bd901dc34e820d3120d57def03ea4f01b263913cc02ca586b208506d149ef03a706fd5360a12b83acb7bf97ac1f1f85389d4fbfdcf38551e9dbce760a05e8e4023d85038570d3697b3e7de73aac9c7feb39b6ccd1a775c8ce01b08d7190e28866aa7bb8d0cff0fc45b452fcb6a290f98f4b5ec125224c8a93918b1f2888befba6de3d294ee1f13a9c56e92eaac0b8e6c6905e77a60ea7e1d1ed979b6b2606652e7d75750a065c57c7efb1ef5708719ef04e354bd861b15e0a1cbc7cfe65c8a3d9a2b790260d6e6eb60bd4e0fb3f040dfa27fa00797664122add0750a23a8b20fcd68b6be1e21620dda4bf0561f4c5ed74f41612a0676dcdbf669df3436cbf2ce253e69319e3ab36e6e6314f11e0d0882ee3d7f3d3b3dcfe3cd7f061e301369207545676e09801f9bc4bc4c3dcaf48e5320a4b3211051a7525868a0ac1278ed6fc9531ed89cf4205458acc05d5351bcab7ea50250b6cb4c6fdd0cd96f30cdc9a820f495d0a3e14eb6c493a85a87e3b7fb8e5f23431c3c5359f5802f1fc11ff71c3172c6b57b5587ab38579b79e328792edb7a81d60762bc6c88693a00712f811cab9b075a97535c904396dbd2fa0994ba9c9b06fe9c042cb6860d22844b94863bf7b68a1ab8639e4487b38d48e40da4a98dedd7d73ca4b575bf4c604a364a9247c2ea5e3b127ff42f9bce1d3d37c2428edab1708ebd71ac0e4a408a9c6eb97407a4a8b5e912e2c63fadd1abad9a772a96fc4666f7d2b604adbde6f1136de2adfe38994491ab0f34ff1fd20cb8034ad39aae4c5c0076da2e7a157764b770e1c5f35b6f323ce809b2e92be1345204021d74712368e0ef77056afd85f065bba085793c9b6950d3c3fc6c445afbdd5a80cf7b0bb13055fd486700be1500bdf8771e286a63962e56d4771ed5eefbf111ba7380f02d6f96eed174246820b73bd772689c072bb3d8e43ef96f5466dce5c9392e34b7176821d2f4df3dab4c6ef5e0238ffe61582812fdacc987fbb6d98cad5a2d7af0e4c8dd3f800cd75c38a515d4d4c7118c5f81c6f7504e7ae452370c56c4b7fb4daa65bf26919c12081485d09e9d142965320211f483ed2a0a6836fa2488a878eaf9653b0528c3680b75a1920a25b5c5c17548c7ceb9a1656a0cf6a404aec14f7ed8a1dcf8ed32e1cf94dc2f60b65aa102650b7a22d9e708c606ce8403ceb81434bd9938b2c4e5a8530a156a1df7d143b2da54071ba3e673ce11760f72c32273b7bcd9a48da2a6caeb4b782cf1c3a044c1731f3ad61ce32bbd0b52cbb187cb3ecc1e85a67ffe27cf86769a0d69fe293dd30f060b8a0f26ccd0287d0b8d941ee7410a7c6aa430add67c2dd60db292e24f294ce80b0321aaa4d054a6f5d9981e1d5e859b454f5005be082bd59baca5775eedb7994333c62c452ef7b2893e4d03a28c0e368928b4bdd6e31f52a83cd7e162975405fd128321e0a8e3e77fd93257b0c46b309e16203974382ced818faac3a02e74141e9ea36c4a1b98bd859fafce43b2984d856c832f61b1ca562cee96f5843adc14b35bec1ccdafedd214f1a344345373f3c9eccee8324950a23c3e77d55dbde9a7ac1b7804927affb8b0e1488dcd8919d227bd1f50a35abf25e3f120c25b0dfb4d85b4c2a2c69cf7047c76c45e4e901e7396140496f9a322c2c2ac777a27adff5a6daf32e852b1bac89f1086739a603cf0f6838f792351c08e38ab130e5a83aa5a4f2da19df131770a308d810eed0059a2e5546a2169b9d0119f6df7c18981f4b4f119c76fdaac031ce7551f25678b5c4d8815a7ea9565e63389fca6ea0bcd40e71ac72124113dc0041ce26a0c9979ff76d7f1f2c0cd2c16d8c7a36930b909ed7e2d4adfa8352b12b99bdcbc25b485f652539fab7ac983c1ae925967c15ba2345e45d6bafe13b3e9d7acf1a592422ea09c3a45f7fe24e235bd70b106cdaa665584e74cdaf9f39b804bc6c4e7f0bf572225acd4dfe010081b91c2d5970d4f43d2e1a0e05f84baaf50642991b3704034aed74572e6a4715b79276432d06660b39c989570fc0d5d0071a7c690658caee447370d3295db3b5dc625e697e1ca2675b5430b9969024835c7d001fbce86c5165c4fe8f2d46b883daaa3fbf42dc5cf61209379013896df740b9cc32638358ea8079a33f04197f650471086e67e5cf9779268d7973c73bbbde2f1c11e1a8e2b154aaa8b4b74f8a03f14ceb7afc4ba35e6620b7af89c969021d20cb260c1868f3fa432ce7e509db06001ae6540531b126c1e3a851acbf0a9c1354bece05c094d69d9bd87f99391e23306911383d2082997339daebd67d8a707c9b496a309b7921696f39a07864f31208802db7188881e346b41c34f4129fca9c6a13172a4dabfe791584d240fc03685057d53c08737aa1d486233318eb4545f2e8d18087705b9d3a7658564592f56aea3aee53d66c249988bf353853728553a1577062e24af533f47dc012ae90c5c085babc121be2993c063e203ab949a088041271ac0527c56edd4b7a87e98323a0137cd493aa05fe38d02754a66d89348b119e6200d5919bc366788eb67115fc57c4c1a9dd42c7411d6709ad82de8662a1849445b39beb2ba8f894860e41a054f61337179a9214b0884f3964c95ed2a4ab37de8038566bba76fbaa7502c0460558ff4bf4793ca68d78e50f384a81da4cfa23723747e906b82290e0b8ea07e3404bee0915800d4c3c07f94c43e7aafbc7a44d923de97963d0d1586bee06fc90aadbe5758fb9933ff7df346d62e082223741f5cb26ef953ca654ab983a72b30b296891c9e3f1ed5216b0e588eb25f5d4ccad6f96973cc2d26196bbd37c83266473071ccd84d9e3c74f22621e8bd60afa4bcad6c853c7591fe5d4298a954ea5006f682a7a65aeb26b230f3866a28a58bf532aca8fd5eaec64f442ac510a7df4114f00fd6ff7e02d77f8e72797222556959958c4c4d166c5af18a6e25588cac9871a3d5bb453889ff8d13db22024a997bf97a5afdf698b1deaff3101e27868d2de47b92c403ce82e15f3239d8923e8ca0c01e3781b5dd6121f57d2238dc3ff8a1bde3e371efd33838c552e43588042b360f55d7ca92f11987630364b263428e18601d7bf23f6432b3a9aa2c500cd9ac5f73cbe309443858a2806956b0cdcfc19904567bb1703641017c6199e768410e03d8ba603eb34249d567370202f39639ae8f6d52d9d5dbfc544c5b85ac8187095c63f1f613fe4af179fc5c837e6e0ccc21e62ac22ac045c4ac3b1ca6a4cbdbe29ea465240fc0aed1f0e086d7580bcf81d4e2a4d55a8e3bc57110e7cf1e1895df07974f0686dd2ea2b12bbfd64e7a9d0c62c662f0370e6ed495eeb2ee5029042147a1f2e5fcd6068b06567be893cb80e2cbb5fbb12847313811c13cf685698d5e2175959579e510279b9e959ac2c3f94fec653c6b521f8909d633ccedbc1109285ecbd52d27cd2891eaf354db2c966d1e3086718848433c12658fe7f6fbfef930b963139a63f6c4caee5a1964d3a038dd0db403c0a251d702c07a0fba4a3576ec6668a78e9e26efc6ad83a670a47608bf4207979bf196b3160c95e7ccc6406d46f529d34676b76d72396262e1448df051130a21484e0e977df1f7f0a259ac762eef9506877498b9998e1286d6294cf60b95352e81c3", 0x2000, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=ANY=[@ANYBLOB="d8030000000000000300000000000000000000000000000002000000000000000400000000000000000100000000000004000000020000000300000000000000050000000000000000000000000000000800000000000000010001000000000003000000000000000b000000cc0d00003400000000600000ffff000083f634222c3ba731b4ce25ace5cc646cf8", @ANYRES32=r2, @ANYRES32=0x0, @ANYBLOB="7f000000050000000000000003000000000000000c0000000000000007000000fcffffff757365725f696400040000000000000003000000000000000080020000000000030000000000000009000000010001000600000000000000090000000000000004000000000000000b000000000000000600000000000000000000000000000006000000010000000600000000200000de000000", @ANYRES32=0x0, @ANYRES32=0x0], 0x0, 0x0, 0x0})
getdents64(r3, &(0x7f0000000100)=""/134, 0x86)

21.284544477s ago: executing program 1 (id=1230):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, 0x0, 0x0)

21.185098013s ago: executing program 1 (id=1231):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x446, &(0x7f0000000100)={[{@min_batch_time={'min_batch_time', 0x3d, 0x9}}, {@journal_dev={'journal_dev', 0x3d, 0x3}}, {@errors_continue}, {@noquota}, {@data_err_ignore}, {@noblock_validity}, {@delalloc}, {@nolazytime}, {@orlov}, {@user_xattr}, {@nodioread_nolock}, {@nolazytime}]}, 0x1, 0x553, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
write$FUSE_BMAP(r0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x42, 0x0)
fallocate(r1, 0x10, 0x6, 0x10001)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000001c0)={[{@usrquota}, {@grpjquota}, {@nodelalloc}]}, 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000007c0)={@fallback, 0xc, 0x1, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x167)
r2 = inotify_init1(0x80800)
inotify_add_watch(r2, &(0x7f0000000040)='./file0\x00', 0x610003d5)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x1a42028, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file1\x00', 0x42, 0x5)

21.127515617s ago: executing program 4 (id=1232):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[@ANYBLOB='1-', @ANYRESOCT, @ANYBLOB='E'], 0x31)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x17, 0x4, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x9}, [@generic={0x73, 0x1, 0x1, 0x5}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000400)=[0x0, 0x0], 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, &(0x7f0000000100)}}, 0x10)
r4 = add_key$fscrypt_provisioning(&(0x7f0000000000), 0x0, &(0x7f0000000080)={0x1, 0x0, @b}, 0x48, 0xfffffffffffffffd)
keyctl$chown(0x4, r4, 0x0, 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./bus\x00', 0x41, &(0x7f0000000740)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@minixdf}, {@noquota}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@noload}, {@nodiscard}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400}}]}, 0x1, 0x50b, &(0x7f0000000200)="$eJzs3cFrHF8dAPDvbHZrk6a/pOpBC9ZqK2nR7iaNbYOHWkH0VFDrvcZkE0I22ZDdtE0omuIfIIio4EkvXgT/AEEKXjyKUNCzoqKItnrwoJ0fuztJ03Y32bbbbJp8PvAy772Z2e97G2Z23swwE8CRdTYibkTE0zRNL0bESFafy1JstlJjuSeP7880UhJpeuufSSRZ3dZnJdn0RLba8Yj42pcjvpm8HLe2vrE4XamUV7Nyqb60Uqqtb1xaWJqeL8+XlycnJ65OXZu6MjXek36ejIjrX/zrD777sy9d/9Vn7v7p9t8vfKvRrOFs/s5+vKL8bjNbXS80v4udK6y+ZrCDKN/sYWaw3RIDL9U8eMttAgCgvcYx/gcj4pMRcTFGYmD3w1kAAADgHZR+fjj+l0Sk7R3rUA8AAAC8Q3LNe2CTXDEihpr5XK5YbN3D++EYylWqtfqn56pry7Ote2VHo5CbW6iUx7N7hUejkDTKE838s/LlF8qTEXEqIr4/MtgsF2eqldl+n/wAAACAI+LEjvF/LiL+M9Ia/wMAAACHzGi/GwAAAAC8dcb/AAAAcPgZ/wMAAMCh9pWbNxsp3Xr/9eyd9bXF6p1Ls+XaYnFpbaY4U11dKc5Xq/PNZ/Yt7fV5lWp15bOxvHavVC/X6qXa+sbtperacv32wnOvwAYAAAD20amPP/xDEhGbnxtspoZj3a3a5WLAQZXfziXZtM1m/cf3WtO/7FOjgH0x0O8GAH2T73cDgL4p9LsBQN8le8zvePPOb7PpJ3rbHgAAoPfGPtr5+n9u1zU3d58NHHh7jfuBw8v1fzi6mtf/u72T1xE/HCoFRwBw5L3x9f89pekrNQgAAOi54WZKcsXs9N5w5HLFYsTJ5msBCsncQqU8HhHvRcTvRwofaJQnmmsmrh0CAAAAAAAAAAAAAAAAAAAAAAAAQJfSNIkUAAAAONQicn9Lft16lv/YyPnhF88PHEv+OxLZK0Lv/vjWD+9N1+urE436f23X13+U1V/uxxkMAAAAOBJe6QX+W+P0rXE8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTSk8f3Z7bSfsb9xxciYrRd/Hwcb06PRyEihv6dRH7HeklEDPQg/mDjz0faxU8azdoO2S7+YA/ibz7YNX6MZt9Cu/gnehAfjrKHjf3PjXbbXy7ONqftt798xHPl19V5/xfb+7+BDtv/yS5jnH70i1LH+A8iTufb73+24icd4p/rMv43vr6x0Wle+pOIsba/P8lzsUr1pZVSbX3j0sLS9Hx5vrw8OTlxdera1JWp8dLcQqWc/W0b43sf++XT3fo/1CH+6B79P99l////6N7jD7WyhXbxL5xrE/83P82WeDl+Lvvt+1SWb8wf28pvtvI7nfn5787s1v/ZDv3f6/9/ocv+X/zqd/7c5aIAwD6orW8sTlcq5dVDm2mM0g9AM2QOYObbPf3ANE3Txjb1Bp+TxEH4WpqZfu+ZAACAXnt20N/vlgAAAAAAAAAAAAAAAAAAAMDRtR+PE3sx5uZ2LunFI7QBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHri/QAAAP//uzbZXA==")
pipe2$9p(&(0x7f0000000040), 0x80000)

20.943057687s ago: executing program 0 (id=1233):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, 0x0, 0x0}, 0x94)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x8, 0x20132, 0xffffffffffffffff, 0xb2993000)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
wait4(r0, 0x0, 0x8, 0x0)
mprotect(&(0x7f00000f6000/0x4000)=nil, 0x4000, 0x2)
ptrace$poke(0x4, r0, &(0x7f00000011c0), 0xfffffffffffffffe)

20.924272669s ago: executing program 0 (id=1234):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x3d, 0x1, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7f8fbc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c0301000000010000003d5d58c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6e70af07da5ceb01b7551ef3bb6220030100dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cde7a6b73340cc2160a1fe3c184b751c51160fbce841dfebd31a08b32808b80200000000009dd27080e71113610e10d8fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000066d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c9727ec84222fff0d7216fdb0d3a0ec4bfae563858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f0dafc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5cc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa1c22015e53fd8a46be933ab460d8629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8f12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5b6154eb2eea0d0df414b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7ade8a5b859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ffea0000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a1bcd1e30280bc586e79a5dd80701018e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f0000000011d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589c95d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d4442d13d5a29179a00837918dd7854aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5a45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5ff070000000000000ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5f45c879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a2a2ea86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c58684a1d2f624c3eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366aa660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e95921218149403558fd13c649f90b0911d57eeb298b590581eba1ce383b539ab80fd15445987b1bb4eb512545e1ab65fef3103ce10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbbfe8a4b131c13a73d4e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d61800aaf7e038879c5d177b3876fda4121e00000100000000003edd3d43cc64e0d26b46907b42e08d000000000000903350932d3eef7fdada20c19807066e3c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a74748b8cd994ed368695aa2c59869c9200a1306ffa5a71ca69e89a69fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeaded2930376eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041894f60fbbcafa487ee96b368e8769da90b44190e569fe8b923c32c288baaca5c5558b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751e95999b7532603494d37a2bff35a9eec46dfc8a52433f605ebf151c837b4966b5f3628a406175a87e32c5e4268d3000933b580415b162e2946446b8f02554c8a1225217d69d049685dd06aa8528673a9673a723ac414af77f523ad730d00e8700c213f95c87a94f39f506b9e000000000000000000000000000000000000000000000000000090668ac41a1c2a4f7831e6c6a3e9c68ca2c449482bb70a994e71a7f24873848fbb128c820c1de19cc003dfa65a2b296caeb1253802080e08eeb724c4c7b7e052afa19b0f2cd7a13bda4b5a8f3b8fa3ca70bb756a3d529718d5c79d9bdb89e5d33793533211d76d00a45079eff797476106bf76f1fed952a7c9162b88911b5b00c3d26fd2fb4d7b29d1ce025e102d458efd5cca3f3835ce760359eaa01cb13cb28d60e8942fdc02b6824c00dac62f8a2d4c680ae284a82f09d6641921536814b444e4188d9b2e97eb3b108e7876f0f3f3863147ab694218c7cecc075d52d590dddbb57fc6fedf5ec69d7894a7b5c8109f303dab998815c80534b0bd34c49eea63997e56728a8185a8bb6988a7197b87f5548f5edfdfb3efc907fe561b33a6f7c707f7828c6adaf3b2a39929b4b65253e787d65c08aff5e4a9b2267bd8f803ea38f10a6e9c4a49bf23525e08c12d229211fe4d88cf1440f29accfa50f327ac1fb20d7f164100111bd21fca713b2475f1c997f3000000000080c426bcec79c6bc83ce4e6cbb17c01be69db342192d0a716cc24710d23321441f475ec485d642b61c6bd907071dbbe37c0b78f60fd2ad0d13ca62d9d9aafb01c3920b64cb5e023810e2de4327f90c389ce36d90ff9f3cb9d8cd2260d05a8126943a3df17157470595c68ac8df7fea6d42ecb2cdb65b4f2aef0dc4b2de949a6d4ec37f2fd693ae44944041a64f"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe06, 0x1000047, &(0x7f0000000100)="b9ff030f6044238cb89e14f088ca1bff43052f002000636777fbac141443e000000d62079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)
r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x8)
socket(0xa, 0x1, 0x84)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0)

20.609548727s ago: executing program 0 (id=1235):
statx(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x2000, 0x800, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r0=>0x0, <r1=>0x0})
setresuid(0x0, 0x0, r0) (async)
lsetxattr$security_capability(&(0x7f0000000140)='./file1\x00', &(0x7f0000000180), &(0x7f00000001c0)=@v2={0x2000000, [{0x6, 0x80}, {0x7, 0x9}]}, 0x14, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000200)={{{@in6=@local, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@initdev}, 0x0, @in6=@local}}, &(0x7f0000000300)=0xe8)
setreuid(r2, r0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x3, [@decl_tag={0x6, 0x0, 0x0, 0x11, 0x5, 0xffffffffffffffff}, @fwd={0x2}]}, {0x0, [0x3e]}}, &(0x7f0000000380)=""/173, 0x37, 0xad, 0x1, 0x7}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@bloom_filter={0x1e, 0x55212620, 0xfffffffc, 0x2, 0x10404, 0xffffffffffffffff, 0x9, '\x00', 0x0, r3, 0x2, 0x5, 0x2, 0xd}, 0x50)
r4 = syz_io_uring_setup(0x7c60, &(0x7f0000000500)={0x0, 0x4b1a, 0x20000, 0x3, 0x2b9}, &(0x7f0000000580), &(0x7f00000005c0))
io_uring_setup(0x462f, &(0x7f0000000600)={0x0, 0x9283, 0x80, 0x3, 0x2bc, 0x0, r4})
r5 = socket$packet(0x11, 0x2, 0x300)
accept4$packet(r5, &(0x7f0000000680)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000006c0)=0x14, 0x800)
r6 = userfaultfd(0x1)
mount$9p_xen(&(0x7f0000000700), &(0x7f0000000740)='./file0\x00', 0xfffffffffffffffe, 0x840000, &(0x7f0000000780)={'trans=xen,', {[{@debug={'debug', 0x3d, 0xffffffff}}, {@debug={'debug', 0x3d, 0x4}}, {@directio}, {@noextend}, {@version_u}, {@ignoreqv}, {@debug={'debug', 0x3d, 0x800}}, {@nodevmap}, {@debug={'debug', 0x3d, 0x1}}], [{@subj_role={'subj_role', 0x3d, 'security.capability\x00'}}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@audit}]}})
close_range(r3, r6, 0x2) (async, rerun: 64)
mount$9p_tcp(&(0x7f0000000880), &(0x7f00000008c0)='./file0\x00', &(0x7f0000000900), 0x100002, &(0x7f0000000940)={'trans=tcp,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@debug={'debug', 0x3d, 0x7}}, {@access_user}, {@cache_readahead}]}}) (rerun: 64)
r7 = openat2$dir(0xffffffffffffff9c, &(0x7f00000009c0)='./file1\x00', &(0x7f0000000a00)={0x400, 0x68, 0x20}, 0x18) (async)
lstat(&(0x7f0000000a80)='./file1\x00', &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x0, <r8=>0x0, <r9=>0x0})
fchownat(r7, &(0x7f0000000a40)='./file0\x00', r0, r9, 0x800) (async, rerun: 64)
mount_setattr(r7, &(0x7f0000000b40)='./file0\x00', 0x1100, &(0x7f0000000b80)={0x100001, 0x100000, 0x20000}, 0x20) (async, rerun: 64)
r10 = syz_open_procfs$namespace(0x0, &(0x7f0000000bc0)='ns/time_for_children\x00')
setns(r10, 0x80) (async)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r6, 0x80286722, &(0x7f0000000d00)={&(0x7f0000000c00)=""/218, 0xda, 0x9, 0x4})
mount$bpf(0x0, &(0x7f0000000d40)='./file0\x00', &(0x7f0000000d80), 0x100000, &(0x7f0000000dc0)={[{@mode={'mode', 0x3d, 0x4}}, {@mode}, {@gid={'gid', 0x3d, r9}}, {@mode={'mode', 0x3d, 0x800}}, {@uid={'uid', 0x3d, r0}}, {@uid={'uid', 0x3d, r8}}], [{@smackfsroot={'smackfsroot', 0x3d, '!:^('}}, {@smackfsdef={'smackfsdef', 0x3d, 'syz\x00'}}]}) (async)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r10, 0x6, 0x21, &(0x7f0000000e80)="5431178145adffef324d70c53885a022", 0x10) (async)
newfstatat(0xffffffffffffff9c, &(0x7f0000000f40)='./file1\x00', &(0x7f0000000f80)={0x0, 0x0, 0x0, 0x0, <r11=>0x0}, 0x1000) (async)
statx(r7, &(0x7f0000001000)='./file1\x00', 0x800, 0x1000, &(0x7f0000001040)={0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0})
lsetxattr$system_posix_acl(&(0x7f0000000ec0)='./file0\x00', &(0x7f0000000f00)='system.posix_acl_access\x00', &(0x7f0000001140)={{}, {0x1, 0x5}, [{0x2, 0x0, r8}, {0x2, 0x2, r8}, {0x2, 0x3, r11}], {0x4, 0x2}, [{0x8, 0x3, r12}, {0x8, 0x4, r1}, {0x8, 0x7, r9}, {0x8, 0x9, r1}], {0x10, 0x8}}, 0x5c, 0x1) (async, rerun: 32)
socket$key(0xf, 0x3, 0x2) (async, rerun: 32)
ioctl$TCSBRKP(0xffffffffffffffff, 0x5425, 0x100000000) (async)
prlimit64(0xffffffffffffffff, 0xf, 0x0, &(0x7f00000011c0))

20.432959237s ago: executing program 0 (id=1236):
r0 = syz_open_dev$vcsa(&(0x7f0000000000), 0x7fff, 0x511002)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r0, 0x8008f511, &(0x7f0000000040))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0x0)
setuid(0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x1, 0x3, 0x7fff0001}]})
write$UHID_INPUT(r1, 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000001c0)=@filter={'filter\x00', 0x42, 0x4, 0x370, 0xffffffff, 0xf8, 0xf8, 0x1b8, 0xffffffff, 0xffffffff, 0x2d8, 0x2d8, 0x2d8, 0xffffffff, 0x4, 0x0, {[{{@ip={@empty, @loopback, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {}, 0x11}, 0x0, 0xd0, 0xf8, 0x0, {0x100000000000000}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x2, 0x0, 0xf}}, @common=@unspec=@connmark={{0x30}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@unspec=@state={{0x28}, {0x7}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@ip={@multicast2, @private=0xa010102, 0x0, 0x0, 'veth1_virt_wifi\x00', '\x00', {}, {}, 0x0, 0x1}, 0x0, 0xe0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00', 0x0, 0x9}}, @common=@socket0={{0x20}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3d0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f00000004c0)=ANY=[@ANYBLOB="6e6f626172726965722c6e6f657874656e745f63616368652c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474720000693a653d3078303030303030303030303030303766662c736d61636b6673726f6f080000006673f52b00e58abba2d0cc27be339f6f4fe5ad35a724e1531a622f050000008586eb5ba3614d2c24abf5a2614c0f111e057112dafd66336a5e3b6512b81cda80be6e9a34ccc2b88c0100008000000000e3f5def862b95c20ee847008000b0c22653d2ff39b36732e46b56357afe57094f42ba61c5e8b4e184d7dd50000000000000000c0469264c247cd3c7fcb39043dda97538456bc294ae31e525d3b664cf8e83b52b1885b866b58698b3f132aced62a4fc7c8c400b805173d7488a35708d2523190c0014689f57be6ee3f5d28935a0000000000000000000000000000000000000059c1403d010001008ab61fa90695a8b268c277645c1e357ec9316354f659d4244fe126a8364eaa0de6bf4ba21c767782a04bdbb8c86d0cc7e3f03f8ef15c0ee311768cccb8affb0ae5d7cd0000000097676c046a6c754c98dd5f400ad99a588d983ae6e07b4e0e0907266aca53b30a815a84295fb5eab2f263613d36994dc15562892c33ed149270907e9c2e4d0cac7dd9735621a0c6768d4f70c664699157854bb1b85ce3f6ea44456e4f1ae1575315d77f2b995ce4d6ce21b17ca891c155ddd9916e997c32e78231e8d54675e4edf480980023b9736180ff98cf93f888eb70abb728b7e91a5d75b7e43e54f92b6e679249576f12533bef1c93aa993977f15c0a7b595423444db6e87480c46c408f6d48afa1ba"], 0x1, 0x5514, &(0x7f0000005d80)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DCJmy67aK3qrv4gV3KqgdPmiZpyG6SKU2a1p48eBQPnv0nRMGTR/8GD569iQfFm6BkZqpbP8ClSWPb3w8mz7xv3jzzvGFZeGZKAjiz5pNffirFtbgUEbMRcTUiOy8VR2Y1D89FxPWImHnsKBXzf0ycj4jLEXFtlDzPWSre+vTm8MbKj2/8/PW3F85d+fyr76a3a2Dano+I7lZ+vtvNY9rK48NivjZsZ7G7PCxi/kb3UTFO87jb3Mgy7NYO1tWyeLuVr0+3dvqjuNmp1Uex1d7M5rd6+QX7w9ZBnuwDD2vb2bjR3Mhiu59msbWf17W3n//ftt8f5HkaRb4PsvQxGBzEfL6518z3s/Uoi/XeoJjP86aN5t4oDotYXC7qaaeR1bFxlG/6/+3Ndm9nLxk2t/vttJesVKovVKp3ytXttNEcNJfLtW7jznKy0OqMlpUHzVp3tZWmrU6zUk+7i8lCq14vV6vJwt3mRrvWS6rVyu3KrfLKYnF2M3n1/jtJp5EsjOLL7d7OoN3pJ5vpdpJ/YjFZqtx+cTG5UU3eWltP1h/cu7e2/vZ7d9+9/9La668Ui/5WVrKwdGtpqVy9VV6qLp6h/X9UFD3G/cORlJ5s+YVJ1QFwguj/gWmYXP+//SBi8v1/6P/H4kT1vxPr/z87s/uHI3nC/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNPj+7kvXstO5vPxlWL+qWLqmWJcioiZiPjtH8zG+UM5Z4s8c/+yfu4vNXxTiizD6BoXiuNyRKwWx69PT/pbAAAAgNPryw+vf5J36/nL/LQL4jjlN21mrr4/pnyliJib/2FM2WZGL8+OKVn27/tc7I0pW3YD6+KYkuW33M6NK9t/MnsoXHwslPIwc6zlAAAAx+JwJ3C8XQgAAADH6eNpF8B0lOLgUebBs+DsL+//fCB46dAIAAAAOIFK0y4AAAAAmLis//f7fwAAAHC65b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7lpA1EcgJ8NLvSfiqru26N0B8foEbrssuIAvQRHoFfIBTgD2eUIEUR4HBSiJIrisa2Q75PMMBb8/IzwYmakAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALp0Wa0X//9+/9c2Z7dv54WX/dG2bgAAAHgLttV6Ub+Zpf7H5vzn5tTXpl9ERBkRD43dR/HuJHPU5FSPfL66V8NFRJ1wuMakOT5ExM/muP7S9a8AAAAA52uzXM3TaD29zIYuiD6lSZvy069MeUVEVLOrTGnlIe9bprD6/z2OP5nS6gmsaaawNOU2zpX2LPXjfpy1m95pitSUT38/270DAAA9Gp00/Y5CAAAA6NPvoQtgGEXcLmUelwInqWmW996f9AAAAIBXqBi6AAAAAKBz9fjf/n8AAABw3tL+fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHRpW60Xm+Vq3jZnt28nz90AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADfvzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9tCoAgEIbBrezrX3j/w8YLeoYIZkB42EVBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBH7hnLOLXO2BJPVbVME3vGvaqOrBJnVokrF/p4sPUPfwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMvO/bzGUcUBAH8zs7NJq+IaZQ8RseBBLzbd1tbexIMSPPgnCCHd1titP9ocbClCLt4k515EjyKCEm/9H3puoZd662EPFTxX5lcy+XFYhZ3ZZD8fePO+Mwzzvm8WQr77XgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsM/5wL06yQ6+I4/Law2d317P+0YE+c3/78XLWsjhqMunj4Y36SdSvnSw2nwwAAADzIanq+xDCk3RnNevjXl7/p9U9Wc3/00tFXNXzB+v+qq9q/6z9+cfT13YH6hXjZA+9ujEanjucSmd6s5xhz1+e4KZO/ubz716S/AOJP9l6dZzm7zP64cGDj7p5uDD9dAGA/+ds1ZdB9ftQ1g/aTAyAudGpFd5V/Z/02s0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAnjrfBCFUchhOXOXpx59Ozu+lH9/e3Hy1W7dO/edv2Z2SPSEMLVjdHwXFhscDaz7dbtO9fXRqPhzeaDN0MIbY3+QTn9659NcHMIU0rjTEtvfs6CuPywZyWf4xG0+EMJAIATKS1bVtc/SXdWs2vRUgjPf95f/79di8OE9f/Tzy89rI9Vr/8Hjc1w9q1s3vh65dbtO+9u3Fi7Nrw2/PK984P3BxcuX7x4eSX/rqQ4tp0mAAAAx1i3bPX6P146vP5/uhaHCev/b34cfFcfK1H/H2lv0a/tTAAAAObbK2f++Ts64nrU7YZv1zY3bw6K4+75+eLYQqr/2ULZ6vV/stR2VgAAAEATxlvRvvX/K7U4TLj+/+Ivr/9Wf2YSQjhVrv+fXf9qdKW56cy0qfzx8EL5cDsLAAAAKOvxUwfW/9N8/3+8u+UhDiG881YRl/8GcKL6P/n4+1/rY9X3/19oboozKe4X7yPv+yF0+m1nBAAAwEm2mLdeXv//le6sfvH76U+79v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANO3fAAAA///FdTwZ")
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
fdatasync(0xffffffffffffffff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r3, 0xc020662a, &(0x7f0000000880)={0x200000000000, 0x8, 0x3, 0x2000, 0x6, 0x0, [{0x1, 0x32, 0x8, '\x00', 0x1a89}, {0x2, 0xe, 0x3, '\x00', 0x102}, {0x10000, 0x40000000000, 0x0, '\x00', 0x1000}, {0x0, 0x7fffffff, 0x956, '\x00', 0x200}, {0x2, 0xfffffffffffffff8, 0x4d0, '\x00', 0x2002}, {0x212, 0xb826, 0x1, '\x00', 0x180}]})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

20.412732698s ago: executing program 3 (id=1237):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
munmap(&(0x7f00005a3000/0x3000)=nil, 0x3000)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil)
syz_clone(0xa2540400, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000002000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000001000000000000004400050000000000000000000000000000000000000000022b0000000a000000fe8000000000000000000000000000aa0000000004"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}, 0x5d)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000380)=0x14)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000a00)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x62, 0x62, 0xb, [@enum64={0x1, 0x3, 0x0, 0x13, 0x0, 0x6, [{0xc, 0x3, 0x100}, {0x7, 0x4, 0xfffffff9}, {0x2, 0x0, 0x2}]}, @datasec={0x1, 0x1, 0x0, 0xf, 0x2, [{0x3, 0x0, 0x9}], "58fc"}, @typedef={0x8}, @ptr={0x4, 0x0, 0x0, 0x2, 0x5}]}, {0x0, [0x61, 0x5f, 0x3e, 0x30, 0x5f, 0x30, 0x61, 0x5f, 0x61]}}, &(0x7f00000003c0)=""/3, 0x87, 0x3, 0x0, 0x4, 0x10000}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000940)={0x11, 0x7, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', r3, 0x0, r4, 0x8, &(0x7f0000000480)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000700)={0x5, 0x8, 0x7}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000740)=[r0, r0, r0, r0, r0, r0, r0], &(0x7f0000000780)=[{0x1, 0x2, 0x0, 0x4}, {0x2, 0x3, 0x8, 0x5}, {0x3, 0x2, 0x8, 0xb}, {0x80000000, 0x2, 0x3, 0x3178c4529841e24e}, {0x1, 0x1, 0x8, 0xc}, {0x5, 0x4, 0xb, 0x9}, {0x3, 0x4, 0xa, 0x4}, {0x1, 0x3, 0x10}], 0x10, 0x9}, 0x94)
r5 = syz_io_uring_setup(0x1eab, &(0x7f0000000080)={0x0, 0xa1c4, 0x400, 0x0, 0x15b}, &(0x7f0000000140)=<r6=>0x0, &(0x7f0000000400))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))
pselect6(0x40, &(0x7f0000000100)={0x0, 0x3, 0x0, 0xfffffffffffffffd, 0x9}, 0x0, &(0x7f0000000240)={0x1f, 0x3, 0x56d92c88, 0x0, 0x0, 0x10000}, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r5, 0x1816, 0x2000, 0x1, 0x0, 0x0)
io_uring_enter(r5, 0x12ed, 0xaad9, 0x3, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x3, 0x24, 0x0, 0x95, 0x8002, 0x3, 0x3e, 0x101, 0x294, 0xfffffffffffffc18, 0x24d, 0xfffffffa, 0x0, 0x38, 0x1, 0xfffd, 0x7f, 0x808}, [{0x3, 0x4, 0x7, 0xa, 0x101, 0x6, 0x7, 0xffffffffffffff7f}], "db55a3354ca6d746db00abec7dc7bab5a753e28de04049bfa713bf4cef51bb53d0ad"}, 0x9a)
close(0xffffffffffffffff)
connect$inet(r1, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)

20.39116146s ago: executing program 1 (id=1238):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x4e, &(0x7f0000000000)=0x6, 0x4)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0xfe1d, @loopback={0xe0}, 0x9371}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x20000050, &(0x7f00000001c0)={0xa, 0x4e22, 0x40000000, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x1}, 0x38)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x4e21, 0xfff, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x13400}}, 0x50)
syz_fuse_handle_req(r3, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
ioctl$FIBMAP(r5, 0x1, &(0x7f0000001000)=0x6)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000001500)='\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x9}, {&(0x7f0000002800)="cf", 0x1}, {&(0x7f0000000380)="08e0ac8fb1d99df61d7b518d0a62", 0xe}, {&(0x7f0000000180)="8a", 0x1}, {&(0x7f00000005c0)="f5fbfd4f1595317700ff55f1f960ff70fba64053ef1c952b8561071ccfbed96b7227eaaf92a1358afc148a8aafa58b2444561acf9a5114b207019da8518fea9fd189e3616ec0ad37f86f431d6f4f1fbe1b0e3e640ac2b1f7ff33cf28d27c40513b6cee87fbd144c842c5c7b6752ea19efcfca738ac5207318c1bc30db2a727ce9a82303920eb2a3b0aa99902f8423e754843e7d6ceb06048a8d918680c042a42370dc807a398af793f4b1a3107c3771474ba13d826ce5634d33c485f3f97cffc9ea1e026f4327e96d5a40268c75358061e75633ebe43e946f2bad55973c81fff7d4843dd1db36180dd3b5692f98ace6805c67a9e20216aac908b9a6111c6", 0xfe}], 0x5}}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000000000)="f0dc8b127e38a032170c2b92", 0xc}, {&(0x7f00000007c0)="f2e659", 0x3}, {&(0x7f0000002e40)="d4", 0x1}], 0x3}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000003000)="e1", 0x1}, {&(0x7f00000010c0)="fa", 0x1}, {&(0x7f0000001680)="d8", 0x1}, {&(0x7f0000001600)="f2964dd1", 0x4}, {&(0x7f0000000100)="251abdbb2ec0677323d531b01fe85598d4812ba70710b3981ba7a8e0", 0x1c}, {&(0x7f00000002c0)="7940e900e0377757a9edc0d9376c21328ad2f7584fe4c8b712b3e5e08ecff5258151bd9eea7b4ce21f67ab51922ce035987127fda5812df903188e321419610f4beb6cdf6fa073876157c4f1d2054439d8db3f4d937872de928b62741fd60e6b56979ad883f89a02e24a577275bfb498b7a127abd0eb099e704d18d63dad611b45acfc3b8dc5457c8383d7d8621942e8e2ce6e4017dd6e5ed9732e739be6593c3b033524669ce17c3b822a6953eb11a20921220000000000000000", 0xbb}, {&(0x7f0000000a80)="9a66dfc014620376f9c62246a34b988198a9eeb38a41bb7c01485c711d43c0c2e50720c3bade20b1566946d641c579cf63ff0ba76d98f5101d1f492d111e6f71dff16f2b695d078d4fd3abcdd15c4892034e20fe3e2370c6e79be24a4d60554cdc720db847e4f4eeb76343a9516c29a37bd0713b9e42ca5ce22a7bbe1aeb3848033426c93c50bbfbf8ed936f1f753e0e4bffc7504f2efb7dd59759fe442de4f9bf96aa34bbeca3f7dc449b4effc6a25fcb33a9347dbaab076bce81d8c7fb5773eb767aa6277dd4172214e4174fa9295a7edba7fc8435879abfbc2680a81681bee7481bda93102b7184d8291c7205d2", 0xef}], 0x7}}, {{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000880)="87", 0x1}, {&(0x7f0000000900)="11e09017", 0x4}], 0x2}}], 0x4, 0x4000000)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x800718, &(0x7f00000003c0)={[{@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x40000ff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x60}}, {@nobh}, {@resgid}, {@resuid}, {@nombcache}, {@noblock_validity}, {@usrquota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x4}}]}, 0x2, 0x4a3, &(0x7f00000004c0)="$eJzs281rXFUbAPDn3nz2M3n79v1orRotQlBMmrRqF24UBZGKgi7qMk6mJXTaSBPBfmCjiCtBCroWl6J/gbgRQdSV4Epw5UoKRbNp6ypyZ+5NMpNM2iSTTO38fjCZc+aemXueOffce+45kwA61lD2J4nYHRG/RsRALVtfYKj2dHP+cunW/OVSEgsLr/6RVMvdmL9cKooW79uVZ4bTiPT9JN9JvZkLF89MVCrl83l+dPZsX56cOF0+XT43fvz4saNjTz05/kRL4sziunHwnelDB154/epLpZNX3/jhy6y+u/Pty+NYp19Gm2wYygL/c6GqcdsjG9zZ3WrPsnTS3caKsC5dEZE1V0+1/w9EVyw13kA8/15bKwdsqeza1Nd889wCcA9Lot01ANqjuNDvnO8qZffAK++DB7Zy+NF215+p3QBlcd/MH7Ut3ZHmZXoa7m9baSgiTs799Wn2iM3NQwAA3JEPS5+c6I2IS7e+eDEbeyyN9tLu/1aff6v+3ZuPBAcj4l8RsS8i/h0R+yPiPxGRlf1fRPx/k/VZOf5Jr23yI9eUjf+ezte26sd/xegvBrvy3J5q/D3JqalK+Uj+nQxHT1+WH1tjH9889/NHzbYtH/9lj2z/xVgwr8e17oYJusmJ2YnqoLQFrr8bcbA7SVbGnyyuBCQRcSAiDq7vo/cWialHPz/UrNDt419DC9aZFj7LwpvL2n8uGuIvJLX1yTdHZy5cfHzqbOP65Gh/VMpHRoujYqUff/rglWb7r8Xfn+dWj3/H5sNs6nq59rys/ZdtXewDS+u1M63d/waP/7Q3ea26ztybv/b2xOzs+bGI3uRENV/3+vjSe4t8UT47/ocPr97/9+Xvydr/vojIDuL7I+KBiHgwr/tDEfFwRBxeI8bvn719/JFu4PhvgSz+yVXPf4vH/2BS1/7rT3Sd+e6rZvu/s/Y/Vk0N569Uz38Nkob8atXpjuhrrOBmvz8AAAD4J0irv4FP0pHFdJqOjNR+w78/dqaV6ZnZx05Nv3VusvZb+cHoSYuZroF8PrQyVSmPJXP5J9bmR8fzueJivvRoPm/8cdeOan6kNF2ZbHPs0Ol2Nen/md+72l07YIvVLy8VC8DjvW2pDLDNGtfR0/rslZfDyQDuVf5fGzrXbfp/ul31ALaf6z90rtX6/5WGvLUAuDe5/kPn0v+hQ6Xfrvry19teEaAdXP+hI23m//q3MNF/d1SjPYntbpRYV+EoEmnbv6hWJfrjrqjGxhOX8t7cyk9u84kJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgRf4OAAD//+Nr2uw=")

19.973743564s ago: executing program 4 (id=1239):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
getdents64(r0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000180)={[{@jqfmt_vfsold}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@orlov}, {@noload}, {@delalloc}, {@mblk_io_submit}, {@commit}, {@noblock_validity}, {@nogrpid}, {@init_itable_val={'init_itable', 0x3d, 0x4}}]}, 0xfa, 0x490, &(0x7f0000000c00)="$eJzs3M1vFOUfAPDvzLbl/df+EF9AkCoaiS8tLS9y8KLRhIMaEz1gPNW2kEqhhtYECNHqAS8mhsS78b8wnvRi1IsmXvVuSIjhAuplzezMwFJ22y3ddin7+STTPs/M032e78w8s8/M090AutZg9iOJ2BoRv0dEf569vcBg/uvGtYvjf1+7OJ5EtfrWX0mt3PVrF8fLouXfbckz1WqR39Cg3kvvRoxNT0+eLfLDc6c/GJ49f+H5qdNjJydPTp4ZPXr00ME9fUdGD7clziyu67s+mtm989g7l18fP375vZ+SNPK4Y0Ec7TKY792Gnmp3ZR22rS6d9NRv2fvLrXSjM4FOqkREdrh6a/2/Pyqx6ea2/nj10442DlhV1Wq1ushVeb4K3MeSWE7pyrJKA/ey8o0+u/8tlzUaetwTrr6U3wBlcd8olnxLT6R5Ym/vgvvbrW2sfzAijs//81W2xCo9hwAAqPddNv55rtH4L42H8kRf9uN/xRzKQET8PyK2R8QDEbEjIh6MqJV9OCIeWWb9C2dI7hz/pFfuOrgWZOO/F4u5rdvHf2lZZKBS5LbV4u9NTkxNTx4o9sn+6N1wYiqZHFmkju9f+e2LZtvqx3/ZktVfjgWLdlzpWfCAbmJsbmwlMde7+knErp5G8SdRTuMkEbEzInbdZR1Tz/Q03bZ0/Ito/rItq34d8XR+/OdjQfylpOn85MgLR0YPD2+M6ckDw+VZcaeff730ZrP6VxR/G2THf3PD8/9m/APJxojZ8xdO1eZrZ5f18lnXiUt/fNb0nqaIP+teWfx9sfj5f2xbcf73JW/XVvQVG86Nzc2dHYnoS167c/3orVcr82X5LP79+xr3/+1xa088GhG7I2JPRDyW3RQWbX88Ip6IiH2L7IQfX37y/SXib3D812auNIt/YqnjH/XHf/mJyqkfvl06/o0R0ez6d6iW2l+saeX612oDV7LvAAAAYL3I/wc+SYduptN0aCj/H/4dsTmdnpmde/bEzIdnJvJ574HoTcsnXf11z0NHimfDZX50Qf5g8dz4y8qmWn5ofGZ6otPBQ5fb0qT/Z/6sdLp1wKprwzwasE7p/9C99H/oTon+D11N/4fu1aj/f9y09NA3q9oYYE15/4fu1UL/n89/NR8VAOuT93/oXkv3/8/XpB3Ammr62fh0RR/5X/PEv8X3Gd4r7bn/E5Eu/6/K28iON349JXpa/jKLc2/knaCFwtX+/EhkazY0LNPRyxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDb/BcAAP//WgLgwQ==")
pwrite64(0xffffffffffffffff, &(0x7f0000005680)="a9", 0x1, 0x600000fff)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x81)
ioctl$EVIOCSREP(r1, 0x40084503, &(0x7f0000000040)=[0x4, 0x58])
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket(0xa, 0x1, 0x84)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x9100, 0x0, 0x0)

19.844320592s ago: executing program 4 (id=1240):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, 0x0)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffb2, 0x0, 0x0, 0x10, 0x5}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)

19.842859592s ago: executing program 2 (id=1241):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, 0x0, 0x0)

19.667602532s ago: executing program 2 (id=1242):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, &(0x7f0000000100))
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000)
syz_emit_ethernet(0x82, &(0x7f0000000000)=ANY=[@ANYBLOB="bbbbbbbbbbbb00000000000088a800008100000086dd605f106000442f00fc000000000000000000000000000000ff020000000000000000000000000001242081000000000003e80800000086dd080088be86dd"], 0x0)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
unshare(0x26020400)
openat(r1, &(0x7f00000001c0)='./bus\x00', 0x800, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
unshare(0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
unshare(0x22020600)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0), 0x4)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000004e80), r4)
sendmsg$IEEE802154_ASSOCIATE_RESP(r4, &(0x7f0000004f80)={0x0, 0x0, &(0x7f0000004f40)={&(0x7f0000004ec0)={0x14, r5, 0x1, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x8001}, 0x4008000)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)

19.666732672s ago: executing program 0 (id=1243):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
unshare(0x2c000680)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xd0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
ptrace$setregset(0x4205, 0x0, 0x2, &(0x7f0000000040)={&(0x7f0000000340)="e5a82dced95927ba0688e2fcca2134962612c5a932aaf64858297f795280f0e55e166aa168b31d5b3ff0f7ad8035b1b7ea7957c5df0be20ae7168e2807d446aa0ec3d324c5531f602845855d659a54a1691465838152254431ccfb26174ecdd3f52167974d5a5b841afbe7d825b920dc21792b1749", 0x75})
get_robust_list(r1, &(0x7f00000005c0)=&(0x7f0000000580)={&(0x7f0000000500)={&(0x7f00000004c0)}}, &(0x7f0000000600)=0x18)
unshare(0x40020480)
socket$inet_tcp(0x2, 0x1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x7, &(0x7f00000006c0)={0x0, 0x0, 0xac1d})
fcntl$lock(r4, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x80, 0x7})
read$FUSE(0xffffffffffffffff, &(0x7f0000002080)={0x2020}, 0x2020)
add_key(&(0x7f00000006c0)='asymmetric\x00', 0x0, &(0x7f0000000800)="3080", 0x2, 0xffffffffffffffff)
ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003})

19.112462795s ago: executing program 3 (id=1244):
socket$packet(0x11, 0x3, 0x300)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/packet\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x8, &(0x7f0000000000)=0x6, 0x4)
getsockopt$inet6_tcp_buf(r5, 0x6, 0x8, 0x0, &(0x7f0000001040))
writev(r4, &(0x7f0000000180)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f04000000484100100000000004e438d2fd00000000004a7b72000000000000000000f90000", 0x39}], 0x1)
pread64(r0, &(0x7f00000003c0)=""/179, 0xb3, 0x40)

18.915881506s ago: executing program 4 (id=1245):
r0 = syz_open_dev$vcsa(&(0x7f0000000000), 0x7fff, 0x511002)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r0, 0x8008f511, &(0x7f0000000040))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0x0)
setuid(0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x1, 0x3, 0x7fff0001}]})
write$UHID_INPUT(r1, 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000001c0)=@filter={'filter\x00', 0x42, 0x4, 0x370, 0xffffffff, 0xf8, 0xf8, 0x1b8, 0xffffffff, 0xffffffff, 0x2d8, 0x2d8, 0x2d8, 0xffffffff, 0x4, 0x0, {[{{@ip={@empty, @loopback, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {}, 0x11}, 0x0, 0xd0, 0xf8, 0x0, {0x100000000000000}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x2, 0x0, 0xf}}, @common=@unspec=@connmark={{0x30}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@unspec=@state={{0x28}, {0x7}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@ip={@multicast2, @private=0xa010102, 0x0, 0x0, 'veth1_virt_wifi\x00', '\x00', {}, {}, 0x0, 0x1}, 0x0, 0xe0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00', 0x0, 0x9}}, @common=@socket0={{0x20}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3d0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f00000004c0)=ANY=[@ANYBLOB="6e6f626172726965722c6e6f657874656e745f63616368652c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474720000693a653d3078303030303030303030303030303766662c736d61636b6673726f6f080000006673f52b00e58abba2d0cc27be339f6f4fe5ad35a724e1531a622f050000008586eb5ba3614d2c24abf5a2614c0f111e057112dafd66336a5e3b6512b81cda80be6e9a34ccc2b88c0100008000000000e3f5def862b95c20ee847008000b0c22653d2ff39b36732e46b56357afe57094f42ba61c5e8b4e184d7dd50000000000000000c0469264c247cd3c7fcb39043dda97538456bc294ae31e525d3b664cf8e83b52b1885b866b58698b3f132aced62a4fc7c8c400b805173d7488a35708d2523190c0014689f57be6ee3f5d28935a0000000000000000000000000000000000000059c1403d010001008ab61fa90695a8b268c277645c1e357ec9316354f659d4244fe126a8364eaa0de6bf4ba21c767782a04bdbb8c86d0cc7e3f03f8ef15c0ee311768cccb8affb0ae5d7cd0000000097676c046a6c754c98dd5f400ad99a588d983ae6e07b4e0e0907266aca53b30a815a84295fb5eab2f263613d36994dc15562892c33ed149270907e9c2e4d0cac7dd9735621a0c6768d4f70c664699157854bb1b85ce3f6ea44456e4f1ae1575315d77f2b995ce4d6ce21b17ca891c155ddd9916e997c32e78231e8d54675e4edf480980023b9736180ff98cf93f888eb70abb728b7e91a5d75b7e43e54f92b6e679249576f12533bef1c93aa993977f15c0a7b595423444db6e87480c46c408f6d48afa1ba"], 0x1, 0x5514, &(0x7f0000005d80)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DCJmy67aK3qrv4gV3KqgdPmiZpyG6SKU2a1p48eBQPnv0nRMGTR/8GD569iQfFm6BkZqpbP8ClSWPb3w8mz7xv3jzzvGFZeGZKAjiz5pNffirFtbgUEbMRcTUiOy8VR2Y1D89FxPWImHnsKBXzf0ycj4jLEXFtlDzPWSre+vTm8MbKj2/8/PW3F85d+fyr76a3a2Dano+I7lZ+vtvNY9rK48NivjZsZ7G7PCxi/kb3UTFO87jb3Mgy7NYO1tWyeLuVr0+3dvqjuNmp1Uex1d7M5rd6+QX7w9ZBnuwDD2vb2bjR3Mhiu59msbWf17W3n//ftt8f5HkaRb4PsvQxGBzEfL6518z3s/Uoi/XeoJjP86aN5t4oDotYXC7qaaeR1bFxlG/6/+3Ndm9nLxk2t/vttJesVKovVKp3ytXttNEcNJfLtW7jznKy0OqMlpUHzVp3tZWmrU6zUk+7i8lCq14vV6vJwt3mRrvWS6rVyu3KrfLKYnF2M3n1/jtJp5EsjOLL7d7OoN3pJ5vpdpJ/YjFZqtx+cTG5UU3eWltP1h/cu7e2/vZ7d9+9/9La668Ui/5WVrKwdGtpqVy9VV6qLp6h/X9UFD3G/cORlJ5s+YVJ1QFwguj/gWmYXP+//SBi8v1/6P/H4kT1vxPr/z87s/uHI3nC/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNPj+7kvXstO5vPxlWL+qWLqmWJcioiZiPjtH8zG+UM5Z4s8c/+yfu4vNXxTiizD6BoXiuNyRKwWx69PT/pbAAAAgNPryw+vf5J36/nL/LQL4jjlN21mrr4/pnyliJib/2FM2WZGL8+OKVn27/tc7I0pW3YD6+KYkuW33M6NK9t/MnsoXHwslPIwc6zlAAAAx+JwJ3C8XQgAAADH6eNpF8B0lOLgUebBs+DsL+//fCB46dAIAAAAOIFK0y4AAAAAmLis//f7fwAAAHC65b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7lpA1EcgJ8NLvSfiqru26N0B8foEbrssuIAvQRHoFfIBTgD2eUIEUR4HBSiJIrisa2Q75PMMBb8/IzwYmakAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALp0Wa0X//9+/9c2Z7dv54WX/dG2bgAAAHgLttV6Ub+Zpf7H5vzn5tTXpl9ERBkRD43dR/HuJHPU5FSPfL66V8NFRJ1wuMakOT5ExM/muP7S9a8AAAAA52uzXM3TaD29zIYuiD6lSZvy069MeUVEVLOrTGnlIe9bprD6/z2OP5nS6gmsaaawNOU2zpX2LPXjfpy1m95pitSUT38/270DAAA9Gp00/Y5CAAAA6NPvoQtgGEXcLmUelwInqWmW996f9AAAAIBXqBi6AAAAAKBz9fjf/n8AAABw3tL+fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHRpW60Xm+Vq3jZnt28nz90AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADfvzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9tCoAgEIbBrezrX3j/w8YLeoYIZkB42EVBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBH7hnLOLXO2BJPVbVME3vGvaqOrBJnVokrF/p4sPUPfwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMvO/bzGUcUBAH8zs7NJq+IaZQ8RseBBLzbd1tbexIMSPPgnCCHd1titP9ocbClCLt4k515EjyKCEm/9H3puoZd662EPFTxX5lcy+XFYhZ3ZZD8fePO+Mwzzvm8WQr77XgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsM/5wL06yQ6+I4/Law2d317P+0YE+c3/78XLWsjhqMunj4Y36SdSvnSw2nwwAAADzIanq+xDCk3RnNevjXl7/p9U9Wc3/00tFXNXzB+v+qq9q/6z9+cfT13YH6hXjZA+9ujEanjucSmd6s5xhz1+e4KZO/ubz716S/AOJP9l6dZzm7zP64cGDj7p5uDD9dAGA/+ds1ZdB9ftQ1g/aTAyAudGpFd5V/Z/02s0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAnjrfBCFUchhOXOXpx59Ozu+lH9/e3Hy1W7dO/edv2Z2SPSEMLVjdHwXFhscDaz7dbtO9fXRqPhzeaDN0MIbY3+QTn9659NcHMIU0rjTEtvfs6CuPywZyWf4xG0+EMJAIATKS1bVtc/SXdWs2vRUgjPf95f/79di8OE9f/Tzy89rI9Vr/8Hjc1w9q1s3vh65dbtO+9u3Fi7Nrw2/PK984P3BxcuX7x4eSX/rqQ4tp0mAAAAx1i3bPX6P146vP5/uhaHCev/b34cfFcfK1H/H2lv0a/tTAAAAObbK2f++Ts64nrU7YZv1zY3bw6K4+75+eLYQqr/2ULZ6vV/stR2VgAAAEATxlvRvvX/K7U4TLj+/+Ivr/9Wf2YSQjhVrv+fXf9qdKW56cy0qfzx8EL5cDsLAAAAKOvxUwfW/9N8/3+8u+UhDiG881YRl/8GcKL6P/n4+1/rY9X3/19oboozKe4X7yPv+yF0+m1nBAAAwEm2mLdeXv//le6sfvH76U+79v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANO3fAAAA///FdTwZ")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
fdatasync(r4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0xfffe, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee00}, {0x0, 0x0, 0x4, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1, 0x0, 0x0, 0x646bc1bddda1898c}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0xfffffffe, 0x3, 0x0, 0x7, 0x0, 0x8001}}, 0xe8)
sendmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x2e9, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r3, 0xc020662a, &(0x7f0000000880)={0x200000000000, 0x8, 0x3, 0x2000, 0x6, 0x0, [{0x1, 0x32, 0x8, '\x00', 0x1a89}, {0x2, 0xe, 0x3, '\x00', 0x102}, {0x10000, 0x40000000000, 0x0, '\x00', 0x1000}, {0x0, 0x7fffffff, 0x956, '\x00', 0x200}, {0x2, 0xfffffffffffffff8, 0x4d0, '\x00', 0x2002}, {0x212, 0xb826, 0x1, '\x00', 0x180}]})
sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000a00)=ANY=[@ANYRESOCT=r2], 0x10}}, 0x4000040)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

18.582011277s ago: executing program 2 (id=1246):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0b00000000010000081100000900000001"], 0x50)
bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x3, r0}, 0x38)

18.581441956s ago: executing program 2 (id=1247):
socket$packet(0x11, 0x3, 0x300)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/packet\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x8, &(0x7f0000000000)=0x6, 0x4)
writev(r4, &(0x7f0000000180)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f04000000484100100000000004e438d2fd00000000004a7b72000000000000000000f90000", 0x39}], 0x1)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000040)="4dff000013001118680907070000000f0000ff3f04000000170a001700000000040014001000030001302564aa58b9a64411f6bbf44dc48f57", 0xff4d}], 0x1)
pread64(r0, &(0x7f00000003c0)=""/179, 0xb3, 0x40)

18.52515273s ago: executing program 0 (id=1248):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000001180)=ANY=[@ANYBLOB="12010000090003206d0414c34000ffff000109022400010400a000090400000103010100093700086ce82201000905815f"], 0x0)
syz_usb_control_io$hid(r2, &(0x7f00000001c0)={0x14, &(0x7f0000000dc0)=ANY=[@ANYBLOB="00020c0000000c0002"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000000)=0x3)
ioctl$PPPIOCSMRRU(r4, 0x4004743c, 0x0)
bind$inet(r3, &(0x7f0000000240)={0x2, 0x4e20, @local}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x300)
mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2012024, 0x0)
setsockopt$inet_int(r3, 0x0, 0x14, &(0x7f0000000000)=0x40, 0x4)
socket$unix(0x1, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000001000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000180)={[{@errors_remount}]}, 0xfe, 0x269, &(0x7f0000000200)="$eJzs3b1rJGUcB/Df7EvWmBCiNja+gIhoIMRCEGy0UQhIEBFBhYiIlSRCTNqslY2FvUoqmyB2RkuxCTb3B+TuUuSaa8IVF+7grthjZnaPzWZDXvZljsznA7szz87ztrDfZyeQmQ2gtGYj4t2IqEbEXETUIyLprvBy/phtF7cmd5cjWq2P7yRZvbyc67SbiohmRLwdUesc29j5/ODe3gev/bRef/X3nc8mx/X+uh0e7H949NvSj38tvrlRab823d52v49hSvq8Vksinh3FYE+IpFb0DDifP6+nuX8uIl7J8l+PSjuyP69N/FePN37t327iaLzzBEah1aqn34HNFlA6lewcOKnMR0S+X6nMz+fn8DeqSXy7uvb93Der6ytfF71SAUOQNPO/e/ff/6fx91RP/m9X8/yfy1sjnikwEmn+P/lo+2a6f1QtejbAWLyQb9L8z325+XrIP5SO/EN5yT+Ul/zDFXDJ7Mo/lJf8Q3nJP1xh9c5Os+/hwfN/v/0fhJefIjBuM9mz738or578F3I9LlCM7vwDAOXSahR8ATJQmKLXHwAAAAAAAAAAAAAAAAAA4KStyd3lzmNcY/7/S8ThexFROz5+IztazX6POOKp7Pnpu0la7bEkbzaQL14asIMB/THkq6+XGherP3NruONf1LUXR9PvD8eLp97bbnMloplWXqjVTn7+k/bn70yn9v/MGQ3rX51vgGFJesrvfDre8Xs93C52/MW9iH/T9Weh3/pXieezbf/1Z7r7FsuX9N2DATsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgbB4FAAD//1eqcO0=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

18.064151417s ago: executing program 3 (id=1249):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
readv(r0, &(0x7f00000024c0)=[{0x0}], 0x1)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)={0x0, 0xffffffff, 0x0, 0x9, 0x0, "0006000000df0066952e0d16c708db720800"})
syz_open_pts(r0, 0x105142)

18.046041998s ago: executing program 3 (id=1250):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
getdents64(r0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000180)={[{@jqfmt_vfsold}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@orlov}, {@noload}, {@delalloc}, {@mblk_io_submit}, {@commit}, {@noblock_validity}, {@nogrpid}, {@init_itable_val={'init_itable', 0x3d, 0x4}}]}, 0xfa, 0x490, &(0x7f0000000c00)="$eJzs3M1vFOUfAPDvzLbl/df+EF9AkCoaiS8tLS9y8KLRhIMaEz1gPNW2kEqhhtYECNHqAS8mhsS78b8wnvRi1IsmXvVuSIjhAuplzezMwFJ22y3ddin7+STTPs/M032e78w8s8/M090AutZg9iOJ2BoRv0dEf569vcBg/uvGtYvjf1+7OJ5EtfrWX0mt3PVrF8fLouXfbckz1WqR39Cg3kvvRoxNT0+eLfLDc6c/GJ49f+H5qdNjJydPTp4ZPXr00ME9fUdGD7clziyu67s+mtm989g7l18fP375vZ+SNPK4Y0Ec7TKY792Gnmp3ZR22rS6d9NRv2fvLrXSjM4FOqkREdrh6a/2/Pyqx6ea2/nj10442DlhV1Wq1ushVeb4K3MeSWE7pyrJKA/ey8o0+u/8tlzUaetwTrr6U3wBlcd8olnxLT6R5Ym/vgvvbrW2sfzAijs//81W2xCo9hwAAqPddNv55rtH4L42H8kRf9uN/xRzKQET8PyK2R8QDEbEjIh6MqJV9OCIeWWb9C2dI7hz/pFfuOrgWZOO/F4u5rdvHf2lZZKBS5LbV4u9NTkxNTx4o9sn+6N1wYiqZHFmkju9f+e2LZtvqx3/ZktVfjgWLdlzpWfCAbmJsbmwlMde7+knErp5G8SdRTuMkEbEzInbdZR1Tz/Q03bZ0/Ito/rItq34d8XR+/OdjQfylpOn85MgLR0YPD2+M6ckDw+VZcaeff730ZrP6VxR/G2THf3PD8/9m/APJxojZ8xdO1eZrZ5f18lnXiUt/fNb0nqaIP+teWfx9sfj5f2xbcf73JW/XVvQVG86Nzc2dHYnoS167c/3orVcr82X5LP79+xr3/+1xa088GhG7I2JPRDyW3RQWbX88Ip6IiH2L7IQfX37y/SXib3D812auNIt/YqnjH/XHf/mJyqkfvl06/o0R0ez6d6iW2l+saeX612oDV7LvAAAAYL3I/wc+SYduptN0aCj/H/4dsTmdnpmde/bEzIdnJvJ574HoTcsnXf11z0NHimfDZX50Qf5g8dz4y8qmWn5ofGZ6otPBQ5fb0qT/Z/6sdLp1wKprwzwasE7p/9C99H/oTon+D11N/4fu1aj/f9y09NA3q9oYYE15/4fu1UL/n89/NR8VAOuT93/oXkv3/8/XpB3Ammr62fh0RR/5X/PEv8X3Gd4r7bn/E5Eu/6/K28iON349JXpa/jKLc2/knaCFwtX+/EhkazY0LNPRyxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDb/BcAAP//WgLgwQ==")
pwrite64(0xffffffffffffffff, &(0x7f0000005680)="a9", 0x1, 0x600000fff)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x81)
ioctl$EVIOCSREP(r1, 0x40084503, &(0x7f0000000040)=[0x4, 0x58])
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket(0xa, 0x1, 0x84)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x9100, 0x0, 0x0)

17.939793944s ago: executing program 3 (id=1251):
r0 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001140)=@bpf_tracing={0x1a, 0x1e, &(0x7f0000000d40)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x80000001}, {}, {}, [@map_idx={0x18, 0x1, 0x5, 0x0, 0x1}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0x96}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @jmp={0x5, 0x0, 0xd, 0x8, 0x5, 0xfffffffffffffff8, 0x4}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='syzkaller\x00', 0x5, 0xf1, &(0x7f0000000e40)=""/241, 0x40f00, 0x20, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, &(0x7f0000001080)={0x5, 0x2}, 0x8, 0x10, &(0x7f00000010c0)={0x3, 0x9, 0x80, 0x9}, 0x10, 0x25dc5, 0xffffffffffffffff, 0x2, 0x0, &(0x7f0000001100)=[{0x5, 0x2, 0x4, 0x4}, {0x4, 0x5, 0x7, 0xb}], 0x10, 0xfff4}, 0x94)
r3 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)=@generic={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x18)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={@ifindex, 0xf, 0x0, 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0], 0x3, 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r4=>0x0}, 0x40)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000580)={[{@auto_da_alloc}, {@i_version}, {@bh}, {@inlinecrypt}, {@barrier}, {@test_dummy_encryption}, {@mblk_io_submit}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), 0xffffffffffffffff)
r6 = socket$inet(0x2, 0x2, 0x0)
ioctl$FS_IOC_FSGETXATTR(r6, 0x801c581f, 0x0)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(0xffffffffffffffff, &(0x7f0000000d00)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000440)={&(0x7f0000000c80)={0x4c, r5, 0x400, 0x70bd2a, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x4}}}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "8e6634b00c70b6cbf1cfb2449863fc38"}, @NL80211_ATTR_BSSID={0xa, 0xf5, @random="e3edd9811795"}, @NL80211_ATTR_BSSID={0xa, 0xf5, @from_mac=@broadcast}]}, 0x4c}, 0x1, 0x0, 0x0, 0x809}, 0x0)
mkdir(&(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x142)
rename(&(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r7 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$read(0xb, r7, &(0x7f0000000480)=""/137, 0x89)
r8 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000200)='syz1\x00', 0x200002, 0x0)
r9 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000001200)=ANY=[@ANYRES32=r8, @ANYRES32=r3, @ANYBLOB="0a0000001400000000000000", @ANYRES32=r9, @ANYBLOB="c94bb4ece7b6f74cb117ec14c1aacc4dd159d1acb0266163a162071d662be362171b7ef3cfbbed1b535a12f39ef8b391f6931cdbd482844d6d3b9d19d3ab096398cf9034201738e913a566ca301198431da682e30139fca091", @ANYRES64=r4], 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000400200007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823000054c2e0b11310f416b1f014cd6a645f8081b3ce7b5ee7319fb99159069ca683103e5348f5c1921f3c3df9248a7e44b3c81f0e8fd1b6566457a763ef996dd12619a7f5ce0d084bb9d0e523bf6751f0f1151016491455fdc4a7a6f9", @ANYRES32, @ANYBLOB="0000000000000000b705000008000000850000006a0000009500000000000000"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

17.448898143s ago: executing program 2 (id=1252):
r0 = socket$netlink(0x10, 0x3, 0x0)
timer_create(0x2, 0x0, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0)
timer_create(0x3, 0x0, &(0x7f0000000300)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f00000005c0)={{}, {0x0, 0x989680}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x48, 0x10, 0x1, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe, 0xd}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1a}, {0x4, 0x1b}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000009c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x4, 0x2, {0x0, "000000000010000000030200"}}}]}, 0x48}}, 0x0)
setsockopt$TIPC_MCAST_REPLICAST(r2, 0x10f, 0x86)

17.409941786s ago: executing program 4 (id=1253):
r0 = socket$inet6(0xa, 0x2, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000014c0)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (fail_nth: 1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet(0x2, 0x3, 0x8)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000700), 0xff, 0x49b, &(0x7f0000001040)="$eJzs3MtvVNUfAPDvnbY8fjzaHyIKglbQSHy0tKCycKFGExeamOgCl7UtiAzU0JoIabQYg0tD4t64NPEvcOfGqAtj4lYTl4aEaGNCcTXmvugwnSltaTvS+XyS6ZxzH3PO9957Zs69p/cG0LH60z9JxPaI+DUievPsrQv0529zs9OjN2anR5Oo1d74M8mWuz47PVouWq63rcgcrkRUPkni+WRhuZMXLp4ZqVbHzxf5wamz7w1OXrj41OmzI6fGT42fGz5+/NjRoWefGX56VeJM47q+78OJ/XtfeevKa6Mnrrz9w9dptfYcyOfXx3FbN5oE1ER/utX+qmUa5z26jLrfDXbUpZPuNlaEZemKiHR39WTtvze6Yn7n9cbLH7dec/P6VBBYM+lv0yIteaYGbGBJtLsGQHuUP/Tp+W/5Wqeux3/CtRciNhXpudnp0bmb8XdHpZjes4bl90fEiZl/vkhfsdzrEAAAK5D1bZ5s1v+rxJ7sPR/r2FmMofRFxP8jYldE3BMRuyPi3ohs2fsi4v585VrvEsvvb8gv7P9Urjat8ypJ+3/P1fX95uriL976uorcjiz+nuTk6er4kWKbHI6ezWl+aJEyvn3pl89azavv/6WvtPyyL1hU4Gp3wwW6sZGpkdXaCNcuRezrbhZ/cnMkID0C9kbEvuV99M4ycfrxr/a3Wuj28S9iFcaZal9GPJbv/5loiL+ULD4+ObglquNHBsujYqEff778eqvy7yj+VXDt4AN5Yn7/NyzR+3eSj9f2RLU6fn5y+WVc/u3Tluc0Kz3+NyVvZmPWP72TT/tgZGrq/FDEpuTVLF+e02XTh+fXLfPl8unxf/hQ8/a/q1gnjT/dSulBfCAiHoyIh4q6PxwRByPi0CLxf//iI+8uEn8SSbRv/1+KGGv6/Xfz+O9L6sfrV5DoOvPdN61GzOv3fy1ptf+PxUz2XZvLvv9uY6kVvMPNBwAAAHeFSkRsj6QykKf7t0elMjCQ/w//7vhfpToxOfXEyYn3z43l9wj0RU+lvNLVW3c9dCiZKT4xzw8X14rL+UeL68afd23N8gOjE9WxNscOnW7bre0/yvaf+qOr3bUD1pz7taBzNbb/SpvqAay/pfz+OxeAjenW9r8l/bO1XXUB1pfzf+hczdr/Rw15/X/YmBY+AOj3Jo+sAzYi/X/oXNo/dC7tHzpSfif8lVjJff0rT5Q3C6z8c7Ys+Q7/TkmUT7xYy7K2xvyUqLQ95A5KpC1mfQudf4YKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA3ezfAAAA//+5XeWQ")
r8 = creat(&(0x7f0000000280)='./bus\x00', 0x2)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, &(0x7f0000000740)=@raw={'raw\x00', 0x8, 0x3, 0x228, 0x0, 0xe138, 0x198, 0x0, 0x198, 0x190, 0x358, 0x358, 0x190, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'wg0\x00', 'bridge_slave_1\x00', {}, {}, 0x6, 0x3}, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x98, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x3}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x8, 0xd19, 0x8, 0x7, '\x00', 'syz1\x00', {0x100}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x288)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r8)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_START_AP(r8, &(0x7f00000004c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="88010000", @ANYRES16=r9, @ANYBLOB="04002bbd7000fbdbdf250f02000008000300", @ANYRES32=r10, @ANYBLOB="08000c006400000092008000001d6a235987f298098d3214c66f289dc3dc746da98f7c8982d937be2f0acb376d0501be466e952cecb1731b690804febe638c0cbe21333f30e44b3b7c47c66d78d0096f78a37e4b17be2b9da7203458e1837d379f7358321b0f64574d8c2d2e63dc32b293ec6226ffaf3377e92a4672e67e1f0419d8f68fd2d0e2af4229e756c3c1dd09ba1aff644e4164f211ec000018002a00250300240f3c0400033c757107000100ffff0720040005010500a200fc00000008003500020000009c005a803c00018014000300e6000100bb0606000600030081000c0024000200323d35163d5735430b0c2d4032473853202849414d14534e4f20541c56013841340003800500040002000000130002003437371b2944440a484b49542d3a2200140003000100020004000700f9ff080004000800280001800500060002000000050006000200000014000500ae0001010100ff03576f0000018002000500d50002000000"], 0x188}, 0x1, 0x0, 0x0, 0x4000}, 0x44)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x6, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x10, 0x8}, [@ldst={0x3, 0x0, 0x3, 0x0, 0x0, 0xff0e}], {0x95, 0x0, 0xc00}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10}, 0x2d)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f0000000000)=@ethtool_ringparam={0x9, 0x0, 0x8a, 0x0, 0x0, 0x2000000}})

17.349832948s ago: executing program 2 (id=1254):
r0 = socket$inet6(0xa, 0x2, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000014c0)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet(0x2, 0x3, 0x8)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000700), 0xff, 0x49b, &(0x7f0000001040)="$eJzs3MtvVNUfAPDvnbY8fjzaHyIKglbQSHy0tKCycKFGExeamOgCl7UtiAzU0JoIabQYg0tD4t64NPEvcOfGqAtj4lYTl4aEaGNCcTXmvugwnSltaTvS+XyS6ZxzH3PO9957Zs69p/cG0LH60z9JxPaI+DUievPsrQv0529zs9OjN2anR5Oo1d74M8mWuz47PVouWq63rcgcrkRUPkni+WRhuZMXLp4ZqVbHzxf5wamz7w1OXrj41OmzI6fGT42fGz5+/NjRoWefGX56VeJM47q+78OJ/XtfeevKa6Mnrrz9w9dptfYcyOfXx3FbN5oE1ER/utX+qmUa5z26jLrfDXbUpZPuNlaEZemKiHR39WTtvze6Yn7n9cbLH7dec/P6VBBYM+lv0yIteaYGbGBJtLsGQHuUP/Tp+W/5Wqeux3/CtRciNhXpudnp0bmb8XdHpZjes4bl90fEiZl/vkhfsdzrEAAAK5D1bZ5s1v+rxJ7sPR/r2FmMofRFxP8jYldE3BMRuyPi3ohs2fsi4v585VrvEsvvb8gv7P9Urjat8ypJ+3/P1fX95uriL976uorcjiz+nuTk6er4kWKbHI6ezWl+aJEyvn3pl89azavv/6WvtPyyL1hU4Gp3wwW6sZGpkdXaCNcuRezrbhZ/cnMkID0C9kbEvuV99M4ycfrxr/a3Wuj28S9iFcaZal9GPJbv/5loiL+ULD4+ObglquNHBsujYqEff778eqvy7yj+VXDt4AN5Yn7/NyzR+3eSj9f2RLU6fn5y+WVc/u3Tluc0Kz3+NyVvZmPWP72TT/tgZGrq/FDEpuTVLF+e02XTh+fXLfPl8unxf/hQ8/a/q1gnjT/dSulBfCAiHoyIh4q6PxwRByPi0CLxf//iI+8uEn8SSbRv/1+KGGv6/Xfz+O9L6sfrV5DoOvPdN61GzOv3fy1ptf+PxUz2XZvLvv9uY6kVvMPNBwAAAHeFSkRsj6QykKf7t0elMjCQ/w//7vhfpToxOfXEyYn3z43l9wj0RU+lvNLVW3c9dCiZKT4xzw8X14rL+UeL68afd23N8gOjE9WxNscOnW7bre0/yvaf+qOr3bUD1pz7taBzNbb/SpvqAay/pfz+OxeAjenW9r8l/bO1XXUB1pfzf+hczdr/Rw15/X/YmBY+AOj3Jo+sAzYi/X/oXNo/dC7tHzpSfif8lVjJff0rT5Q3C6z8c7Ys+Q7/TkmUT7xYy7K2xvyUqLQ95A5KpC1mfQudf4YKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA3ezfAAAA//+5XeWQ")
r8 = creat(&(0x7f0000000280)='./bus\x00', 0x2)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, &(0x7f0000000740)=@raw={'raw\x00', 0x8, 0x3, 0x228, 0x0, 0xe138, 0x198, 0x0, 0x198, 0x190, 0x358, 0x358, 0x190, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'wg0\x00', 'bridge_slave_1\x00', {}, {}, 0x6, 0x3}, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x98, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x3}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x8, 0xd19, 0x8, 0x7, '\x00', 'syz1\x00', {0x100}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x288)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r8)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_START_AP(r8, &(0x7f00000004c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="88010000", @ANYRES16=r9, @ANYBLOB="04002bbd7000fbdbdf250f02000008000300", @ANYRES32=r10, @ANYBLOB="08000c006400000092008000001d6a235987f298098d3214c66f289dc3dc746da98f7c8982d937be2f0acb376d0501be466e952cecb1731b690804febe638c0cbe21333f30e44b3b7c47c66d78d0096f78a37e4b17be2b9da7203458e1837d379f7358321b0f64574d8c2d2e63dc32b293ec6226ffaf3377e92a4672e67e1f0419d8f68fd2d0e2af4229e756c3c1dd09ba1aff644e4164f211ec000018002a00250300240f3c0400033c757107000100ffff0720040005010500a200fc00000008003500020000009c005a803c00018014000300e6000100bb0606000600030081000c0024000200323d35163d5735430b0c2d4032473853202849414d14534e4f20541c56013841340003800500040002000000130002003437371b2944440a484b49542d3a2200140003000100020004000700f9ff080004000800280001800500060002000000050006000200000014000500ae0001010100ff03576f0000018002000500d50002000000"], 0x188}, 0x1, 0x0, 0x0, 0x4000}, 0x44)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x6, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="b4000000000000000000000063000eff000000000000000000000000db6bccbb4190fafa65bd6e70d9375b7633a70856898bae87826a99e5c22b7f789e60c8808aef4a13357d3ade41e3c1c02fe67062593594bf10b022a80b1c64f1fcd621d91ff74cd6b6bf6817de00b4d242d8bb4e97c6cb40b8016f2539cd00000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10}, 0x2d)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f0000000000)=@ethtool_ringparam={0x9, 0x0, 0x8a, 0x0, 0x0, 0x2000000}})

16.887457336s ago: executing program 3 (id=1255):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, 0x0)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffb2, 0x0, 0x0, 0x10, 0x5}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)

16.804925611s ago: executing program 1 (id=1256):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'syz_tun\x00'})
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x2004d848}, 0x8080)
pwritev2(r1, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
syz_genetlink_get_family_id$gtp(&(0x7f00000000c0), r0)
fdatasync(r0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

2.173731462s ago: executing program 32 (id=1248):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000001180)=ANY=[@ANYBLOB="12010000090003206d0414c34000ffff000109022400010400a000090400000103010100093700086ce82201000905815f"], 0x0)
syz_usb_control_io$hid(r2, &(0x7f00000001c0)={0x14, &(0x7f0000000dc0)=ANY=[@ANYBLOB="00020c0000000c0002"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000000)=0x3)
ioctl$PPPIOCSMRRU(r4, 0x4004743c, 0x0)
bind$inet(r3, &(0x7f0000000240)={0x2, 0x4e20, @local}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x300)
mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2012024, 0x0)
setsockopt$inet_int(r3, 0x0, 0x14, &(0x7f0000000000)=0x40, 0x4)
socket$unix(0x1, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000001000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000180)={[{@errors_remount}]}, 0xfe, 0x269, &(0x7f0000000200)="$eJzs3b1rJGUcB/Df7EvWmBCiNja+gIhoIMRCEGy0UQhIEBFBhYiIlSRCTNqslY2FvUoqmyB2RkuxCTb3B+TuUuSaa8IVF+7grthjZnaPzWZDXvZljsznA7szz87ztrDfZyeQmQ2gtGYj4t2IqEbEXETUIyLprvBy/phtF7cmd5cjWq2P7yRZvbyc67SbiohmRLwdUesc29j5/ODe3gev/bRef/X3nc8mx/X+uh0e7H949NvSj38tvrlRab823d52v49hSvq8Vksinh3FYE+IpFb0DDifP6+nuX8uIl7J8l+PSjuyP69N/FePN37t327iaLzzBEah1aqn34HNFlA6lewcOKnMR0S+X6nMz+fn8DeqSXy7uvb93Der6ytfF71SAUOQNPO/e/ff/6fx91RP/m9X8/yfy1sjnikwEmn+P/lo+2a6f1QtejbAWLyQb9L8z325+XrIP5SO/EN5yT+Ul/zDFXDJ7Mo/lJf8Q3nJP1xh9c5Os+/hwfN/v/0fhJefIjBuM9mz738or578F3I9LlCM7vwDAOXSahR8ATJQmKLXHwAAAAAAAAAAAAAAAAAA4KStyd3lzmNcY/7/S8ThexFROz5+IztazX6POOKp7Pnpu0la7bEkbzaQL14asIMB/THkq6+XGherP3NruONf1LUXR9PvD8eLp97bbnMloplWXqjVTn7+k/bn70yn9v/MGQ3rX51vgGFJesrvfDre8Xs93C52/MW9iH/T9Weh3/pXieezbf/1Z7r7FsuX9N2DATsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgbB4FAAD//1eqcO0=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

1.073282447s ago: executing program 33 (id=1254):
r0 = socket$inet6(0xa, 0x2, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000014c0)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet(0x2, 0x3, 0x8)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000700), 0xff, 0x49b, &(0x7f0000001040)="$eJzs3MtvVNUfAPDvnbY8fjzaHyIKglbQSHy0tKCycKFGExeamOgCl7UtiAzU0JoIabQYg0tD4t64NPEvcOfGqAtj4lYTl4aEaGNCcTXmvugwnSltaTvS+XyS6ZxzH3PO9957Zs69p/cG0LH60z9JxPaI+DUievPsrQv0529zs9OjN2anR5Oo1d74M8mWuz47PVouWq63rcgcrkRUPkni+WRhuZMXLp4ZqVbHzxf5wamz7w1OXrj41OmzI6fGT42fGz5+/NjRoWefGX56VeJM47q+78OJ/XtfeevKa6Mnrrz9w9dptfYcyOfXx3FbN5oE1ER/utX+qmUa5z26jLrfDXbUpZPuNlaEZemKiHR39WTtvze6Yn7n9cbLH7dec/P6VBBYM+lv0yIteaYGbGBJtLsGQHuUP/Tp+W/5Wqeux3/CtRciNhXpudnp0bmb8XdHpZjes4bl90fEiZl/vkhfsdzrEAAAK5D1bZ5s1v+rxJ7sPR/r2FmMofRFxP8jYldE3BMRuyPi3ohs2fsi4v585VrvEsvvb8gv7P9Urjat8ypJ+3/P1fX95uriL976uorcjiz+nuTk6er4kWKbHI6ezWl+aJEyvn3pl89azavv/6WvtPyyL1hU4Gp3wwW6sZGpkdXaCNcuRezrbhZ/cnMkID0C9kbEvuV99M4ycfrxr/a3Wuj28S9iFcaZal9GPJbv/5loiL+ULD4+ObglquNHBsujYqEff778eqvy7yj+VXDt4AN5Yn7/NyzR+3eSj9f2RLU6fn5y+WVc/u3Tluc0Kz3+NyVvZmPWP72TT/tgZGrq/FDEpuTVLF+e02XTh+fXLfPl8unxf/hQ8/a/q1gnjT/dSulBfCAiHoyIh4q6PxwRByPi0CLxf//iI+8uEn8SSbRv/1+KGGv6/Xfz+O9L6sfrV5DoOvPdN61GzOv3fy1ptf+PxUz2XZvLvv9uY6kVvMPNBwAAAHeFSkRsj6QykKf7t0elMjCQ/w//7vhfpToxOfXEyYn3z43l9wj0RU+lvNLVW3c9dCiZKT4xzw8X14rL+UeL68afd23N8gOjE9WxNscOnW7bre0/yvaf+qOr3bUD1pz7taBzNbb/SpvqAay/pfz+OxeAjenW9r8l/bO1XXUB1pfzf+hczdr/Rw15/X/YmBY+AOj3Jo+sAzYi/X/oXNo/dC7tHzpSfif8lVjJff0rT5Q3C6z8c7Ys+Q7/TkmUT7xYy7K2xvyUqLQ95A5KpC1mfQudf4YKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA3ezfAAAA//+5XeWQ")
r8 = creat(&(0x7f0000000280)='./bus\x00', 0x2)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, &(0x7f0000000740)=@raw={'raw\x00', 0x8, 0x3, 0x228, 0x0, 0xe138, 0x198, 0x0, 0x198, 0x190, 0x358, 0x358, 0x190, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'wg0\x00', 'bridge_slave_1\x00', {}, {}, 0x6, 0x3}, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x98, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x3}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x8, 0xd19, 0x8, 0x7, '\x00', 'syz1\x00', {0x100}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x288)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r8)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_START_AP(r8, &(0x7f00000004c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="88010000", @ANYRES16=r9, @ANYBLOB="04002bbd7000fbdbdf250f02000008000300", @ANYRES32=r10, @ANYBLOB="08000c006400000092008000001d6a235987f298098d3214c66f289dc3dc746da98f7c8982d937be2f0acb376d0501be466e952cecb1731b690804febe638c0cbe21333f30e44b3b7c47c66d78d0096f78a37e4b17be2b9da7203458e1837d379f7358321b0f64574d8c2d2e63dc32b293ec6226ffaf3377e92a4672e67e1f0419d8f68fd2d0e2af4229e756c3c1dd09ba1aff644e4164f211ec000018002a00250300240f3c0400033c757107000100ffff0720040005010500a200fc00000008003500020000009c005a803c00018014000300e6000100bb0606000600030081000c0024000200323d35163d5735430b0c2d4032473853202849414d14534e4f20541c56013841340003800500040002000000130002003437371b2944440a484b49542d3a2200140003000100020004000700f9ff080004000800280001800500060002000000050006000200000014000500ae0001010100ff03576f0000018002000500d50002000000"], 0x188}, 0x1, 0x0, 0x0, 0x4000}, 0x44)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x6, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="b4000000000000000000000063000eff000000000000000000000000db6bccbb4190fafa65bd6e70d9375b7633a70856898bae87826a99e5c22b7f789e60c8808aef4a13357d3ade41e3c1c02fe67062593594bf10b022a80b1c64f1fcd621d91ff74cd6b6bf6817de00b4d242d8bb4e97c6cb40b8016f2539cd00000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10}, 0x2d)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f0000000000)=@ethtool_ringparam={0x9, 0x0, 0x8a, 0x0, 0x0, 0x2000000}})

1.062610608s ago: executing program 34 (id=1253):
r0 = socket$inet6(0xa, 0x2, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000014c0)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (fail_nth: 1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet(0x2, 0x3, 0x8)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000700), 0xff, 0x49b, &(0x7f0000001040)="$eJzs3MtvVNUfAPDvnbY8fjzaHyIKglbQSHy0tKCycKFGExeamOgCl7UtiAzU0JoIabQYg0tD4t64NPEvcOfGqAtj4lYTl4aEaGNCcTXmvugwnSltaTvS+XyS6ZxzH3PO9957Zs69p/cG0LH60z9JxPaI+DUievPsrQv0529zs9OjN2anR5Oo1d74M8mWuz47PVouWq63rcgcrkRUPkni+WRhuZMXLp4ZqVbHzxf5wamz7w1OXrj41OmzI6fGT42fGz5+/NjRoWefGX56VeJM47q+78OJ/XtfeevKa6Mnrrz9w9dptfYcyOfXx3FbN5oE1ER/utX+qmUa5z26jLrfDXbUpZPuNlaEZemKiHR39WTtvze6Yn7n9cbLH7dec/P6VBBYM+lv0yIteaYGbGBJtLsGQHuUP/Tp+W/5Wqeux3/CtRciNhXpudnp0bmb8XdHpZjes4bl90fEiZl/vkhfsdzrEAAAK5D1bZ5s1v+rxJ7sPR/r2FmMofRFxP8jYldE3BMRuyPi3ohs2fsi4v585VrvEsvvb8gv7P9Urjat8ypJ+3/P1fX95uriL976uorcjiz+nuTk6er4kWKbHI6ezWl+aJEyvn3pl89azavv/6WvtPyyL1hU4Gp3wwW6sZGpkdXaCNcuRezrbhZ/cnMkID0C9kbEvuV99M4ycfrxr/a3Wuj28S9iFcaZal9GPJbv/5loiL+ULD4+ObglquNHBsujYqEff778eqvy7yj+VXDt4AN5Yn7/NyzR+3eSj9f2RLU6fn5y+WVc/u3Tluc0Kz3+NyVvZmPWP72TT/tgZGrq/FDEpuTVLF+e02XTh+fXLfPl8unxf/hQ8/a/q1gnjT/dSulBfCAiHoyIh4q6PxwRByPi0CLxf//iI+8uEn8SSbRv/1+KGGv6/Xfz+O9L6sfrV5DoOvPdN61GzOv3fy1ptf+PxUz2XZvLvv9uY6kVvMPNBwAAAHeFSkRsj6QykKf7t0elMjCQ/w//7vhfpToxOfXEyYn3z43l9wj0RU+lvNLVW3c9dCiZKT4xzw8X14rL+UeL68afd23N8gOjE9WxNscOnW7bre0/yvaf+qOr3bUD1pz7taBzNbb/SpvqAay/pfz+OxeAjenW9r8l/bO1XXUB1pfzf+hczdr/Rw15/X/YmBY+AOj3Jo+sAzYi/X/oXNo/dC7tHzpSfif8lVjJff0rT5Q3C6z8c7Ys+Q7/TkmUT7xYy7K2xvyUqLQ95A5KpC1mfQudf4YKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA3ezfAAAA//+5XeWQ")
r8 = creat(&(0x7f0000000280)='./bus\x00', 0x2)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, &(0x7f0000000740)=@raw={'raw\x00', 0x8, 0x3, 0x228, 0x0, 0xe138, 0x198, 0x0, 0x198, 0x190, 0x358, 0x358, 0x190, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'wg0\x00', 'bridge_slave_1\x00', {}, {}, 0x6, 0x3}, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x98, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x3}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x8, 0xd19, 0x8, 0x7, '\x00', 'syz1\x00', {0x100}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x288)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r8)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_START_AP(r8, &(0x7f00000004c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="88010000", @ANYRES16=r9, @ANYBLOB="04002bbd7000fbdbdf250f02000008000300", @ANYRES32=r10, @ANYBLOB="08000c006400000092008000001d6a235987f298098d3214c66f289dc3dc746da98f7c8982d937be2f0acb376d0501be466e952cecb1731b690804febe638c0cbe21333f30e44b3b7c47c66d78d0096f78a37e4b17be2b9da7203458e1837d379f7358321b0f64574d8c2d2e63dc32b293ec6226ffaf3377e92a4672e67e1f0419d8f68fd2d0e2af4229e756c3c1dd09ba1aff644e4164f211ec000018002a00250300240f3c0400033c757107000100ffff0720040005010500a200fc00000008003500020000009c005a803c00018014000300e6000100bb0606000600030081000c0024000200323d35163d5735430b0c2d4032473853202849414d14534e4f20541c56013841340003800500040002000000130002003437371b2944440a484b49542d3a2200140003000100020004000700f9ff080004000800280001800500060002000000050006000200000014000500ae0001010100ff03576f0000018002000500d50002000000"], 0x188}, 0x1, 0x0, 0x0, 0x4000}, 0x44)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x6, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x10, 0x8}, [@ldst={0x3, 0x0, 0x3, 0x0, 0x0, 0xff0e}], {0x95, 0x0, 0xc00}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10}, 0x2d)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f0000000000)=@ethtool_ringparam={0x9, 0x0, 0x8a, 0x0, 0x0, 0x2000000}})

7.38594ms ago: executing program 35 (id=1256):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'syz_tun\x00'})
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x2004d848}, 0x8080)
pwritev2(r1, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
syz_genetlink_get_family_id$gtp(&(0x7f00000000c0), r0)
fdatasync(r0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

0s ago: executing program 36 (id=1255):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, 0x0)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffb2, 0x0, 0x0, 0x10, 0x5}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)

kernel console output (not intermixed with test programs):

 enabled
[  170.758132][ T3065] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  170.910652][ T3065] EXT4-fs (loop3): 1 truncate cleaned up
[  170.916467][ T3065] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  170.966401][  T284] EXT4-fs (loop0): unmounting filesystem.
[  170.983445][ T3061] loop2: detected capacity change from 0 to 40427
[  171.010929][ T3061] F2FS-fs (loop2): Found nat_bits in checkpoint
[  171.047878][ T3074] loop0: detected capacity change from 0 to 1024
[  171.054656][ T3074] EXT4-fs: Ignoring removed nomblk_io_submit option
[  171.074045][ T3074] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  171.134669][ T3061] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  171.166457][ T3074] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  171.202825][  T284] EXT4-fs (loop0): unmounting filesystem.
[  171.252824][ T3084] loop0: detected capacity change from 0 to 128
[  171.430211][  T282] EXT4-fs (loop3): unmounting filesystem.
[  173.141462][ T3104] loop0: detected capacity change from 0 to 128
[  173.197583][  T334] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  174.977265][ T3124] loop1: detected capacity change from 0 to 1024
[  175.004910][  T434] usb 5-1: new full-speed USB device number 17 using dummy_hcd
[  175.024428][ T3124] EXT4-fs: Ignoring removed orlov option
[  175.097091][ T3124] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  175.173220][ T3121] loop0: detected capacity change from 0 to 40427
[  175.234117][  T434] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  175.254066][  T434] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  175.254079][ T3121] F2FS-fs (loop0): Found nat_bits in checkpoint
[  175.286467][  T434] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  175.295997][  T434] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  175.314389][  T434] usb 5-1: Product: syz
[  175.318801][  T434] usb 5-1: Manufacturer: syz
[  175.334233][  T434] hub 5-1:4.0: USB hub found
[  175.345332][ T3121] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  175.509110][  T283] EXT4-fs (loop1): unmounting filesystem.
[  175.571892][ T3146] loop3: detected capacity change from 0 to 8192
[  175.587709][ T3146] bio_check_eod: 9994 callbacks suppressed
[  175.587728][ T3146] syz.3.766: attempt to access beyond end of device
[  175.587728][ T3146] loop3: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  175.633284][ T3146] buffer_io_error: 8161 callbacks suppressed
[  175.633301][ T3146] Buffer I/O error on dev loop3, logical block 57847, async page read
[  175.665874][ T3146] syz.3.766: attempt to access beyond end of device
[  175.665874][ T3146] loop3: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  175.690530][ T3146] Buffer I/O error on dev loop3, logical block 57847, async page read
[  175.701873][ T3143] loop2: detected capacity change from 0 to 40427
[  175.710180][ T3145] syz.3.766: attempt to access beyond end of device
[  175.710180][ T3145] loop3: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  175.725382][ T3145] Buffer I/O error on dev loop3, logical block 57847, async page read
[  175.734376][ T3146] syz.3.766: attempt to access beyond end of device
[  175.734376][ T3146] loop3: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  175.766984][ T3143] F2FS-fs (loop2): Found nat_bits in checkpoint
[  175.779766][ T3121] syz.0.760: attempt to access beyond end of device
[  175.779766][ T3121] loop0: rw=2049, sector=77824, nr_sectors = 2048 limit=40427
[  175.816237][ T3146] Buffer I/O error on dev loop3, logical block 57847, async page read
[  175.846473][ T3121] syz.0.760: attempt to access beyond end of device
[  175.846473][ T3121] loop0: rw=2049, sector=79872, nr_sectors = 2048 limit=40427
[  175.860804][ T3145] syz.3.766: attempt to access beyond end of device
[  175.860804][ T3145] loop3: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  175.865517][ T3154] loop4: detected capacity change from 0 to 128
[  175.890655][ T3121] syz.0.760: attempt to access beyond end of device
[  175.890655][ T3121] loop0: rw=2049, sector=49152, nr_sectors = 1736 limit=40427
[  175.904480][ T3145] Buffer I/O error on dev loop3, logical block 57847, async page read
[  175.915014][ T3145] syz.3.766: attempt to access beyond end of device
[  175.915014][ T3145] loop3: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  175.924448][ T3143] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  175.964455][ T3145] Buffer I/O error on dev loop3, logical block 57847, async page read
[  175.973998][ T3154] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  175.990974][ T3146] syz.3.766: attempt to access beyond end of device
[  175.990974][ T3146] loop3: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  176.005079][ T3154] ext4 filesystem being mounted at /166/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  176.047854][ T3148] loop1: detected capacity change from 0 to 40427
[  176.065710][ T3146] Buffer I/O error on dev loop3, logical block 57847, async page read
[  176.123319][ T3146] Buffer I/O error on dev loop3, logical block 57847, async page read
[  176.131695][ T3145] Buffer I/O error on dev loop3, logical block 57847, async page read
[  176.143502][ T3148] F2FS-fs (loop1): Found nat_bits in checkpoint
[  176.149291][ T3146] Buffer I/O error on dev loop3, logical block 57847, async page read
[  176.296731][ T3148] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  176.411314][  T434] hub 5-1:4.0: config failed, can't read hub descriptor (err -22)
[  176.468130][  T434] usb 5-1: USB disconnect, device number 17
[  176.900886][ T1230] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  177.005121][ T3168] loop0: detected capacity change from 0 to 40427
[  177.023322][  T285] EXT4-fs (loop4): unmounting filesystem.
[  177.095884][ T1230] usb 4-1: Using ep0 maxpacket: 8
[  177.103647][ T1230] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  177.112837][ T1230] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.121421][ T1230] usb 4-1: Product: syz
[  177.125697][ T1230] usb 4-1: Manufacturer: syz
[  177.130629][ T1230] usb 4-1: SerialNumber: syz
[  177.156939][ T3168] F2FS-fs (loop0): Found nat_bits in checkpoint
[  177.203154][ T3168] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  177.545370][ T1230] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 18 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  177.565440][ T1230] usb 4-1: USB disconnect, device number 18
[  177.578041][ T1230] usblp0: removed
[  178.318460][ T3194] loop2: detected capacity change from 0 to 1024
[  178.374707][ T3194] EXT4-fs: Ignoring removed orlov option
[  178.419914][ T3194] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  178.720553][ T3206] loop3: detected capacity change from 0 to 512
[  178.895631][ T3206] EXT4-fs: Mount option(s) incompatible with ext2
[  178.983120][  T334] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  179.058278][ T3199] loop1: detected capacity change from 0 to 40427
[  179.098025][  T286] EXT4-fs (loop2): unmounting filesystem.
[  179.110321][ T3199] F2FS-fs (loop1): Found nat_bits in checkpoint
[  179.203972][ T3199] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  179.259033][ T3208] loop0: detected capacity change from 0 to 40427
[  179.303545][ T3208] F2FS-fs (loop0): Found nat_bits in checkpoint
[  179.360286][ T3208] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  179.436080][ T1251] usb 3-1: new full-speed USB device number 20 using dummy_hcd
[  179.643771][ T1251] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  179.738542][ T1251] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  179.877634][ T1251] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  179.990584][ T1251] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  179.999018][ T1251] usb 3-1: Product: syz
[  180.003427][ T1251] usb 3-1: Manufacturer: syz
[  180.015877][ T1251] hub 3-1:4.0: USB hub found
[  180.237297][ T3236] loop4: detected capacity change from 0 to 1024
[  180.247536][ T3236] EXT4-fs: Ignoring removed orlov option
[  180.311754][ T3236] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  180.418627][ T3214] loop2: detected capacity change from 0 to 128
[  180.451736][ T3214] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  180.471472][ T3214] ext4 filesystem being mounted at /148/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  180.587126][ T3244] loop1: detected capacity change from 0 to 512
[  180.593811][ T3244] EXT4-fs: Ignoring removed orlov option
[  180.599566][ T3244] EXT4-fs: Ignoring removed mblk_io_submit option
[  180.616167][ T3244] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2196: inode #15: comm syz.1.786: corrupted in-inode xattr
[  180.628580][ T3244] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.786: couldn't read orphan inode 15 (err -117)
[  180.640697][ T3244] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  180.649995][ T1251] hub 3-1:4.0: config failed, can't read hub descriptor (err -22)
[  180.682316][ T1251] usb 3-1: USB disconnect, device number 20
[  180.691240][  T283] EXT4-fs (loop1): unmounting filesystem.
[  180.721848][ T3240] loop3: detected capacity change from 0 to 40427
[  180.751940][ T3247] loop1: detected capacity change from 0 to 8192
[  180.764032][ T3240] F2FS-fs (loop3): Found nat_bits in checkpoint
[  180.771499][  T285] EXT4-fs (loop4): unmounting filesystem.
[  180.923750][ T3240] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  181.300532][  T286] EXT4-fs (loop2): unmounting filesystem.
[  181.372327][ T3263] loop2: detected capacity change from 0 to 1024
[  181.382816][ T3261] bio_check_eod: 22727 callbacks suppressed
[  181.382834][ T3261] syz.3.788: attempt to access beyond end of device
[  181.382834][ T3261] loop3: rw=2049, sector=77824, nr_sectors = 2056 limit=40427
[  181.389363][ T3263] EXT4-fs: Ignoring removed orlov option
[  181.418637][ T3261] syz.3.788: attempt to access beyond end of device
[  181.418637][ T3261] loop3: rw=2049, sector=79880, nr_sectors = 2040 limit=40427
[  181.439257][ T3261] syz.3.788: attempt to access beyond end of device
[  181.439257][ T3261] loop3: rw=2049, sector=49152, nr_sectors = 2056 limit=40427
[  181.454577][ T3263] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  181.464789][ T3261] syz.3.788: attempt to access beyond end of device
[  181.464789][ T3261] loop3: rw=2049, sector=51208, nr_sectors = 312 limit=40427
[  181.504850][ T3254] loop0: detected capacity change from 0 to 40427
[  181.544982][ T3254] F2FS-fs (loop0): Found nat_bits in checkpoint
[  181.577061][ T3240] syz.3.788: attempt to access beyond end of device
[  181.577061][ T3240] loop3: rw=524288, sector=77824, nr_sectors = 256 limit=40427
[  181.591319][ T3240] syz.3.788: attempt to access beyond end of device
[  181.591319][ T3240] loop3: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  181.605038][ T3240] syz.3.788: attempt to access beyond end of device
[  181.605038][ T3240] loop3: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  181.618615][ T3240] syz.3.788: attempt to access beyond end of device
[  181.618615][ T3240] loop3: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  181.632203][ T3240] syz.3.788: attempt to access beyond end of device
[  181.632203][ T3240] loop3: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  181.647270][ T3240] syz.3.788: attempt to access beyond end of device
[  181.647270][ T3240] loop3: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  181.789222][ T3254] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  181.862893][ T3277] loop1: detected capacity change from 0 to 1024
[  181.870175][ T3277] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  181.933800][ T3277] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  181.942396][ T3277] EXT4-fs (loop1): orphan cleanup on readonly fs
[  181.949029][ T3277] EXT4-fs error (device loop1): ext4_read_inode_bitmap:168: comm syz.1.794: Inode bitmap for bg 0 marked uninitialized
[  181.961882][ T3277] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  182.004194][  T286] EXT4-fs (loop2): unmounting filesystem.
[  182.064350][ T3277] netlink: 'syz.1.794': attribute type 1 has an invalid length.
[  182.326653][ T3285] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  182.465768][ T3285] loop2: detected capacity change from 0 to 2048
[  182.545543][ T1251] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  182.559256][  T334] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  182.773017][ T1251] usb 2-1: Using ep0 maxpacket: 8
[  182.780767][ T1251] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  182.799366][ T1251] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.818115][ T1251] usb 2-1: Product: syz
[  182.827513][ T1251] usb 2-1: Manufacturer: syz
[  182.838086][ T1251] usb 2-1: SerialNumber: syz
[  182.881394][  T537] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  183.070591][ T1251] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 20 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  183.082686][  T537] usb 3-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  183.100301][  T537] usb 3-1: config 0 interface 0 has no altsetting 0
[  183.107116][ T1251] usb 2-1: USB disconnect, device number 20
[  183.120509][  T537] usb 3-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[  183.129971][ T1251] usblp0: removed
[  183.137137][  T537] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.148663][  T537] usb 3-1: config 0 descriptor??
[  183.168752][ T3295] loop4: detected capacity change from 0 to 128
[  183.314740][ T3008] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  183.509735][ T3008] usb 1-1: Using ep0 maxpacket: 8
[  183.517419][ T3008] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  183.526763][  T346] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  183.534462][ T3008] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.542706][ T3008] usb 1-1: Product: syz
[  183.546968][ T3008] usb 1-1: Manufacturer: syz
[  183.551776][ T3008] usb 1-1: SerialNumber: syz
[  183.780688][  T346] usb 5-1: Using ep0 maxpacket: 8
[  183.818745][  T346] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  183.839782][  T346] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.849162][  T346] usb 5-1: Product: syz
[  183.853550][  T346] usb 5-1: Manufacturer: syz
[  183.862735][  T283] EXT4-fs (loop1): unmounting filesystem.
[  183.868795][  T346] usb 5-1: SerialNumber: syz
[  184.016336][ T3008] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 21 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  184.033305][ T3008] usb 1-1: USB disconnect, device number 21
[  184.041965][ T3008] usblp0: removed
[  184.050808][ T3304] loop1: detected capacity change from 0 to 8192
[  184.064630][ T3304] buffer_io_error: 2170 callbacks suppressed
[  184.064907][ T3304] Buffer I/O error on dev loop1, logical block 57847, async page read
[  184.083203][ T3304] Buffer I/O error on dev loop1, logical block 57847, async page read
[  184.092350][ T3304] Buffer I/O error on dev loop1, logical block 57847, async page read
[  184.109128][ T3304] Buffer I/O error on dev loop1, logical block 57847, async page read
[  184.120642][ T3303] Buffer I/O error on dev loop1, logical block 57847, async page read
[  184.130272][ T3303] Buffer I/O error on dev loop1, logical block 57847, async page read
[  184.138768][ T3306] Buffer I/O error on dev loop1, logical block 57847, async page read
[  184.147009][ T3304] Buffer I/O error on dev loop1, logical block 57847, async page read
[  184.155409][ T3306] Buffer I/O error on dev loop1, logical block 57847, async page read
[  184.164404][ T3306] Buffer I/O error on dev loop1, logical block 57847, async page read
[  184.291490][  T346] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 18 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  184.305223][  T346] usb 5-1: USB disconnect, device number 18
[  184.312698][  T346] usblp0: removed
[  184.742758][ T3310] loop3: detected capacity change from 0 to 128
[  185.037448][  T434] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  185.266295][  T434] usb 4-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  185.286090][  T434] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  185.317259][  T434] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  185.420335][  T537] usbhid 3-1:0.0: can't add hid device: -71
[  185.431886][  T537] usbhid: probe of 3-1:0.0 failed with error -71
[  185.439422][ T3318] loop1: detected capacity change from 0 to 8192
[  185.446675][  T434] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  185.456232][  T537] usb 3-1: USB disconnect, device number 21
[  185.706426][  T434] usb 4-1: SerialNumber: syz
[  186.322610][ T3323] loop2: detected capacity change from 0 to 512
[  186.331098][ T3323] EXT4-fs: Ignoring removed i_version option
[  186.337175][ T3323] EXT4-fs: Ignoring removed bh option
[  186.343216][ T3323] EXT4-fs: Ignoring removed mblk_io_submit option
[  186.352925][ T3323] EXT4-fs (loop2): Test dummy encryption mode enabled
[  186.359920][ T3323] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  186.460726][ T3327] loop0: detected capacity change from 0 to 128
[  186.461004][ T3323] EXT4-fs (loop2): 1 truncate cleaned up
[  186.472836][ T3323] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  186.580757][  T572] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  186.666784][ T3315] loop4: detected capacity change from 0 to 40427
[  186.710492][  T286] EXT4-fs (loop2): unmounting filesystem.
[  186.736375][ T3315] F2FS-fs (loop4): Found nat_bits in checkpoint
[  186.807790][ T3315] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  186.876447][ T3330] loop0: detected capacity change from 0 to 40427
[  186.914116][ T3330] F2FS-fs (loop0): Found nat_bits in checkpoint
[  186.972905][ T3330] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  187.020068][ T3345] loop1: detected capacity change from 0 to 8192
[  187.039829][ T3315] bio_check_eod: 3880 callbacks suppressed
[  187.039848][ T3315] syz.4.807: attempt to access beyond end of device
[  187.039848][ T3315] loop4: rw=2049, sector=77824, nr_sectors = 4096 limit=40427
[  187.062377][ T3345] syz.1.814: attempt to access beyond end of device
[  187.062377][ T3345] loop1: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  187.076111][ T3345] syz.1.814: attempt to access beyond end of device
[  187.076111][ T3345] loop1: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  187.106836][ T3345] syz.1.814: attempt to access beyond end of device
[  187.106836][ T3345] loop1: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  187.124276][ T3315] syz.4.807: attempt to access beyond end of device
[  187.124276][ T3315] loop4: rw=2049, sector=49152, nr_sectors = 4096 limit=40427
[  187.138475][ T3345] syz.1.814: attempt to access beyond end of device
[  187.138475][ T3345] loop1: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  187.174767][ T3345] syz.1.814: attempt to access beyond end of device
[  187.174767][ T3345] loop1: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  187.188870][ T3330] syz.0.811: attempt to access beyond end of device
[  187.188870][ T3330] loop0: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  187.206540][ T3315] syz.4.807: attempt to access beyond end of device
[  187.206540][ T3315] loop4: rw=2049, sector=57344, nr_sectors = 4904 limit=40427
[  187.208785][ T3345] syz.1.814: attempt to access beyond end of device
[  187.208785][ T3345] loop1: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  187.826286][ T3352] loop2: detected capacity change from 0 to 512
[  187.871296][ T3352] EXT4-fs: Mount option(s) incompatible with ext2
[  187.887325][  T434] usb 4-1: 0:2 : does not exist
[  187.895788][  T434] usb 4-1: unit 5 not found!
[  187.917258][  T434] usb 4-1: USB disconnect, device number 19
[  188.519289][ T3360] netlink: 'syz.1.819': attribute type 29 has an invalid length.
[  188.519895][ T3358] loop3: detected capacity change from 0 to 8192
[  188.527449][ T3360] netlink: 'syz.1.819': attribute type 29 has an invalid length.
[  188.552241][ T3360] loop1: detected capacity change from 0 to 512
[  188.568815][ T3360] ------------[ cut here ]------------
[  188.574473][ T3360] EA inode 11 i_nlink=2
[  188.579079][ T3360] WARNING: CPU: 0 PID: 3360 at fs/ext4/xattr.c:1022 ext4_xattr_inode_update_ref+0x4b8/0x510
[  188.593739][ T3360] Modules linked in:
[  188.597663][ T3360] CPU: 0 PID: 3360 Comm: syz.1.819 Not tainted syzkaller #0
[  188.604991][ T3360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  188.615084][ T3360] RIP: 0010:ext4_xattr_inode_update_ref+0x4b8/0x510
[  188.621714][ T3360] Code: 7c 24 40 4c 89 f8 48 c1 e8 03 42 80 3c 30 00 74 08 4c 89 ff e8 19 3e ba ff 49 8b 37 48 c7 c7 40 36 95 85 89 da e8 b8 c0 45 ff <0f> 0b 4c 8b 64 24 08 4c 8b 7c 24 10 e9 a9 fe ff ff e8 b2 95 fc 02
[  188.624077][  T537] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  188.641389][ T3360] RSP: 0018:ffffc900133a7120 EFLAGS: 00010246
[  188.641415][ T3360] RAX: 4614fb2a80dba900 RBX: 0000000000000002 RCX: 0000000000080000
[  188.663129][ T3360] RDX: ffffc900016ca000 RSI: 00000000000051a9 RDI: 00000000000051aa
[  188.671157][ T3360] RBP: ffffc900133a7210 R08: ffffc900133a6d07 R09: 1ffff92002674da0
[  188.679208][ T3360] R10: dffffc0000000000 R11: fffff52002674da1 R12: ffff888133ef9290
[  188.687214][ T3360] R13: 1ffff110267df27e R14: dffffc0000000000 R15: ffff888133ef92d0
[  188.695287][ T3360] FS:  00007fbfd96a56c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  188.704268][ T3360] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  188.710931][ T3360] CR2: 00007f61b8b7d000 CR3: 0000000111715000 CR4: 00000000003506b0
[  188.718922][ T3360] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  188.726988][ T3360] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  188.735042][ T3360] Call Trace:
[  188.735053][ T3360]  <TASK>
[  188.735064][ T3360]  ? ext4_xattr_block_csum+0x560/0x560
[  188.746896][ T3360]  ? kasan_save_alloc_info+0x25/0x30
[  188.752218][ T3360]  ? __kasan_kmalloc+0x95/0xb0
[  188.757058][ T3360]  ? ext4_xattr_inode_dec_ref_all+0x381/0x1000
[  188.763246][ T3360]  ? kmalloc_trace+0x40/0xb0
[  188.767916][ T3360]  ext4_xattr_inode_dec_ref_all+0x9ef/0x1000
[  188.773940][ T3360]  ? errseq_check+0x41/0x80
[  188.778550][ T3360]  ? ext4_xattr_delete_inode+0xca0/0xca0
[  188.784216][ T3360]  ? __cfi___ext4_journal_get_write_access+0x10/0x10
[  188.790942][ T3360]  ? __kasan_check_write+0x14/0x20
[  188.796089][ T3360]  ext4_xattr_delete_inode+0xad1/0xca0
[  188.801637][ T3360]  ? __cfi_ext4_xattr_delete_inode+0x10/0x10
[  188.807677][ T3360]  ext4_evict_inode+0xe64/0x1470
[  188.812729][ T3360]  ? _raw_spin_unlock+0x4c/0x70
[  188.817617][ T3360]  ? __cfi_ext4_evict_inode+0x10/0x10
[  188.823090][ T3360]  ? unlock_new_inode+0x97/0xc0
[  188.827958][ T3360]  ? __cfi_ext4_evict_inode+0x10/0x10
[  188.833384][ T3360]  evict+0x4d7/0x8f0
[  188.837316][ T3360]  ? proc_nr_inodes+0x2f0/0x2f0
[  188.840404][  T537] usb 1-1: Using ep0 maxpacket: 8
[  188.842437][ T3360]  ? __kasan_check_write+0x14/0x20
[  188.852491][ T3360]  iput+0x620/0x670
[  188.855174][  T537] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  188.856328][ T3360]  ext4_process_orphan+0x2b1/0x320
[  188.870539][ T3360]  ext4_orphan_cleanup+0xb1a/0x1220
[  188.875824][ T3360]  ? proc_register+0x546/0x720
[  188.876217][  T537] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.880621][ T3360]  ? __cfi_ext4_orphan_cleanup+0x10/0x10
[  188.880646][ T3360]  ? ext4_register_sysfs+0x285/0x2c0
[  188.899617][ T3360]  ? errseq_check_and_advance+0x66/0x130
[  188.903621][  T537] usb 1-1: Product: syz
[  188.905309][ T3360]  ext4_fill_super+0x751c/0x7a30
[  188.910168][  T537] usb 1-1: Manufacturer: syz
[  188.914455][ T3360]  ? __cfi_ext4_fill_super+0x10/0x10
[  188.924400][ T3360]  ? __cfi_snprintf+0x10/0x10
[  188.929162][ T3360]  ? mutex_unlock+0x8f/0x230
[  188.930091][  T537] usb 1-1: SerialNumber: syz
[  188.933786][ T3360]  ? set_blocksize+0x1cf/0x350
[  188.943181][ T3360]  ? sb_set_blocksize+0xaa/0xf0
[  188.948069][ T3360]  get_tree_bdev+0x447/0x690
[  188.952751][ T3360]  ? __cfi_ext4_fill_super+0x10/0x10
[  188.958152][ T3360]  ext4_get_tree+0x1c/0x20
[  188.962619][ T3360]  vfs_get_tree+0x9a/0x270
[  188.967063][ T3360]  do_new_mount+0x25a/0xa20
[  188.971643][ T3360]  path_mount+0x659/0xfc0
[  188.976108][ T3360]  ? user_path_at_empty+0x161/0x1c0
[  188.981363][ T3360]  __se_sys_mount+0x320/0x390
[  188.986082][ T3360]  ? __x64_sys_mount+0xd0/0xd0
[  188.990912][ T3360]  ? do_user_addr_fault+0x9ac/0x1050
[  188.996318][ T3360]  __x64_sys_mount+0xbf/0xd0
[  189.000935][ T3360]  x64_sys_call+0x65d/0x9a0
[  189.005493][ T3360]  do_syscall_64+0x4c/0xa0
[  189.009934][ T3360]  ? clear_bhb_loop+0x30/0x80
[  189.014708][ T3360]  ? clear_bhb_loop+0x30/0x80
[  189.019411][ T3360]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  189.025560][ T3360] RIP: 0033:0x7fbfd879bf4a
[  189.030039][ T3360] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  189.049705][ T3360] RSP: 002b:00007fbfd96a4e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  189.058171][ T3360] RAX: ffffffffffffffda RBX: 00007fbfd96a4ee0 RCX: 00007fbfd879bf4a
[  189.066154][ T3360] RDX: 0000200000000180 RSI: 0000200000000240 RDI: 00007fbfd96a4ea0
[  189.074194][ T3360] RBP: 0000200000000180 R08: 00007fbfd96a4ee0 R09: 0000000000800700
[  189.082270][ T3360] R10: 0000000000800700 R11: 0000000000000246 R12: 0000200000000240
[  189.090297][ T3360] R13: 00007fbfd96a4ea0 R14: 000000000000046f R15: 000000000000002c
[  189.098456][ T3360]  </TASK>
[  189.101610][ T3360] ---[ end trace 0000000000000000 ]---
[  189.143057][ T3360] EXT4-fs (loop1): 1 orphan inode deleted
[  189.149058][ T3360] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  189.155927][  T334] udevd[334]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  189.238353][ T3365] loop4: detected capacity change from 0 to 8192
[  189.353722][  T537] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 22 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  189.403651][  T537] usb 1-1: USB disconnect, device number 22
[  189.411366][  T537] usblp0: removed
[  189.494704][ T3365] buffer_io_error: 28213 callbacks suppressed
[  189.494726][ T3365] Buffer I/O error on dev loop4, logical block 57847, async page read
[  189.510143][ T3365] Buffer I/O error on dev loop4, logical block 57847, async page read
[  189.518760][ T3365] Buffer I/O error on dev loop4, logical block 57847, async page read
[  189.527646][ T3365] Buffer I/O error on dev loop4, logical block 57847, async page read
[  189.527662][ T3370] loop3: detected capacity change from 0 to 512
[  189.536478][ T3365] Buffer I/O error on dev loop4, logical block 57847, async page read
[  189.550666][ T3365] Buffer I/O error on dev loop4, logical block 57847, async page read
[  189.559127][ T3365] Buffer I/O error on dev loop4, logical block 57847, async page read
[  189.567594][ T3365] Buffer I/O error on dev loop4, logical block 57847, async page read
[  189.568434][ T3370] EXT4-fs: Ignoring removed orlov option
[  189.584291][ T3368] loop2: detected capacity change from 0 to 40427
[  189.591310][ T3370] EXT4-fs: Ignoring removed mblk_io_submit option
[  189.599372][ T3365] Buffer I/O error on dev loop4, logical block 57847, async page read
[  189.607604][ T3365] Buffer I/O error on dev loop4, logical block 57847, async page read
[  189.617253][ T3370] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2196: inode #15: comm syz.3.822: corrupted in-inode xattr
[  189.630113][ T3368] F2FS-fs (loop2): Found nat_bits in checkpoint
[  189.647227][ T3370] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.822: couldn't read orphan inode 15 (err -117)
[  189.667176][ T3370] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  189.682636][  T283] EXT4-fs (loop1): unmounting filesystem.
[  189.708666][  T282] EXT4-fs (loop3): unmounting filesystem.
[  189.716930][ T3368] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  189.973751][ T3381] loop3: detected capacity change from 0 to 40427
[  190.015718][ T3381] F2FS-fs (loop3): Found nat_bits in checkpoint
[  190.118550][ T3381] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  190.373833][  T434] usb 1-1: new full-speed USB device number 23 using dummy_hcd
[  190.528288][ T3400] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  190.672113][ T3400] loop2: detected capacity change from 0 to 2048
[  190.728194][  T334] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  190.802544][  T434] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  190.822857][  T434] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  190.856425][  T434] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  190.865551][  T434] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  190.887847][  T434] usb 1-1: Product: syz
[  190.892052][  T434] usb 1-1: Manufacturer: syz
[  190.921061][  T434] hub 1-1:4.0: USB hub found
[  191.050417][  T537] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  191.718890][  T537] usb 3-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  191.730304][  T537] usb 3-1: config 0 interface 0 has no altsetting 0
[  191.737907][  T537] usb 3-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[  191.747718][  T537] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.775248][ T3411] loop3: detected capacity change from 0 to 512
[  191.798999][  T537] usb 3-1: config 0 descriptor??
[  191.804473][ T3411] EXT4-fs: Mount option(s) incompatible with ext2
[  191.832160][  T572] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  191.871087][ T3410] loop0: detected capacity change from 0 to 128
[  191.920218][ T3410] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  191.929603][ T3410] ext4 filesystem being mounted at /151/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  192.019040][ T3413] loop4: detected capacity change from 0 to 40427
[  192.096385][ T3413] F2FS-fs (loop4): Found nat_bits in checkpoint
[  192.187529][ T3413] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  192.295256][ T3425] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  192.375133][ T3425] loop1: detected capacity change from 0 to 2048
[  192.643814][  T434] hub 1-1:4.0: config failed, can't read hub descriptor (err -22)
[  192.653434][ T3413] bio_check_eod: 45316 callbacks suppressed
[  192.653469][ T3413] syz.4.833: attempt to access beyond end of device
[  192.653469][ T3413] loop4: rw=2049, sector=77824, nr_sectors = 4096 limit=40427
[  192.685505][ T3413] syz.4.833: attempt to access beyond end of device
[  192.685505][ T3413] loop4: rw=2049, sector=49152, nr_sectors = 4096 limit=40427
[  192.699917][  T434] usb 1-1: USB disconnect, device number 23
[  192.732364][ T3413] syz.4.833: attempt to access beyond end of device
[  192.732364][ T3413] loop4: rw=2049, sector=57344, nr_sectors = 7960 limit=40427
[  192.751574][  T346] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  192.785010][ T3432] loop3: detected capacity change from 0 to 1024
[  192.791227][ T3433] syz.4.833: attempt to access beyond end of device
[  192.791227][ T3433] loop4: rw=524288, sector=77824, nr_sectors = 256 limit=40427
[  192.799731][ T3432] EXT4-fs: Ignoring removed orlov option
[  192.806873][ T3433] syz.4.833: attempt to access beyond end of device
[  192.806873][ T3433] loop4: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  192.824934][ T3433] syz.4.833: attempt to access beyond end of device
[  192.824934][ T3433] loop4: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  192.838671][ T3433] syz.4.833: attempt to access beyond end of device
[  192.838671][ T3433] loop4: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  192.853016][ T3432] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  192.859239][ T3433] syz.4.833: attempt to access beyond end of device
[  192.859239][ T3433] loop4: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  192.890657][ T3433] syz.4.833: attempt to access beyond end of device
[  192.890657][ T3433] loop4: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  192.921007][ T3433] syz.4.833: attempt to access beyond end of device
[  192.921007][ T3433] loop4: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  192.958426][  T346] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  192.978896][  T346] usb 2-1: config 0 interface 0 has no altsetting 0
[  192.985704][  T346] usb 2-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[  192.996416][  T346] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.006061][  T346] usb 2-1: config 0 descriptor??
[  193.213260][  T282] EXT4-fs (loop3): unmounting filesystem.
[  193.246261][ T3438] loop3: detected capacity change from 0 to 128
[  193.281595][  T284] EXT4-fs (loop0): unmounting filesystem.
[  193.451385][ T3440] loop0: detected capacity change from 0 to 40427
[  193.479855][ T3440] F2FS-fs (loop0): Found nat_bits in checkpoint
[  193.525335][ T3440] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  193.572183][  T537] usbhid 3-1:0.0: can't add hid device: -71
[  193.598559][  T537] usbhid: probe of 3-1:0.0 failed with error -71
[  193.622999][  T537] usb 3-1: USB disconnect, device number 22
[  193.873682][ T3456] loop0: detected capacity change from 0 to 1024
[  193.880611][ T3456] EXT4-fs: Ignoring removed orlov option
[  193.901506][ T3456] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  193.964854][  T434] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  194.036975][  T284] EXT4-fs (loop0): unmounting filesystem.
[  194.060291][ T3461] loop0: detected capacity change from 0 to 1024
[  194.067289][ T3461] EXT4-fs: Ignoring removed orlov option
[  194.086883][ T3461] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  194.182570][  T434] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  194.197773][  T434] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  194.213814][  T434] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  194.231882][  T434] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  194.246626][  T434] usb 5-1: SerialNumber: syz
[  194.364082][ T3466] loop3: detected capacity change from 0 to 512
[  194.370925][ T3466] EXT4-fs: Ignoring removed orlov option
[  194.376674][ T3466] EXT4-fs: Ignoring removed mblk_io_submit option
[  194.387909][ T3466] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2196: inode #15: comm syz.3.845: corrupted in-inode xattr
[  194.400711][ T3466] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.845: couldn't read orphan inode 15 (err -117)
[  194.412705][ T3466] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  194.423403][  T284] EXT4-fs (loop0): unmounting filesystem.
[  194.450761][  T282] EXT4-fs (loop3): unmounting filesystem.
[  194.478849][ T3471] loop3: detected capacity change from 0 to 128
[  194.504875][  T434] usb 5-1: USB disconnect, device number 19
[  194.533589][ T3471] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  194.547754][ T3471] ext4 filesystem being mounted at /177/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  194.654221][ T3469] loop0: detected capacity change from 0 to 40427
[  194.678152][ T3469] F2FS-fs (loop0): Found nat_bits in checkpoint
[  194.724367][ T3469] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  194.994054][ T3316] usb 3-1: new full-speed USB device number 23 using dummy_hcd
[  195.047395][ T3485] fuse: Unknown parameter '0x0000000000000003'
[  195.201024][ T3316] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  195.212353][ T3316] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  195.231072][ T3316] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  195.244744][ T3316] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  195.261982][ T3316] usb 3-1: Product: syz
[  195.270670][ T3316] usb 3-1: Manufacturer: syz
[  195.276763][ T3487] loop4: detected capacity change from 0 to 40427
[  195.287944][ T3316] hub 3-1:4.0: USB hub found
[  195.304631][ T3487] F2FS-fs (loop4): Found nat_bits in checkpoint
[  195.373426][  T346] usbhid 2-1:0.0: can't add hid device: -71
[  195.380697][  T346] usbhid: probe of 2-1:0.0 failed with error -71
[  195.392668][  T346] usb 2-1: USB disconnect, device number 21
[  195.432052][  T282] EXT4-fs (loop3): unmounting filesystem.
[  195.449563][ T3487] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  195.565786][ T3497] loop2: detected capacity change from 0 to 128
[  195.594440][ T3499] loop0: detected capacity change from 0 to 512
[  195.601115][ T3499] EXT4-fs: Ignoring removed orlov option
[  195.606825][ T3499] EXT4-fs: Ignoring removed mblk_io_submit option
[  195.627185][ T3497] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  195.645126][ T3499] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2196: inode #15: comm syz.0.852: corrupted in-inode xattr
[  195.657364][ T3499] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.852: couldn't read orphan inode 15 (err -117)
[  195.657677][ T3497] ext4 filesystem being mounted at /160/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  195.703376][ T3499] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  195.721883][  T284] EXT4-fs (loop0): unmounting filesystem.
[  195.774141][  T537] usb 4-1: new full-speed USB device number 20 using dummy_hcd
[  195.785735][ T3493] loop1: detected capacity change from 0 to 40427
[  195.849192][ T3493] F2FS-fs (loop1): Found nat_bits in checkpoint
[  195.942585][ T3493] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  196.013574][  T537] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  196.034136][  T537] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  196.067850][  T537] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  196.077049][  T537] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  196.114150][  T537] usb 4-1: Product: syz
[  196.118410][  T537] usb 4-1: Manufacturer: syz
[  196.133731][  T537] hub 4-1:4.0: USB hub found
[  196.155481][ T3316] hub 3-1:4.0: config failed, can't read hub descriptor (err -22)
[  196.207855][ T3316] usb 3-1: USB disconnect, device number 23
[  196.473906][ T3516] loop4: detected capacity change from 0 to 8192
[  196.507757][ T3516] buffer_io_error: 12178 callbacks suppressed
[  196.507775][ T3516] Buffer I/O error on dev loop4, logical block 57847, async page read
[  196.541058][ T3516] Buffer I/O error on dev loop4, logical block 57847, async page read
[  196.558849][ T3516] Buffer I/O error on dev loop4, logical block 57847, async page read
[  196.587850][ T3516] Buffer I/O error on dev loop4, logical block 57847, async page read
[  196.596122][ T3516] Buffer I/O error on dev loop4, logical block 57847, async page read
[  196.618837][ T3516] Buffer I/O error on dev loop4, logical block 57847, async page read
[  196.627312][ T3516] Buffer I/O error on dev loop4, logical block 57847, async page read
[  196.635811][ T3516] Buffer I/O error on dev loop4, logical block 57847, async page read
[  196.644278][ T3516] Buffer I/O error on dev loop4, logical block 57847, async page read
[  196.652771][ T3516] Buffer I/O error on dev loop4, logical block 57847, async page read
[  196.663801][  T537] hub 4-1:4.0: config failed, can't read hub descriptor (err -22)
[  196.727845][  T537] usb 4-1: USB disconnect, device number 20
[  196.771153][  T286] EXT4-fs (loop2): unmounting filesystem.
[  196.872001][ T3522] loop2: detected capacity change from 0 to 512
[  196.878677][ T3522] EXT4-fs: Ignoring removed orlov option
[  196.884419][ T3522] EXT4-fs: Ignoring removed mblk_io_submit option
[  196.923165][ T3522] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2196: inode #15: comm syz.2.859: corrupted in-inode xattr
[  196.935196][ T3521] loop1: detected capacity change from 0 to 8192
[  196.941591][ T3522] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.859: couldn't read orphan inode 15 (err -117)
[  196.953768][ T3522] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  197.194132][  T286] EXT4-fs (loop2): unmounting filesystem.
[  197.359036][ T3534] loop2: detected capacity change from 0 to 1024
[  197.370537][ T3536] loop0: detected capacity change from 0 to 128
[  197.377411][ T3534] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  197.393964][ T3534] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  197.404006][ T3534] EXT4-fs error (device loop2): ext4_get_journal_inode:5717: comm syz.2.863: inode #1: comm syz.2.863: iget: illegal inode #
[  197.417306][ T3534] EXT4-fs (loop2): no journal found
[  197.424030][ T3534] EXT4-fs (loop2): can't get journal size
[  197.447162][ T3536] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  197.456296][ T3536] ext4 filesystem being mounted at /159/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  197.497506][ T3534] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e118, mo2=0002]
[  197.532380][ T3534] EXT4-fs (loop2): failed to initialize system zone (-22)
[  197.539675][ T3534] EXT4-fs (loop2): mount failed
[  197.659353][  T537] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  197.910548][  T537] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  197.962321][  T537] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  197.973050][  T537] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  197.982230][  T537] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  198.038493][  T537] usb 4-1: SerialNumber: syz
[  198.241799][ T3553] loop1: detected capacity change from 0 to 512
[  198.250657][ T3553] EXT4-fs: Ignoring removed i_version option
[  198.256834][ T3553] EXT4-fs: Ignoring removed bh option
[  198.262978][ T3553] EXT4-fs: Ignoring removed mblk_io_submit option
[  198.398765][  T537] usb 4-1: USB disconnect, device number 21
[  198.418839][ T3553] EXT4-fs (loop1): Test dummy encryption mode enabled
[  198.425676][ T3553] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  198.440980][  T284] EXT4-fs (loop0): unmounting filesystem.
[  198.462112][ T3553] EXT4-fs (loop1): 1 truncate cleaned up
[  198.467891][ T3553] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  198.571956][ T3551] loop2: detected capacity change from 0 to 40427
[  198.584896][ T3551] F2FS-fs (loop2): Found nat_bits in checkpoint
[  198.658795][ T3551] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  198.687943][ T3564] loop0: detected capacity change from 0 to 512
[  198.698803][ T3564] EXT4-fs: Mount option(s) incompatible with ext2
[  198.726195][ T3556] loop4: detected capacity change from 0 to 40427
[  198.766032][ T3556] F2FS-fs (loop4): Found nat_bits in checkpoint
[  198.804183][ T3556] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  198.935205][  T283] EXT4-fs (loop1): unmounting filesystem.
[  198.952186][ T3551] bio_check_eod: 16120 callbacks suppressed
[  198.952206][ T3551] syz.2.867: attempt to access beyond end of device
[  198.952206][ T3551] loop2: rw=2049, sector=77824, nr_sectors = 4096 limit=40427
[  198.985255][ T3551] syz.2.867: attempt to access beyond end of device
[  198.985255][ T3551] loop2: rw=2049, sector=49152, nr_sectors = 4096 limit=40427
[  199.037604][ T3571] syz.4.869: attempt to access beyond end of device
[  199.037604][ T3571] loop4: rw=2049, sector=77824, nr_sectors = 4096 limit=40427
[  199.058010][ T3551] syz.2.867: attempt to access beyond end of device
[  199.058010][ T3551] loop2: rw=2049, sector=57344, nr_sectors = 6048 limit=40427
[  199.079375][ T3571] syz.4.869: attempt to access beyond end of device
[  199.079375][ T3571] loop4: rw=2049, sector=49152, nr_sectors = 4096 limit=40427
[  199.105645][ T3551] syz.2.867: attempt to access beyond end of device
[  199.105645][ T3551] loop2: rw=2049, sector=63392, nr_sectors = 1048 limit=40427
[  199.148548][   T28] audit: type=1400 audit(1769234279.844:249): avc:  denied  { getopt } for  pid=3572 comm="syz.1.871" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  199.166903][ T3573] loop1: detected capacity change from 0 to 256
[  199.188998][   T28] audit: type=1400 audit(1769234279.844:250): avc:  denied  { connect } for  pid=3572 comm="syz.1.871" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  199.197104][ T3573] exfat: Bad value for 'uid'
[  199.219707][ T3571] syz.4.869: attempt to access beyond end of device
[  199.219707][ T3571] loop4: rw=2049, sector=57344, nr_sectors = 20480 limit=40427
[  199.238472][   T28] audit: type=1400 audit(1769234279.844:251): avc:  denied  { shutdown } for  pid=3572 comm="syz.1.871" laddr=172.20.20.170 lport=4 faddr=172.20.20.170 fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  199.263726][ T3571] syz.4.869: attempt to access beyond end of device
[  199.263726][ T3571] loop4: rw=2049, sector=81920, nr_sectors = 2272 limit=40427
[  199.298398][ T3551] syz.2.867: attempt to access beyond end of device
[  199.298398][ T3551] loop2: rw=524288, sector=77824, nr_sectors = 256 limit=40427
[  199.325009][   T28] audit: type=1400 audit(1769234280.001:252): avc:  denied  { setattr } for  pid=3572 comm="syz.1.871" name="UDP-Lite" dev="sockfs" ino=28755 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  199.349493][ T3551] syz.2.867: attempt to access beyond end of device
[  199.349493][ T3551] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  199.619013][ T3581] loop0: detected capacity change from 0 to 8192
[  199.826048][ T3588] fuse: Unknown parameter 'fd0x0000000000000003'
[  199.951569][ T3595] loop2: detected capacity change from 0 to 512
[  199.975737][ T3595] EXT4-fs: Ignoring removed orlov option
[  199.988729][ T3595] EXT4-fs: Ignoring removed mblk_io_submit option
[  200.021899][ T3595] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2196: inode #15: comm syz.2.878: corrupted in-inode xattr
[  200.048195][ T3594] loop3: detected capacity change from 0 to 8192
[  200.065755][ T3595] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.878: couldn't read orphan inode 15 (err -117)
[  200.145682][ T3595] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  200.220061][  T286] EXT4-fs (loop2): unmounting filesystem.
[  200.556823][ T3599] loop2: detected capacity change from 0 to 40427
[  200.650262][ T3599] F2FS-fs (loop2): Found nat_bits in checkpoint
[  201.070544][ T3599] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  201.508609][ T3623] loop3: detected capacity change from 0 to 512
[  201.516952][ T3623] EXT4-fs: Ignoring removed i_version option
[  201.523002][ T3623] EXT4-fs: Ignoring removed bh option
[  201.528988][ T3623] EXT4-fs: Ignoring removed mblk_io_submit option
[  201.705171][ T3623] EXT4-fs (loop3): Test dummy encryption mode enabled
[  201.712152][ T3623] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  201.747510][ T3623] EXT4-fs (loop3): 1 truncate cleaned up
[  201.753209][ T3623] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  201.905977][ T3628] loop0: detected capacity change from 0 to 512
[  201.916926][ T3628] EXT4-fs: Mount option(s) incompatible with ext2
[  202.153483][ T3630] FAULT_INJECTION: forcing a failure.
[  202.153483][ T3630] name failslab, interval 1, probability 0, space 0, times 0
[  202.174074][ T3630] CPU: 0 PID: 3630 Comm: syz.4.885 Tainted: G        W          syzkaller #0
[  202.182887][ T3630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  202.192961][ T3630] Call Trace:
[  202.196249][ T3630]  <TASK>
[  202.199191][ T3630]  __dump_stack+0x21/0x24
[  202.203550][ T3630]  dump_stack_lvl+0x110/0x170
[  202.208241][ T3630]  ? __cfi_dump_stack_lvl+0x8/0x8
[  202.213283][ T3630]  ? __local_bh_enable_ip+0x58/0x80
[  202.218502][ T3630]  ? release_sock+0x169/0x1c0
[  202.223197][ T3630]  dump_stack+0x15/0x24
[  202.227446][ T3630]  should_fail_ex+0x3d4/0x520
[  202.232145][ T3630]  __should_failslab+0xac/0xf0
[  202.236931][ T3630]  should_failslab+0x9/0x20
[  202.241454][ T3630]  kmem_cache_alloc_node+0x42/0x340
[  202.246675][ T3630]  ? __alloc_skb+0xea/0x4b0
[  202.251206][ T3630]  __alloc_skb+0xea/0x4b0
[  202.255554][ T3630]  ? netlink_autobind+0x168/0x1a0
[  202.260601][ T3630]  netlink_sendmsg+0x635/0xbd0
[  202.265413][ T3630]  ? __cfi_netlink_sendmsg+0x10/0x10
[  202.270719][ T3630]  ? security_socket_sendmsg+0x93/0xb0
[  202.276198][ T3630]  ? __cfi_netlink_sendmsg+0x10/0x10
[  202.281498][ T3630]  ____sys_sendmsg+0x5cc/0x990
[  202.286299][ T3630]  ? __sys_sendmsg_sock+0x40/0x40
[  202.291353][ T3630]  ? import_iovec+0x7c/0xb0
[  202.295891][ T3630]  ___sys_sendmsg+0x2a2/0x360
[  202.300589][ T3630]  ? __sys_sendmsg+0x290/0x290
[  202.305378][ T3630]  ? __kasan_check_write+0x14/0x20
[  202.310508][ T3630]  ? proc_fail_nth_write+0x180/0x200
[  202.315810][ T3630]  ? vfs_write+0xa2c/0xce0
[  202.320247][ T3630]  ? __fdget+0x19c/0x220
[  202.324529][ T3630]  __x64_sys_sendmsg+0x205/0x2d0
[  202.329497][ T3630]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[  202.334988][ T3630]  ? fpregs_assert_state_consistent+0xb1/0xe0
[  202.341078][ T3630]  x64_sys_call+0x171/0x9a0
[  202.345601][ T3630]  do_syscall_64+0x4c/0xa0
[  202.350049][ T3630]  ? clear_bhb_loop+0x30/0x80
[  202.354757][ T3630]  ? clear_bhb_loop+0x30/0x80
[  202.359475][ T3630]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  202.365400][ T3630] RIP: 0033:0x7f6a2bd9acb9
[  202.369827][ T3630] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  202.389455][ T3630] RSP: 002b:00007f6a2cb70028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  202.397942][ T3630] RAX: ffffffffffffffda RBX: 00007f6a2c015fa0 RCX: 00007f6a2bd9acb9
[  202.405930][ T3630] RDX: 0000000000044004 RSI: 0000200000000140 RDI: 0000000000000003
[  202.413928][ T3630] RBP: 00007f6a2cb70090 R08: 0000000000000000 R09: 0000000000000000
[  202.421958][ T3630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.429956][ T3630] R13: 00007f6a2c016038 R14: 00007f6a2c015fa0 R15: 00007ffcc109f558
[  202.437957][ T3630]  </TASK>
[  202.498676][  T282] EXT4-fs (loop3): unmounting filesystem.
[  202.688224][ T3635] loop4: detected capacity change from 0 to 40427
[  202.936166][ T3642] loop0: detected capacity change from 0 to 512
[  202.977342][ T3642] EXT4-fs: Ignoring removed orlov option
[  203.022310][ T3642] EXT4-fs: Ignoring removed mblk_io_submit option
[  203.034531][ T3642] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2196: inode #15: comm syz.0.890: corrupted in-inode xattr
[  203.047508][ T3642] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.890: couldn't read orphan inode 15 (err -117)
[  203.062228][ T3635] F2FS-fs (loop4): Found nat_bits in checkpoint
[  203.066530][ T3642] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  203.085878][  T284] EXT4-fs (loop0): unmounting filesystem.
[  203.093249][ T3648] fuse: Unknown parameter 'fd0x0000000000000003'
[  203.120165][ T3650] loop0: detected capacity change from 0 to 1024
[  203.138491][ T3635] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  203.146816][ T3650] EXT4-fs: Ignoring removed orlov option
[  203.157235][ T3653] loop2: detected capacity change from 0 to 1024
[  203.165475][ T3653] EXT4-fs: Ignoring removed orlov option
[  203.179816][ T3650] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  203.190409][ T3653] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  203.465094][  T284] EXT4-fs (loop0): unmounting filesystem.
[  203.577493][  T286] EXT4-fs (loop2): unmounting filesystem.
[  203.717615][ T3662] loop3: detected capacity change from 0 to 40427
[  203.820998][ T3668] loop2: detected capacity change from 0 to 40427
[  203.856886][ T3668] F2FS-fs (loop2): Found nat_bits in checkpoint
[  203.863496][ T3662] F2FS-fs (loop3): Found nat_bits in checkpoint
[  203.878260][ T3008] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  204.067994][ T3664] loop1: detected capacity change from 0 to 40427
[  204.074903][ T3662] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  204.094842][ T3008] usb 1-1: Using ep0 maxpacket: 8
[  204.124717][ T3008] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  204.162754][ T3668] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  204.171053][ T3008] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.179251][ T3008] usb 1-1: Product: syz
[  204.183792][ T3008] usb 1-1: Manufacturer: syz
[  204.188481][ T3008] usb 1-1: SerialNumber: syz
[  204.214859][ T3664] F2FS-fs (loop1): Found nat_bits in checkpoint
[  204.292273][ T3664] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  204.376483][ T3668] bio_check_eod: 27640 callbacks suppressed
[  204.376507][ T3668] syz.2.897: attempt to access beyond end of device
[  204.376507][ T3668] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  204.412784][ T3662] syz.3.893: attempt to access beyond end of device
[  204.412784][ T3662] loop3: rw=2049, sector=77824, nr_sectors = 2048 limit=40427
[  204.427219][ T3667] syz.2.897: attempt to access beyond end of device
[  204.427219][ T3667] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  204.440799][ T3668] syz.2.897: attempt to access beyond end of device
[  204.440799][ T3668] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  204.459792][ T3662] syz.3.893: attempt to access beyond end of device
[  204.459792][ T3662] loop3: rw=2049, sector=79872, nr_sectors = 2048 limit=40427
[  204.464750][ T3664] syz.1.896: attempt to access beyond end of device
[  204.464750][ T3664] loop1: rw=2049, sector=77824, nr_sectors = 4096 limit=40427
[  204.474112][ T3667] syz.2.897: attempt to access beyond end of device
[  204.474112][ T3667] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  204.509932][ T3662] syz.3.893: attempt to access beyond end of device
[  204.509932][ T3662] loop3: rw=2049, sector=49152, nr_sectors = 3560 limit=40427
[  204.524040][ T3668] syz.2.897: attempt to access beyond end of device
[  204.524040][ T3668] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  204.540095][ T3662] syz.3.893: attempt to access beyond end of device
[  204.540095][ T3662] loop3: rw=2049, sector=52712, nr_sectors = 536 limit=40427
[  204.617522][ T3008] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 24 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  204.710549][ T3008] usb 1-1: USB disconnect, device number 24
[  204.778975][ T3008] usblp0: removed
[  204.959190][ T3694] loop4: detected capacity change from 0 to 512
[  204.967286][ T3694] EXT4-fs: Ignoring removed i_version option
[  204.973361][ T3694] EXT4-fs: Ignoring removed bh option
[  204.979321][ T3694] EXT4-fs: Ignoring removed mblk_io_submit option
[  204.987481][ T3694] EXT4-fs (loop4): Test dummy encryption mode enabled
[  204.994361][ T3694] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  205.031588][ T3694] EXT4-fs (loop4): 1 truncate cleaned up
[  205.037313][ T3694] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  205.392314][ T3697] loop2: detected capacity change from 0 to 40427
[  205.428476][ T3697] F2FS-fs (loop2): Found nat_bits in checkpoint
[  205.510291][ T3702] loop0: detected capacity change from 0 to 512
[  205.526029][ T3697] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  205.539493][ T3702] EXT4-fs: Ignoring removed orlov option
[  205.555273][ T3702] EXT4-fs: Ignoring removed mblk_io_submit option
[  205.603404][ T3702] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2196: inode #15: comm syz.0.901: corrupted in-inode xattr
[  205.615555][ T3702] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.901: couldn't read orphan inode 15 (err -117)
[  205.627720][ T3702] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  205.691525][  T285] EXT4-fs (loop4): unmounting filesystem.
[  205.703582][  T284] EXT4-fs (loop0): unmounting filesystem.
[  205.819849][ T3711] loop0: detected capacity change from 0 to 8192
[  205.825607][ T3715] fuse: Unknown parameter 'fd0x0000000000000003'
[  205.848979][ T3711] buffer_io_error: 31975 callbacks suppressed
[  205.849030][ T3711] Buffer I/O error on dev loop0, logical block 57847, async page read
[  205.878252][ T3711] Buffer I/O error on dev loop0, logical block 57847, async page read
[  205.895770][ T3711] Buffer I/O error on dev loop0, logical block 57847, async page read
[  205.913401][ T3711] Buffer I/O error on dev loop0, logical block 57847, async page read
[  205.930146][ T3711] Buffer I/O error on dev loop0, logical block 57847, async page read
[  205.954520][ T3711] Buffer I/O error on dev loop0, logical block 57847, async page read
[  205.970977][ T3711] Buffer I/O error on dev loop0, logical block 57847, async page read
[  205.971227][ T3721] loop3: detected capacity change from 0 to 1024
[  205.992188][ T3711] Buffer I/O error on dev loop0, logical block 57847, async page read
[  206.001927][ T3721] EXT4-fs: Ignoring removed orlov option
[  206.026943][ T3711] Buffer I/O error on dev loop0, logical block 57847, async page read
[  206.039539][ T3721] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  206.048610][ T3711] Buffer I/O error on dev loop0, logical block 57847, async page read
[  206.121785][ T3717] loop1: detected capacity change from 0 to 40427
[  206.147781][ T3717] F2FS-fs (loop1): Found nat_bits in checkpoint
[  206.215563][ T3717] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  206.435770][  T282] EXT4-fs (loop3): unmounting filesystem.
[  206.494709][ T3733] loop3: detected capacity change from 0 to 1024
[  206.501683][ T3733] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  206.523982][ T3733] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  206.532566][ T3733] EXT4-fs (loop3): orphan cleanup on readonly fs
[  206.539143][ T3733] EXT4-fs error (device loop3): ext4_read_inode_bitmap:168: comm syz.3.909: Inode bitmap for bg 0 marked uninitialized
[  206.551751][ T3733] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  206.562086][ T3733] netlink: 'syz.3.909': attribute type 1 has an invalid length.
[  206.843434][ T3749] loop1: detected capacity change from 0 to 512
[  206.853753][ T3749] EXT4-fs: Ignoring removed orlov option
[  206.859672][ T1830] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  206.867358][ T3749] EXT4-fs: Ignoring removed mblk_io_submit option
[  206.889061][ T3749] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2196: inode #15: comm syz.1.914: corrupted in-inode xattr
[  206.905276][ T3749] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.914: couldn't read orphan inode 15 (err -117)
[  206.917539][ T3749] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  207.313867][ T3759] loop0: detected capacity change from 0 to 128
[  207.321471][   T28] audit: type=1400 audit(1769234287.375:253): avc:  denied  { ioctl } for  pid=3746 comm="syz.2.910" path="socket:[28934]" dev="sockfs" ino=28934 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  207.357868][ T1830] usb 4-1: Using ep0 maxpacket: 8
[  207.371568][ T1830] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  207.388087][  T283] EXT4-fs (loop1): unmounting filesystem.
[  207.394863][ T1830] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.403528][ T1830] usb 4-1: Product: syz
[  207.407784][ T1830] usb 4-1: Manufacturer: syz
[  207.413206][ T1830] usb 4-1: SerialNumber: syz
[  207.637659][   T19] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  207.651766][ T1830] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 22 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  207.694169][ T1830] usb 4-1: USB disconnect, device number 22
[  207.764074][ T1830] usblp0: removed
[  207.898843][   T19] usb 1-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  207.912820][   T19] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  207.924782][   T19] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  207.934733][   T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  207.943323][   T19] usb 1-1: SerialNumber: syz
[  208.190192][ T3008] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  208.215626][  T282] EXT4-fs (loop3): unmounting filesystem.
[  208.298294][ T3768] loop4: detected capacity change from 0 to 40427
[  208.321216][ T3768] F2FS-fs (loop4): Found nat_bits in checkpoint
[  208.360361][ T3768] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  208.407943][ T3008] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  208.422568][ T3008] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  208.432727][ T3781] loop3: detected capacity change from 0 to 8192
[  208.442669][ T3008] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  208.462881][ T3008] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  208.481468][ T3008] usb 3-1: SerialNumber: syz
[  208.709388][ T3008] usb 3-1: cannot find UAC_HEADER
[  208.719051][ T3008] snd-usb-audio: probe of 3-1:1.0 failed with error -22
[  208.733610][ T3008] usb 3-1: USB disconnect, device number 24
[  208.748966][  T572] udevd[572]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  209.393261][ T3815] loop2: detected capacity change from 0 to 8192
[  209.475356][ T3812] loop1: detected capacity change from 0 to 40427
[  209.500348][ T3812] F2FS-fs (loop1): Found nat_bits in checkpoint
[  209.541452][ T3812] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  209.594944][ T3818] loop2: detected capacity change from 0 to 40427
[  209.618570][ T3818] F2FS-fs (loop2): Found nat_bits in checkpoint
[  209.659810][ T3818] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  209.812825][ T3818] bio_check_eod: 28218 callbacks suppressed
[  209.812856][ T3818] syz.2.934: attempt to access beyond end of device
[  209.812856][ T3818] loop2: rw=2049, sector=77824, nr_sectors = 2064 limit=40427
[  209.839505][ T3818] syz.2.934: attempt to access beyond end of device
[  209.839505][ T3818] loop2: rw=2049, sector=79888, nr_sectors = 2032 limit=40427
[  209.868947][ T3818] syz.2.934: attempt to access beyond end of device
[  209.868947][ T3818] loop2: rw=2049, sector=49152, nr_sectors = 3128 limit=40427
[  209.886949][ T3818] syz.2.934: attempt to access beyond end of device
[  209.886949][ T3818] loop2: rw=2049, sector=52280, nr_sectors = 968 limit=40427
[  209.937343][ T3818] syz.2.934: attempt to access beyond end of device
[  209.937343][ T3818] loop2: rw=2049, sector=57344, nr_sectors = 5928 limit=40427
[  209.960490][ T3831] syz.2.934: attempt to access beyond end of device
[  209.960490][ T3831] loop2: rw=524288, sector=77824, nr_sectors = 256 limit=40427
[  209.991367][ T3818] syz.2.934: attempt to access beyond end of device
[  209.991367][ T3818] loop2: rw=2049, sector=63272, nr_sectors = 4880 limit=40427
[  210.005546][ T3831] syz.2.934: attempt to access beyond end of device
[  210.005546][ T3831] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  210.027183][ T3831] syz.2.934: attempt to access beyond end of device
[  210.027183][ T3831] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  210.086201][ T3831] syz.2.934: attempt to access beyond end of device
[  210.086201][ T3831] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  210.116388][ T3830] loop3: detected capacity change from 0 to 40427
[  210.166964][ T3830] F2FS-fs (loop3): Found nat_bits in checkpoint
[  210.174589][   T19] usb 1-1: 0:2 : does not exist
[  210.179493][   T19] usb 1-1: unit 5 not found!
[  210.192060][   T19] usb 1-1: USB disconnect, device number 25
[  210.351518][ T3830] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  210.444099][  T334] udevd[334]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  210.686576][ T3853] loop1: detected capacity change from 0 to 40427
[  210.704148][ T3853] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  210.712075][ T3853] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  210.721738][ T3853] F2FS-fs (loop1): invalid crc value
[  210.760947][ T3853] F2FS-fs (loop1): Found nat_bits in checkpoint
[  210.779590][ T3008] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  210.845093][ T3853] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  210.852187][ T3853] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  210.878490][   T28] audit: type=1400 audit(1769234290.671:254): avc:  denied  { mounton } for  pid=3852 comm="syz.1.937" path="/185/bus/file0" dev="loop1" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  210.907399][   T28] audit: type=1400 audit(1769234290.689:255): avc:  denied  { unlink } for  pid=3852 comm="syz.1.937" name="file0" dev="incremental-fs" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  210.998007][ T3008] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  211.016276][ T3008] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  211.040087][ T3008] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  211.056336][ T3008] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  211.073884][ T3008] usb 1-1: SerialNumber: syz
[  211.115392][ T3316] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  211.292242][ T3868] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  211.399172][ T3868] loop3: detected capacity change from 0 to 2048
[  211.449439][ T3008] usb 1-1: cannot find UAC_HEADER
[  211.456984][ T3008] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[  211.466813][  T334] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  211.481465][ T3008] usb 1-1: USB disconnect, device number 26
[  211.488043][ T3316] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  211.516669][ T3316] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  211.529217][ T3316] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  211.548766][ T3316] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  211.557252][ T3316] usb 3-1: SerialNumber: syz
[  211.557264][ T3866] loop1: detected capacity change from 0 to 40427
[  211.580366][ T3866] F2FS-fs (loop1): Found nat_bits in checkpoint
[  211.619028][ T3866] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  211.722493][  T572] udevd[572]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  211.776292][ T1251] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  211.799744][ T3316] usb 3-1: cannot find UAC_HEADER
[  211.807240][ T3316] snd-usb-audio: probe of 3-1:1.0 failed with error -22
[  211.824664][  T334] udevd[334]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  211.841062][ T3316] usb 3-1: USB disconnect, device number 25
[  211.972444][ T1251] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  211.983464][ T1251] usb 4-1: config 0 interface 0 has no altsetting 0
[  211.990133][ T1251] usb 4-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[  211.999557][ T1251] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.019690][ T1251] usb 4-1: config 0 descriptor??
[  212.205367][ T3880] loop0: detected capacity change from 0 to 40427
[  212.231123][ T3880] F2FS-fs (loop0): Found nat_bits in checkpoint
[  212.271308][ T3880] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  212.627801][ T3899] loop1: detected capacity change from 0 to 256
[  212.772931][ T3899] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbc8dc3cd, utbl_chksum : 0xe619d30d)
[  212.849542][   T28] audit: type=1400 audit(1769234292.461:256): avc:  denied  { map } for  pid=3886 comm="syz.1.949" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=28660 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  212.873778][   T28] audit: type=1400 audit(1769234292.461:257): avc:  denied  { read write } for  pid=3886 comm="syz.1.949" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=28660 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  213.319018][ T3008] usb 3-1: new full-speed USB device number 26 using dummy_hcd
[  213.359940][ T3908] loop1: detected capacity change from 0 to 1024
[  213.388909][ T3908] EXT4-fs: Ignoring removed orlov option
[  213.416387][ T3908] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  213.521960][ T3008] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  213.533111][ T3008] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  213.544414][ T3008] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  213.554627][ T3008] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  213.563160][ T3008] usb 3-1: Product: syz
[  213.567630][ T3008] usb 3-1: Manufacturer: syz
[  213.575052][ T3008] hub 3-1:4.0: USB hub found
[  213.618976][  T283] EXT4-fs (loop1): unmounting filesystem.
[  213.846117][ T3921] netlink: 25 bytes leftover after parsing attributes in process `syz.1.958'.
[  213.855787][ T3921] device gretap0 entered promiscuous mode
[  213.897280][ T3921] netlink: 45349 bytes leftover after parsing attributes in process `syz.1.958'.
[  213.907008][ T3921] 0猉功D龌: renamed from gretap0
[  213.916406][ T3921] device 
00猉功D龌 left promiscuous mode
[  214.052573][ T3922] loop2: detected capacity change from 0 to 128
[  214.095418][ T3922] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  214.104159][ T3922] ext4 filesystem being mounted at /183/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  214.279617][ T3008] hub 3-1:4.0: config failed, can't read hub descriptor (err -22)
[  214.322686][ T3008] usb 3-1: USB disconnect, device number 26
[  214.368693][ T3925] loop0: detected capacity change from 0 to 40427
[  214.380870][ T1251] usbhid 4-1:0.0: can't add hid device: -71
[  214.391478][ T1251] usbhid: probe of 4-1:0.0 failed with error -71
[  214.400626][ T1251] usb 4-1: USB disconnect, device number 23
[  214.414873][ T3925] F2FS-fs (loop0): Found nat_bits in checkpoint
[  214.618270][ T3925] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  214.665220][ T3928] loop3: detected capacity change from 0 to 40427
[  214.708819][ T3928] F2FS-fs (loop3): Found nat_bits in checkpoint
[  214.748398][ T3928] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  214.874902][    T6] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  214.901509][  T286] EXT4-fs (loop2): unmounting filesystem.
[  214.963970][   T28] audit: type=1400 audit(1769234294.446:258): avc:  denied  { append } for  pid=3949 comm="syz.2.966" name="001" dev="devtmpfs" ino=185 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  215.008265][ T3952] netlink: 27 bytes leftover after parsing attributes in process `syz.2.967'.
[  215.028944][ T3952] loop2: detected capacity change from 0 to 256
[  215.069567][ T3952] FAT-fs (loop2): Unrecognized mount option "nnonumtail=1" or missing value
[  215.103481][    T6] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  215.119176][ T3952] loop2: detected capacity change from 0 to 1024
[  215.134885][    T6] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  215.146048][ T3947] loop1: detected capacity change from 0 to 40427
[  215.173449][ T3947] F2FS-fs (loop1): Found nat_bits in checkpoint
[  215.192070][    T6] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  215.229463][    T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  215.230664][ T3952] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  215.243312][    T6] usb 5-1: SerialNumber: syz
[  215.251526][ T3925] bio_check_eod: 13136 callbacks suppressed
[  215.251543][ T3925] syz.0.959: attempt to access beyond end of device
[  215.251543][ T3925] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  215.271123][ T3925] syz.0.959: attempt to access beyond end of device
[  215.271123][ T3925] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  215.284694][ T3925] syz.0.959: attempt to access beyond end of device
[  215.284694][ T3925] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  215.298468][ T3925] syz.0.959: attempt to access beyond end of device
[  215.298468][ T3925] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  215.312017][ T3925] syz.0.959: attempt to access beyond end of device
[  215.312017][ T3925] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  215.325584][ T3925] syz.0.959: attempt to access beyond end of device
[  215.325584][ T3925] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  215.339151][ T3925] syz.0.959: attempt to access beyond end of device
[  215.339151][ T3925] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  215.352725][ T3925] syz.0.959: attempt to access beyond end of device
[  215.352725][ T3925] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  215.366405][ T3925] syz.0.959: attempt to access beyond end of device
[  215.366405][ T3925] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  215.379955][ T3947] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  215.380229][ T3925] syz.0.959: attempt to access beyond end of device
[  215.380229][ T3925] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  215.453743][ T3952] device syzkaller0 entered promiscuous mode
[  215.495392][ T3952] netlink: 20 bytes leftover after parsing attributes in process `syz.2.967'.
[  215.518970][    T6] usb 5-1: cannot find UAC_HEADER
[  215.526439][    T6] snd-usb-audio: probe of 5-1:1.0 failed with error -22
[  215.542315][  T334] udevd[334]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  215.568868][    T6] usb 5-1: USB disconnect, device number 20
[  215.623220][  T286] EXT4-fs (loop2): unmounting filesystem.
[  215.673859][ T3962] loop2: detected capacity change from 0 to 1024
[  215.694718][ T3962] EXT4-fs: Ignoring removed orlov option
[  215.736501][ T3962] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  216.052885][  T286] EXT4-fs (loop2): unmounting filesystem.
[  216.152500][ T3975] loop4: detected capacity change from 0 to 512
[  216.180116][ T3975] EXT4-fs: Ignoring removed orlov option
[  216.207564][ T3975] EXT4-fs: Ignoring removed mblk_io_submit option
[  216.312908][ T3981] bridge0: port 3(syz_tun) entered blocking state
[  216.319488][ T3981] bridge0: port 3(syz_tun) entered disabled state
[  216.480524][ T3982] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  216.842931][ T3982] loop3: detected capacity change from 0 to 2048
[  216.911013][ T3981] device syz_tun entered promiscuous mode
[  216.935103][ T3981] bridge0: port 3(syz_tun) entered blocking state
[  216.941626][ T3981] bridge0: port 3(syz_tun) entered forwarding state
[  217.049203][ T3975] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2196: inode #15: comm syz.4.972: corrupted in-inode xattr
[  217.245813][ T3975] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.972: couldn't read orphan inode 15 (err -117)
[  217.261465][   T28] audit: type=1400 audit(1769234296.559:259): avc:  denied  { ioctl } for  pid=3984 comm="syz.2.973" path="socket:[29795]" dev="sockfs" ino=29795 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  217.295164][ T3975] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  217.377641][  T537] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  217.543615][  T285] EXT4-fs (loop4): unmounting filesystem.
[  217.585362][  T537] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  217.618271][  T537] usb 4-1: config 0 interface 0 has no altsetting 0
[  217.624967][  T537] usb 4-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[  217.656117][  T537] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.665025][  T537] usb 4-1: config 0 descriptor??
[  217.672600][ T3987] loop2: detected capacity change from 0 to 40427
[  217.769393][ T3987] F2FS-fs (loop2): Found nat_bits in checkpoint
[  217.805231][ T3991] loop0: detected capacity change from 0 to 40427
[  217.836440][ T3991] F2FS-fs (loop0): Found nat_bits in checkpoint
[  217.860283][ T3987] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  217.897710][ T3316] usb 5-1: new full-speed USB device number 21 using dummy_hcd
[  217.901115][ T3991] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  217.959205][ T4005] loop1: detected capacity change from 0 to 1024
[  217.994847][ T4005] EXT4-fs: Ignoring removed orlov option
[  218.032307][ T4005] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  218.044134][ T4009] loop0: detected capacity change from 0 to 128
[  218.105203][ T3316] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  218.125754][ T3316] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  218.158677][ T3316] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  218.199007][ T3316] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  218.217753][ T3316] usb 5-1: Product: syz
[  218.244316][ T3316] usb 5-1: Manufacturer: syz
[  218.255349][ T3316] hub 5-1:4.0: USB hub found
[  218.351919][  T283] EXT4-fs (loop1): unmounting filesystem.
[  218.470771][ T3316] hub 5-1:4.0: config failed, hub doesn't have any ports! (err -19)
[  218.591036][ T4015] loop2: detected capacity change from 0 to 1024
[  218.610580][ T4015] EXT4-fs: Ignoring removed orlov option
[  218.883112][ T4015] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  219.106793][ T4022] loop0: detected capacity change from 0 to 1024
[  219.119810][ T4022] EXT4-fs: Ignoring removed orlov option
[  219.137708][ T4022] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  219.209355][  T286] EXT4-fs (loop2): unmounting filesystem.
[  219.223429][ T4027] loop4: detected capacity change from 0 to 128
[  219.269612][ T4027] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  219.281722][ T4027] ext4 filesystem being mounted at /215/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  219.481916][  T537] usbhid 4-1:0.0: can't add hid device: -71
[  219.488174][  T537] usbhid: probe of 4-1:0.0 failed with error -71
[  219.515354][  T537] usb 4-1: USB disconnect, device number 24
[  219.529656][ T4037] loop2: detected capacity change from 0 to 512
[  219.596373][ T4037] EXT4-fs: Ignoring removed orlov option
[  219.602145][ T4037] EXT4-fs: Ignoring removed mblk_io_submit option
[  219.632312][ T4037] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2196: inode #15: comm syz.2.986: corrupted in-inode xattr
[  219.644635][ T4037] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.986: couldn't read orphan inode 15 (err -117)
[  219.656775][ T4037] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  219.874500][  T286] EXT4-fs (loop2): unmounting filesystem.
[  219.896728][ T4033] loop1: detected capacity change from 0 to 40427
[  219.931735][  T284] EXT4-fs (loop0): unmounting filesystem.
[  219.942205][ T4033] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  219.963313][ T4033] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  220.000339][ T4033] F2FS-fs (loop1): invalid crc value
[  220.029437][ T4033] F2FS-fs (loop1): Found nat_bits in checkpoint
[  220.075539][ T4033] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  220.082622][ T4033] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  220.132703][ T4033] overlayfs: conflicting options: userxattr,redirect_dir=off
[  220.339971][ T4046] loop0: detected capacity change from 0 to 40427
[  220.400817][ T4046] F2FS-fs (loop0): Found nat_bits in checkpoint
[  220.493699][ T4046] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  220.759563][ T4065] loop0: detected capacity change from 0 to 512
[  220.861552][ T4065] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.992: inode #1: comm syz.0.992: iget: illegal inode #
[  220.888927][ T4065] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.992: error while reading EA inode 1 err=-117
[  220.971023][ T4065] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2819: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  221.042537][ T4065] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.992: inode #1: comm syz.0.992: iget: illegal inode #
[  221.067679][  T285] EXT4-fs (loop4): unmounting filesystem.
[  221.075511][ T4065] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.992: error while reading EA inode 1 err=-117
[  221.091155][ T4065] EXT4-fs (loop0): 1 orphan inode deleted
[  221.097248][ T4065] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  221.167854][  T537] usb 5-1: USB disconnect, device number 21
[  221.220768][   T28] audit: type=1400 audit(1769234300.214:260): avc:  denied  { create } for  pid=4072 comm="syz.4.993" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  221.667610][   T28] audit: type=1400 audit(1769234300.611:261): avc:  denied  { map } for  pid=4064 comm="syz.0.992" path="socket:[29637]" dev="sockfs" ino=29637 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  221.694256][ T4083] loop4: detected capacity change from 0 to 1024
[  221.703088][ T4085] loop1: detected capacity change from 0 to 512
[  221.709783][ T4085] EXT4-fs: Ignoring removed orlov option
[  221.715782][ T4085] EXT4-fs: Ignoring removed mblk_io_submit option
[  222.372369][ T4086] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  222.563851][ T4081] loop2: detected capacity change from 0 to 2048
[  222.577870][  T284] EXT4-fs (loop0): unmounting filesystem.
[  222.611574][ T4085] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2196: inode #15: comm syz.1.997: corrupted in-inode xattr
[  222.616938][  T334] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  222.633818][ T4085] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.997: couldn't read orphan inode 15 (err -117)
[  222.646887][ T4085] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  222.661077][ T4083] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  222.713025][ T4083] ext4 filesystem being mounted at /217/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  222.800258][ T4098] netlink: 'syz.3.1002': attribute type 1 has an invalid length.
[  222.875300][ T4083] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: comm syz.4.998: lblock 0 mapped to illegal pblock 0 (length 6)
[  222.892519][ T4083] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117
[  222.905515][  T283] EXT4-fs (loop1): unmounting filesystem.
[  222.905537][ T4083] EXT4-fs (loop4): This should not happen!! Data will be lost
[  222.905537][ T4083] 
[  222.924712][   T19] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  222.935920][ T4083] EXT4-fs error (device loop4): ext4_map_blocks:635: inode #15: comm syz.4.998: lblock 0 mapped to illegal pblock 0 (length 1)
[  222.949537][ T4083] EXT4-fs error (device loop4): ext4_ext_remove_space:2930: inode #15: comm syz.4.998: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  222.968024][ T4083] EXT4-fs error (device loop4) in ext4_setattr:5674: Corrupt filesystem
[  222.986088][  T285] EXT4-fs (loop4): unmounting filesystem.
[  223.002642][ T3316] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  223.071816][ T4106] loop4: detected capacity change from 0 to 512
[  223.079288][ T4106] EXT4-fs: Mount option(s) incompatible with ext2
[  223.098075][ T1251] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  223.178569][   T19] usb 3-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  223.196387][   T19] usb 3-1: config 0 interface 0 has no altsetting 0
[  223.203076][   T19] usb 3-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[  223.212206][   T19] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.223258][   T19] usb 3-1: config 0 descriptor??
[  223.250906][ T3316] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  223.268920][ T3316] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  223.278690][ T3316] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  223.287825][ T3316] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  223.295974][ T3316] usb 1-1: SerialNumber: syz
[  223.303922][ T1251] usb 4-1: Using ep0 maxpacket: 8
[  223.312704][ T1251] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  223.325661][ T1251] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.336586][ T1251] usb 4-1: Product: syz
[  223.340353][ T4109] loop1: detected capacity change from 0 to 1024
[  223.340781][ T1251] usb 4-1: Manufacturer: syz
[  223.340797][ T1251] usb 4-1: SerialNumber: syz
[  223.355226][ T4109] EXT4-fs: Ignoring removed orlov option
[  223.370618][ T4109] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  223.530120][ T3316] usb 1-1: cannot find UAC_HEADER
[  223.538391][ T3316] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[  223.546595][ T3316] usb 1-1: USB disconnect, device number 27
[  223.579545][  T283] EXT4-fs (loop1): unmounting filesystem.
[  223.589203][ T1251] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 25 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  223.607035][ T1251] usb 4-1: USB disconnect, device number 25
[  223.614567][ T1251] usblp0: removed
[  223.770325][  T572] udevd[572]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  224.211405][   T28] audit: type=1400 audit(1769234302.974:262): avc:  denied  { audit_read } for  pid=4121 comm="syz.3.1010" capability=37  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  224.316915][ T4124] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1009'.
[  224.326785][ T4124] device gretap0 entered promiscuous mode
[  224.349275][ T4124] netlink: 45349 bytes leftover after parsing attributes in process `syz.0.1009'.
[  224.359058][ T4124] 0猉功D龌: renamed from gretap0
[  224.366381][ T4124] device 
00猉功D龌 left promiscuous mode
[  224.421450][ T4125] loop3: detected capacity change from 0 to 16
[  224.432988][ T4125] erofs: (device loop3): mounted with root inode @ nid 36.
[  224.572945][ T4132] loop1: detected capacity change from 0 to 512
[  224.579644][ T4132] EXT4-fs: Ignoring removed orlov option
[  224.585602][ T4132] EXT4-fs: Ignoring removed mblk_io_submit option
[  224.594377][ T4132] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2196: inode #15: comm syz.1.1013: corrupted in-inode xattr
[  224.606806][ T4132] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1013: couldn't read orphan inode 15 (err -117)
[  224.618907][ T4132] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  224.885467][   T19] usbhid 3-1:0.0: can't add hid device: -71
[  224.891741][   T19] usbhid: probe of 3-1:0.0 failed with error -71
[  224.902395][   T19] usb 3-1: USB disconnect, device number 27
[  224.948396][  T283] EXT4-fs (loop1): unmounting filesystem.
[  224.973980][   T28] audit: type=1400 audit(1769234303.685:263): avc:  denied  { read write } for  pid=4140 comm="syz.1.1016" name="uhid" dev="devtmpfs" ino=267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  224.999385][   T28] audit: type=1400 audit(1769234303.685:264): avc:  denied  { open } for  pid=4140 comm="syz.1.1016" path="/dev/uhid" dev="devtmpfs" ino=267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  225.050687][ T4145] capability: warning: `syz.2.1018' uses 32-bit capabilities (legacy support in use)
[  225.197449][ T4136] loop4: detected capacity change from 0 to 40427
[  225.206086][ T4136] F2FS-fs (loop4): invalid crc value
[  225.213650][ T4150] loop3: detected capacity change from 0 to 512
[  225.491517][ T4146] loop1: detected capacity change from 0 to 512
[  225.498241][ T4146] EXT4-fs: Ignoring removed i_version option
[  225.504282][ T4146] EXT4-fs: Ignoring removed bh option
[  225.509777][ T4146] EXT4-fs: Ignoring removed mblk_io_submit option
[  225.525170][   T28] audit: type=1400 audit(1769234304.183:265): avc:  denied  { create } for  pid=4144 comm="syz.2.1018" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  225.526221][ T4146] EXT4-fs (loop1): Test dummy encryption mode enabled
[  225.526261][ T4146] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  225.586504][   T28] audit: type=1400 audit(1769234304.239:266): avc:  denied  { read write } for  pid=4144 comm="syz.2.1018" name="file0" dev="tmpfs" ino=1173 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  225.736656][ T4150] EXT4-fs: Ignoring removed orlov option
[  225.771625][ T4146] EXT4-fs (loop1): 1 truncate cleaned up
[  225.777428][ T4146] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  225.798601][   T28] audit: type=1400 audit(1769234304.239:267): avc:  denied  { open } for  pid=4144 comm="syz.2.1018" path="/196/file0" dev="tmpfs" ino=1173 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  225.816461][ T4136] F2FS-fs (loop4): Found nat_bits in checkpoint
[  225.836230][ T4150] EXT4-fs: Ignoring removed mblk_io_submit option
[  225.857619][ T4150] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2196: inode #15: comm syz.3.1020: corrupted in-inode xattr
[  225.876384][ T4150] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1020: couldn't read orphan inode 15 (err -117)
[  225.889417][ T4150] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  225.908690][ T4136] F2FS-fs (loop4): Start checkpoint disabled!
[  225.915571][ T4136] F2FS-fs (loop4): f2fs_disable_checkpoint() finish, err:0
[  225.923211][ T4136] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  225.935086][  T282] EXT4-fs (loop3): unmounting filesystem.
[  226.005481][   T28] audit: type=1400 audit(1769234304.636:268): avc:  denied  { unlink } for  pid=286 comm="syz-executor" name="file0" dev="tmpfs" ino=1173 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  226.031879][  T283] EXT4-fs (loop1): unmounting filesystem.
[  226.053797][ T4136] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1014'.
[  226.073731][   T28] audit: type=1400 audit(1769234304.673:269): avc:  denied  { setattr } for  pid=4135 comm="syz.4.1014" name="/" dev="loop4" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  226.123669][ T4167] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1025'.
[  226.135317][  T445] bio_check_eod: 29202 callbacks suppressed
[  226.135338][  T445] kworker/u4:4: attempt to access beyond end of device
[  226.135338][  T445] loop4: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  226.164867][ T4167] device gretap0 entered promiscuous mode
[  226.183653][ T4168] netlink: 45349 bytes leftover after parsing attributes in process `syz.3.1025'.
[  226.193177][   T19] usb 1-1: new full-speed USB device number 28 using dummy_hcd
[  226.217818][ T4168] 0猉功D龌: renamed from gretap0
[  226.223762][ T4168] device 
00猉功D龌 left promiscuous mode
[  226.683448][ T4173] loop3: detected capacity change from 0 to 512
[  226.690183][ T4173] EXT4-fs: Ignoring removed orlov option
[  226.696020][ T4173] EXT4-fs: Ignoring removed mblk_io_submit option
[  226.719346][ T4173] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2196: inode #15: comm syz.3.1027: corrupted in-inode xattr
[  226.731767][ T4173] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1027: couldn't read orphan inode 15 (err -117)
[  226.744263][ T4173] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  226.752549][   T19] usb 1-1: config 8 has an invalid interface number: 223 but max is 0
[  226.783494][   T19] usb 1-1: config 8 contains an unexpected descriptor of type 0x1, skipping
[  226.849619][   T19] usb 1-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  226.860135][   T19] usb 1-1: config 8 has no interface number 0
[  226.866315][   T19] usb 1-1: config 8 interface 223 altsetting 0 endpoint 0x7 has invalid maxpacket 15872, setting to 64
[  226.877706][   T19] usb 1-1: config 8 interface 223 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  226.892894][   T19] usb 1-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d
[  226.902664][   T19] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.910823][   T19] usb 1-1: Product: syz
[  226.915758][   T19] usb 1-1: Manufacturer: syz
[  226.920480][   T19] usb 1-1: SerialNumber: syz
[  227.083740][ T4179] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  227.151466][ T4179] loop4: detected capacity change from 0 to 2048
[  227.295457][  T334] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  227.388279][ T4181] loop1: detected capacity change from 0 to 512
[  227.450169][  T282] EXT4-fs (loop3): unmounting filesystem.
[  227.473154][ T4181] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  227.500121][ T4181] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2196: inode #15: comm syz.1.1028: corrupted in-inode xattr
[  227.539227][ T4188] loop2: detected capacity change from 0 to 128
[  227.546028][ T4181] EXT4-fs (loop1): 1 orphan inode deleted
[  227.553012][ T4181] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  227.619981][ T4188] syz.2.1031: attempt to access beyond end of device
[  227.619981][ T4188] loop2: rw=2049, sector=145, nr_sectors = 896 limit=128
[  227.643778][ T4188] syz.2.1031: attempt to access beyond end of device
[  227.643778][ T4188] loop2: rw=524288, sector=145, nr_sectors = 224 limit=128
[  227.658212][ T4188] syz.2.1031: attempt to access beyond end of device
[  227.658212][ T4188] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  227.672696][ T4188] syz.2.1031: attempt to access beyond end of device
[  227.672696][ T4188] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  227.686405][ T4188] syz.2.1031: attempt to access beyond end of device
[  227.686405][ T4188] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  227.722488][ T4188] syz.2.1031: attempt to access beyond end of device
[  227.722488][ T4188] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  227.736057][ T4188] syz.2.1031: attempt to access beyond end of device
[  227.736057][ T4188] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  227.757469][ T4188] syz.2.1031: attempt to access beyond end of device
[  227.757469][ T4188] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  227.772058][ T4188] syz.2.1031: attempt to access beyond end of device
[  227.772058][ T4188] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  227.839375][ T4192] Invalid ELF header magic: != ELF
[  227.848388][ T4192] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  228.091651][   T28] kauditd_printk_skb: 1 callbacks suppressed
[  228.091740][   T28] audit: type=1400 audit(1769234306.325:271): avc:  denied  { module_load } for  pid=4180 comm="syz.1.1028" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  228.239840][  T283] EXT4-fs (loop1): unmounting filesystem.
[  228.363942][   T19] usb 1-1: USB disconnect, device number 28
[  228.496746][ T4200] loop3: detected capacity change from 0 to 512
[  228.504242][ T4200] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  228.725169][ T4200] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2196: inode #15: comm syz.3.1034: corrupted in-inode xattr
[  228.745163][ T4203] loop2: detected capacity change from 0 to 512
[  228.773381][ T4200] EXT4-fs (loop3): 1 orphan inode deleted
[  228.783764][ T4200] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  228.796684][ T4203] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.1035: invalid indirect mapped block 256 (level 2)
[  228.810822][ T4203] EXT4-fs (loop2): 2 truncates cleaned up
[  228.816721][ T4203] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  229.099947][ T4208] Invalid ELF header magic: != ELF
[  229.144221][ T4208] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  229.971992][  T445] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm kworker/u4:4: bg 0: block 5: invalid block bitmap
[  229.989743][  T282] EXT4-fs (loop3): unmounting filesystem.
[  230.004160][ T4211] loop1: detected capacity change from 0 to 256
[  230.014649][ T4213] loop0: detected capacity change from 0 to 512
[  230.021342][ T4213] EXT4-fs: Ignoring removed orlov option
[  230.027056][ T4213] EXT4-fs: Ignoring removed mblk_io_submit option
[  230.035389][  T445] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  230.056693][ T4213] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2196: inode #15: comm syz.0.1039: corrupted in-inode xattr
[  230.068895][ T4213] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.1039: couldn't read orphan inode 15 (err -117)
[  230.072502][  T445] EXT4-fs (loop2): This should not happen!! Data will be lost
[  230.072502][  T445] 
[  230.086450][ T4213] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  230.094485][  T445] EXT4-fs (loop2): Total free blocks count 0
[  230.236024][  T445] EXT4-fs (loop2): Free/Dirty block details
[  230.271022][  T445] EXT4-fs (loop2): free_blocks=0
[  230.302705][  T445] EXT4-fs (loop2): dirty_blocks=6724
[  230.334405][  T445] EXT4-fs (loop2): Block reservation details
[  230.371309][  T445] EXT4-fs (loop2): i_reserved_data_blocks=6724
[  230.390632][  T284] EXT4-fs (loop0): unmounting filesystem.
[  230.420373][  T445] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  230.451525][ T4216] loop3: detected capacity change from 0 to 40427
[  230.503680][ T4216] F2FS-fs (loop3): Found nat_bits in checkpoint
[  230.522596][ T4230] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1037'.
[  230.603541][ T4216] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  230.698650][ T4232] loop2: detected capacity change from 0 to 40427
[  230.714189][ T4232] F2FS-fs (loop2): Found nat_bits in checkpoint
[  230.760321][ T4225] loop0: detected capacity change from 0 to 40427
[  230.783083][ T4232] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  230.805249][ T4225] F2FS-fs (loop0): Found nat_bits in checkpoint
[  230.868191][ T4225] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  231.265085][ T4245] loop1: detected capacity change from 0 to 40427
[  231.321282][ T4250] loop4: detected capacity change from 0 to 512
[  231.329686][ T4250] EXT4-fs: Ignoring removed i_version option
[  231.335781][ T4250] EXT4-fs: Ignoring removed bh option
[  231.341802][ T4250] EXT4-fs: Ignoring removed mblk_io_submit option
[  231.350147][ T4250] EXT4-fs (loop4): Test dummy encryption mode enabled
[  231.356987][ T4250] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  231.550838][ T4250] EXT4-fs (loop4): 1 truncate cleaned up
[  231.556554][ T4250] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  231.580562][ T4225] bio_check_eod: 3188 callbacks suppressed
[  231.580579][ T4225] syz.0.1042: attempt to access beyond end of device
[  231.580579][ T4225] loop0: rw=524288, sector=77824, nr_sectors = 256 limit=40427
[  231.600762][ T4225] syz.0.1042: attempt to access beyond end of device
[  231.600762][ T4225] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  231.615889][ T4225] syz.0.1042: attempt to access beyond end of device
[  231.615889][ T4225] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  231.629920][ T4225] syz.0.1042: attempt to access beyond end of device
[  231.629920][ T4225] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  231.644404][ T4225] syz.0.1042: attempt to access beyond end of device
[  231.644404][ T4225] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  231.654291][ T4255] loop3: detected capacity change from 0 to 1024
[  231.658173][ T4225] syz.0.1042: attempt to access beyond end of device
[  231.658173][ T4225] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  231.666365][ T4245] F2FS-fs (loop1): Found nat_bits in checkpoint
[  231.678415][ T4225] syz.0.1042: attempt to access beyond end of device
[  231.678415][ T4225] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  231.698704][ T4225] syz.0.1042: attempt to access beyond end of device
[  231.698704][ T4225] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  231.712586][ T4224] syz.0.1042: attempt to access beyond end of device
[  231.712586][ T4224] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  231.721819][ T4255] EXT4-fs: Ignoring removed orlov option
[  231.730243][ T4225] syz.0.1042: attempt to access beyond end of device
[  231.730243][ T4225] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  231.773524][ T4255] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  231.879836][ T4245] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  231.914622][  T282] EXT4-fs (loop3): unmounting filesystem.
[  232.038611][  T285] EXT4-fs (loop4): unmounting filesystem.
[  232.167598][ T4268] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1048'.
[  232.177214][ T4268] device 
00猉功D龌 entered promiscuous mode
[  232.209231][ T4268] netlink: 45349 bytes leftover after parsing attributes in process `syz.3.1048'.
[  232.218963][ T4268] 1猉功D龌: renamed from 
00猉功D龌
[  232.228189][ T4268] device 
01猉功D龌 left promiscuous mode
[  232.655280][ T4273] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1047'.
[  232.665178][ T4273] device gretap0 entered promiscuous mode
[  232.684597][ T4273] netlink: 45349 bytes leftover after parsing attributes in process `syz.2.1047'.
[  232.694275][ T4273] 0猉功D龌: renamed from gretap0
[  232.703520][ T4273] device 
00猉功D龌 left promiscuous mode
[  232.990730][ T4278] loop1: detected capacity change from 0 to 128
[  233.476941][ T4297] loop2: detected capacity change from 0 to 1024
[  233.487981][ T4297] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  233.501085][ T4297] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  233.509737][ T4297] EXT4-fs (loop2): orphan cleanup on readonly fs
[  233.516429][ T4297] EXT4-fs error (device loop2): ext4_read_inode_bitmap:168: comm syz.2.1058: Inode bitmap for bg 0 marked uninitialized
[  233.529276][ T4297] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  233.539537][ T4297] netlink: 'syz.2.1058': attribute type 1 has an invalid length.
[  233.597077][ T4300] loop0: detected capacity change from 0 to 1024
[  233.605077][ T4300] EXT4-fs: Ignoring removed orlov option
[  233.654138][ T4300] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  233.665554][ T4294] loop4: detected capacity change from 0 to 40427
[  233.779162][ T4294] F2FS-fs (loop4): Found nat_bits in checkpoint
[  233.839044][ T4294] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  233.846768][ T1830] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  233.906807][ T4310] loop0: detected capacity change from 0 to 8192
[  233.926220][ T4310] buffer_io_error: 18509 callbacks suppressed
[  233.926238][ T4310] Buffer I/O error on dev loop0, logical block 57847, async page read
[  233.950288][ T4310] Buffer I/O error on dev loop0, logical block 57847, async page read
[  233.961113][ T4310] Buffer I/O error on dev loop0, logical block 57847, async page read
[  233.971241][ T4310] Buffer I/O error on dev loop0, logical block 57847, async page read
[  233.979737][ T4310] Buffer I/O error on dev loop0, logical block 57847, async page read
[  234.019687][ T4308] Buffer I/O error on dev loop0, logical block 57847, async page read
[  234.057537][ T4310] Buffer I/O error on dev loop0, logical block 57847, async page read
[  234.065945][ T4308] Buffer I/O error on dev loop0, logical block 57847, async page read
[  234.074215][ T1830] usb 3-1: Using ep0 maxpacket: 8
[  234.081802][ T1830] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  234.094866][ T4310] Buffer I/O error on dev loop0, logical block 57847, async page read
[  234.103245][ T1830] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.116533][ T4310] Buffer I/O error on dev loop0, logical block 57847, async page read
[  234.125313][ T1830] usb 3-1: Product: syz
[  234.129741][ T1830] usb 3-1: Manufacturer: syz
[  234.134356][ T1830] usb 3-1: SerialNumber: syz
[  234.409819][ T1830] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 28 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  234.478294][ T4314] loop1: detected capacity change from 0 to 40427
[  234.484981][ T1830] usb 3-1: USB disconnect, device number 28
[  234.506061][ T1830] usblp0: removed
[  234.530941][ T4314] F2FS-fs (loop1): Found nat_bits in checkpoint
[  234.555390][ T4322] loop4: detected capacity change from 0 to 256
[  234.655475][ T4314] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  234.994092][ T1830] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  235.085267][ T4333] loop3: detected capacity change from 0 to 40427
[  235.131775][ T4333] F2FS-fs (loop3): Found nat_bits in checkpoint
[  235.152087][ T4335] loop2: detected capacity change from 0 to 40427
[  235.190861][ T4335] F2FS-fs (loop2): Found nat_bits in checkpoint
[  235.199882][ T1830] usb 5-1: Using ep0 maxpacket: 16
[  235.206164][ T1830] usb 5-1: config 0 has an invalid interface number: 198 but max is 0
[  235.224234][ T1830] usb 5-1: config 0 has no interface number 0
[  235.236303][ T4333] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  235.239169][ T1830] usb 5-1: New USB device found, idVendor=1a0a, idProduct=0101, bcdDevice=30.1d
[  235.268062][ T1830] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.276437][ T1830] usb 5-1: Product: syz
[  235.278312][ T4335] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  235.280646][ T1830] usb 5-1: Manufacturer: syz
[  235.318367][ T1830] usb 5-1: SerialNumber: syz
[  235.341092][ T1830] usb 5-1: config 0 descriptor??
[  235.363583][ T1830] usb_ehset_test: probe of 5-1:0.198 failed with error -32
[  235.628976][ T4324] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1063'.
[  235.639404][ T4324] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1063'.
[  235.988275][ T4353] loop1: detected capacity change from 0 to 1024
[  236.019391][ T4353] EXT4-fs: Ignoring removed orlov option
[  236.048607][ T4353] EXT4-fs mount: 2 callbacks suppressed
[  236.048626][ T4353] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  236.066609][  T537] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  236.237637][ T4357] loop2: detected capacity change from 0 to 40427
[  236.244860][  T283] EXT4-fs (loop1): unmounting filesystem.
[  236.278573][ T4357] F2FS-fs (loop2): Found nat_bits in checkpoint
[  236.304988][  T537] usb 1-1: Using ep0 maxpacket: 16
[  236.317364][  T537] usb 1-1: unable to get BOS descriptor or descriptor too short
[  236.336882][  T537] usb 1-1: config 1 interface 0 altsetting 15 endpoint 0x82 has invalid maxpacket 1104, setting to 1024
[  236.371121][ T4357] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  236.396129][  T537] usb 1-1: config 1 interface 0 altsetting 15 bulk endpoint 0x82 has invalid maxpacket 1024
[  236.431674][  T537] usb 1-1: config 1 interface 0 altsetting 15 bulk endpoint 0x3 has invalid maxpacket 32
[  236.463182][  T537] usb 1-1: config 1 interface 0 altsetting 15 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  236.490188][  T537] usb 1-1: config 1 interface 0 has no altsetting 0
[  236.513804][  T537] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  236.530570][  T537] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.543181][  T537] usb 1-1: Product: syz
[  236.550799][  T537] usb 1-1: Manufacturer: syz
[  236.557794][  T537] usb 1-1: SerialNumber: syz
[  236.570521][ T4348] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  236.580092][ T4348] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  236.607925][ T4371] loop1: detected capacity change from 0 to 8192
[  236.825088][   T28] audit: type=1400 audit(1769234570.612:272): avc:  denied  { bind } for  pid=4347 comm="syz.0.1068" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  236.859364][   T28] audit: type=1400 audit(1769234570.622:273): avc:  denied  { listen } for  pid=4347 comm="syz.0.1068" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  236.998559][ T4377] bio_check_eod: 19598 callbacks suppressed
[  236.998590][ T4377] syz.2.1070: attempt to access beyond end of device
[  236.998590][ T4377] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  237.055499][ T4377] syz.2.1070: attempt to access beyond end of device
[  237.055499][ T4377] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  237.295590][ T4377] syz.2.1070: attempt to access beyond end of device
[  237.295590][ T4377] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  237.310428][ T4377] syz.2.1070: attempt to access beyond end of device
[  237.310428][ T4377] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  237.350712][ T4377] syz.2.1070: attempt to access beyond end of device
[  237.350712][ T4377] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  237.400529][ T4377] syz.2.1070: attempt to access beyond end of device
[  237.400529][ T4377] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  237.429723][ T4356] syz.2.1070: attempt to access beyond end of device
[  237.429723][ T4356] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  237.443838][ T4377] syz.2.1070: attempt to access beyond end of device
[  237.443838][ T4377] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  237.457588][ T4377] syz.2.1070: attempt to access beyond end of device
[  237.457588][ T4377] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  237.471379][ T4356] syz.2.1070: attempt to access beyond end of device
[  237.471379][ T4356] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  237.583844][ T4384] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  237.700918][ T4384] loop3: detected capacity change from 0 to 2048
[  237.767974][  T572] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  237.831152][   T19] usb 5-1: USB disconnect, device number 22
[  238.066864][ T4391] netlink: 25 bytes leftover after parsing attributes in process `syz.4.1080'.
[  238.076512][ T4391] device gretap0 entered promiscuous mode
[  238.096226][ T4391] netlink: 45349 bytes leftover after parsing attributes in process `syz.4.1080'.
[  238.106049][ T4391] 0猉功D龌: renamed from gretap0
[  238.116054][ T4391] device 
00猉功D龌 left promiscuous mode
[  238.418281][ T4395] loop2: detected capacity change from 0 to 1024
[  238.425170][ T4395] EXT4-fs: Ignoring removed orlov option
[  238.440858][ T4395] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  238.552645][  T286] EXT4-fs (loop2): unmounting filesystem.
[  238.905175][ T4413] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1085'.
[  238.915890][ T4413] device 
00猉功D龌 entered promiscuous mode
[  238.982706][ T4413] netlink: 45349 bytes leftover after parsing attributes in process `syz.2.1085'.
[  238.993127][ T4413] 1猉功D龌: renamed from 
00猉功D龌
[  239.009613][ T4413] device 
01猉功D龌 left promiscuous mode
[  239.283670][  T537] usb 1-1: bad CDC descriptors
[  239.359114][  T537] usb 1-1: USB disconnect, device number 29
[  239.381064][ T4416] kvm [4415]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0xc1) = 0xfffffc18
[  239.389992][ T4416] kvm [4415]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0xc2) = 0xfffffc18
[  239.407167][ T4416] kvm [4415]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0xfffffc18
[  239.433394][ T4423] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1089'.
[  239.451934][ T4416] kvm [4415]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x186) = 0xfffffc18
[  239.462155][ T4423] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1089'.
[  239.474309][ T4416] kvm [4415]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x187) = 0xfffffc18
[  239.765586][ T3316] usb 5-1: new full-speed USB device number 23 using dummy_hcd
[  239.810189][ T4432] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1093'.
[  239.819803][ T4432] device 
00猉功D龌 entered promiscuous mode
[  239.851583][ T4432] netlink: 45349 bytes leftover after parsing attributes in process `syz.0.1093'.
[  239.861247][ T4432] 1猉功D龌: renamed from 
00猉功D龌
[  239.870313][ T4432] device 
01猉功D龌 left promiscuous mode
[  240.173971][ T3316] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  240.185130][ T3316] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  240.196091][ T3316] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  240.205151][ T3316] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  240.213717][ T3316] usb 5-1: Product: syz
[  240.217946][ T3316] usb 5-1: Manufacturer: syz
[  240.224131][ T3316] hub 5-1:4.0: USB hub found
[  240.380969][ T4441] loop2: detected capacity change from 0 to 128
[  240.433202][  T572] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  240.443866][   T28] audit: type=1400 audit(1769234573.954:274): avc:  denied  { create } for  pid=4440 comm="syz.2.1098" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  240.444015][ T3316] hub 5-1:4.0: config failed, hub doesn't have any ports! (err -19)
[  240.464185][ T4441] loop2: detected capacity change from 0 to 256
[  240.480302][ T4441] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1098'.
[  240.489680][ T4441] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1098'.
[  240.723859][ T4449] device 
01猉功D龌 entered promiscuous mode
[  240.754085][ T4449] 0猉功D龌: renamed from 
01猉功D龌
[  240.763349][ T4449] device 
00猉功D龌 left promiscuous mode
[  241.357626][ T4458] loop4: detected capacity change from 0 to 128
[  241.387683][ T4458] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  241.396458][ T4458] ext4 filesystem being mounted at /232/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  241.510016][ T4454] loop1: detected capacity change from 0 to 40427
[  241.560377][ T4454] F2FS-fs (loop1): Found nat_bits in checkpoint
[  241.607831][ T4454] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  241.873766][ T1251] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  242.068970][ T1251] usb 1-1: Using ep0 maxpacket: 32
[  242.075283][ T1251] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  242.088406][ T1251] usb 1-1: New USB device found, idVendor=046d, idProduct=c531, bcdDevice= 0.00
[  242.102434][ T1251] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.114177][ T1251] usb 1-1: config 0 descriptor??
[  242.538938][ T4482] loop2: detected capacity change from 0 to 40427
[  242.564987][ T4482] F2FS-fs (loop2): Found nat_bits in checkpoint
[  242.577501][ T1251] logitech-djreceiver 0003:046D:C531.0001: item fetching failed at offset 0/1
[  242.599831][ T1251] logitech-djreceiver 0003:046D:C531.0001: logi_dj_probe: parse failed
[  242.608131][ T1251] logitech-djreceiver: probe of 0003:046D:C531.0001 failed with error -22
[  242.621961][ T4482] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  242.765753][ T4491] loop3: detected capacity change from 0 to 512
[  242.827796][ T4491] EXT4-fs: Mount option(s) incompatible with ext2
[  242.860229][ T4482] bio_check_eod: 1003 callbacks suppressed
[  242.860249][ T4482] syz.2.1110: attempt to access beyond end of device
[  242.860249][ T4482] loop2: rw=2049, sector=77824, nr_sectors = 2048 limit=40427
[  242.911221][  T285] EXT4-fs (loop4): unmounting filesystem.
[  242.917070][   T28] audit: type=1400 audit(1769234576.234:275): avc:  denied  { getopt } for  pid=4492 comm="syz.1.1112" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  242.968485][ T1251] usb 5-1: USB disconnect, device number 23
[  243.004365][ T4497] loop1: detected capacity change from 0 to 1024
[  243.027944][ T4482] syz.2.1110: attempt to access beyond end of device
[  243.027944][ T4482] loop2: rw=2049, sector=79872, nr_sectors = 2048 limit=40427
[  243.031179][ T4497] EXT4-fs: Ignoring removed orlov option
[  243.099444][ T4497] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  243.129819][ T4482] syz.2.1110: attempt to access beyond end of device
[  243.129819][ T4482] loop2: rw=2049, sector=49152, nr_sectors = 2048 limit=40427
[  243.160901][ T4468] loop0: detected capacity change from 0 to 40427
[  243.208702][ T4468] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(918016)
[  243.225887][ T4482] syz.2.1110: attempt to access beyond end of device
[  243.225887][ T4482] loop2: rw=2049, sector=51200, nr_sectors = 2048 limit=40427
[  243.250278][ T4482] syz.2.1110: attempt to access beyond end of device
[  243.250278][ T4482] loop2: rw=2049, sector=57344, nr_sectors = 4088 limit=40427
[  243.268088][ T4468] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  243.282947][ T4482] syz.2.1110: attempt to access beyond end of device
[  243.282947][ T4482] loop2: rw=2049, sector=61432, nr_sectors = 4088 limit=40427
[  243.308155][ T4468] F2FS-fs (loop0): invalid crc value
[  243.319674][ T4468] F2FS-fs (loop0): Found nat_bits in checkpoint
[  243.373652][ T4482] syz.2.1110: attempt to access beyond end of device
[  243.373652][ T4482] loop2: rw=2049, sector=65520, nr_sectors = 8016 limit=40427
[  243.411321][ T4468] F2FS-fs (loop0): Start checkpoint disabled!
[  243.431989][ T4468] F2FS-fs (loop0): f2fs_disable_checkpoint() finish, err:0
[  243.458818][ T4468] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  243.476055][ T4468] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  243.513904][ T4467] syz.0.1105: attempt to access beyond end of device
[  243.513904][ T4467] loop0: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  243.533671][ T4482] syz.2.1110: attempt to access beyond end of device
[  243.533671][ T4482] loop2: rw=2049, sector=73536, nr_sectors = 4288 limit=40427
[  243.553471][   T28] audit: type=1400 audit(1769234576.833:276): avc:  denied  { ioctl } for  pid=4467 comm="syz.0.1105" path="/205/file1/memory.swap.current" dev="loop0" ino=10 ioctlcmd=0x6618 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  243.556415][   T19] usb 1-1: USB disconnect, device number 30
[  243.653878][ T4482] syz.2.1110: attempt to access beyond end of device
[  243.653878][ T4482] loop2: rw=2049, sector=81920, nr_sectors = 3928 limit=40427
[  243.706369][  T283] EXT4-fs (loop1): unmounting filesystem.
[  244.289307][ T4517] __nla_validate_parse: 3 callbacks suppressed
[  244.289340][ T4517] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1118'.
[  244.305537][ T4517] device 
01猉功D龌 entered promiscuous mode
[  244.322591][ T4517] netlink: 45349 bytes leftover after parsing attributes in process `syz.3.1118'.
[  244.332191][ T4517] 0猉功D龌: renamed from 
01猉功D龌
[  244.341408][ T4517] device 
00猉功D龌 left promiscuous mode
[  244.435606][ T4518] loop2: detected capacity change from 0 to 512
[  244.477262][ T4518] EXT4-fs: Ignoring removed nobh option
[  244.489824][ T4518] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 0 not in group (block 0)!
[  244.502822][ T4518] EXT4-fs (loop2): group descriptors corrupted!
[  244.539056][   T28] audit: type=1326 audit(1769234577.738:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.2.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf7a39acb9 code=0x7ffc0000
[  244.581528][   T28] audit: type=1326 audit(1769234577.766:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.2.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf7a39acb9 code=0x7ffc0000
[  244.605266][   T28] audit: type=1326 audit(1769234577.766:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.2.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf7a39acb9 code=0x7ffc0000
[  244.606613][ T4520] loop0: detected capacity change from 0 to 8192
[  244.629289][   T28] audit: type=1326 audit(1769234577.766:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.2.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7fbf7a39acb9 code=0x7ffc0000
[  244.638459][   T19] usb 5-1: new full-speed USB device number 24 using dummy_hcd
[  244.666952][   T28] audit: type=1326 audit(1769234577.766:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.2.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf7a39acb9 code=0x7ffc0000
[  244.693246][ T4520] buffer_io_error: 880 callbacks suppressed
[  244.693266][ T4520] Buffer I/O error on dev loop0, logical block 57847, async page read
[  244.734142][   T28] audit: type=1326 audit(1769234577.766:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.2.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf7a39acb9 code=0x7ffc0000
[  244.757857][   T28] audit: type=1326 audit(1769234577.766:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.2.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf7a39acb9 code=0x7ffc0000
[  244.761406][ T4520] Buffer I/O error on dev loop0, logical block 57847, async page read
[  244.781507][   T28] audit: type=1326 audit(1769234577.766:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4516 comm="syz.2.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7fbf7a39acb9 code=0x7ffc0000
[  244.822476][ T4519] Buffer I/O error on dev loop0, logical block 57847, async page read
[  244.830825][ T4520] Buffer I/O error on dev loop0, logical block 57847, async page read
[  244.839477][ T4519] Buffer I/O error on dev loop0, logical block 57847, async page read
[  244.848422][ T4520] Buffer I/O error on dev loop0, logical block 57847, async page read
[  244.861484][ T4519] Buffer I/O error on dev loop0, logical block 57847, async page read
[  244.869879][ T4520] Buffer I/O error on dev loop0, logical block 57847, async page read
[  244.878283][ T4520] Buffer I/O error on dev loop0, logical block 57847, async page read
[  244.886706][ T4521] Buffer I/O error on dev loop0, logical block 57847, async page read
[  244.897664][   T19] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  244.908732][   T19] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  244.919853][   T19] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  244.928927][   T19] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  244.937440][   T19] usb 5-1: Product: syz
[  244.941678][   T19] usb 5-1: Manufacturer: syz
[  244.948106][   T19] hub 5-1:4.0: USB hub found
[  245.164912][   T19] hub 5-1:4.0: 2 ports detected
[  245.463760][ T4514] loop4: detected capacity change from 0 to 128
[  245.493484][ T4514] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  245.513701][ T4514] ext4 filesystem being mounted at /234/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  245.537526][ T4533] loop1: detected capacity change from 0 to 40427
[  245.560521][ T4533] F2FS-fs (loop1): Found nat_bits in checkpoint
[  245.606082][ T4533] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  245.818432][   T19] hub 5-1:4.0: hub_hub_status failed (err = -71)
[  245.827069][   T19] hub 5-1:4.0: config failed, can't get hub status (err -71)
[  245.916644][ T4540] loop0: detected capacity change from 0 to 40427
[  246.031598][ T4546] loop2: detected capacity change from 0 to 512
[  246.040013][ T4546] EXT4-fs: Ignoring removed i_version option
[  246.046103][ T4546] EXT4-fs: Ignoring removed bh option
[  246.052131][ T4546] EXT4-fs: Ignoring removed mblk_io_submit option
[  246.060738][ T4546] EXT4-fs (loop2): Test dummy encryption mode enabled
[  246.067665][ T4546] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  246.182569][ T4546] EXT4-fs (loop2): 1 truncate cleaned up
[  246.188460][ T4546] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  246.239410][   T19] usb 5-1: USB disconnect, device number 24
[  246.276858][ T4540] F2FS-fs (loop0): Found nat_bits in checkpoint
[  246.330543][ T4540] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  246.560661][  T285] EXT4-fs (loop4): unmounting filesystem.
[  246.760939][  T286] EXT4-fs (loop2): unmounting filesystem.
[  247.429577][ T4564] loop4: detected capacity change from 0 to 40427
[  247.477124][ T4564] F2FS-fs (loop4): Found nat_bits in checkpoint
[  247.559840][ T4564] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  247.740232][ T4577] FAULT_INJECTION: forcing a failure.
[  247.740232][ T4577] name failslab, interval 1, probability 0, space 0, times 0
[  247.752941][ T4577] CPU: 1 PID: 4577 Comm: syz.3.1133 Tainted: G        W          syzkaller #0
[  247.761827][ T4577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  247.771902][ T4577] Call Trace:
[  247.775201][ T4577]  <TASK>
[  247.778153][ T4577]  __dump_stack+0x21/0x24
[  247.782519][ T4577]  dump_stack_lvl+0x110/0x170
[  247.787228][ T4577]  ? __cfi_dump_stack_lvl+0x8/0x8
[  247.792295][ T4577]  dump_stack+0x15/0x24
[  247.796492][ T4577]  should_fail_ex+0x3d4/0x520
[  247.801205][ T4577]  ? __sigqueue_alloc+0x13f/0x210
[  247.806255][ T4577]  __should_failslab+0xac/0xf0
[  247.811047][ T4577]  should_failslab+0x9/0x20
[  247.815569][ T4577]  kmem_cache_alloc+0x3b/0x330
[  247.820342][ T4577]  __sigqueue_alloc+0x13f/0x210
[  247.825294][ T4577]  sigqueue_alloc+0x28/0x30
[  247.829827][ T4577]  do_timer_create+0x1cc/0x12e0
[  247.834702][ T4577]  ? __cfi_vfs_write+0x10/0x10
[  247.839477][ T4577]  ? mutex_unlock+0x8f/0x230
[  247.844080][ T4577]  ? __ia32_sys_clock_nanosleep_time32+0xb0/0xb0
[  247.850422][ T4577]  ? __kasan_check_write+0x14/0x20
[  247.855544][ T4577]  __x64_sys_timer_create+0x166/0x1c0
[  247.860921][ T4577]  ? __cfi___x64_sys_timer_create+0x10/0x10
[  247.866819][ T4577]  ? fpregs_assert_state_consistent+0xb1/0xe0
[  247.872900][ T4577]  x64_sys_call+0x31c/0x9a0
[  247.877410][ T4577]  do_syscall_64+0x4c/0xa0
[  247.881840][ T4577]  ? clear_bhb_loop+0x30/0x80
[  247.886526][ T4577]  ? clear_bhb_loop+0x30/0x80
[  247.891235][ T4577]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  247.897135][ T4577] RIP: 0033:0x7fd116b9acb9
[  247.901556][ T4577] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  247.921175][ T4577] RSP: 002b:00007fd117af0028 EFLAGS: 00000246 ORIG_RAX: 00000000000000de
[  247.929589][ T4577] RAX: ffffffffffffffda RBX: 00007fd116e16090 RCX: 00007fd116b9acb9
[  247.937565][ T4577] RDX: 0000200000bbdffc RSI: 0000200000533fa0 RDI: 0000000000000000
[  247.945542][ T4577] RBP: 00007fd117af0090 R08: 0000000000000000 R09: 0000000000000000
[  247.953512][ T4577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.961486][ T4577] R13: 00007fd116e16128 R14: 00007fd116e16090 R15: 00007ffdafcc25c8
[  247.969473][ T4577]  </TASK>
[  248.287636][   T19] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  248.338478][  T285] bio_check_eod: 2012 callbacks suppressed
[  248.338495][  T285] syz-executor: attempt to access beyond end of device
[  248.338495][  T285] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  248.421345][ T4587] loop1: detected capacity change from 0 to 40427
[  248.461011][   T19] usb 3-1: device descriptor read/64, error -71
[  248.474884][ T4587] F2FS-fs (loop1): Found nat_bits in checkpoint
[  248.689268][ T4587] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  249.012559][   T19] usb 3-1: device descriptor read/64, error -71
[  249.172525][ T4587] syz.1.1136: attempt to access beyond end of device
[  249.172525][ T4587] loop1: rw=2049, sector=77824, nr_sectors = 2048 limit=40427
[  249.192551][ T4587] syz.1.1136: attempt to access beyond end of device
[  249.192551][ T4587] loop1: rw=2049, sector=79872, nr_sectors = 2048 limit=40427
[  249.212792][ T4587] syz.1.1136: attempt to access beyond end of device
[  249.212792][ T4587] loop1: rw=2049, sector=49152, nr_sectors = 2048 limit=40427
[  249.232774][ T4587] syz.1.1136: attempt to access beyond end of device
[  249.232774][ T4587] loop1: rw=2049, sector=51200, nr_sectors = 2048 limit=40427
[  249.271837][ T4587] syz.1.1136: attempt to access beyond end of device
[  249.271837][ T4587] loop1: rw=2049, sector=57344, nr_sectors = 10888 limit=40427
[  249.295786][ T4587] syz.1.1136: attempt to access beyond end of device
[  249.295786][ T4587] loop1: rw=2049, sector=68232, nr_sectors = 2320 limit=40427
[  249.296114][ T4600] syz.1.1136: attempt to access beyond end of device
[  249.296114][ T4600] loop1: rw=524288, sector=77824, nr_sectors = 256 limit=40427
[  249.323980][   T19] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  249.328033][ T4600] syz.1.1136: attempt to access beyond end of device
[  249.328033][ T4600] loop1: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  249.345296][ T4600] syz.1.1136: attempt to access beyond end of device
[  249.345296][ T4600] loop1: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  249.446897][  T537] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  249.531366][   T19] usb 3-1: device descriptor read/64, error -71
[  249.537735][  T434] usb 5-1: new full-speed USB device number 25 using dummy_hcd
[  249.642048][  T537] usb 1-1: Using ep0 maxpacket: 8
[  249.651036][  T537] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  249.663037][  T537] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.671217][  T537] usb 1-1: Product: syz
[  249.675465][  T537] usb 1-1: Manufacturer: syz
[  249.680117][  T537] usb 1-1: SerialNumber: syz
[  249.751034][  T434] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  249.762275][  T434] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.783509][  T434] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  249.793588][  T434] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  249.801969][  T434] usb 5-1: Product: syz
[  249.815261][  T434] usb 5-1: Manufacturer: syz
[  249.830409][  T434] hub 5-1:4.0: USB hub found
[  249.837043][   T19] usb 3-1: device descriptor read/64, error -71
[  249.967000][   T19] usb usb3-port1: attempt power cycle
[  249.988988][ T4612] loop1: detected capacity change from 0 to 40427
[  250.017878][ T4612] F2FS-fs (loop1): Found nat_bits in checkpoint
[  250.047231][  T434] hub 5-1:4.0: 2 ports detected
[  250.070330][ T4612] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  250.127876][  T537] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 31 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  250.155903][  T537] usb 1-1: USB disconnect, device number 31
[  250.175576][  T537] usblp0: removed
[  250.323028][ T4620] loop4: detected capacity change from 0 to 128
[  250.356873][ T4620] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  250.376015][ T4620] ext4 filesystem being mounted at /237/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  250.411263][   T19] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  250.455580][   T19] usb 3-1: device descriptor read/8, error -71
[  250.618113][   T19] usb 3-1: device descriptor read/8, error -71
[  250.791395][  T434] hub 5-1:4.0: hub_hub_status failed (err = -71)
[  250.797788][  T434] hub 5-1:4.0: config failed, can't get hub status (err -71)
[  251.137352][  T434] usb 5-1: USB disconnect, device number 25
[  251.167859][ T4635] loop0: detected capacity change from 0 to 512
[  251.174681][ T4635] EXT4-fs: Ignoring removed orlov option
[  251.180450][   T19] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  251.180473][ T4635] EXT4-fs: Ignoring removed mblk_io_submit option
[  251.203066][ T4635] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2196: inode #15: comm syz.0.1148: corrupted in-inode xattr
[  251.213604][ T4627] loop1: detected capacity change from 0 to 40427
[  251.216047][ T4635] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.1148: couldn't read orphan inode 15 (err -117)
[  251.225155][   T19] usb 3-1: device descriptor read/8, error -71
[  251.235119][ T4635] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  251.266370][ T4627] F2FS-fs (loop1): Found nat_bits in checkpoint
[  251.278259][ T4641] loop2: detected capacity change from 0 to 512
[  251.295244][  T284] EXT4-fs (loop0): unmounting filesystem.
[  251.314744][ T4641] EXT4-fs: Ignoring removed orlov option
[  251.333345][ T4641] EXT4-fs: Ignoring removed mblk_io_submit option
[  251.336187][ T4627] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  251.347203][ T4641] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2196: inode #15: comm syz.2.1149: corrupted in-inode xattr
[  251.367284][ T4641] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1149: couldn't read orphan inode 15 (err -117)
[  251.398113][   T19] usb 3-1: device descriptor read/8, error -71
[  251.406331][ T4641] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  251.574227][   T19] usb usb3-port1: unable to enumerate USB device
[  251.610537][  T285] EXT4-fs (loop4): unmounting filesystem.
[  251.688240][ T4654] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1151'.
[  251.697917][ T4654] device 
01猉功D龌 entered promiscuous mode
[  251.731375][ T4654] netlink: 45349 bytes leftover after parsing attributes in process `syz.0.1151'.
[  251.741178][ T4654] 0猉功D龌: renamed from 
01猉功D龌
[  251.750769][ T4654] device 
00猉功D龌 left promiscuous mode
[  251.838926][   T28] kauditd_printk_skb: 98 callbacks suppressed
[  251.838953][   T28] audit: type=1400 audit(1769234584.467:383): avc:  denied  { read } for  pid=4652 comm="syz.3.1153" name="uinput" dev="devtmpfs" ino=262 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  251.911422][ T4653] input: syz1 as /devices/virtual/input/input4
[  251.951989][   T28] audit: type=1400 audit(1769234584.577:384): avc:  denied  { read } for  pid=87 comm="acpid" name="event3" dev="devtmpfs" ino=2602 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  252.017636][   T28] audit: type=1400 audit(1769234584.577:385): avc:  denied  { open } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=2602 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  252.072095][   T28] audit: type=1400 audit(1769234584.577:386): avc:  denied  { ioctl } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=2602 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  252.072112][ T4657] netlink: 25 bytes leftover after parsing attributes in process `syz.4.1152'.
[  252.106320][ T4657] device 
00猉功D龌 entered promiscuous mode
[  252.123962][ T4658] netlink: 45349 bytes leftover after parsing attributes in process `syz.4.1152'.
[  252.155308][ T4658] 1猉功D龌: renamed from 
00猉功D龌
[  252.169991][ T4658] device 
01猉功D龌 left promiscuous mode
[  252.333608][  T286] EXT4-fs (loop2): unmounting filesystem.
[  252.352933][ T4664] loop2: detected capacity change from 0 to 256
[  252.360891][ T4664] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1155'.
[  252.385688][ T4664] loop2: detected capacity change from 0 to 512
[  252.392261][ T4664] EXT4-fs: Ignoring removed i_version option
[  252.506024][ T4665] loop4: detected capacity change from 0 to 512
[  252.514413][ T4665] EXT4-fs: Ignoring removed i_version option
[  252.520484][ T4665] EXT4-fs: Ignoring removed bh option
[  252.526465][ T4665] EXT4-fs: Ignoring removed mblk_io_submit option
[  252.666588][ T4664] EXT4-fs: Ignoring removed bh option
[  252.680645][ T4665] EXT4-fs (loop4): Test dummy encryption mode enabled
[  252.687628][ T4665] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  252.719491][ T4666] loop3: detected capacity change from 0 to 128
[  252.731615][ T4665] EXT4-fs (loop4): 1 truncate cleaned up
[  252.737326][ T4665] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  252.806241][ T4664] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  252.815662][ T4664] ext4 filesystem being mounted at /224/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  252.956733][   T28] audit: type=1400 audit(1769234585.500:387): avc:  denied  { ioctl } for  pid=4663 comm="syz.2.1155" path="/224/bus/file1" dev="loop2" ino=15 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  253.231248][  T285] EXT4-fs (loop4): unmounting filesystem.
[  253.303948][   T19] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  253.477310][   T19] usb 3-1: device descriptor read/64, error -71
[  253.585781][  T434] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  253.628594][ T4680] loop1: detected capacity change from 0 to 512
[  253.635434][ T4680] EXT4-fs: Ignoring removed orlov option
[  253.641176][ T4680] EXT4-fs: Ignoring removed mblk_io_submit option
[  253.664664][ T4680] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2196: inode #15: comm syz.1.1160: corrupted in-inode xattr
[  253.677198][ T4680] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1160: couldn't read orphan inode 15 (err -117)
[  253.689482][ T4680] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  253.708111][  T283] EXT4-fs (loop1): unmounting filesystem.
[  253.744125][ T4683] loop3: detected capacity change from 0 to 1024
[  253.761842][ T4683] EXT4-fs: Ignoring removed orlov option
[  253.802269][  T434] usb 5-1: device descriptor read/64, error -71
[  253.810904][ T4683] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  253.858590][ T4694] loop1: detected capacity change from 0 to 512
[  253.867774][ T4694] EXT4-fs: Ignoring removed orlov option
[  253.873621][ T4694] EXT4-fs: Ignoring removed mblk_io_submit option
[  254.017357][ T4694] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2196: inode #15: comm syz.1.1165: corrupted in-inode xattr
[  254.066525][ T4694] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1165: couldn't read orphan inode 15 (err -117)
[  254.133420][ T4694] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  254.176148][   T19] usb 3-1: device descriptor read/64, error -71
[  254.354819][  T434] usb 5-1: device descriptor read/64, error -71
[  254.408170][  T283] EXT4-fs (loop1): unmounting filesystem.
[  254.432984][  T282] EXT4-fs (loop3): unmounting filesystem.
[  254.473985][   T19] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  254.609248][ T4705] netlink: 45349 bytes leftover after parsing attributes in process `syz.1.1166'.
[  254.901913][ T4707] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1167'.
[  254.940000][ T4707] device 
00猉功D龌 entered promiscuous mode
[  255.904401][ T4707] netlink: 45349 bytes leftover after parsing attributes in process `syz.3.1167'.
[  255.913788][ T4707] 1猉功D龌: renamed from 
00猉功D龌
[  255.942208][ T4707] device 
01猉功D龌 left promiscuous mode
[  255.977642][  T286] EXT4-fs (loop2): unmounting filesystem.
[  256.034879][   T19] usb 3-1: device descriptor read/64, error -71
[  256.041217][  T434] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  256.058252][   T28] audit: type=1400 audit(1769234588.371:388): avc:  denied  { setopt } for  pid=4712 comm="syz.2.1170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  256.554767][ T4717] loop3: detected capacity change from 0 to 512
[  256.561485][ T4717] EXT4-fs: Ignoring removed orlov option
[  256.567241][ T4717] EXT4-fs: Ignoring removed mblk_io_submit option
[  256.586952][  T434] usb 5-1: device descriptor read/64, error -71
[  256.595960][ T4717] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2196: inode #15: comm syz.3.1171: corrupted in-inode xattr
[  256.608148][ T4717] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1171: couldn't read orphan inode 15 (err -117)
[  256.620179][ T4717] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  256.645223][  T282] EXT4-fs (loop3): unmounting filesystem.
[  256.666696][ T4723] loop4: detected capacity change from 0 to 128
[  256.680380][ T4723] bio_check_eod: 5656 callbacks suppressed
[  256.680396][ T4723] syz.4.1173: attempt to access beyond end of device
[  256.680396][ T4723] loop4: rw=2049, sector=145, nr_sectors = 89 limit=128
[  256.811846][ T4719] loop2: detected capacity change from 0 to 40427
[  256.820596][ T4723] syz.4.1173: attempt to access beyond end of device
[  256.820596][ T4723] loop4: rw=2049, sector=241, nr_sectors = 800 limit=128
[  256.850443][ T4719] F2FS-fs (loop2): Found nat_bits in checkpoint
[  256.892733][ T4719] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  256.941038][ T4740] loop3: detected capacity change from 0 to 512
[  256.948131][ T4740] EXT4-fs: Ignoring removed orlov option
[  256.953835][ T4740] EXT4-fs: Ignoring removed mblk_io_submit option
[  256.979397][ T4740] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2196: inode #15: comm syz.3.1177: corrupted in-inode xattr
[  256.991604][ T4740] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1177: couldn't read orphan inode 15 (err -117)
[  257.003781][ T4740] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  257.306847][ T4719] syz.2.1172: attempt to access beyond end of device
[  257.306847][ T4719] loop2: rw=2049, sector=77824, nr_sectors = 664 limit=40427
[  257.379391][ T4719] syz.2.1172: attempt to access beyond end of device
[  257.379391][ T4719] loop2: rw=524288, sector=77824, nr_sectors = 256 limit=40427
[  257.433084][  T282] EXT4-fs (loop3): unmounting filesystem.
[  257.442657][ T4719] syz.2.1172: attempt to access beyond end of device
[  257.442657][ T4719] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  257.469933][ T4719] syz.2.1172: attempt to access beyond end of device
[  257.469933][ T4719] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  257.486902][ T4743] loop1: detected capacity change from 0 to 40427
[  257.550454][ T4719] syz.2.1172: attempt to access beyond end of device
[  257.550454][ T4719] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  257.564192][ T4719] syz.2.1172: attempt to access beyond end of device
[  257.564192][ T4719] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  257.577858][ T4719] syz.2.1172: attempt to access beyond end of device
[  257.577858][ T4719] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  257.591526][ T4719] syz.2.1172: attempt to access beyond end of device
[  257.591526][ T4719] loop2: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  257.593261][ T4743] F2FS-fs (loop1): Found nat_bits in checkpoint
[  257.671868][ T4755] netlink: 45349 bytes leftover after parsing attributes in process `syz.3.1180'.
[  257.835350][ T4743] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  258.172137][ T4763] netlink: 25 bytes leftover after parsing attributes in process `syz.4.1181'.
[  258.183922][ T4763] device 
01猉功D龌 entered promiscuous mode
[  258.546241][ T4767] loop3: detected capacity change from 0 to 512
[  258.553440][ T4767] EXT4-fs: Ignoring removed orlov option
[  258.559194][ T4767] EXT4-fs: Ignoring removed mblk_io_submit option
[  258.583160][ T4767] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2196: inode #15: comm syz.3.1184: corrupted in-inode xattr
[  258.595566][ T4767] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1184: couldn't read orphan inode 15 (err -117)
[  258.607942][ T4767] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  258.641391][  T282] EXT4-fs (loop3): unmounting filesystem.
[  258.959391][ T3008] usb 4-1: new full-speed USB device number 26 using dummy_hcd
[  259.017092][ T4780] loop0: detected capacity change from 0 to 128
[  259.263799][ T3008] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  259.317047][ T3008] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  259.332011][ T3008] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  259.349381][ T3008] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  259.364402][ T3008] usb 4-1: Product: syz
[  259.371941][ T3008] usb 4-1: Manufacturer: syz
[  259.386297][ T3008] hub 4-1:4.0: USB hub found
[  259.408582][ T4785] loop1: detected capacity change from 0 to 512
[  259.415467][ T4785] EXT4-fs: Ignoring removed orlov option
[  259.421173][ T4785] EXT4-fs: Ignoring removed mblk_io_submit option
[  259.433019][ T4785] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2196: inode #15: comm syz.1.1190: corrupted in-inode xattr
[  259.445722][ T4785] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1190: couldn't read orphan inode 15 (err -117)
[  259.458232][ T4785] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  259.633951][ T4771] loop3: detected capacity change from 0 to 128
[  259.672294][ T4771] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  259.681308][ T4771] ext4 filesystem being mounted at /248/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  259.802735][  T283] EXT4-fs (loop1): unmounting filesystem.
[  259.911855][ T4793] netlink: 45349 bytes leftover after parsing attributes in process `syz.1.1192'.
[  260.314447][ T3008] hub 4-1:4.0: config failed, can't read hub descriptor (err -22)
[  260.357227][ T3008] usb 4-1: USB disconnect, device number 26
[  260.427727][ T4805] netlink: 45349 bytes leftover after parsing attributes in process `syz.1.1194'.
[  260.812048][  T434] usb 5-1: new full-speed USB device number 28 using dummy_hcd
[  260.909967][  T282] EXT4-fs (loop3): unmounting filesystem.
[  260.980131][ T4816] loop3: detected capacity change from 0 to 128
[  261.008155][  T434] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  261.023956][  T434] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  261.035515][  T434] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  261.044882][  T434] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  261.053776][  T434] usb 5-1: Product: syz
[  261.058041][  T434] usb 5-1: Manufacturer: syz
[  261.073604][  T537] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  261.087880][  T434] hub 5-1:4.0: USB hub found
[  261.287030][   T28] audit: type=1400 audit(1769234593.161:389): avc:  denied  { read } for  pid=4815 comm="syz.3.1201" name="loop-control" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  261.338410][   T28] audit: type=1400 audit(1769234593.161:390): avc:  denied  { open } for  pid=4815 comm="syz.3.1201" path="/dev/loop-control" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  261.730453][  T537] usb 3-1: unable to get BOS descriptor or descriptor too short
[  261.751417][  T434] hub 5-1:4.0: 2 ports detected
[  261.762007][   T28] audit: type=1400 audit(1769234593.161:391): avc:  denied  { ioctl } for  pid=4815 comm="syz.3.1201" path="/dev/loop-control" dev="devtmpfs" ino=117 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  261.795307][  T537] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  261.821365][ T4821] loop1: detected capacity change from 0 to 512
[  261.827761][  T537] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  261.868157][ T4821] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  262.004128][  T537] usb 3-1: config 1 has no interface number 1
[  262.033989][ T4821] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2196: inode #15: comm syz.1.1202: corrupted in-inode xattr
[  262.055801][  T537] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  262.146576][ T4827] loop4: detected capacity change from 0 to 128
[  262.153693][ T4821] EXT4-fs (loop1): 1 orphan inode deleted
[  262.160140][ T4821] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  262.237036][ T4827] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  262.278503][ T4827] ext4 filesystem being mounted at /247/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  262.400602][  T537] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  262.415082][  T537] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  262.424201][  T537] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.432271][  T537] usb 3-1: Product: syz
[  262.436459][  T537] usb 3-1: Manufacturer: syz
[  262.441109][  T537] usb 3-1: SerialNumber: syz
[  262.661212][ T4839] loop3: detected capacity change from 0 to 512
[  262.669147][ T4839] EXT4-fs: Ignoring removed i_version option
[  262.675243][ T4839] EXT4-fs: Ignoring removed bh option
[  262.681305][ T4839] EXT4-fs: Ignoring removed mblk_io_submit option
[  262.808354][ T4839] EXT4-fs (loop3): Test dummy encryption mode enabled
[  262.815261][ T4839] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  262.831353][ T4839] EXT4-fs (loop3): 1 truncate cleaned up
[  262.837081][ T4839] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  262.872467][ T4833] Invalid ELF header magic: != ELF
[  262.925567][  T434] hub 5-1:4.0: hub_hub_status failed (err = -71)
[  262.934115][  T434] hub 5-1:4.0: config failed, can't get hub status (err -71)
[  262.979447][  T434] usb 5-1: USB disconnect, device number 28
[  263.165149][  T283] EXT4-fs (loop1): unmounting filesystem.
[  263.429041][  T282] EXT4-fs (loop3): unmounting filesystem.
[  263.657999][ T4852] syz_tun: refused to change device tx_queue_len
[  263.672690][ T4852] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  263.689973][   T10] bridge0: port 3(syz_tun) entered disabled state
[  263.699478][ T4852] syz_tun: refused to change device tx_queue_len
[  263.705994][ T4852] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  263.747315][  T285] EXT4-fs (loop4): unmounting filesystem.
[  263.848083][ T4860] netlink: 45349 bytes leftover after parsing attributes in process `syz.4.1211'.
[  263.866636][ T4860] 0猉功D龌: renamed from 
01猉功D龌
[  263.873431][ T4860] device 
00猉功D龌 left promiscuous mode
[  264.323107][ T4866] netlink: 25 bytes leftover after parsing attributes in process `syz.4.1213'.
[  264.783498][ T4866] device 
00猉功D龌 entered promiscuous mode
[  264.790785][ T4863] netlink: 45349 bytes leftover after parsing attributes in process `syz.4.1213'.
[  264.800461][ T4863] 1猉功D龌: renamed from 
00猉功D龌
[  264.806407][  T537] usb 3-1: 2:1 : no UAC_FORMAT_TYPE desc
[  264.814210][ T4863] device 
01猉功D龌 left promiscuous mode
[  264.830453][ T4871] loop1: detected capacity change from 0 to 1024
[  264.843783][ T4871] EXT4-fs: Ignoring removed orlov option
[  264.856866][  T537] usb 3-1: USB disconnect, device number 35
[  266.058791][  T334] udevd[334]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  266.075108][ T4871] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  266.172360][ T4889] netlink: 25 bytes leftover after parsing attributes in process `syz.4.1220'.
[  266.181808][ T4889] device 
01猉功D龌 entered promiscuous mode
[  266.211926][ T4889] netlink: 45349 bytes leftover after parsing attributes in process `syz.4.1220'.
[  266.221597][ T4889] 0猉功D龌: renamed from 
01猉功D龌
[  266.230903][ T4889] device 
00猉功D龌 left promiscuous mode
[  266.504859][ T4870] loop2: detected capacity change from 0 to 40427
[  266.570231][ T4870] F2FS-fs (loop2): Found nat_bits in checkpoint
[  266.640922][ T4870] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  266.674304][ T4901] Zero length message leads to an empty skb
[  266.681142][   T28] audit: type=1400 audit(1769234598.173:392): avc:  denied  { accept } for  pid=4900 comm="syz.0.1224" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  266.809585][ T4897] loop4: detected capacity change from 0 to 40427
[  266.818081][   T19] usb 4-1: new full-speed USB device number 27 using dummy_hcd
[  266.847488][ T4897] F2FS-fs (loop4): Found nat_bits in checkpoint
[  266.933027][ T4910] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1225'.
[  266.942755][ T4910] device 
00猉功D龌 entered promiscuous mode
[  267.052345][ T4897] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  267.248653][   T19] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  267.269257][   T19] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  267.291127][   T19] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  267.300269][   T19] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  267.315727][   T19] usb 4-1: Product: syz
[  267.323398][   T19] usb 4-1: Manufacturer: syz
[  267.335493][   T19] hub 4-1:4.0: USB hub found
[  267.364655][ T4897] bio_check_eod: 26411 callbacks suppressed
[  267.364694][ T4897] syz.4.1223: attempt to access beyond end of device
[  267.364694][ T4897] loop4: rw=2049, sector=77824, nr_sectors = 2072 limit=40427
[  267.399579][  T283] EXT4-fs (loop1): unmounting filesystem.
[  267.486327][  T286] syz-executor: attempt to access beyond end of device
[  267.486327][  T286] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  267.502957][ T4897] syz.4.1223: attempt to access beyond end of device
[  267.502957][ T4897] loop4: rw=2049, sector=79896, nr_sectors = 2024 limit=40427
[  267.547981][ T4897] syz.4.1223: attempt to access beyond end of device
[  267.547981][ T4897] loop4: rw=2049, sector=49152, nr_sectors = 3456 limit=40427
[  267.558486][   T19] hub 4-1:4.0: 2 ports detected
[  267.913735][ T4917] loop3: detected capacity change from 0 to 128
[  268.014895][ T4917] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  268.034800][ T4897] syz.4.1223: attempt to access beyond end of device
[  268.034800][ T4897] loop4: rw=2049, sector=52608, nr_sectors = 640 limit=40427
[  268.061299][ T4897] syz.4.1223: attempt to access beyond end of device
[  268.061299][ T4897] loop4: rw=2049, sector=57344, nr_sectors = 2704 limit=40427
[  268.090656][ T4897] syz.4.1223: attempt to access beyond end of device
[  268.090656][ T4897] loop4: rw=2049, sector=60048, nr_sectors = 3912 limit=40427
[  268.107934][ T4897] syz.4.1223: attempt to access beyond end of device
[  268.107934][ T4897] loop4: rw=2049, sector=63960, nr_sectors = 624 limit=40427
[  268.122469][ T4917] ext4 filesystem being mounted at /258/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  268.775509][   T19] hub 4-1:4.0: hub_hub_status failed (err = -71)
[  268.786330][   T19] hub 4-1:4.0: config failed, can't get hub status (err -71)
[  268.820641][ T4924] loop2: detected capacity change from 0 to 40427
[  268.840937][   T19] usb 4-1: USB disconnect, device number 27
[  268.860053][ T4924] F2FS-fs (loop2): Found nat_bits in checkpoint
[  268.868373][ T4936] loop1: detected capacity change from 0 to 1024
[  268.889879][ T4936] EXT4-fs: Ignoring removed orlov option
[  268.913731][  T285] syz-executor: attempt to access beyond end of device
[  268.913731][  T285] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  268.936817][ T4924] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  268.970990][ T4936] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  269.229662][ T4941] syz.2.1227: attempt to access beyond end of device
[  269.229662][ T4941] loop2: rw=2049, sector=77824, nr_sectors = 4032 limit=40427
[  269.245938][ T4940] overlayfs: missing 'lowerdir'
[  269.254052][   T28] audit: type=1400 audit(1769234600.555:393): avc:  denied  { accept } for  pid=4950 comm="syz.0.1235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  269.350925][ T4953] loop4: detected capacity change from 0 to 512
[  269.416688][ T4953] EXT4-fs: Mount option(s) incompatible with ext2
[  269.645299][  T282] EXT4-fs (loop3): unmounting filesystem.
[  269.709469][  T283] EXT4-fs (loop1): unmounting filesystem.
[  269.802391][ T4962] loop1: detected capacity change from 0 to 512
[  269.815630][   T28] audit: type=1400 audit(1769234601.071:394): avc:  denied  { mounton } for  pid=4961 comm="syz.1.1238" path="/256/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[  269.815793][ T4962] EXT4-fs: Ignoring removed nobh option
[  269.881741][ T4962] EXT4-fs (loop1): 1 orphan inode deleted
[  269.897563][ T4962] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  269.937247][ T4962] EXT4-fs (loop1): unmounting filesystem.
[  270.099131][ T4969] loop4: detected capacity change from 0 to 512
[  270.105859][ T4969] EXT4-fs: Ignoring removed orlov option
[  270.112131][ T4969] EXT4-fs: Ignoring removed mblk_io_submit option
[  270.123471][ T4969] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2196: inode #15: comm syz.4.1239: corrupted in-inode xattr
[  270.135675][ T4969] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1239: couldn't read orphan inode 15 (err -117)
[  270.147905][ T4969] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  270.181559][  T285] EXT4-fs (loop4): unmounting filesystem.
[  271.219398][ T4989] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1244'.
[  271.229021][ T4989] device 
01猉功D龌 entered promiscuous mode
[  271.596522][ T4987] loop4: detected capacity change from 0 to 40427
[  271.608178][ T4987] F2FS-fs (loop4): Found nat_bits in checkpoint
[  271.643203][ T4987] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  271.710698][ T5001] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1247'.
[  271.720210][ T5001] device 
00猉功D龌 entered promiscuous mode
[  271.757473][ T5001] netlink: 45349 bytes leftover after parsing attributes in process `syz.2.1247'.
[  271.767197][ T5001] 1猉功D龌: renamed from 
00猉功D龌
[  271.776708][ T5001] device 
01猉功D龌 left promiscuous mode
[  271.906333][   T24] usb 1-1: new full-speed USB device number 32 using dummy_hcd
[  272.021121][ T5006] loop3: detected capacity change from 0 to 512
[  272.028401][ T5006] EXT4-fs: Ignoring removed orlov option
[  272.034098][ T5006] EXT4-fs: Ignoring removed mblk_io_submit option
[  272.045950][ T5006] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2196: inode #15: comm syz.3.1250: corrupted in-inode xattr
[  272.058301][ T5006] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1250: couldn't read orphan inode 15 (err -117)
[  272.070802][ T5006] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  272.086984][  T282] EXT4-fs (loop3): unmounting filesystem.
[  272.158117][   T24] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  272.169231][   T24] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  272.180469][   T24] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  272.195181][   T24] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  272.210332][   T24] usb 1-1: Product: syz
[  272.215951][   T24] usb 1-1: Manufacturer: syz
[  272.225542][   T24] hub 1-1:4.0: USB hub found
[  272.347889][ T5012] loop3: detected capacity change from 0 to 512
[  272.356459][ T5012] EXT4-fs: Ignoring removed i_version option
[  272.362580][ T5012] EXT4-fs: Ignoring removed bh option
[  272.368651][ T5012] EXT4-fs: Ignoring removed mblk_io_submit option
[  272.527203][ T5012] EXT4-fs (loop3): Test dummy encryption mode enabled
[  272.534047][ T5012] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  272.544751][   T24] hub 1-1:4.0: 2 ports detected
[  272.558498][ T5012] EXT4-fs (loop3): 1 truncate cleaned up
[  272.564177][ T5012] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  272.671695][ T5016] netlink: 'syz.2.1252': attribute type 13 has an invalid length.
[  272.679654][ T5016] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1252'.
[  272.690624][ T5015] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1252'.
[  272.827494][ T5022] FAULT_INJECTION: forcing a failure.
[  272.827494][ T5022] name failslab, interval 1, probability 0, space 0, times 0
[  272.840341][ T5022] CPU: 0 PID: 5022 Comm: syz.4.1253 Tainted: G        W          syzkaller #0
[  272.849238][ T5022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  272.859332][ T5022] Call Trace:
[  272.862640][ T5022]  <TASK>
[  272.865595][ T5022]  __dump_stack+0x21/0x24
[  272.869949][ T5022]  dump_stack_lvl+0x110/0x170
[  272.874655][ T5022]  ? __cfi_dump_stack_lvl+0x8/0x8
[  272.879712][ T5022]  dump_stack+0x15/0x24
[  272.883905][ T5022]  should_fail_ex+0x3d4/0x520
[  272.888616][ T5022]  ? vm_area_dup+0x27/0x280
[  272.893165][ T5022]  __should_failslab+0xac/0xf0
[  272.897968][ T5022]  should_failslab+0x9/0x20
[  272.902506][ T5022]  kmem_cache_alloc+0x3b/0x330
[  272.907302][ T5022]  ? mas_next_slot+0xa45/0xa80
[  272.912085][ T5022]  vm_area_dup+0x27/0x280
[  272.916441][ T5022]  ? __split_vma+0x1c3/0x980
[  272.921066][ T5022]  __split_vma+0x1d9/0x980
[  272.925512][ T5022]  ? mas_find+0x155/0x370
[  272.929867][ T5022]  do_mas_align_munmap+0x781/0x1320
[  272.935104][ T5022]  ? do_mas_munmap+0x2b0/0x2b0
[  272.939904][ T5022]  ? mas_find+0x307/0x370
[  272.944262][ T5022]  do_mas_munmap+0x241/0x2b0
[  272.948889][ T5022]  mmap_region+0x8ba/0x21e0
[  272.953431][ T5022]  ? avc_has_perm+0x163/0x250
[  272.958147][ T5022]  ? __cfi_mmap_region+0x10/0x10
[  272.963115][ T5022]  ? __kasan_check_read+0x11/0x20
[  272.968185][ T5022]  ? cap_mmap_addr+0x165/0x2e0
[  272.972981][ T5022]  ? __cfi_arch_get_unmapped_area_topdown+0x10/0x10
[  272.979605][ T5022]  ? get_unmapped_area+0x313/0x380
[  272.984750][ T5022]  do_mmap+0x856/0xdd0
[  272.988848][ T5022]  ? __cfi_do_mmap+0x10/0x10
[  272.993471][ T5022]  vm_mmap_pgoff+0x224/0x410
[  272.998090][ T5022]  ? __cfi_vm_mmap_pgoff+0x10/0x10
[  273.003215][ T5022]  ? __kasan_check_write+0x14/0x20
[  273.008355][ T5022]  ? fput+0x154/0x1a0
[  273.012360][ T5022]  ? ksys_write+0x1f4/0x250
[  273.016906][ T5022]  ksys_mmap_pgoff+0xf6/0x1d0
[  273.021616][ T5022]  __x64_sys_mmap+0xfa/0x110
[  273.026231][ T5022]  x64_sys_call+0x8fd/0x9a0
[  273.030757][ T5022]  do_syscall_64+0x4c/0xa0
[  273.035220][ T5022]  ? clear_bhb_loop+0x30/0x80
[  273.039960][ T5022]  ? clear_bhb_loop+0x30/0x80
[  273.044670][ T5022]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  273.050593][ T5022] RIP: 0033:0x7f6a2bd9acb9
[  273.055030][ T5022] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  273.074665][ T5022] RSP: 002b:00007f6a2cb70028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  273.083126][ T5022] RAX: ffffffffffffffda RBX: 00007f6a2c015fa0 RCX: 00007f6a2bd9acb9
[  273.091133][ T5022] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000200000000000
[  273.099161][ T5022] RBP: 00007f6a2cb70090 R08: ffffffffffffffff R09: 0000000000000000
[  273.107239][ T5022] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000001
[  273.115295][ T5022] R13: 00007f6a2c016038 R14: 00007f6a2c015fa0 R15: 00007ffcc109f558
[  273.123297][ T5022]  </TASK>
[  273.168758][  T282] EXT4-fs (loop3): unmounting filesystem.
[  273.194622][ T5026] loop2: detected capacity change from 0 to 512
[  274.878334][   T24] hub 1-1:4.0: hub_hub_status failed (err = -32)
[  274.884759][   T24] hub 1-1:4.0: config failed, can't get hub status (err -32)
[  274.892332][ T5026] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.1254: inode has both inline data and extents flags
[  274.909622][ T5026] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1254: couldn't read orphan inode 15 (err -117)
[  274.923670][ T5026] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  287.937160][   T28] audit: type=1400 audit(1769234617.787:395): avc:  denied  { mounton } for  pid=5032 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  296.673391][   T16] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { P5021 } 2162 jiffies s: 10349 root: 0x0/T
[  296.685215][   T16] rcu: blocking rcu_node structures (internal RCU debug):
[  368.038390][   T16] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { P5021 } 8749 jiffies s: 10349 root: 0x0/T
[  368.179271][   T16] rcu: blocking rcu_node structures (internal RCU debug):
[  381.602801][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  381.609793][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5021
[  381.617102][    C1] 	(detected by 1, t=10002 jiffies, g=33001, q=2026 ncpus=2)
[  381.624484][    C1] task:syz.4.1253      state:R  running task     stack:26208 pid:5021  ppid:285    flags:0x00004004
[  381.635289][    C1] Call Trace:
[  381.638596][    C1]  <TASK>
[  381.641546][    C1]  __schedule+0xbae/0x1500
[  381.645995][    C1]  ? irqentry_exit+0x37/0x40
[  381.650605][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  381.656787][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  381.662968][    C1]  ? mas_state_walk+0x79b/0xa60
[  381.667833][    C1]  ? mas_state_walk+0x976/0xa60
[  381.672695][    C1]  ? mas_state_walk+0x79b/0xa60
[  381.677646][    C1]  ? __kasan_check_read+0x11/0x20
[  381.682684][    C1]  ? down_read_trylock+0x27f/0x660
[  381.687817][    C1]  ? mas_walk+0x20e/0x260
[  381.692158][    C1]  ? lock_vma_under_rcu+0x330/0x4f0
[  381.697381][    C1]  ? __cfi_lock_vma_under_rcu+0x10/0x10
[  381.702948][    C1]  ? __this_cpu_preempt_check+0x13/0x20
[  381.708528][    C1]  ? xfd_validate_state+0x70/0x150
[  381.713658][    C1]  ? do_user_addr_fault+0x2fc/0x1050
[  381.718966][    C1]  ? exc_page_fault+0x51/0xb0
[  381.723699][    C1]  ? asm_exc_page_fault+0x27/0x30
[  381.728745][    C1]  </TASK>
[  421.136964][   T29] INFO: task syz-executor:283 blocked for more than 123 seconds.
[  421.144742][   T29]       Tainted: G        W          syzkaller #0
[  421.151347][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  421.160182][   T29] task:syz-executor    state:D stack:22272 pid:283   ppid:1      flags:0x00004004
[  421.169448][   T29] Call Trace:
[  421.172750][   T29]  <TASK>
[  421.175703][   T29]  __schedule+0xba6/0x1500
[  421.180152][   T29]  ? __kasan_check_write+0x14/0x20
[  421.185344][   T29]  ? release_firmware_map_entry+0x190/0x190
[  421.191325][   T29]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[  421.197186][   T29]  ? prepare_to_wait_event+0x40b/0x440
[  421.212786][   T29]  schedule+0xbd/0x170
[  421.217178][   T29]  synchronize_rcu_expedited+0x773/0x880
[  421.222848][   T29]  ? __cfi_synchronize_rcu_expedited+0x10/0x10
[  421.245347][   T29]  ? debug_smp_processor_id+0x17/0x20
[  421.251189][   T29]  ? kasan_quarantine_put+0x34/0x190
[  421.266947][   T29]  ? __cfi_wait_rcu_exp_gp+0x10/0x10
[  422.226018][   T29]  ? ____kasan_slab_free+0x13d/0x180
[  422.231925][   T29]  ? __kasan_slab_free+0x11/0x20
[  422.236890][   T29]  ? slab_free_freelist_hook+0xc2/0x190
[  422.242726][   T29]  ? __put_mountpoint+0x1c5/0x220
[  422.247775][   T29]  ? __cfi_autoremove_wake_function+0x10/0x10
[  422.254353][   T29]  ? shrink_dentry_list+0x4e4/0x500
[  422.259580][   T29]  namespace_unlock+0x23f/0x430
[  422.265822][   T29]  ? umount_tree+0xdd4/0xe30
[  422.270452][   T29]  ? umount_tree+0xe30/0xe30
[  422.285362][   T29]  ? umount_mnt+0x310/0x310
[  422.289921][   T29]  path_umount+0xee8/0xf60
[  422.294365][   T29]  ? __kasan_slab_free+0x11/0x20
[  422.328711][   T29]  ? __cfi_path_umount+0x10/0x10
[  422.333860][   T29]  ? user_path_at_empty+0x161/0x1c0
[  422.339087][   T29]  __x64_sys_umount+0x12d/0x170
[  423.325471][   T29]  ? __cfi___x64_sys_umount+0x10/0x10
[  423.330927][   T29]  ? fpregs_assert_state_consistent+0xb1/0xe0
[  423.357963][   T29]  x64_sys_call+0x86a/0x9a0
[  423.362576][   T29]  do_syscall_64+0x4c/0xa0
[  423.367010][   T29]  ? clear_bhb_loop+0x30/0x80
[  423.379619][   T29]  ? clear_bhb_loop+0x30/0x80
[  423.384363][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  423.390298][   T29] RIP: 0033:0x7fbfd879bf17
[  423.399256][   T29] RSP: 002b:00007ffeac569748 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  423.407879][   T29] RAX: ffffffffffffffda RBX: 00007fbfd880471f RCX: 00007fbfd879bf17
[  423.416257][   T29] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffeac569800
[  423.424311][   T29] RBP: 00007ffeac569800 R08: 00007ffeac56a800 R09: 00000000ffffffff
[  423.432305][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffeac56a890
[  424.387386][   T29] R13: 00007fbfd880471f R14: 0000000000000005 R15: 00007ffeac56a8d0
[  424.395509][   T29]  </TASK>
[  424.398771][   T29] INFO: task syz.0.1248:4992 blocked for more than 126 seconds.
[  424.406482][   T29]       Tainted: G        W          syzkaller #0
[  424.413012][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  424.421742][   T29] task:syz.0.1248      state:D stack:25920 pid:4992  ppid:284    flags:0x00004004
[  424.431024][   T29] Call Trace:
[  424.434328][   T29]  <TASK>
[  424.437269][   T29]  __schedule+0xba6/0x1500
[  424.441781][   T29]  ? release_firmware_map_entry+0x190/0x190
[  424.447698][   T29]  ? __mutex_add_waiter+0x180/0x280
[  424.452940][   T29]  ? __kasan_check_write+0x14/0x20
[  424.458068][   T29]  ? trace_contention_begin+0xa0/0xa0
[  424.464687][   T29]  ? __kasan_check_write+0x14/0x20
[  424.469844][   T29]  schedule+0xbd/0x170
[  424.473943][   T29]  schedule_preempt_disabled+0x13/0x20
[  424.479464][   T29]  __mutex_lock+0x82f/0x1790
[  424.484066][   T29]  ? __ww_mutex_lock_interruptible_slowpath+0x20/0x20
[  424.490870][   T29]  ? 0xffffffffa0004e80
[  424.495033][   T29]  ? is_bpf_text_address+0x177/0x190
[  424.500386][   T29]  ? kernel_text_address+0xa0/0xd0
[  424.505521][   T29]  __mutex_lock_slowpath+0xe/0x10
[  424.510633][   T29]  mutex_lock+0x10a/0x1b0
[  424.514977][   T29]  ? __cfi_mutex_lock+0x10/0x10
[  424.519995][   T29]  synchronize_rcu_expedited+0x316/0x880
[  424.525680][   T29]  ? __cfi_synchronize_rcu_expedited+0x10/0x10
[  424.532014][   T29]  ? 0xffffffffa0004e80
[  424.536177][   T29]  ? is_bpf_text_address+0x177/0x190
[  425.481768][   T29]  ? kernel_text_address+0xa0/0xd0
[  425.486964][   T29]  ? __kernel_text_address+0xd/0x30
[  425.492233][   T29]  ? __kasan_check_read+0x11/0x20
[  425.497332][   T29]  synchronize_net+0x28/0x40
[  425.501921][   T29]  dev_deactivate_many+0x6b6/0xbc0
[  425.507140][   T29]  ? __kasan_check_read+0x11/0x20
[  425.512223][   T29]  __dev_close_many+0x21c/0x360
[  425.517266][   T29]  ? dev_close_many+0x4d0/0x4d0
[  425.522240][   T29]  ? kasan_save_stack+0x4c/0x60
[  425.527170][   T29]  ? kasan_save_stack+0x3a/0x60
[  425.532032][   T29]  ? __kasan_record_aux_stack+0xb6/0xc0
[  425.537627][   T29]  ? kasan_record_aux_stack_noalloc+0xb/0x10
[  425.543652][   T29]  dev_close_many+0x21e/0x4d0
[  425.548370][   T29]  ? do_syscall_64+0x58/0xa0
[  425.552968][   T29]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  425.559104][   T29]  ? __cfi_dev_close_many+0x10/0x10
[  425.564346][   T29]  ? __kasan_check_read+0x11/0x20
[  425.569393][   T29]  unregister_netdevice_many+0x44f/0x18e0
[  425.575139][   T29]  ? __cfi_unregister_netdevice_many+0x10/0x10
[  425.581326][   T29]  ? __cfi_locks_remove_file+0x10/0x10
[  425.586885][   T29]  ? __kasan_check_read+0x11/0x20
[  425.592155][   T29]  unregister_netdevice_queue+0x324/0x370
[  425.597917][   T29]  ? __kasan_check_write+0x14/0x20
[  425.603074][   T29]  ? mutex_lock+0x93/0x1b0
[  425.607524][   T29]  ? __cfi_unregister_netdevice_queue+0x10/0x10
[  426.554643][   T29]  ppp_release+0xef/0x1f0
[  426.559075][   T29]  ? __cfi_ppp_release+0x10/0x10
[  426.564070][   T29]  __fput+0x1fc/0x8f0
[  426.568138][   T29]  ____fput+0x15/0x20
[  426.572135][   T29]  task_work_run+0x1e1/0x250
[  426.576840][   T29]  ? __cfi_task_work_run+0x10/0x10
[  426.581995][   T29]  ? __cfi___close_range+0x10/0x10
[  426.587149][   T29]  ? handle_softirqs+0x543/0x600
[  426.592100][   T29]  exit_to_user_mode_loop+0x9b/0xb0
[  426.597293][   T29]  exit_to_user_mode_prepare+0x87/0xd0
[  426.602876][   T29]  syscall_exit_to_user_mode+0x1a/0x30
[  426.608371][   T29]  do_syscall_64+0x58/0xa0
[  426.612787][   T29]  ? clear_bhb_loop+0x30/0x80
[  426.617479][   T29]  ? clear_bhb_loop+0x30/0x80
[  426.622255][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  426.628168][   T29] RIP: 0033:0x7f097fb9acb9
[  426.632614][   T29] RSP: 002b:00007ffdb311d838 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  426.641074][   T29] RAX: 0000000000000000 RBX: 00007f097fe17da0 RCX: 00007f097fb9acb9
[  426.649043][   T29] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  426.657053][   T29] RBP: 00007f097fe17da0 R08: 0000000000000006 R09: 0000000000000000
[  426.665088][   T29] R10: 00000000003ff978 R11: 0000000000000246 R12: 000000000003ef34
[  426.673083][   T29] R13: 00007f097fe15fac R14: 000000000003e337 R15: 00007ffdb311d940
[  426.681088][   T29]  </TASK>
[  427.637771][   T29] INFO: task syz.2.1254:5017 blocked for more than 129 seconds.
[  427.645485][   T29]       Tainted: G        W          syzkaller #0
[  427.652062][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  427.660797][   T29] task:syz.2.1254      state:D stack:24960 pid:5017  ppid:286    flags:0x00004004
[  427.670073][   T29] Call Trace:
[  427.673363][   T29]  <TASK>
[  427.676288][   T29]  __schedule+0xba6/0x1500
[  427.680713][   T29]  ? __cfi___switch_to+0x10/0x10
[  427.685767][   T29]  ? release_firmware_map_entry+0x190/0x190
[  427.691696][   T29]  ? finish_task_switch+0x209/0x7b0
[  427.696906][   T29]  ? __switch_to_asm+0x3a/0x60
[  427.701697][   T29]  schedule+0xbd/0x170
[  427.705862][   T29]  schedule_timeout+0xba/0x340
[  427.710673][   T29]  ? __cfi_schedule_timeout+0x10/0x10
[  427.716075][   T29]  ? check_preempt_wakeup+0x5ca/0xbe0
[  427.721459][   T29]  wait_for_common+0x365/0x640
[  427.726306][   T29]  ? __cfi_preempt_schedule+0x10/0x10
[  427.731718][   T29]  ? wait_for_completion+0x20/0x20
[  427.736941][   T29]  ? try_to_wake_up+0x6b8/0x1220
[  427.741914][   T29]  wait_for_completion+0x18/0x20
[  427.746895][   T29]  kthread_stop+0x113/0x3f0
[  427.751418][   T29]  kvm_mmu_pre_destroy_vm+0x48/0x60
[  427.756654][   T29]  kvm_arch_pre_destroy_vm+0x15/0x20
[  427.761980][   T29]  kvm_put_kvm+0x365/0x1450
[  427.766482][   T29]  kvm_vm_release+0x46/0x50
[  427.771198][   T29]  ? __cfi_kvm_vm_release+0x10/0x10
[  427.776435][   T29]  __fput+0x1fc/0x8f0
[  427.780647][   T29]  ____fput+0x15/0x20
[  427.784659][   T29]  task_work_run+0x1e1/0x250
[  428.720992][   T29]  ? __cfi_task_work_run+0x10/0x10
[  428.726308][   T29]  ? __cfi___close_range+0x10/0x10
[  428.731525][   T29]  exit_to_user_mode_loop+0x9b/0xb0
[  428.736789][   T29]  exit_to_user_mode_prepare+0x87/0xd0
[  428.742283][   T29]  syscall_exit_to_user_mode+0x1a/0x30
[  428.747836][   T29]  do_syscall_64+0x58/0xa0
[  428.752266][   T29]  ? clear_bhb_loop+0x30/0x80
[  428.756984][   T29]  ? clear_bhb_loop+0x30/0x80
[  428.761693][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  428.767656][   T29] RIP: 0033:0x7fbf7a39acb9
[  428.772080][   T29] RSP: 002b:00007ffdf1f6b5c8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  428.780516][   T29] RAX: 0000000000000000 RBX: 00007fbf7a617da0 RCX: 00007fbf7a39acb9
[  428.788528][   T29] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  428.796502][   T29] RBP: 00007fbf7a617da0 R08: 0000000000000006 R09: 0000000000000000
[  428.804714][   T29] R10: 00007fbf7a617cb0 R11: 0000000000000246 R12: 000000000003ee37
[  428.812919][   T29] R13: 00007fbf7a61618c R14: 000000000003ea62 R15: 00007ffdf1f6b6d0
[  428.820974][   T29]  </TASK>
[  428.824004][   T29] INFO: task syz.2.1254:5025 blocked for more than 130 seconds.
[  428.831689][   T29]       Tainted: G        W          syzkaller #0
[  428.838103][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  428.846874][   T29] task:syz.2.1254      state:D stack:25056 pid:5025  ppid:286    flags:0x00004004
[  429.804494][   T29] Call Trace:
[  429.807849][   T29]  <TASK>
[  429.810819][   T29]  __schedule+0xba6/0x1500
[  429.815283][   T29]  ? memcpy+0x56/0x70
[  429.819292][   T29]  ? release_firmware_map_entry+0x190/0x190
[  429.825212][   T29]  ? __mutex_add_waiter+0x180/0x280
[  429.830466][   T29]  ? __kasan_check_write+0x14/0x20
[  429.835591][   T29]  ? trace_contention_begin+0xa0/0xa0
[  429.841016][   T29]  schedule+0xbd/0x170
[  429.845116][   T29]  schedule_preempt_disabled+0x13/0x20
[  429.850631][   T29]  __mutex_lock+0x82f/0x1790
[  429.855241][   T29]  ? __ww_mutex_lock_interruptible_slowpath+0x20/0x20
[  429.862026][   T29]  ? futex_wait+0x4c9/0x7e0
[  429.866538][   T29]  ? __cfi_futex_wait+0x10/0x10
[  429.871431][   T29]  ? ioctl_has_perm+0x3a6/0x4f0
[  429.876300][   T29]  ? has_cap_mac_admin+0x370/0x370
[  429.881442][   T29]  __mutex_lock_slowpath+0xe/0x10
[  429.886486][   T29]  mutex_lock+0x10a/0x1b0
[  429.890817][   T29]  ? __cfi_mutex_lock+0x10/0x10
[  429.895707][   T29]  ? dev_get_by_name_rcu+0xe5/0x130
[  429.900914][   T29]  rtnl_lock+0x15/0x20
[  429.905003][   T29]  dev_ioctl+0x5e1/0xd10
[  429.909266][   T29]  sock_ioctl+0x698/0x720
[  429.913642][   T29]  ? __cfi_sock_ioctl+0x10/0x10
[  429.918512][   T29]  ? security_file_ioctl+0x95/0xc0
[  429.924084][   T29]  ? __cfi_sock_ioctl+0x10/0x10
[  429.929055][   T29]  __se_sys_ioctl+0x12f/0x1b0
[  429.933761][   T29]  __x64_sys_ioctl+0x7b/0x90
[  430.888262][   T29]  x64_sys_call+0x58b/0x9a0
[  430.892977][   T29]  do_syscall_64+0x4c/0xa0
[  430.897455][   T29]  ? clear_bhb_loop+0x30/0x80
[  430.902174][   T29]  ? clear_bhb_loop+0x30/0x80
[  430.906852][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  430.912873][   T29] RIP: 0033:0x7fbf7a39acb9
[  430.917298][   T29] RSP: 002b:00007fbf7b18e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  430.925757][   T29] RAX: ffffffffffffffda RBX: 00007fbf7a616180 RCX: 00007fbf7a39acb9
[  430.933774][   T29] RDX: 0000200000000080 RSI: 00000000000089f0 RDI: 0000000000000003
[  430.941748][   T29] RBP: 00007fbf7a408bf7 R08: 0000000000000000 R09: 0000000000000000
[  430.949749][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  430.957792][   T29] R13: 00007fbf7a616218 R14: 00007fbf7a616180 R15: 00007ffdf1f6b468
[  430.965825][   T29]  </TASK>
[  430.968849][   T29] INFO: task kvm-nx-lpage-re:5019 blocked for more than 132 seconds.
[  430.976970][   T29]       Tainted: G        W          syzkaller #0
[  430.983384][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  430.992065][   T29] task:kvm-nx-lpage-re state:D stack:29600 pid:5019  ppid:2      flags:0x00024000
[  431.001306][   T29] Call Trace:
[  431.004573][   T29]  <TASK>
[  431.007529][   T29]  __schedule+0xba6/0x1500
[  431.011973][   T29]  ? __kasan_check_write+0x14/0x20
[  431.017081][   T29]  ? release_firmware_map_entry+0x190/0x190
[  431.023137][   T29]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[  431.029061][   T29]  ? prepare_to_wait_event+0x40b/0x440
[  431.034543][   T29]  schedule+0xbd/0x170
[  431.038632][   T29]  synchronize_rcu_expedited+0x5bb/0x880
[  431.982569][   T29]  ? __cfi_synchronize_rcu_expedited+0x10/0x10
[  431.988905][   T29]  ? __this_cpu_preempt_check+0x13/0x20
[  431.994634][   T29]  ? __cfi_autoremove_wake_function+0x10/0x10
[  432.000782][   T29]  ? save_fpregs_to_fpstate+0x192/0x220
[  432.006452][   T29]  ? psi_group_change+0xb73/0x12b0
[  432.011562][   T29]  ? __cfi___switch_to+0x10/0x10
[  432.016600][   T29]  ? finish_task_switch+0x16b/0x7b0
[  432.021850][   T29]  synchronize_rcu+0x97/0x3d0
[  432.026710][   T29]  ? __cfi_synchronize_rcu+0x10/0x10
[  432.031988][   T29]  ? __schedule+0xbae/0x1500
[  432.036625][   T29]  ? psi_group_change+0xb73/0x12b0
[  432.041757][   T29]  ? __kasan_check_write+0x14/0x20
[  432.046870][   T29]  ? _raw_spin_lock_irq+0x95/0xf0
[  432.051950][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  432.057553][   T29]  ? release_firmware_map_entry+0x190/0x190
[  432.063505][   T29]  rcu_sync_enter+0x20b/0x340
[  432.068228][   T29]  ? __kasan_check_read+0x11/0x20
[  432.073283][   T29]  ? schedule+0xd4/0x170
[  432.077540][   T29]  ? __cfi_rcu_sync_enter+0x10/0x10
[  432.082755][   T29]  ? schedule_timeout+0xba/0x340
[  432.087705][   T29]  ? __cfi_schedule_timeout+0x10/0x10
[  432.093201][   T29]  ? __schedule+0xbae/0x1500
[  432.097817][   T29]  percpu_down_write+0xa9/0x6f0
[  432.102704][   T29]  ? __cfi_percpu_down_write+0x10/0x10
[  432.108196][   T29]  ? mutex_lock+0x93/0x1b0
[  433.055236][   T29]  ? __cfi_mutex_lock+0x10/0x10
[  433.060154][   T29]  cgroup_attach_lock+0x26/0x30
[  433.065012][   T29]  cgroup_attach_task_all+0x2e/0xe0
[  433.070278][   T29]  kvm_vm_worker_thread+0x228/0x3c0
[  433.075537][   T29]  ? __cfi_kvm_nx_lpage_recovery_worker+0x10/0x10
[  433.082036][   T29]  kthread+0x281/0x320
[  433.086125][   T29]  ? __cfi_kvm_vm_worker_thread+0x10/0x10
[  433.091905][   T29]  ? __cfi_kthread+0x10/0x10
[  433.096514][   T29]  ret_from_fork+0x1f/0x30
[  433.100986][   T29]  </TASK>
[  433.104014][   T29] INFO: task syz.3.1255:5027 blocked for more than 134 seconds.
[  433.111662][   T29]       Tainted: G        W          syzkaller #0
[  433.118075][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  433.126779][   T29] task:syz.3.1255      state:D stack:26208 pid:5027  ppid:282    flags:0x00004004
[  433.136239][   T29] Call Trace:
[  433.139586][   T29]  <TASK>
[  433.142586][   T29]  __schedule+0xba6/0x1500
[  433.147020][   T29]  ? __kasan_check_write+0x14/0x20
[  433.152145][   T29]  ? release_firmware_map_entry+0x190/0x190
[  433.158053][   T29]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[  433.163945][   T29]  ? prepare_to_wait_event+0x40b/0x440
[  433.169422][   T29]  schedule+0xbd/0x170
[  433.173490][   T29]  synchronize_rcu_expedited+0x5bb/0x880
[  433.179150][   T29]  ? task_work_run+0x1e1/0x250
[  433.183950][   T29]  ? __cfi_synchronize_rcu_expedited+0x10/0x10
[  434.138643][   T29]  ? __cfi_autoremove_wake_function+0x10/0x10
[  434.144815][   T29]  ? locks_remove_file+0x368/0x1050
[  434.150086][   T29]  ? __cfi_locks_remove_file+0x10/0x10
[  434.155563][   T29]  synchronize_rcu+0x97/0x3d0
[  434.160328][   T29]  ? __cfi_synchronize_rcu+0x10/0x10
[  434.165651][   T29]  ? __kasan_check_write+0x14/0x20
[  434.170812][   T29]  ? mutex_unlock+0x8f/0x230
[  434.175503][   T29]  ? __cfi_mutex_unlock+0x10/0x10
[  434.180549][   T29]  vhost_vsock_dev_release+0x186/0x420
[  434.186074][   T29]  ? __cfi_vhost_vsock_dev_release+0x10/0x10
[  434.192078][   T29]  __fput+0x1fc/0x8f0
[  434.196116][   T29]  ____fput+0x15/0x20
[  434.200110][   T29]  task_work_run+0x1e1/0x250
[  434.204754][   T29]  ? __cfi_task_work_run+0x10/0x10
[  434.209882][   T29]  ? __cfi___close_range+0x10/0x10
[  434.215020][   T29]  exit_to_user_mode_loop+0x9b/0xb0
[  434.220229][   T29]  exit_to_user_mode_prepare+0x87/0xd0
[  434.225713][   T29]  syscall_exit_to_user_mode+0x1a/0x30
[  434.231194][   T29]  do_syscall_64+0x58/0xa0
[  434.235653][   T29]  ? clear_bhb_loop+0x30/0x80
[  434.240358][   T29]  ? clear_bhb_loop+0x30/0x80
[  434.245027][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  434.250967][   T29] RIP: 0033:0x7fd116b9acb9
[  434.255385][   T29] RSP: 002b:00007ffdafcc2728 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  434.264107][   T29] RAX: 0000000000000000 RBX: 00007fd116e17da0 RCX: 00007fd116b9acb9
[  435.221489][   T29] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  435.229516][   T29] RBP: 00007fd116e17da0 R08: 0000000000000006 R09: 0000000000000000
[  435.237540][   T29] R10: 00007fd116e17cb0 R11: 0000000000000246 R12: 000000000003ea50
[  435.245629][   T29] R13: 00007fd116e15fac R14: 000000000003e423 R15: 00007ffdafcc2830
[  435.253623][   T29]  </TASK>
[  435.256736][   T29] NMI backtrace for cpu 1
[  435.261096][   T29] CPU: 1 PID: 29 Comm: khungtaskd Tainted: G        W          syzkaller #0
[  435.269761][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  435.279812][   T29] Call Trace:
[  435.283086][   T29]  <TASK>
[  435.286008][   T29]  __dump_stack+0x21/0x24
[  435.290333][   T29]  dump_stack_lvl+0x110/0x170
[  435.295005][   T29]  ? __cfi_dump_stack_lvl+0x8/0x8
[  435.300021][   T29]  dump_stack+0x15/0x24
[  435.304191][   T29]  nmi_cpu_backtrace+0x2af/0x2c0
[  435.309222][   T29]  ? rcu_read_unlock_special+0xb2/0x440
[  435.314770][   T29]  ? __cfi_nmi_cpu_backtrace+0x10/0x10
[  435.320229][   T29]  ? nmi_trigger_cpumask_backtrace+0xf6/0x3a0
[  435.326294][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  435.332260][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  435.338228][   T29]  nmi_trigger_cpumask_backtrace+0x16b/0x3a0
[  435.344225][   T29]  arch_trigger_cpumask_backtrace+0x10/0x20
[  435.350119][   T29]  watchdog+0xd68/0xeb0
[  435.354278][   T29]  ? __cfi_watchdog+0x10/0x10
[  435.358966][   T29]  ? __kasan_check_read+0x11/0x20
[  435.363997][   T29]  ? __kthread_parkme+0x142/0x180
[  435.369008][   T29]  kthread+0x281/0x320
[  435.373070][   T29]  ? __cfi_watchdog+0x10/0x10
[  435.377772][   T29]  ? __cfi_kthread+0x10/0x10
[  435.382359][   T29]  ret_from_fork+0x1f/0x30
[  435.386768][   T29]  </TASK>
[  435.389954][   T29] Sending NMI from CPU 1 to CPUs 0:
[  435.395205][    C0] NMI backtrace for cpu 0
[  435.395221][    C0] CPU: 0 PID: 5021 Comm: syz.4.1253 Tainted: G        W          syzkaller #0
[  435.395239][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  435.395249][    C0] RIP: 0010:kasan_check_range+0x13/0x2a0
[  435.395274][    C0] Code: 00 00 cc cc 00 00 cc 90 90 90 90 90 90 90 90 90 90 90 b8 bf f3 05 3b b0 01 48 85 f6 0f 84 c0 01 00 00 55 48 89 e5 41 57 41 56 <41> 55 41 54 53 49 89 f8 49 01 f0 0f 82 1d 02 00 00 49 89 f8 49 c1
[  435.395289][    C0] RSP: 0018:ffffc90000757c30 EFLAGS: 00000202
[  435.395304][    C0] RAX: ffff88811ca71401 RBX: ffff888132994900 RCX: ffffffff81552932
[  435.395317][    C0] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff888132994908
[  435.395328][    C0] RBP: ffffc90000757c40 R08: ffff88813299490f R09: 1ffff11026532921
[  435.395341][    C0] R10: dffffc0000000000 R11: ffffed1026532922 R12: 1ffff920000eaf90
[  435.395353][    C0] R13: ffff88811ca71441 R14: 1ffff11026532921 R15: ffff888132994908
[  435.395367][    C0] FS:  000055557742e500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  435.395381][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  435.395393][    C0] CR2: 00007fae7f80d0ab CR3: 00000001354be000 CR4: 00000000003526b0
[  435.395408][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  435.395418][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  435.395428][    C0] Call Trace:
[  435.395433][    C0]  <TASK>
[  435.395439][    C0]  __kasan_check_write+0x14/0x20
[  435.395455][    C0]  down_read_trylock+0x152/0x660
[  435.395479][    C0]  ? __cfi_down_read_trylock+0x10/0x10
[  435.395503][    C0]  ? mas_walk+0x20e/0x260
[  435.395519][    C0]  lock_vma_under_rcu+0x1a6/0x4f0
[  435.395544][    C0]  ? __cfi_lock_vma_under_rcu+0x10/0x10
[  435.395569][    C0]  ? __this_cpu_preempt_check+0x13/0x20
[  435.395585][    C0]  ? xfd_validate_state+0x70/0x150
[  435.395606][    C0]  do_user_addr_fault+0x2fc/0x1050
[  435.395631][    C0]  exc_page_fault+0x51/0xb0
[  435.395654][    C0]  asm_exc_page_fault+0x27/0x30
[  435.395676][    C0] RIP: 0033:0x7f6a2bc643e7
[  435.395689][    C0] Code: 48 85 c0 74 1b 48 83 f8 01 0f 85 bf 03 00 00 0f b7 44 24 10 66 c1 c0 08 0f b7 c0 48 89 44 24 10 48 8b 44 24 18 0f b7 74 24 10 <66> 89 30 e9 18 ff ff ff 48 83 7c 24 08 17 0f 85 20 03 00 00 64 f0
[  435.395703][    C0] RSP: 002b:00007ffcc109f680 EFLAGS: 00010246
[  435.395715][    C0] RAX: 0000200000000180 RBX: 0000000000000002 RCX: 0000000000000000
[  435.395726][    C0] RDX: cf624b8bdab42900 RSI: 0000000000000000 RDI: 000055557742e3d8
[  435.395737][    C0] RBP: 00007ffcc109f7a0 R08: 0000000000000000 R09: 0000000000000000
[  435.395747][    C0] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffcc109f7e0
[  435.395757][    C0] R13: 00007f6a2c015fac R14: 000000000003e27f R15: 00007f6a2c015fa0
[  435.395772][    C0]  </TASK>
[  446.044850][   T16] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { P5021 } 15949 jiffies s: 10349 root: 0x0/T
[  446.185747][   T16] rcu: blocking rcu_node structures (internal RCU debug):
[  459.056985][   T29] INFO: task kworker/1:0:24 blocked for more than 138 seconds.
[  459.064768][   T29]       Tainted: G        W          syzkaller #0
[  459.071303][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  459.080090][   T29] task:kworker/1:0     state:D stack:23024 pid:24    ppid:2      flags:0x00004000
[  459.089396][   T29] Workqueue: ipv6_addrconf addrconf_verify_work
[  459.095669][   T29] Call Trace:
[  459.098945][   T29]  <TASK>
[  459.101982][   T29]  __schedule+0xba6/0x1500
[  459.106428][   T29]  ? release_firmware_map_entry+0x190/0x190
[  459.112383][   T29]  ? __mutex_add_waiter+0xcc/0x280
[  459.117515][   T29]  ? __kasan_check_write+0x14/0x20
[  459.122662][   T29]  ? _raw_spin_unlock_irq+0x4d/0x70
[  459.127874][   T29]  ? wq_worker_sleeping+0x1d9/0x280
[  459.133325][   T29]  schedule+0xbd/0x170
[  459.137565][   T29]  schedule_preempt_disabled+0x13/0x20
[  459.143085][   T29]  __mutex_lock+0x82f/0x1790
[  459.147774][   T29]  ? __kasan_check_write+0x14/0x20
[  459.152890][   T29]  ? __ww_mutex_lock_interruptible_slowpath+0x20/0x20
[  459.159696][   T29]  ? add_timer+0x68/0x80
[  459.163955][   T29]  ? __queue_delayed_work+0x173/0x200
[  459.169406][   T29]  ? queue_delayed_work_on+0x10d/0x160
[  459.174897][   T29]  ? __cfi_queue_delayed_work_on+0x10/0x10
[  459.180750][   T29]  __mutex_lock_slowpath+0xe/0x10
[  459.185837][   T29]  mutex_lock+0x10a/0x1b0
[  459.190331][   T29]  ? __cfi_mutex_lock+0x10/0x10
[  459.195219][   T29]  ? _raw_spin_lock_irq+0x95/0xf0
[  459.200488][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  459.206062][   T29]  rtnl_lock+0x15/0x20
[  460.141665][   T29]  addrconf_verify_work+0x19/0x30
[  460.146827][   T29]  process_one_work+0x71f/0xc40
[  460.151866][   T29]  worker_thread+0xa29/0x11e0
[  460.156573][   T29]  kthread+0x281/0x320
[  460.160651][   T29]  ? __cfi_worker_thread+0x10/0x10
[  460.165955][   T29]  ? __cfi_kthread+0x10/0x10
[  460.170591][   T29]  ret_from_fork+0x1f/0x30
[  460.175153][   T29]  </TASK>
[  460.178219][   T29] INFO: task syz-executor:283 blocked for more than 159 seconds.
[  460.186026][   T29]       Tainted: G        W          syzkaller #0
[  460.192463][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  460.201376][   T29] task:syz-executor    state:D stack:22272 pid:283   ppid:1      flags:0x00004004
[  460.210627][   T29] Call Trace:
[  460.213913][   T29]  <TASK>
[  460.216882][   T29]  __schedule+0xba6/0x1500
[  460.221330][   T29]  ? __kasan_check_write+0x14/0x20
[  460.226453][   T29]  ? release_firmware_map_entry+0x190/0x190
[  460.232395][   T29]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[  460.238243][   T29]  ? prepare_to_wait_event+0x40b/0x440
[  460.243714][   T29]  schedule+0xbd/0x170
[  460.247791][   T29]  synchronize_rcu_expedited+0x773/0x880
[  460.253501][   T29]  ? __cfi_synchronize_rcu_expedited+0x10/0x10
[  460.259872][   T29]  ? debug_smp_processor_id+0x17/0x20
[  460.265306][   T29]  ? kasan_quarantine_put+0x34/0x190
[  460.270862][   T29]  ? __cfi_wait_rcu_exp_gp+0x10/0x10
[  460.276189][   T29]  ? ____kasan_slab_free+0x13d/0x180
[  460.281855][   T29]  ? __kasan_slab_free+0x11/0x20
[  460.286823][   T29]  ? slab_free_freelist_hook+0xc2/0x190
[  461.223829][   T29]  ? __put_mountpoint+0x1c5/0x220
[  461.228937][   T29]  ? __cfi_autoremove_wake_function+0x10/0x10
[  461.235086][   T29]  ? shrink_dentry_list+0x4e4/0x500
[  461.240320][   T29]  namespace_unlock+0x23f/0x430
[  461.245174][   T29]  ? umount_tree+0xdd4/0xe30
[  461.249877][   T29]  ? umount_tree+0xe30/0xe30
[  461.254497][   T29]  ? umount_mnt+0x310/0x310
[  461.259050][   T29]  path_umount+0xee8/0xf60
[  461.263504][   T29]  ? __kasan_slab_free+0x11/0x20
[  461.268489][   T29]  ? __cfi_path_umount+0x10/0x10
[  461.273441][   T29]  ? user_path_at_empty+0x161/0x1c0
[  461.278689][   T29]  __x64_sys_umount+0x12d/0x170
[  461.283555][   T29]  ? __cfi___x64_sys_umount+0x10/0x10
[  461.288969][   T29]  ? fpregs_assert_state_consistent+0xb1/0xe0
[  461.295053][   T29]  x64_sys_call+0x86a/0x9a0
[  461.299803][   T29]  do_syscall_64+0x4c/0xa0
[  461.304241][   T29]  ? clear_bhb_loop+0x30/0x80
[  461.308916][   T29]  ? clear_bhb_loop+0x30/0x80
[  461.313655][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  461.319564][   T29] RIP: 0033:0x7fbfd879bf17
[  461.324030][   T29] RSP: 002b:00007ffeac569748 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  461.332528][   T29] RAX: ffffffffffffffda RBX: 00007fbfd880471f RCX: 00007fbfd879bf17
[  461.340502][   T29] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffeac569800
[  461.348502][   T29] RBP: 00007ffeac569800 R08: 00007ffeac56a800 R09: 00000000ffffffff
[  462.307329][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffeac56a890
[  462.315364][   T29] R13: 00007fbfd880471f R14: 0000000000000005 R15: 00007ffeac56a8d0
[  462.323420][   T29]  </TASK>
[  462.326499][   T29] INFO: task kworker/0:5:434 blocked for more than 141 seconds.
[  462.334179][   T29]       Tainted: G        W          syzkaller #0
[  462.340641][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  462.349315][   T29] task:kworker/0:5     state:D stack:23296 pid:434   ppid:2      flags:0x00004000
[  462.358598][   T29] Workqueue: ipv6_addrconf addrconf_verify_work
[  462.364873][   T29] Call Trace:
[  462.368141][   T29]  <TASK>
[  462.371060][   T29]  __schedule+0xba6/0x1500
[  462.375568][   T29]  ? release_firmware_map_entry+0x190/0x190
[  462.381484][   T29]  ? __mutex_add_waiter+0xcc/0x280
[  462.386631][   T29]  ? __kasan_check_write+0x14/0x20
[  462.391748][   T29]  ? _raw_spin_unlock_irq+0x4d/0x70
[  462.397021][   T29]  ? wq_worker_sleeping+0x1d9/0x280
[  462.402277][   T29]  schedule+0xbd/0x170
[  462.406403][   T29]  schedule_preempt_disabled+0x13/0x20
[  462.411872][   T29]  __mutex_lock+0x82f/0x1790
[  462.416511][   T29]  ? __ww_mutex_lock_interruptible_slowpath+0x20/0x20
[  462.423294][   T29]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[  462.429233][   T29]  ? __mod_timer+0x858/0xc00
[  462.433849][   T29]  ? enqueue_timer+0x1b6/0x480
[  463.390552][   T29]  ? __queue_delayed_work+0x173/0x200
[  463.396024][   T29]  __mutex_lock_slowpath+0xe/0x10
[  463.401112][   T29]  mutex_lock+0x10a/0x1b0
[  463.405576][   T29]  ? __cfi_mutex_lock+0x10/0x10
[  463.410428][   T29]  ? _raw_spin_lock_irq+0x95/0xf0
[  463.415716][   T29]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  463.421277][   T29]  ? round_jiffies_relative+0xd5/0xf0
[  463.426715][   T29]  rtnl_lock+0x15/0x20
[  463.430798][   T29]  addrconf_verify_work+0x19/0x30
[  463.435931][   T29]  process_one_work+0x71f/0xc40
[  463.440798][   T29]  worker_thread+0xa29/0x11e0
[  463.445508][   T29]  ? _raw_spin_lock_irqsave+0xc2/0x130
[  463.451035][   T29]  kthread+0x281/0x320
[  463.455119][   T29]  ? __cfi_worker_thread+0x10/0x10
[  463.460260][   T29]  ? __cfi_kthread+0x10/0x10
[  463.464869][   T29]  ret_from_fork+0x1f/0x30
[  463.469436][   T29]  </TASK>
[  463.472525][   T29] INFO: task syz.0.1248:4992 blocked for more than 162 seconds.
[  463.480211][   T29]       Tainted: G        W          syzkaller #0
[  463.486625][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  463.495324][   T29] task:syz.0.1248      state:D stack:25920 pid:4992  ppid:284    flags:0x00004004
[  463.504603][   T29] Call Trace:
[  463.507899][   T29]  <TASK>
[  463.510869][   T29]  __schedule+0xba6/0x1500
[  463.515307][   T29]  ? release_firmware_map_entry+0x190/0x190
[  464.474024][   T29]  ? __mutex_add_waiter+0x180/0x280
[  464.479372][   T29]  ? __kasan_check_write+0x14/0x20
[  464.484554][   T29]  ? trace_contention_begin+0xa0/0xa0
[  464.489993][   T29]  ? __kasan_check_write+0x14/0x20
[  464.495125][   T29]  schedule+0xbd/0x170
[  464.499289][   T29]  schedule_preempt_disabled+0x13/0x20
[  464.504767][   T29]  __mutex_lock+0x82f/0x1790
[  464.509429][   T29]  ? __ww_mutex_lock_interruptible_slowpath+0x20/0x20
[  464.516251][   T29]  ? 0xffffffffa0004e80
[  464.520461][   T29]  ? is_bpf_text_address+0x177/0x190
[  464.525771][   T29]  ? kernel_text_address+0xa0/0xd0
[  464.530914][   T29]  __mutex_lock_slowpath+0xe/0x10
[  464.535959][   T29]  mutex_lock+0x10a/0x1b0
[  464.540362][   T29]  ? __cfi_mutex_lock+0x10/0x10
[  464.545237][   T29]  synchronize_rcu_expedited+0x316/0x880
[  464.550901][   T29]  ? __cfi_synchronize_rcu_expedited+0x10/0x10
[  464.557071][   T29]  ? 0xffffffffa0004e80
[  464.561248][   T29]  ? is_bpf_text_address+0x177/0x190
[  464.566542][   T29]  ? kernel_text_address+0xa0/0xd0
[  464.571696][   T29]  ? __kernel_text_address+0xd/0x30
[  464.576908][   T29]  ? __kasan_check_read+0x11/0x20
[  464.581924][   T29]  synchronize_net+0x28/0x40
[  464.586586][   T29]  dev_deactivate_many+0x6b6/0xbc0
[  464.591712][   T29]  ? __kasan_check_read+0x11/0x20
[  464.596813][   T29]  __dev_close_many+0x21c/0x360
[  464.601684][   T29]  ? dev_close_many+0x4d0/0x4d0
[  464.606651][   T29]  ? kasan_save_stack+0x4c/0x60
[  464.611529][   T29]  ? kasan_save_stack+0x3a/0x60
[  464.616529][   T29]  ? __kasan_record_aux_stack+0xb6/0xc0
[  464.622100][   T29]  ? kasan_record_aux_stack_noalloc+0xb/0x10
[  465.557884][   T29]  dev_close_many+0x21e/0x4d0
[  465.562690][   T29]  ? do_syscall_64+0x58/0xa0
[  465.567393][   T29]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  465.573562][   T29]  ? __cfi_dev_close_many+0x10/0x10
[  465.578845][   T29]  ? __kasan_check_read+0x11/0x20
[  465.584047][   T29]  unregister_netdevice_many+0x44f/0x18e0
[  465.589917][   T29]  ? __cfi_unregister_netdevice_many+0x10/0x10
[  465.596104][   T29]  ? __cfi_locks_remove_file+0x10/0x10
[  465.601617][   T29]  ? __kasan_check_read+0x11/0x20
[  465.606653][   T29]  unregister_netdevice_queue+0x324/0x370
[  465.612440][   T29]  ? __kasan_check_write+0x14/0x20
[  465.617575][   T29]  ? mutex_lock+0x93/0x1b0
[  465.622000][   T29]  ? __cfi_unregister_netdevice_queue+0x10/0x10
[  465.628304][   T29]  ppp_release+0xef/0x1f0
[  465.632653][   T29]  ? __cfi_ppp_release+0x10/0x10
[  465.637774][   T29]  __fput+0x1fc/0x8f0
[  465.641860][   T29]  ____fput+0x15/0x20
[  465.645935][   T29]  task_work_run+0x1e1/0x250
[  465.650540][   T29]  ? __cfi_task_work_run+0x10/0x10
[  465.655687][   T29]  ? __cfi___close_range+0x10/0x10
[  465.660868][   T29]  ? handle_softirqs+0x543/0x600
[  465.665856][   T29]  exit_to_user_mode_loop+0x9b/0xb0
[  465.671066][   T29]  exit_to_user_mode_prepare+0x87/0xd0
[  465.676571][   T29]  syscall_exit_to_user_mode+0x1a/0x30
[  465.682058][   T29]  do_syscall_64+0x58/0xa0
[  465.686492][   T29]  ? clear_bhb_loop+0x30/0x80
[  465.691326][   T29]  ? clear_bhb_loop+0x30/0x80
[  465.696037][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  465.702086][   T29] RIP: 0033:0x7f097fb9acb9
[  465.706508][   T29] RSP: 002b:00007ffdb311d838 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  466.651725][   T29] RAX: 0000000000000000 RBX: 00007f097fe17da0 RCX: 00007f097fb9acb9
[  466.659812][   T29] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  466.667862][   T29] RBP: 00007f097fe17da0 R08: 0000000000000006 R09: 0000000000000000
[  466.675858][   T29] R10: 00000000003ff978 R11: 0000000000000246 R12: 000000000003ef34
[  466.683904][   T29] R13: 00007f097fe15fac R14: 000000000003e337 R15: 00007ffdb311d940
[  466.691959][   T29]  </TASK>
[  466.695046][   T29] NMI backtrace for cpu 0
[  466.699382][   T29] CPU: 0 PID: 29 Comm: khungtaskd Tainted: G        W          syzkaller #0
[  466.708044][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  466.718088][   T29] Call Trace:
[  466.721363][   T29]  <TASK>
[  466.724286][   T29]  __dump_stack+0x21/0x24
[  466.728611][   T29]  dump_stack_lvl+0x110/0x170
[  466.733280][   T29]  ? __cfi_dump_stack_lvl+0x8/0x8
[  466.738300][   T29]  dump_stack+0x15/0x24
[  466.742460][   T29]  nmi_cpu_backtrace+0x2af/0x2c0
[  466.747390][   T29]  ? rcu_read_unlock_special+0xb2/0x440
[  466.752929][   T29]  ? __cfi_nmi_cpu_backtrace+0x10/0x10
[  466.758400][   T29]  ? nmi_trigger_cpumask_backtrace+0xf6/0x3a0
[  466.764481][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  466.770471][   T29]  ? __cfi_nmi_raise_cpu_backtrace+0x10/0x10
[  466.776461][   T29]  nmi_trigger_cpumask_backtrace+0x16b/0x3a0
[  466.782449][   T29]  arch_trigger_cpumask_backtrace+0x10/0x20
[  466.788339][   T29]  watchdog+0xd68/0xeb0
[  466.792498][   T29]  ? __cfi_watchdog+0x10/0x10
[  466.797176][   T29]  ? __kasan_check_read+0x11/0x20
[  466.802187][   T29]  ? __kthread_parkme+0x142/0x180
[  466.807201][   T29]  kthread+0x281/0x320
[  466.811266][   T29]  ? __cfi_watchdog+0x10/0x10
[  466.815950][   T29]  ? __cfi_kthread+0x10/0x10
[  466.820537][   T29]  ret_from_fork+0x1f/0x30
[  466.824963][   T29]  </TASK>
[  466.828048][   T29] Sending NMI from CPU 0 to CPUs 1:
[  466.833282][    C1] NMI backtrace for cpu 1 skipped: idling at default_idle+0xf/0x20
[  522.669882][   T16] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { P5021 } 23021 jiffies s: 10349 root: 0x0/T
[  522.681801][   T16] rcu: blocking rcu_node structures (internal RCU debug):