last executing test programs:

27m24.455738702s ago: executing program 0 (id=65):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, &(0x7f0000000100))

27m23.919068546s ago: executing program 0 (id=67):
bind$inet(0xffffffffffffffff, &(0x7f0000000380)={0x2, 0x4e22, @multicast2}, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x800000000f, &(0x7f0000000080)=0x7, 0x4)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x2, 0x4)
r1 = syz_open_procfs(0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r2, 0x560a, 0x0)
getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f0000000100)={'filter\x00', 0x0, [0x56, 0x80000000, 0x8, 0x4, 0x9]}, &(0x7f0000000280)=0x54)
r3 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r5, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10)
syz_mount_image$exfat(&(0x7f0000006c00), &(0x7f0000001b40)='./file0\x00', 0x208008de, &(0x7f0000001b80)=ANY=[@ANYBLOB='utf8,errors=continue,namecase=1,utf8,gid=', @ANYRESHEX=0x0, @ANYBLOB=',umask=00000000000000000000077,umask=00000000000000000005676,uid=', @ANYRESHEX=0x0, @ANYBLOB=',gid=', @ANYRESHEX=0x0, @ANYRES8=r8], 0x1, 0x1503, &(0x7f0000000580)="$eJzs3AuYj1XXMPC99t43Y5L+TXIY9trr5p8G2yRJDgk5JEmSJDklJCZJEhJDTklDEnKcJIchJIdpTBrn8yHnpMkjTZKE5BT2d+np/Tzv0/O+fe9X3+e93lm/69qXvdz/tf7rnjXX3Pf9v66Z73uOqtu8Xq2mRCT+FPj7P8lCiBghxDAhxA1CiEAIUTGuYtyV4/kUJP+5N2F/rUfTrnUH7Fri+eduPP/cjeefu/H8czeef+7G88/deP65G8+fsdxs+5yiN/LKvYs//8/N+Pr/P0hOuclfbyx3c6//QgrPP3fj+eduPP/cjeefu/H8czee//98Nf+TYzz/3I3nz1hudq0/f+Z1bde1/v5jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZY7nPNXaSHEv+2vdV+MMcYYY4wxxhj76/i817oDxhhjjDHGGGOM/b8HQgoltAhEHpFXxIh8IlZcJ/KL60UBcYOIiBtFnLhJFBQ3i0KisCgiiop4UUwUF0agsIJEKEqIkiIqbhGlxK0iQZQWZURZ4UQ5kShuE+XF7aKCuENUFHeKSuIuUVlUEVVFNXG3qC7uETVETVFL3Ctqizqirqgn7hP1xf2igXhANBQPikbiIdFYPCyaiEdEU/GoaCYeE83F46KFeEK0FK1Ea9FGtP2/yn9Z9BWviH6iv0gWA8RA8aoYJAaLIWKoGCZeE8PF62KEeEOkiJFilHhTjBZviTHibTFWjBPjxTtigpgoJonJYoqYKlLFu2KaeE9MF++LGWKmmCVmizQxR8wVH4h5Yr5YID4UC8VHYpFYLJaIpSJdfCwyxDKRKT4Ry8WnIkusECvFKrFarBFrxTqxXmwQG8UmsVlsEVvFNrFdfCZ2iJ1il9gt9oi9Yp/4XOwXX4gD4kuRLb76L+af/af8XiBAgAQJGjTkgTwQAzEQC7GQH/JDASgAEYhAHMRBQSgIhaAQFIEiEA/xUByKAwICAUEJKAFRiEIpKAUJkABloAw4cJAIiVAebocKUAEqQkWoBJWgMlSBKlANqkF1qA41oAbUglpQG2pDXagL98F9cD80gAbQEBpCI2gEjaExNIEm0BSaQjNoBs2hObSAFtASWkJraA1toS20g3bQHtpDR+gInaATdIbOkARJ0BW6QjfoBt2hO/SAHtATekIv6A294WV4GV6BV6A/1JYDYCAMhEEwCIbAUBgKr8FweB1ehzcgBUbCKHgT3oS3YAycgbEwDsbDeKguJ8IkmAwkp0IqpMI0mAbTYTrMgJkwE2ZDGsyBuTAX5sF8mA8fwkL4CD6CxbAYlkI6pEMGLINMyITlcBayYAWshFWwGtbAalgH62EdbIRNsBG2wBbYBtvgM/gMdsJO2A27YS/shc/hc/gCvoAUyIZsOAgH4RAcgsNwGHIgB47AETgKR+EYHIPjcBxOwEk4BSfhNJyGM3AWzsE5uAAX4CK8GP9ts72lN6QIeYWWWuaReWSMjJGxMlbml/llAVlARmRExsk4WVAWlIVkIVlEFpHxMl4Wl8UlSpQkQ1lClogRQshSspRMkAmyjCwjnXQyUSbK8rK8rCAryIryTllJ3iUryyqyg6smq8nqsqOrIWvKWrKWrC3ryLqynqwn68v6soFsIBvKhrKRbCQby4dlEzkAhsCj8spkmsuR0EKOgpaylWwt28i34EnZTo6B9rKD7CifluNgLHSW7VySfFZ2lZOgm3xeToYXZA85FXrKl2Qv2Vv2kS/LvrK96yf7yxkwQA6Us2GQHCyHyKFyHtSRVyZWV74hU+RIOUq+KZfCW3KMfFuOlePkePmOnCAnyklyspwip8pU+a6cJt+T0+X7coacKWfJ2TJNzpFz5QdynpwvF8gP5UL5kVwkF8slcqlMlx/LDLlMZspP5HL5qcySK+RKuUqulmvkWrlOrpcb5Ea5SW6WW+RWuU1ul5/JHXKn3CV3yz1yr9wnP5f75RfygPxSZsuv5EH5N3lIfi0Py29kjvxWHpHfyaPye3lM/iCPyx/lCXlSnpI/ydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaDyqLwqRuVTseo6lV9drwqoG1RE3aji1E2qoLpZFVKFVRFVVMWrYqq4MgqVVaRCVUKVVFF1iyqlblUJqrQqo8oqp8qpRHWbKq9uVxXUHaqiulNVUnepyqqKqqqqqbtVdXWPqqFqqlrqXlVb1VF1VT11n6qv7lcN1AOqoXpQNVIPqcbqYdVEPaKaqkdVM/WYaq4eVy3UE6qlaqVaqzaqrXpStVNPqfaqg+qonlad1DOqs+qiktSzqqt6TnVTz6vu6gXVQ72oeqqXVC/VW/VRl9Rl5VU/1V8lqwFqoHpVDVKD1RA1VA1Tr6nh6nU1Qr2hUtRINUq9qUart9QY9bYaq8ap8eodNUFNVJPUZDVFTVWp6l01Tb2npqv31Qw1U81Ss1WamqOG/FZpwT/lD/jtqvuP+e/9i/wRv777NrVdfaZ2qJ1ql9qt9qi9ap/ap/ar/eqAOqCyVbY6qA6qQ+qQOqwOqxyVo46oI+qoOqqOqWPquDquTqiT6rz6SZ1WP6sz6qw6q86rC+qCuvjb10Bo0FIrrXWg8+i8Okbn07H6Op1fX68L6Bt0RN+o4/RNuqC+WRfShXURXVTH62K6uDYatdWkQ11Cl9RRfYsupW/VCbq0LqPLaqfL6UR925/O/6P+2uq2up1up9vr9rqj7qg76U66s+6sk3SS7qq76m66m+6uu+seuofuqXvqXrqX7qP76L66r+6n++lknawH6lf1ID1YD9FD9TD9mh6uh+sReoRO0Sl6lB6lR+vReoweo8fqsXq8Hq8n6Al6kp6kp+gpOlWn6ml6mp6up+sZeoaepWfpNJ2m5+q5ep6epxfoBXqhXqgX6UV6iV6i03W6ztAZOlNn6uV6uc7SK/QKvUqv0mv0Gr1Or9Mb9Aa9SW/SW/QWnaW36+16h96hd+ldeo/eo/fpfXq/3q8P6AM6W2frg/qgPqQP6cP6sM7ROfqIPqKP6qP6mD424Lg+rk/oE/qUPqVP69P6jD6jz+lz+oK+oC/qi/qyvnzlti+QgQx0oIM8QZ4gJogJYoPYIH+QPygQFAgiQSSIC+KCgsHNQaGgcFAkKBrEB8WC4oEJMLABBWFQIigZRINbglLBrUFCUDooE5QNXFAuSAxuC8oHtwcVgjuCisGdQaXgrqByUCWoGlQL7g6qB/cENYKaQa3g3qB2UCeoG9QL7gvqB/cHDYIHgobBg0Gj4KGgcfBw0CR4JGgaPBo0Cx4LmgePBy2CJ4KWQaugddAmaPuX1vf+TOGnXD/T3ySbAWagedUMMoPNEDPUDDOvmeHmdTPCvGFSzEgzyrxpRpu3zBjzthlrxpnx5h0zwUw0k8xkM8VMNanmXTPNvGemm/fNDDPTzDKzTZqZY+aaD8w8M98sMB+aheYjs8gsNkvMUpNuPjYZZpnJNJ+Y5eZTk2VWmJVmlVlt1py/UQiz3mwwG80ms9lsMVvNNrPdfGZ2mJ1ml9lt9pi9Zp/53Ow3X5gD5kuTbb4yB83fzCHztTlsvjE55ltzxHxnjprvzTHzgzlufjQnzElzyvxkTpufzRlz1pwz580F84u5aC6Zy8Zfubm/cnlHjRrzYB6MwRiMxVjMj/mxABbACEYwDuOwIBbEQlgIi2ARjMd4LI7F8QpCwhJYAqMYxVJYChMwActgGXToMBETsTyWxwpYAStiRayElbAyVsaqWBXvxrvxHrwHa2JNvBfvxTpYB+thPayP9bEBNsCG2BAbYSNsjI2xCTbBptgUm2EzbI7NsQW2wJbYEltja2yLbbEdtsP22B47YkfshJ2wM3bGJEzCrtgVu2E37I7dsQf2wJ7YE3thL+yDfbAv9sV+2A+TMRkH4kAchINwCA7BYTgMh+NwHIEjMAVTcBSOwtE4GsfgGByL43A8voMTcCJOwsk4BadiKqbiNJyG03E6zsAZOAtnYRqm4Vyci/NwHi7ABbgQF+IiXIRLcAmmYzpmYAZmYiYux+WYhVm4ElfialyNa3Etrsf1uBE34mbcjFtxK27H7bgDd+Au3IV7cA/uw324H/fjATyA2ZiNB/EgHsJDeBgPYw7m4BE8gkfxKB7DY3gcj+MJPIGn8BSextN4Bs/gOTyHF/AXvIiX8DJ6jLFSxNrrbH57vS1gb7AxNp/9x7iILWrjbTFb3BpbyBb+dzFaaxNsaVvGlrXOlrOJ9rbfxZVtFVvVVrN32+r2Hlvjd3F9e79tYB+wDe2Dtp6977c4769xI/uQbWwft03sE7apbWWb2Ta2uX3ctrBP2Ja2lW1t29hO9hnb2XaxSfZZ29U+97s4wy6z6+0Gu9FusvvtF/acPW+P2u/tBfuL7Wf722H2NTvcvm5H2Ddsih35u3i8fcdOsBPtJDvZTrFTfxfPsrNtmp1j59oP7Dw7/3dxuv3YLrSZdpFdbJfYpb/GV3rKtJ/Y5fZTm2VX2JV2lV1t19i1dt3/7nWV3WK32m12n/3c7rA77S672+6xe3+Nr5zHAfulzbZf2SP2O3vIfm0P22M2x377a3zl/I7ZH+xx+6M9YU/aU/Yne9r+bM/Ys7+e/5Vz/8lespett4KAJCnSFFAeyksxlI9i6TrKT9dTAbqBInQjxdFNVJBupkJUmIpQUYqnYlScDCFZIgqpBJWkKN1CpehWSqDSVIbKkqNylEi3UXm6nSrQHVSR7qRKdBdVpipUlarR3VSd7qEaVJNq0b1Um+pQXapH91F9up8a0APUkB6kRvQQNaaHqQk9Qk3pUWpGj1Fzepxa0BPUklpRa2pDbelJakdPUXvqQB3paepEz1Bn6kJJ9Cx1peeoGz1P3ekF6kEvUk96iXpRb+pDL1NfeoX6UX9KpgE0kF6lQTSYhtBQGkav0XB6nUbQG5RCI2kUvUmj6S0aQ2/TWBpH4+kdmkATaRJNpik0lVLpXTqb3qXIlXu9GTSTZtFsSqM5NJc+oHk0nxbQh7SQPqJFtJiW0FJKp48pg5ZRJn1Cy+lTyqIVtJJW0WpaQ2tpHa2nDbSRNtFm2kJbaRttp89oB+2kXbSb9tBe2kef0376gg7Ql5RNX9FB+hsdoq/pMH1DOfQtHaHv6Ch9T8foBzpOP9IJOkmn6Cc6TT/TGTpL5+g8XaBf6CJdosvkSYQQylCFOgzCPGHeMCbMF8aG14X5w+vDAuENYSS8MYwLbwoLhjeHhcLCYZGwaBgfFguLhybE0IYUhmGJsGQYDW8JS4W3hglh6bBMWDZ0YbkwMbwtLB/eHlYI7wgrhneGlcK7wsphlfDxB6uFd4fVw3vCGmHNsFZ4b1g7rBPWDeuF94X1w/vDBuEDYcPwwbBC+FDYOHw4bBI+EjYNHw2bhY+FzcPHwxbhE2HLsFXYOmwTtg2fDNuFT4Xtww5hx/DpsFP4TNg57BImhc+GXcPn/vB4cjggHBi+Gr4aev+AWhJdGk2PfhzNiC6LZkY/iS6PfhrNiq6Iroyuiq6Oromuja6Lro9uiG6Mbopujm6Jbo1ui3pfL69w4KRTTrvA5XF5XYzL52LddS6/u94VcDe4iLvRxbmbXEF3syvkCrsirqiLd8VccWccOuvIha6EK+mi7hZXyt3qElxpV8aVdc6Vc4mujWvr2rp27inX3nVwHd3T7mn3jHvGdXFd3LOuq3vOdXPPu+7uBdfDvehedC+5Xq636+Nedn3dK66f6++SXbIb6Aa6QW6QG+KGuGFumBvuhrsRboRLcSlulBvlRrvRbowb48a6sW68G+8muAlukpvkprgpLtWlumlumpvuprsZboab5Wa5NJfm5rq5bp6b5xa4BW5hwkK3yC1yS9wSl+7SXYbLcJku0y13y12Wy3Ir3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt8vtcnvcHrfP7XP73X53wB1w2S7bHXQH3SF3yB1237gc96074r5zR9337pj7wR13P7oT7qQ75X5yp93P7ow768658+6C+8VddJfcZeddauTdyLTIe5HpkfcjMyIzI7MisyNpkTmRuZEPIvMi8yMLIh9GFkY+iiyKLI4siSyNpEc+jmRElkUyI59Elkc+jWRFVkRWRlZFVkfWRLwvtiP0JXxJH/W3+FL+Vp/gS/syvqx3vpxP9Lf58v52X8Hf4Sv6O30lf5ev7Kv4qv4J39K38q19G9/WP+nb+ad8e9/Bd/RP+07+Gd/Zd/FJ/lnf1T/nu/nnfXf/gu/hX/Q9/Uu+l+/t+/iXfV//iu/n+/tkP8AP9K/6QX6wH+KH+mH+NT/cv+5H+Dd8ih/pR/k3/Wj/lh/j3/Zj/Tg/3r/jJ/iJfpKf7Kf4qT7Vv+un+ff8dP++n+Fn+ll+tk/zc/xc/4Gf5+f7Bf5Dv9B/5Bf5xX6JX+rT/cc+wy/zmf4Tv9x/6rP8Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/Wd+h9/pd/ndfo/f6/f5z/1+/4U/4L/02f4rf9D/zR/yX/vD/huf47/1R/x3/qj/3h/zP/jj/kd/wp/0p/xP/rT/2Z/xZ/05f95f8L/4i/6Sv8y/s8YYY4wx9n9E/cHxAf/i/+Rv64qBQojrdxbN+eeamwv9fT9YxneKCCGe7d/z0X9btWsnJyf/9tosJYKSi4UQkav5ecTVeIXoKJ4RSaKDKP8v+xsse1+gP6gfvVOI2KuVfxUr/rn+7f9B/SefHp9RKTwX95/UXyxEQsmrOfnE1fhq/Qr/Qf3C7f6g/3xfpwrR/h9y8our8dX6ieIp8ZxI+nevZIwxxhhjjDHG/m6wrNr9j56frzyfx+urOXnF1fiPns8ZY4wxxhhjjDF27b3Qu0+XJ5OSOnTnzZ/Y1Pjv0QZvePOXba71TybGGGOMMcbYX+3qTf+17oQxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMu9/n/8ObFrfY6MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYtfa/AgAA///mJjhh")
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x20}}}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x44, 0x1, 0x2, 0x201, 0x0, 0x0, {0xa, 0x0, 0x800}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x14, 0x4, @remote}}}]}]}, 0x44}}, 0x0)
lchown(&(0x7f00000003c0)='\x00', 0x0, 0x0)

27m23.065161272s ago: executing program 0 (id=71):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x474c, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e20, @multicast2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x10050, &(0x7f0000000800)={[{@jqfmt_vfsv1}, {@nouid32}, {@jqfmt_vfsv0}, {@norecovery}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
syz_open_dev$usbfs(0x0, 0x12, 0x0)
chdir(&(0x7f0000000700)='./file2\x00')
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000200)=0xc, 0x4)

27m19.209399111s ago: executing program 0 (id=77):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, &(0x7f0000000100))

27m19.082916662s ago: executing program 0 (id=79):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000200), 0xfea7)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r3 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x4, 0x8001, 0x0, 0x0, 0x19, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4117639c2eb4b78c66ee677df701905b9aafab4afaaf755a3f6a004", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a004000"})
copy_file_range(r1, 0x0, r0, 0x0, 0xffffffffa003e45c, 0x700000000000000)

27m18.750890154s ago: executing program 0 (id=80):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r0, 0x401c5504, 0x0)

27m3.594382131s ago: executing program 32 (id=80):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r0, 0x401c5504, 0x0)

9m31.221448772s ago: executing program 4 (id=3125):
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f0000000300)={0xfffffffffffffffc, 0x1307800, 0x800, 0x10, 0x1}, 0x20)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETVESABLANK(r1, 0x4b47, 0x0)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x2fd, 0xffff, 0x101, 0x300}})

9m31.189748893s ago: executing program 4 (id=3126):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000240)='./file0\x00', 0x450, &(0x7f0000005f80)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5e0b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31ee56a4bc5fdcd2dad721eb3b32dcc92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd970140400000000000000", @ANYRES32], 0x1, 0x5558, &(0x7f0000000a00)="$eJzs3EtvG9UXAPBju2n/ff4jxIJdR6qQEqm26vQh2BVoxUO0qngsWIFju5Zb2xPFrhOyQoIlYsE3QSCxQmLDZ2DBmh1iAWKHBPLMmBLCo5XdOGl/P2l85t65PnPvyEp0ZiwH8MRaTn75qRRn4nhEVCLiVCmy/VKxZa7m4ZmIOBsR5T9tpaL/j46jEXEiIs5Mkkd8PczHTA59en587vKPr/381bfHjpz87MvvFrdqYNGejYj+Rr6/1c9j2snjnaK/Me5msX9pXMT8QP9u0U7zuNVezzJsNabjGlm82MnHpxv3hpN4u9doTmKnezvr3xjkJxyOO9M82RvuNDazdqu9nsXuMM1iZyef1/ZO/vdyZzjK87SKfO9n6WM0msa8v73dztezcTeLzcGo6M/zpq329iSOi1icLpppr5XNY32WK32wvd4d3NtOxu3NYTcdJJdr9edq9SvV+mbaao/al6qNfuvKpWSl05sMq47ajf7VTpp2eu1aM+2vJiudZrNarycr19rr3cYgqddrF2sXqpdXi73zycs33056rWRlEl/sDu4d7faGye10M8nfsZqs1S4+v5qcqydv3riV3Hrj+vUbt95699o7N1+48epLxaA900pW1i6srVXrF6pr9dUDsP7J/90HXP9olvV/VEz6IdZfmu3ywL/zAQN4aHvq/5hv/V8J9T+w12Gv/2Oe9f+kpFL//3f9W569/p+p/j2o9f8hXj/MRP0PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDE+n7p81eyneW8fbLoP110PVW0SxFRjojf/kYlju7KWSnyLP3D+KW/zOGbUmQZJuc4VmwnIuJqsf36/0d9FQAAAODx9cUHZz/Jq/X8ZXnRE2I/5Tdtyqfem1O+UkQsLf8wp2zlycvTc0qWfb6PxPacsmU3sP43p2T5Lbcj88r2QCrT8OHp+53Zgkp5KO/rdAAAgH1R2RX2twoBAABgP3286AmwGKWYPsqcPgvOvnl//9Hm8V3HAAAAgEOotOgJAAAAAI9cVv/7/T8AAAB4vOW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3kpg1EcQB+NhjoPxVV3fcq3cExeoQuuywcoJfgCPQKuQBnILvss4kgwh4hOQIpCuNYoO+TbDM2+s0MsHljYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSfbWe///749+lObv9ZfLMBgAAADhlW63n9Ytp0/6Uzn9Jp76ldhERZUScqt0HMWplDlJOdeb91Ysx3EXUCYc+xmn7GBE/0/b0tetPAQAAAG7XZrmaNdV6s5v2PSDeU7NoU37+lSmviIhq+pAprTzsvmcKq3/fw/iTKa1ewJpkCmuW3Ianr41yddI2aB3STCaL+kusW2U3/QIAAH1qVwJnqhAAAABuwO++B0A/iuPueJ9x3BzSDcEPrRYAAABwhYq+BwAAAAB0rq7/r+H5f4/+lgAAAABv1jz/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/V8s1zNzl1fvDJnt79MvhkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8sz/3KBACYQxAs4u/ncz9DysRLa1t3oOBkDDFBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8OZ3v/yfcDVHkqltw9x6JFk6NaydGrbODXs/jK+vAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABO9uclBUIgCKJgzvjfSd//sJKgZxAhAhoeVdSiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+6He//J+YGmeSudPG0vFIsnbV2Lpq7D1oHD0Yb/8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudu6fN24yDAD4c77z9Q8gQkAZAqhIDLDQ5FpaOsIAihj4CEhReimBK4U2A60iUBaYUOYuCEaEkEBh63fo3EhdytYhQ5CYQfbZV7e90qM09tH8ftJ773O2877P67OiPLETAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKO2+Ey8lRdzOXmaGcbntxt7GStbv3NNnrm3dnM9aFrceNtE3bz/+5Kfby9U3x+Yqb76qPxkAAAAOhnZZ30fErXR7KeuTmbz+T8tjspr/+2eGcVnP31v37+xtHC52zZf1/2+/3n5hNNHMcJ5s0NW1QX/x/lQ6+7TEqffsQ4/o5Gc+/91LO/9Akvc3n99N8/PZ+vb69Xe7eXiojmwBgEdxvOyLoPx5KOt7TSYGwIHRqRTeZf3fnmk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA67G7GU2Xcioj5zp04s7O3sTKuv7Z1c75sp69e3aqOmQ2RRsTq2qCf1riWaXfp8pVPlgeD/sWxQcQDd/334FhE7M/IDwhizK4PJ/jyiH8+prg8o55V/LugNR1pNBokxedTbOnWe9Xtb1Bee49/5Ia+IQEA8MRKi5bV9bfS7aVsW2s24q8f7q7/X6vEMWH9f/uj0zeqc1Xr/15tK5x+C+vnP1u4dPnKG2vnl8/1z/U/ffNE763eyTOnTp1ZyM7V4sJqJP3FptMEAADgf6xbtGr9n8zef///aCWOCev/z7/rfVmdq63+H+vOTb+mMwEAADiIuqPouVf+/KM15ohWtxtfLK+vX+wNX0fvTwxfa033ER0qWrX+b882nRUAAABQh93N1l33/89W4pjw/v/TP774c3XMdkQcibgQEf3jKxcGZ+tbzlSr4w+V84m6Ta8UAACAphwpWvX+f5o//5+MHnlIIuL1V4dx+b+uJqn/2+99/VN1rurz/yfrW+JUSuaG5yPv5yI6c01nBAAAwJPscNGyYv/3dHvp41+OftD1/D8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3f4OAAD//1AjNPw=")
mknod$loop(&(0x7f00000001c0)='./file0\x00', 0x1000, 0x1)

9m30.755173326s ago: executing program 4 (id=3129):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "2af01c3d0040fbffffffffffffff00"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000180)={0xdf6, 0x0, 0x4, 0xffffffff, 0x4, "9b763ab700f2347372001b000000000800ec00"})
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000140)=0xd)

9m30.576875477s ago: executing program 4 (id=3133):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x400, &(0x7f0000000000)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x1, 0x4a6, &(0x7f0000000a40)="$eJzs3c9rXNUeAPDvzDRpkua9/niPR9sHr4U+6HtKM/mBNFEXulIXBbHgRqHGZBprJpmQmdQmdJHqrgsXoiiIC/f+BW7syiKIa92LC6lojaCCMHLvzKT5NXXQNAO5nw/czrn33M73nAzfw51z750bQGadTv7JRQxGxBcRcbixunmH042XtbvXp5IlF/X6xe9z6X7JemvX1v87FBGrEdEXEc89FfFybnvc6vLK7GS5XFpsrhdrcwvF6vLKuStzkzOlmdL8yPj5iYnx4bHRiV3r6803X7154eNnej/6+Y07t9/69JOkWYPNuo392E2NrvfE0Q3bDkTE4w8iWBcUmv3p73ZD+FOSz+8fEXEmzf/DUUg/TSAL6vV6/bf6wXbVq3Vg38qnx8C5/FBENMr5/NBQ4xj+nzGQL1eqtYcvV5bmpxvHykeiJ3/5Srk03PyucCR6csn6SFq+tz66ZX0sIj0GfrvQn64PTVXK03s71AFbHNqS/z8VGvkPZISv/JBd8h+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kMmPXvhQrLUW/e/T19dXpqtXD03XarODs0tTQ1NVRYXhmYqlZn0np25P3q/cqWyMPJILF0r1krVWrG6vHJprrI0X7uU3td/qdSzJ70COnH01K2vchGx+mh/uiR6m3VyFfa3ej0X3b4HGeiOQrcHIKBrTP1BdvmOD+zwE72b9LWrWNj9tgB7I9/tBgBdc/aE83+QVeb/IbvM/0N2OcYHzP9D9pj/h+wabPP8r79teHbXcET8PSK+LPQcbD3rC9gP8t/mmsf/Zw//d3BrbW/ul/QUQW9EvPb+xXevTdZqiyPJ9h/Wt9fea24f7Ub7gU618rSVxwBAdq3dvT7VWvYy7ndPNi5C2B7/QHNusi89Rzmwltt0rUJul65dWL0REcd3ip9rPu+8ceZjYK2wLf6x5muu8RZpew+kz03fm/gnNsT/z4b4J//yXwWy4VYy/gzvlH/5NKdjPf82jz+Du3TtRPvxL78+/hXajH+nOozxygevf9M2/o2IkzvGb8XrS2NtjZ+07WyH8e+8+Py/2tXVP2y8z07xW5JSsTa3UKwur5xLf0dupjQ/Mn5+YmJ8eGx0opjOURdbM9XbPXb889v36/9Am/jt+v9Es03/77D/v/77sxdO3yf+/87s/PkfaxM/0R8RD3UY/8fRr19qV5fEn27T//x94ifbxjqMX33n6YMd7goA7IHq8srsZLlcWlRQUFBYL3R7ZAIetHtJ3+2WAAAAAAAAAAAAAJ3ai8uJu91HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID94PcAAAD//5j81ps=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
creat(&(0x7f0000000340)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x42)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x13, 0x0, "ef359f41a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4eb4b78c66ee677df701905b9aafab4ffffffff00", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a004000"})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x2)
pwrite64(r1, &(0x7f0000000140)='2', 0x1, 0x8000c61)

9m30.17672005s ago: executing program 4 (id=3146):
mknodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0/file0/file0\x00', 0x81c0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000000201fd"], 0x14}, 0x1, 0x0, 0x0, 0x8094}, 0x4)

9m30.071219571s ago: executing program 4 (id=3150):
iopl(0x3)
keyctl$dh_compute(0x17, &(0x7f0000000100), 0x0, 0x0, 0x0)

9m30.011745702s ago: executing program 33 (id=3150):
iopl(0x3)
keyctl$dh_compute(0x17, &(0x7f0000000100), 0x0, 0x0, 0x0)

19.442296572s ago: executing program 5 (id=4779):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="4000000010003b0c"], 0x40}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

18.36784661s ago: executing program 5 (id=4783):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000280), 0x0, 0x8496, 0x2ca1a37b)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x17, &(0x7f0000000180)=0x6, 0x4)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x17, &(0x7f0000000140)=0x4808009, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
getpid()
sched_setaffinity(0x0, 0xfffffdfc, &(0x7f0000000580)=0xf52)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_emit_ethernet(0x4e, &(0x7f0000000f80)=ANY=[], 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000640), 0x4)
io_setup(0x20, &(0x7f0000001140))
socket$inet_tcp(0x2, 0x1, 0x0)
unshare(0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)
socket$packet(0x11, 0x2, 0x300)

17.254584689s ago: executing program 5 (id=4788):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x474c, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e20, @multicast2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x10050, &(0x7f0000000800)={[{@jqfmt_vfsv1}, {@nouid32}, {@jqfmt_vfsv0}, {@norecovery}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
syz_open_dev$usbfs(0x0, 0x12, 0x0)
chdir(&(0x7f0000000700)='./file2\x00')
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000200)=0xc, 0x4)
setsockopt$inet_int(r0, 0x0, 0x7, 0x0, 0x0)

15.748074561s ago: executing program 5 (id=4792):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
add_key$fscrypt_v1(0x0, 0x0, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r3 = dup(r1)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

15.612353571s ago: executing program 5 (id=4793):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x474c, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e20, @multicast2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x10050, &(0x7f0000000800)={[{@jqfmt_vfsv1}, {@nouid32}, {@jqfmt_vfsv0}, {@norecovery}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
syz_open_dev$usbfs(0x0, 0x12, 0x0)
chdir(&(0x7f0000000700)='./file2\x00')
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000200)=0xc, 0x4)
setsockopt$inet_int(r0, 0x0, 0x7, 0x0, 0x0)

12.896017312s ago: executing program 5 (id=4803):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xe, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r1}, 0x10)
rt_sigaction(0x7, &(0x7f00000000c0)={&(0x7f0000000040)="0f380bc66a7df340f6430000c4229d9d2fc40201049800000000652ef30f1633670f6fd2650fd1589365260ff515f1ff00006466420f43cb", 0xc0000004, 0x0}, 0x0, 0x8, &(0x7f00000001c0))
syz_io_uring_setup(0x0, 0xfffffffffffffffe, 0x0, 0x0)
socket(0x27, 0x80802, 0x1)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r4}, &(0x7f0000000080), &(0x7f00000006c0)='%-010d \x00'}, 0x20)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r6 = dup(r3)
write$FUSE_BMAP(r6, &(0x7f0000000100)={0x18}, 0x18)
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000880)={0x9, 0x0, [{0x3000, 0x4, &(0x7f0000000200)=""/4}, {0x100000, 0x8c, &(0x7f00000002c0)=""/140}, {0x6000, 0x4e, &(0x7f0000000380)=""/78}, {0x4, 0x69, &(0x7f0000000400)=""/105}, {0x3000, 0xb9, &(0x7f00000004c0)=""/185}, {0xd000, 0x9, &(0x7f0000000580)=""/9}, {0x100000, 0x4f, &(0x7f0000000640)=""/79}, {0x5000, 0xb7, &(0x7f0000000700)=""/183}, {0x100000, 0x83, &(0x7f00000007c0)=""/131}]})
write$FUSE_DIRENTPLUS(r6, &(0x7f0000000480)=ANY=[@ANYBLOB="98"], 0x298)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r6}})

6.828807479s ago: executing program 1 (id=4826):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0xbf, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000280)={'#! ', './file0', [], 0xa, "e8a4fd54f402d4dd6b88631d2540aef94bb115710095b5d6907595e3fdacaf"}, 0x2a)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x18)
r0 = add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffb)
add_key(0x0, &(0x7f0000000400)={'syz', 0x3}, &(0x7f0000000080)="00000102", 0x4, r0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000000)={'veth1_to_bond\x00', &(0x7f00000004c0)=@ethtool_per_queue_op={0x4b, 0x7}})
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0x10000001})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, &(0x7f0000000600))
fdatasync(r1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
timer_settime(0x0, 0xc2a9019e9b3c5d83, &(0x7f0000000000)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
ftruncate(r1, 0x5)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000440)={r1, 0x20, &(0x7f0000000400)={&(0x7f00000003c0)=""/5, 0x5, 0x0, 0x0}}, 0x10)
socket(0x10, 0x3, 0x9)

6.822721668s ago: executing program 1 (id=4828):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000003000000010000f8ffffffb702000008000000b7030000040000008500000006000000850000005000000095000000000000000855f575011fe16937e5d8580420c4a14fe49c90c3c381acb335f6b9d350cdf26c57d6d40f88a3d0178b26b13389220f0a09612624ca2cfd590fdcbf6160769afad2e077e3f63b8db43914ab74745a00bb4cd23fa6d9cf99dbc309e14fff6706ec64ee841c1c1c6786c75d892a72afed6bffaf38d5"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r2}, 0x10)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
r5 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000180)={0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
setfsuid(r6)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
pipe2$9p(&(0x7f0000000280), 0x84000)
socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3000010, &(0x7f0000000000), 0x3e, 0x523, &(0x7f0000000680)="$eJzs3d9rZFcdAPDvvclks7upSVWkFqzFKrtFd2bT2DaIaH3Rp4K6vseYTELITCZkJnUTik3xPxBBwSeffBH8A0Tpg3+AFBb0RXwQFUXsVh8EtVfunTs0P2aSSJOZbebzgZM55/76nnOHOXPvnZN7AxhbT0fESxExERHPRsRsOT0t01JeOOgu9/bDV1fylESW3ft7Ekk5rbetvDwZETe7q8R0RHz9KxHfSk7Gbe/tby43GvWdslzrNLdr7b39OxvN5fX6en1rYWH+hcUXF59fvJuV3lM753qZn3z5C7/8zLf/sPTX29/Jq/X5j0QljrXjInWbXin2RU++j3YuI9gITJTtqYy6IgAAnEt+jP/BiPhEcfw/GxPF0dwxE6OoGQAAAHBRsi/OxH+SiAwAAAC4stKImIkkrZZjAWYiTafKawMfjhtpo9XufHqttbu1ms+LmItKurbRqN8txwrPRSXJy/PlGNte+blj5YWIeDwivj97vShXV1qN1RFf+wAAAIBxcfPY+f8/Z9Mif7Y+/ycAAAAAPLrmBhYAAACAq+Icp/xTw6gHAAAAcHmOn/+73z8AAABcKV99+eU8Zb3nX6++sre72Xrlzmq9vVlt7q5UV1o729X1Vmu9uGdf86ztNVqt7c/G1u79Wqfe7tTae/tLzdbuVmdp48gjsAEAAIAhevzjb/w2iYiDz10vUpT3AQQ44k+jrgBwkQz1g/HlLt4wviqjrgAwcskZ8w3eAQCA979bHz35+3/vXn+uDcDVZqwPAIwfv//D+KoYAQhja7K8BvCBbvHaoOUG/v7/66PFX9wbtGCWRbw5e3iK64sAADBcM0VK0mp5HjATaVqtRjwWkc5FJVnbaNTvlucHv5mtXMvL88WayZljhgEAAAAAAAAAAAAAAAAAAAAAAACArixLIgMAAACutIj0L0nEwKcATiX/mo0/l4Uf3fvB/eVOZ2c+n/5W8SyvqYjo/LCc/tzAx4cBAAAAFy05GDire55evs4PtVYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjIG3H7660kvDjPu3L0XEXL/4kzFdvE5HJSJu/COJyUPrJRExcQHxD16PiCf6xU/inSx7Lcpa9It//ZLjzxW7pn/8NCJuXkB8GGdv5P3PS/0+f2k8Xbz2//xNlum9Gtz/pWXkJ4p+rl//89iJrTX7xnjywc9q3VzlZPzXI56c7N//9PrfZED8Z05s7d9Zlp2M/81v7O8Pan/244hbfb9/kiOxap3mdq29t39no7m8Xl+vby0szL+w+OLi84t3a2sbjXr5t2+M733s5+8Mip+3/0af+L//Xbf/Pa39nxy00WP+++D+ww91syfegDz+7Wf6fv9Ox4D4afnd96kyn8+/1csfdPOHPfXTN586rf2rA/b/We//7XO2/9mvffeP51wUABiC9t7+5nKjUd85JTN9jmXej5lfTT8S1fg/M9lr3Xdu4DJvPcgKo6/qqZn8aPXdKb1WPQIVO5QZzj68VhzPn3etqSG1faTdEgAAcAnePegfdU0AAAAAAAAAAAAAAAAAAABgfA3jVmrHYx6MpqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKf6XwAAAP//lLLhYQ==")
fallocate(0xffffffffffffffff, 0x8, 0x4, 0x2)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x105042, 0x189)
write$binfmt_format(r8, &(0x7f0000000000)='1\x00', 0x2400)
sendmsg$NL80211_CMD_GET_WOWLAN(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x30}}, 0x0)

5.627478078s ago: executing program 1 (id=4832):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
accept(r2, 0x0, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e0000000400000008000000"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
socket$vsock_stream(0x28, 0x1, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
r6 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000300), 0x1, 0x0)
epoll_wait(r6, &(0x7f0000000340)=[{}, {}, {}], 0x3, 0xfff)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x340, 0x0, 0x4c, 0x1a, 0x0, 0x73, 0x270, 0x258, 0x258, 0x270, 0x258, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @local, [], [], 'wg2\x00', 'macvlan1\x00', {}, {}, 0x11}, 0x0, 0x110, 0x140, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x2, 0x0, 0x6}}, @common=@unspec=@connbytes={{0x38}, {[], 0x3}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0xa}}, {{@uncond, 0x0, 0xf8, 0x130, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3a0)
syz_usb_connect$printer(0x1, 0x36, &(0x7f00000008c0)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x8, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x9, 0x30, 0xe, [{{0x9, 0x4, 0x0, 0x90, 0x2, 0x7, 0x1, 0x3, 0x3, "", {{{0x9, 0x5, 0x1, 0x2, 0x8, 0x8, 0xfd, 0xfa}}, [{{0x9, 0x5, 0x82, 0x2, 0x8, 0x0, 0x3, 0x8}}]}}}]}}]}}, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, 0x2, [{0x0, 0x0}, {0x0, 0x0}]})

3.965677031s ago: executing program 6 (id=4835):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000006c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@noblock_validity}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000008000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket(0x1e, 0x80004, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x7, 0x0, 0x1000004}, 0x10)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r4 = dup3(r3, r2, 0x0)
recvmmsg(r4, &(0x7f0000004580)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000600)=""/179, 0xb3}], 0x1}, 0xffffffff}], 0x1, 0x40000001, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000440)='sched_switch\x00', r1}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, {{0x2, 0x0, @local}}, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0xffffffffffffff7c)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0)
process_mrelease(0xffffffffffffffff, 0x1000000)
write$binfmt_script(r6, &(0x7f0000000000), 0x208e24b)

3.656452883s ago: executing program 6 (id=4838):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x5}}, 0x18)
getresuid(&(0x7f0000000180), &(0x7f00000002c0), &(0x7f0000000380)=<r3=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access=', @ANYRESDEC=r3])
syz_mount_image$fuse(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x33402, &(0x7f0000000880)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}, {@allow_other}, {@allow_other}, {@allow_other}, {@allow_other}, {@max_read={'max_read', 0x3d, 0x10}}], [{@euid_gt={'euid>', r3}}, {@seclabel}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}]}}, 0x1, 0x0, &(0x7f0000000980)="fc3c5bae01ccf37901942bae15e249a862f8e7dd3c8d238fb92278ac140aca82c4008bbb7ad35e483c83af6ef5b3386d04865f6af74c8de6fce9b3e5191715c9bec35412697c17bf2839bafec2be320914f8e4c8c66b545a27ac84c55b11b18598b827da56e0f57a4ff9068cfc08d6aa12e5f678eca20cc3ffc89ed1f29176d866d2c848eeea87b83708e9865492ddcb84f625761d907ea0c9769f488adb7e9a7f135bf50e3483fcc16c69182668733f827795f3db394f30e6d65d6cfba8ed942f265b3fbd0d2b9aae818fd5e178ed224abad43043")
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0b0000000500000000040000090000000100000063e9f9069063b3c0a6ee02a4e628c6777086be0e9864f6853c676da1c471c1a1cf4da4734eff490d5887d4165a3d0b1f28598c07d233a0d928e489eb467c29fe59c8a1d8342f8b68d6ecfaa4617ef9b7cd5baa5d4fb92c08ac588a180ed14623086002ad5be04961fcda1a1d8d79ba9f1fe051fad2aaa84c2d879396e5bf44f4758f836467a9d44d0c37125d98720d71f186f5009a6612c6093c38b56767c3ed10", @ANYRES32, @ANYBLOB="bf00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r4, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000280)={'#! ', './file0', [], 0xa, "e8a4fd54f402d4dd6b88631d2540aef94bb115710095b5d6907595e3fdacafe8ad00"}, 0x2d)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r5}, 0x10)
r6 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
add_key(&(0x7f00000003c0)='dns_resolver\x00', &(0x7f0000000400)={'syz', 0x3}, &(0x7f0000000080)="00000102", 0xfffff, r6)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f0000000000)={'veth1_to_bond\x00', &(0x7f00000004c0)=@ethtool_per_queue_op={0x4b, 0x7}})
epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0x10000001})
fdatasync(r7)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
timer_settime(0x0, 0xc2a9019e9b3c5d83, &(0x7f0000000000)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
ftruncate(r7, 0x5)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000440)={r7, 0x20, &(0x7f0000000400)={&(0x7f00000003c0)=""/5, 0x5, 0x0, 0x0}}, 0x10)
socket(0x10, 0x3, 0x9)

3.296791866s ago: executing program 6 (id=4840):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r0 = syz_open_dev$vcsu(&(0x7f0000000000), 0x5, 0x200)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mincore(&(0x7f0000bfd000/0x400000)=nil, 0x400000, &(0x7f0000000140)=""/145)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r4=>0x0})
connect$can_bcm(r3, &(0x7f00000000c0)={0x1d, r4}, 0x10)
sendmsg$can_bcm(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000005506000000000000", @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0)
sendmsg$can_bcm(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x48}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c00)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x6c, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x3c, 0x2, {{0xd730, 0x9, 0x101, 0x4, 0x106, 0x7}, [@TCA_NETEM_RATE64={0xc, 0x8, 0x37b644e4270a48dc}, @TCA_NETEM_RATE={0x14, 0x6, {0x4, 0x1, 0x9, 0x2}}]}}}]}, 0x6c}}, 0x44080)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r6, 0x2000000, 0xe, 0xffffffffffffffd4, &(0x7f0000000200)="493c1300"/14, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.219360166s ago: executing program 6 (id=4841):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x4, &(0x7f0000000180)={0x0, &(0x7f0000000080)})
fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r0, 0x0, 0xffdd)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r2 = dup(r1)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x2000000, @mcast2, 0xffffffca}, 0x1c)
sendmsg$nl_route(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0xbd6fc070f26a861f}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=@ipv4_delrule={0x34, 0x21, 0x10, 0x70bd28, 0x25dfdbfc, {0x2, 0x0, 0x14, 0x5, 0x7, 0x0, 0x0, 0x5, 0x2}, [@FRA_SRC={0x8, 0x2, @loopback}, @FRA_SRC={0x8, 0x2, @remote}, @FRA_SRC={0x8, 0x2, @multicast1}]}, 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2.930315008s ago: executing program 3 (id=4842):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r0, 0x0, 0xffdd) (fail_nth: 1)

2.822867869s ago: executing program 6 (id=4843):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c02000100000000000040000200000000050005"], 0x80}}, 0x0)
sendmmsg(r0, &(0x7f0000000180), 0x400008a, 0x0) (fail_nth: 1)

2.437997192s ago: executing program 1 (id=4844):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="4000000010003b0c00", @ANYBLOB="00db000000400000200012"], 0x40}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2.392224702s ago: executing program 6 (id=4845):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r4 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000300), 0x1, 0x0)
epoll_wait(r4, &(0x7f0000000340)=[{}, {}, {}], 0x3, 0xfff)
syz_usb_connect$printer(0x1, 0x36, &(0x7f00000008c0)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x8, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x9, 0x30, 0xe, [{{0x9, 0x4, 0x0, 0x90, 0x2, 0x7, 0x1, 0x3, 0x3, "", {{{0x9, 0x5, 0x1, 0x2, 0x8, 0x8, 0xfd, 0xfa}}, [{{0x9, 0x5, 0x82, 0x2, 0x8, 0x0, 0x3, 0x8}}]}}}]}}]}}, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, 0x2, [{0x0, 0x0}, {0x0, 0x0}]})

2.391943013s ago: executing program 3 (id=4846):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
close(r0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001e80)={&(0x7f0000000180)=@abs={0x1, 0x5c, 0x1}, 0x6e, 0x0}, 0x20000)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x5}, {0xffff, 0xffff}, {0x0, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x200400dc}, 0x4000080)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000ff000000"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="1809000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000080850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r4}, &(0x7f0000000540), &(0x7f0000000580)=r5}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r4, &(0x7f0000000780)}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1000000004000000080000000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000ad7e195a0000000000000000000000000000001000000000"], 0x48)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000380)={[{@test_dummy_encryption}, {@i_version}, {@stripe={'stripe', 0x3d, 0x7}}, {@commit={'commit', 0x3d, 0x5}}, {@inlinecrypt}, {@data_err_ignore}, {@max_batch_time}, {@noblock_validity}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32, @ANYBLOB], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70200001400f400b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
socket$nl_xfrm(0x10, 0x3, 0x6)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r8, 0x0)
fdatasync(r8)
ioctl$AUTOFS_IOC_EXPIRE(r1, 0x810c9365, &(0x7f0000000a40)={{0x0, 0x2}, 0x100, './file0\x00'})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ftruncate(r8, 0x81ff)
futex(0x0, 0x0, 0x0, &(0x7f0000000180)={0x77359400}, 0x0, 0x2)
ioctl$TUNGETVNETLE(r0, 0x40047451, &(0x7f0000000180))

2.391398203s ago: executing program 2 (id=4847):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x26, 0x75b, &(0x7f0000000d40)="$eJzs3M9rHOUbAPBnptmmP/L9bgTBHwcRWmihdJM0IO2p8eKtUCh4rSGZhJBJNmQ3tRsLtp6F2lwUBFHPHr0Kpf4B3qSg4F0QrfEgXlZms0lpmt1um6Qr6ecDk3ne+fW8T3Z4swN5J4AX1pvFjyRiKCIuR0S5vT2NiMOt6EjEzY3j1h/cmCqWJJrNK78nxWmx3ixvXStpr49H65R4NSLulSLOfPR43lpjdX4yz7PldnukvrA0Umusnp1bmJzNZrPFsfELo+fHx8+Pjj+xhld6rPXkuxeO3vnhnbW1H7+t335j4GwSE626o11bj5d5Khu/k1JMtNuH2uvF/UjWR0m/OwAAQE/S9nfSgda31HIcakUAAADAQdIcbAIAAAAHXhL97gEAAACwvzb/D2Bzbu9+zYPt5Le3I2J4p/wDrTnEEUeiFBHH1pNHZiYkG6fBrty8FRF3J7bff18Xd9jNXV57dFv70TnSh3d5dfbC3WL8mdhp/Em3xp/YYfwZ2Hx3wi51Hv8e5j/UYfy73GOO7754rdQx/62I1wcey//Ww/v/SCvXTvnf6zH/7bWP73Ta1/wq4tSOf3+SR3J1eT/ExMxc3vX1A/f+OX2/W/3HOuVPute/1GP9H6z/Od9pLCnynz7R/fPfKX9xT3zS7kcaEXfa66K9ti3HiYWfvu9W/3REc6f6n/T5f9lj/b98M3i9x0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgJY2IoUjSylacppVKxPGIeDmOpXm1Vj8zU11ZnC72RQxHKZ2Zy7PRiChvtJOiPdaKH7bPbWuPR8RLPx/dSDqXZ5Wpaj7d7+IBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYcjwihiJJKxGRRsRf5TStVCIGejh38Dn0DwAAANgjw/3uAAAAALDvPP8DAADAwfesz//JHvcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONAuX7pULM31Bzemivb0tcbKfPXa2emsNl9ZWJmqTFWXlyqz1epsnlWmqgtPul5erS6NXYiV6yP1rFYfqTVWry5UVxbrV+cWJmezq1npuVQFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA0xpqLUlaiYi0FadppRLxv4gYjlIyM5dnoxHx/4i4Xy4NFu2xfncaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAPVdrrM5P5nm2LBAInlvwYUT8B7rRJej3yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQD/UGqvzk3meLdf63RMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6K/01iYhiOVU+ObR97+Hk73JrHRHvf37l0+uT9fryWLH9j63t9c/a28/1o/8AAADwQrj4NAdvPqdvPscDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qtZYnZ/M82x5d8HFaKw2kw7H9LtGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg2fwbAAD//2Wnx3E=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0xe0000)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000380)={[{@test_dummy_encryption}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@stripe={'stripe', 0x3d, 0x7}}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x8, 0x0, 0xffff7ffc, 0x0, 0x0, 0x0, 0x6b, 0x0, 0x9, 0x9, 0x0, 0x3, 0x80000000, 0x0, 0xfd, 0x7, 0xfd, '\x00', 0x0, 0x6})
ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, &(0x7f0000000080)={0x40000, 0x0, [0x1, 0x7fffffff, 0x3, 0x6, 0x7fffffff, 0x9, 0x9025, 0x8]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r7 = dup(r6)
write$FUSE_BMAP(r7, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r7, &(0x7f0000000480)=ANY=[@ANYBLOB="9802"], 0x298)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000003c0)='kmem_cache_free\x00', r9}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r7])
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)

1.838201967s ago: executing program 3 (id=4848):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000e8ff0047e9315b198de7000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r2}, 0x10)
socketpair(0xa, 0x1, 0x0, &(0x7f0000000000)) (fail_nth: 1)

1.557388239s ago: executing program 1 (id=4849):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="4000000010003b0c00", @ANYBLOB="00db000000400000200012"], 0x40}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1.513161479s ago: executing program 3 (id=4850):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="870000c96884ab9dd53deed8b78277b157000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffdeffffe]}, 0x0, 0x8)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0xfea3)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYRES64=r0, @ANYRES32=r0, @ANYRES64=r0], 0x1c}, 0x1, 0x0, 0x0, 0x81}, 0x20000890)
gettid()
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = open_tree(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x900)
setsockopt$MRT_ADD_MFC(0xffffffffffffffff, 0x0, 0xcc, 0x0, 0x0)
setsockopt$MRT_DEL_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd3, &(0x7f00000000c0)={@multicast2, @multicast1, 0x0, "c6c0e6ec8755b5dc4e305886d95f086707764f8d0e5a0358ea21274f844a69e9"}, 0x3c)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r5}, 0x10)
r6 = getpgrp(0x0)
tgkill(r6, r6, 0x12)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
rt_sigtimedwait(&(0x7f0000000240)={[0xffffffffffffffff]}, 0x0, 0x0, 0x8)

1.219365381s ago: executing program 2 (id=4851):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000500)=ANY=[@ANYBLOB="99f3f35cc379253d8504e714b9142e331923bc73bea93f893dd0963f83545aebe47f4bccae528ce3a0917f1cdef81e3e77ca768ec242b754a69560552f661598c5d1e7c695f6b26c7654cae0b1bfda62a261c1fc3e48da1b2ea40082b712e94427e74b2a3a00ca82abd8edfae69e2b08393167e9672d5483458b9c13c2292255a3cdecd4dbf80a270c554a0713a4c2cbb7b8917c58f6947450ff23f9bf951d6259cde38cecb8a47e4bcdb6ee30dbc9b150a618ddc73719998f569e73d914feda24298140fafecd8ea1eb2e8132a2f41e52f2b20eb1ddea2f086ff15879a6920f5777399016e2f8adaa97ff487ae5ed06a2b90e1b15bf55e88e"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xff4a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r1}, 0x10)
rt_sigpending(0x0, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141b82, 0x0)
ioctl$AUTOFS_IOC_SETTIMEOUT(r0, 0x80049367, &(0x7f0000000040)=0x6bfb)
write$cgroup_int(r2, &(0x7f0000000000)=0x700, 0x12)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0xd, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="180200000000000000000000ffffffff851000000100000095000000000000001800000020646c2500000000002020207b1af8ff00000000bda100000000000007010000f8ffffffb702000008b19200b703000000000000850000006000000095"], &(0x7f0000000a00)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000000, @void, @value}, 0x94)
r3 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0x24, 0x24, 0xd0f, 0xfffffffd, 0x25dfdbfe, {0x60, 0x0, 0x0, 0x0, {0x0, 0x2}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
pipe(&(0x7f0000000140)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
splice(r7, 0x0, r6, 0x0, 0x33fe0, 0x1)
write$cgroup_devices(r8, &(0x7f00000001c0)=ANY=[@ANYBLOB="551e"], 0x8)

1.115693322s ago: executing program 2 (id=4852):
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x8000, 0x0, 0x3, 0x0, 0x0)
rename(&(0x7f0000001cc0)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000180)='./file0\x00')
syz_mount_image$f2fs(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x1018852, &(0x7f0000000c80)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c64697361626c655f726f6c6c5f666f72776172642c636865636b706f696e743d64697361626c652c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c6167655f657874656e745f63616368652c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d31383434363734343037333730393535313631352c7375626a5f747970653d64697361626c655f726f6c6c5f666f72776172642c64697273796e632c0099db002f7e4cfa65201ac47bc68964f76e5afaa97a30ae41999542c660d822b29b43df339aa3fe5fb1c232d23d9c9fe9c5239721e8ef9ba2822d200581cf04c1516bfab60ff18058a3e4ce9dea7b670d014fe002061bf5b6fad9e97fdbe857f54c274b28179c0b8abb4e"], 0x1, 0x551c, &(0x7f00000079c0)="$eJzs3M1rI/UbAPAn7Xbff/sr4sHbDixCC5uw6b6gt1V38QW7lFUPnjRN0pDdJFOaNK296MGjePDsPyEKnjz6N3jw7E08KJ4UVjIz0W1VEJom3e3nA5Nn5pvvPPN8Qyk8MyEBnFiLya8/l+JSnIuI+Yi4GJHtl4otczsPz0XE5YiYe2wrFeN/DpyOiPMRcenRh+PTS8Vbn10dXrn50xu/fPPdmVMXvvj6+5ksGDgWno+I7ma+v9PNY9rK44NivDZsZ7F7Y1jE/I3uw+I4zeNOcz3LsFMbz6tl8Xorn59ubvdHcaNTq49iq72RjW/28gv2h61xnuyEB7Wt7LjRXM9iu59msbWX17W7l/+/3OsP8jyNIt8HWfoYDMYxH2/uNvP1bD7MYr03KMbzvGmjuTuKwyIWl4t62mlkdawf5pM+3t5s97Z3k2Fzq99Oe8nNSvWFSvVWubqVNpqD5o1yrdu4dSNZanVG08qDZq17u5WmrU6zUk+7y8lSq14vV6vJ0p3mervWS6rVyvXKtfLN5WLvavLqvXeSTiNZGsWX273tQbvTTzbSrSQ/YzlZqVx/cTm5Uk3eWl1L1u7fvbu69vZ7d96999Lq668Uk/5WVrK0cm1lpVy9Vl6pLp+g9X9cFD3B9cOhlGZdAMCT5+j6/1HyPKf+Hzjo6Pr/rfsRR9//h/5/Ip6o/vek9/9HsH44FP0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCJ9cPCl69lO4v58YVi/H/F0DPFcSki5iLi0T+Yj9P7cs4XeRb+Zf7CgRq+LUWWYXSNM8V2PiJuF9vv/z/qTwEAAACeXl99dPnTvFvPXxZnXRDTlN+0mbv4/oTylSJiYfHHCWWbG708O6Fk2d/3qdidULbsBtbZCSXLb7mdmlS2/2R+Xzj7WCjlYW6q5QAAAFOxvxOYbhcCAADANH0y6wKYjVKMH2WOnwVn37z/64HguX1HAAAAwLH3+W8HR0qzKQQAAACYoqz/9/t/AAAA8HTLf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiDnfvJVRqI4wD+a6HyR43EuPcq7uAYHsGlS8MBvAQHcIFX8AKcAXcewVBDpyIYFi+v0zbv5fNJyjBN+fZXAouZSQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+vSz2m++f3n/tWvOqe5gEXWepwEAAADuOVb7TfNmlfov2/Ov21Nv234REWVE3Bu+T+LFTeakzan+Xf/t+vrqvxp+RDQJ53vM2mMZER/a4/ebvr8FAAAAeL4O2906jdbTy2rsghhSmrQpX33MlFdERLX6lSmtPOe9yxTW/L6n8TlTWjOBNc8UlqbcprnSHqT5u19m7eZXTZGa8u7HLkVme3YAAGBAk5tm2FEIAAAAQ/o0dgGMo4i/S5mXpcBZatrlvcVNDwAAAHiCirELAAAAAHrXjP8H2v+vtv8fAAAAjCPt/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECfjtV+c9ju1l1zTnU3j7vrsmvZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8If9eTmBEAiDMNi7vm8y+QcrDRqDB6tA+PgbDwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKf87i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H2awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNifkxQKgSCIgvkHJ3Ahff/DSoKeQYQIaHhUUYsGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6XC/fO36NI8m/08bU8Ugyd9VYumqsPWhsPRjJ/vSHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA42bmf1ziqOADgb2Z2trYqrlH2EBEFD3qx221t7U08KMGDf4IQ0m2N3fqjzcGWIubiTXLuRfQoIijx1v8h5wRyibcc9hDBszKzM9nJD3D9NbNJPh948747DPO+bxZCvvNeAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORGb0/iJDt0xnFcnNvce7iU9VuH+szjte35rGVxVGfSJ8OL1Q9Rt7lEAAAAODuSsr4PIeyk6wtZH3fy+j8tr8lq/m+fHsdlPX+47i/7svbP2i8/7z6/P1BnPE5205vLw8Glo6m0/r9ZzrZn/vKKVv7k83cvSf6FxO+tPjdK8+cZfb2x8U47D8/VkS0A8E9cLPsiKH8fyvp+k4kBcGa0KoV3Wf8nnWZzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjDaDU8WcZRCGG+NYkzW3sPl47rH69tz5ft2qNHa+HLyT2zW6QhhJvLw8GlWmcz2+7df3B7cTgc3K0/eCmE0NTobxXTv/3BFBeH0MjzEfxHQVx82bOSz8kIGvyhBADAqZQWLavrd9L1hexcNBfCH98drP9frcRhyvp/98Nrm9WxqvV/v7YZzr7eyp1Pe/fuP3h9+c7ircGtwcdvXO6/2b9y/erV6738XUnPGxMAAAD+nXbRqvV/PHd0/f9CJQ5T1v+ffdP/ojpWov4/1mTRr+lMAAAAzrZnX/79t+iY81G7HT5fXFm52x8f9z9fHh8bSPVvO1e0av2fzDWdFQAAAFCH0Wp0YP3/RiUOU67/P/X9Cz9W75mEEM4X6/8Xlz4Z3qhvOjOtjj8nbnqOAAAANOt80arr/2m+/z/e3/IQhxBee2UcF/8GcKr6P3n3qx+qY1X3/1+pb4ozKe6On0fed0NodZvOCAAAgNPsiaJlxf6v6frCRz9deL9t/z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3f4MAAD//xAOP7U=")
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000240)=@newtaction={0x14}, 0x14}}, 0x100c0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_FWMARK={0x8}, @IFLA_GRE_ERSPAN_VER={0x5}]}}}]}, 0x44}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.sectors\x00', 0x275a, 0x0)
write$FUSE_ENTRY(r1, &(0x7f0000004380)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x2000000000, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x800}}}, 0x90)
fallocate(r1, 0x0, 0x0, 0x1000f8)

642.283196ms ago: executing program 3 (id=4853):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="4000000010003b0c00", @ANYBLOB="00db00000040000020001280"], 0x40}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

640.815126ms ago: executing program 2 (id=4854):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000002c0)={r1}, 0x69)

483.836637ms ago: executing program 1 (id=4855):
socket$inet(0x2, 0x4000000000000001, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r1 = getpid()
wait4(r1, 0x0, 0x40000000, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000001400000018"], 0x44}}, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r6, 0x400452c8, 0x0)
ioctl$FS_IOC_GETFSLABEL(r4, 0x400452c9, &(0x7f0000000100))

424.120768ms ago: executing program 2 (id=4856):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_TSC_KHZ(r1, 0xaea2, 0xffffffffffffffff)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

245.124919ms ago: executing program 2 (id=4857):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_TSC_KHZ(r1, 0xaea2, 0xffffffffffffffff)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 1)

0s ago: executing program 3 (id=4858):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x474c, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e20, @multicast2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x10050, &(0x7f0000000800)={[{@jqfmt_vfsv1}, {@nouid32}, {@jqfmt_vfsv0}, {@norecovery}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
syz_open_dev$usbfs(0x0, 0x12, 0x0)
chdir(&(0x7f0000000700)='./file2\x00')
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000200)=0xc, 0x4)
setsockopt$inet_int(r0, 0x0, 0x7, 0x0, 0x0)

kernel console output (not intermixed with test programs):

22
[ 1602.433881][T20280] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.4614: bg 0: block 40: padding at end of block bitmap is not set
[ 1602.609855][T20285] EXT4-fs error (device loop3): ext4_encrypted_get_link:46: inode #16: comm syz.3.4612: bad symlink.
[ 1603.316565][  T635] kmmpd-loop0: attempt to access beyond end of device
[ 1603.316565][  T635] loop0: rw=14337, sector=128, nr_sectors = 2 limit=64
[ 1603.348158][T20280] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1603.380811][  T635] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[ 1603.481437][T20280] EXT4-fs (loop6): 1 truncate cleaned up
[ 1603.487386][T20280] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1603.497876][T12946] EXT4-fs (loop3): unmounting filesystem.
[ 1603.649332][T13771] EXT4-fs (loop5): unmounting filesystem.
[ 1603.963281][ T5007] usb 3-1: new low-speed USB device number 18 using dummy_hcd
[ 1604.458429][ T5007] usb 3-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1604.537551][ T5007] usb 3-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1604.580695][T20280] EXT4-fs error (device loop6): ext4_encrypted_get_link:46: inode #16: comm syz.6.4614: bad symlink.
[ 1604.656321][ T5007] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1604.665171][ T5007] usb 3-1: string descriptor 0 read error: -22
[ 1604.672352][ T5007] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1604.692819][ T5007] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1604.712065][T20291] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1604.720209][T20291] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1604.747713][T13215] EXT4-fs (loop1): unmounting filesystem.
[ 1604.806385][T19207] usb 4-1: new low-speed USB device number 20 using dummy_hcd
[ 1604.854130][T13526] EXT4-fs (loop6): unmounting filesystem.
[ 1604.922163][T20310] loop6: detected capacity change from 0 to 512
[ 1604.968794][T20310] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1605.029338][T20310] EXT4-fs (loop6): revision level too high, forcing read-only mode
[ 1605.029329][T19207] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1605.029364][T19207] usb 4-1: config 1 interface 0 altsetting 144 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1605.041269][T20310] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1605.056428][T19207] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1605.074111][T20310] System zones: 0-1, 15-15, 18-18, 34-34
[ 1605.082009][T19207] usb 4-1: string descriptor 0 read error: -22
[ 1605.111218][T20310] EXT4-fs (loop6): orphan cleanup on readonly fs
[ 1605.130086][T20310] Quota error (device loop6): v2_read_header: Failed header read: expected=8 got=0
[ 1605.163907][T20310] EXT4-fs warning (device loop6): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1605.185242][T19207] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1605.196436][T19207] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1605.213387][T20310] EXT4-fs (loop6): Cannot turn on quotas: error -22
[ 1605.232514][T20310] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.4620: bg 0: block 40: padding at end of block bitmap is not set
[ 1605.277671][T20310] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1605.292222][T20298] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1605.306995][T20310] EXT4-fs (loop6): 1 truncate cleaned up
[ 1605.326332][T20310] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1605.681317][T20317] EXT4-fs error (device loop6): ext4_encrypted_get_link:46: inode #16: comm syz.6.4620: bad symlink.
[ 1606.276129][T20323] loop1: detected capacity change from 0 to 40427
[ 1606.283162][T20323] F2FS-fs (loop1): Mismatch start address, segment0(0) cp_blkaddr(512)
[ 1606.300443][T20323] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[ 1606.314770][T20323] F2FS-fs (loop1): Ignore s_resuid=0, s_resgid=60929 w/o reserve_root
[ 1606.338121][T20323] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1606.407031][ T2180] usb 3-1: USB disconnect, device number 18
[ 1606.413211][T20323] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[ 1606.421486][T20323] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1606.944572][T18226] usb 4-1: USB disconnect, device number 20
[ 1607.132574][T13526] EXT4-fs (loop6): unmounting filesystem.
[ 1607.566360][ T2180] usb 3-1: new low-speed USB device number 19 using dummy_hcd
[ 1607.675841][T20343] loop5: detected capacity change from 0 to 1024
[ 1607.697946][T20343] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1607.704817][T20343] EXT4-fs: Mount option(s) incompatible with ext2
[ 1607.775060][T20344] fuse: Invalid rootmode
[ 1608.125651][T20337] syz.1.4622: attempt to access beyond end of device
[ 1608.125651][T20337] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1608.139427][ T2180] usb 3-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1608.149827][ T2180] usb 3-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1608.160262][ T2180] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1608.168931][ T2180] usb 3-1: string descriptor 0 read error: -22
[ 1608.180162][ T2180] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1608.199376][ T2180] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1608.236919][T20332] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1608.243963][T20332] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1608.386474][  T635] kmmpd-loop0: attempt to access beyond end of device
[ 1608.386474][  T635] loop0: rw=14337, sector=128, nr_sectors = 2 limit=64
[ 1608.400412][T19340] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[ 1608.567485][  T635] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[ 1608.592956][  T635] EXT4-fs error (device loop0): kmmpd:186: comm kmmpd-loop0: Error writing to MMP block
[ 1608.859745][T19340] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1608.889298][T19340] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1608.960646][T19340] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1609.199724][T19340] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1609.214025][T19340] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1609.232223][T19340] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1609.248460][T19340] usb 6-1: Manufacturer: syz
[ 1609.320981][T19340] usb 6-1: config 0 descriptor??
[ 1609.532732][T20360] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4629'.
[ 1609.554785][  T848] usb 3-1: USB disconnect, device number 19
[ 1610.105761][T20374] overlayfs: missing 'workdir'
[ 1611.212828][T19340] usbhid 6-1:0.0: can't add hid device: -71
[ 1611.230185][T19340] usbhid: probe of 6-1:0.0 failed with error -71
[ 1611.255700][T20380] loop6: detected capacity change from 0 to 256
[ 1611.273279][T20378] loop3: detected capacity change from 0 to 256
[ 1611.282265][T20380] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[ 1611.292237][T19340] usb 6-1: USB disconnect, device number 20
[ 1611.310299][T20378] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[ 1611.316753][T20380] exFAT-fs (loop6): bogus allocation bitmap size(need : 2, cur : 17179869186)
[ 1611.336899][T20378] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[ 1611.633316][  T848] usb 3-1: new low-speed USB device number 20 using dummy_hcd
[ 1611.838253][  T848] usb 3-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1611.868455][  T848] usb 3-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1611.957235][  T848] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1611.965851][  T848] usb 3-1: string descriptor 0 read error: -22
[ 1612.016339][  T848] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1612.025227][  T848] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1612.047258][T20375] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1612.054296][T20375] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1612.510612][T20394] loop1: detected capacity change from 0 to 512
[ 1612.529192][T20394] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1612.601485][T20394] EXT4-fs (loop1): revision level too high, forcing read-only mode
[ 1612.613323][T20394] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1612.621923][T20394] System zones: 0-1, 15-15, 18-18, 34-34
[ 1612.628333][T20394] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1612.634580][T20394] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0
[ 1612.643958][T20394] EXT4-fs warning (device loop1): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1612.658798][T20394] EXT4-fs (loop1): Cannot turn on quotas: error -22
[ 1612.665589][T20394] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.4638: bg 0: block 40: padding at end of block bitmap is not set
[ 1612.680192][T20394] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1612.725054][T20394] EXT4-fs (loop1): 1 truncate cleaned up
[ 1612.745166][T20394] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1613.077512][T20400] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4639'.
[ 1613.086606][T20400] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4639'.
[ 1613.812112][T20402] EXT4-fs error (device loop1): ext4_encrypted_get_link:46: inode #16: comm syz.1.4638: bad symlink.
[ 1614.359262][  T635] kmmpd-loop0: attempt to access beyond end of device
[ 1614.359262][  T635] loop0: rw=14337, sector=128, nr_sectors = 2 limit=64
[ 1614.454402][T19207] usb 3-1: USB disconnect, device number 20
[ 1614.454723][T13215] EXT4-fs (loop1): unmounting filesystem.
[ 1614.483084][  T635] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[ 1614.711100][T20416] loop6: detected capacity change from 0 to 40427
[ 1614.724977][T20416] F2FS-fs (loop6): Mismatch start address, segment0(0) cp_blkaddr(512)
[ 1614.733131][T20416] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[ 1614.742126][T20416] F2FS-fs (loop6): Ignore s_resuid=0, s_resgid=60929 w/o reserve_root
[ 1614.759211][T20416] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1614.864849][T20416] F2FS-fs (loop6): Try to recover 2th superblock, ret: 0
[ 1614.871793][T20416] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[ 1615.222175][T20427] syz.6.4644: attempt to access beyond end of device
[ 1615.222175][T20427] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1616.296365][T19207] usb 7-1: new low-speed USB device number 31 using dummy_hcd
[ 1616.527475][T19207] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1616.546722][T19207] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1617.258468][    C0] bridge0: received packet on gretap1 with own address as source address (addr:96:b8:32:ad:1f:5c, vlan:0)
[ 1617.269786][    C0] bridge0: received packet on gretap1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[ 1617.296642][T19207] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1617.471909][T20452] overlayfs: missing 'workdir'
[ 1618.536839][T19207] usb 7-1: string descriptor 0 read error: -22
[ 1618.553048][T19207] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1618.571774][T19207] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1618.614141][T20438] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1618.621159][T20438] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1618.949292][T19340] usb 6-1: new low-speed USB device number 21 using dummy_hcd
[ 1619.056325][ T2180] usb 2-1: new low-speed USB device number 22 using dummy_hcd
[ 1619.147434][T19340] usb 6-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1619.170724][T19340] usb 6-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1619.190936][T19340] usb 6-1: config 1 interface 0 has no altsetting 0
[ 1619.199626][T20463] netlink: 76 bytes leftover after parsing attributes in process `syz.2.4653'.
[ 1619.217665][T19340] usb 6-1: string descriptor 0 read error: -22
[ 1619.224834][T19340] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1619.243082][T19340] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1619.255875][T20453] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[ 1619.262917][T20453] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[ 1619.272536][ T2180] usb 2-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1619.293501][ T2180] usb 2-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1619.304399][ T2180] usb 2-1: config 1 interface 0 has no altsetting 0
[ 1619.325902][ T2180] usb 2-1: string descriptor 0 read error: -22
[ 1619.334314][ T2180] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1619.348141][ T2180] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1619.357832][T20444] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1619.364849][T20444] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1619.478845][  T635] kmmpd-loop0: attempt to access beyond end of device
[ 1619.478845][  T635] loop0: rw=14337, sector=128, nr_sectors = 2 limit=64
[ 1619.527524][ T2180] usb 2-1: USB disconnect, device number 22
[ 1619.539578][  T635] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[ 1619.722882][T20472] loop1: detected capacity change from 0 to 512
[ 1619.922631][T20472] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1619.989105][   T24] usb 7-1: USB disconnect, device number 31
[ 1619.996651][T20472] EXT4-fs (loop1): revision level too high, forcing read-only mode
[ 1620.015849][T20472] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1620.032030][T20472] System zones: 0-1, 15-15, 18-18, 34-34
[ 1620.038220][T20472] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1620.044480][T20472] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0
[ 1620.053976][T20472] EXT4-fs warning (device loop1): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1620.068659][T20472] EXT4-fs (loop1): Cannot turn on quotas: error -22
[ 1620.075418][T20472] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.4655: bg 0: block 40: padding at end of block bitmap is not set
[ 1620.134661][T20472] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1620.161922][T20472] EXT4-fs (loop1): 1 truncate cleaned up
[ 1620.173658][T20472] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1620.179596][T20474] kvm [20473]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x25
[ 1620.274412][T20474] kvm [20473]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x88a
[ 1620.321899][T20474] kvm [20473]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x25
[ 1620.411035][T20479] loop6: detected capacity change from 0 to 40427
[ 1620.470888][T20479] F2FS-fs (loop6): Mismatch start address, segment0(0) cp_blkaddr(512)
[ 1620.509161][T20479] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[ 1620.786021][ T2180] usb 6-1: USB disconnect, device number 21
[ 1620.857170][T20470] EXT4-fs error (device loop1): ext4_encrypted_get_link:46: inode #16: comm syz.1.4655: bad symlink.
[ 1620.906610][T20479] F2FS-fs (loop6): Ignore s_resuid=0, s_resgid=60929 w/o reserve_root
[ 1620.942261][T20479] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1621.710778][T20479] F2FS-fs (loop6): Try to recover 2th superblock, ret: 0
[ 1621.730625][T20479] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[ 1621.935915][T13215] EXT4-fs (loop1): unmounting filesystem.
[ 1622.186308][ T2180] usb 6-1: new low-speed USB device number 22 using dummy_hcd
[ 1622.377403][ T2180] usb 6-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1622.382078][T20511] syz.6.4657: attempt to access beyond end of device
[ 1622.382078][T20511] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1622.394176][ T2180] usb 6-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1622.413157][T20502] loop2: detected capacity change from 0 to 40427
[ 1622.430353][T20502] F2FS-fs (loop2): Mismatch start address, segment0(0) cp_blkaddr(512)
[ 1622.442870][T20502] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[ 1622.466425][T20502] F2FS-fs (loop2): Ignore s_resuid=0, s_resgid=60929 w/o reserve_root
[ 1622.486321][ T2180] usb 6-1: config 1 interface 0 has no altsetting 0
[ 1622.490948][T20502] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1622.495048][ T2180] usb 6-1: string descriptor 0 read error: -22
[ 1622.526929][ T2180] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1622.535807][ T2180] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1622.595764][T20489] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1622.602785][T20489] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1622.626647][T20502] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[ 1622.635629][T20502] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1623.046320][   T24] usb 4-1: new low-speed USB device number 21 using dummy_hcd
[ 1623.198838][T20522] loop1: detected capacity change from 0 to 512
[ 1623.227141][T20522] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1623.237825][   T24] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1623.259020][   T24] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1623.279335][   T24] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1623.286856][T20522] EXT4-fs (loop1): revision level too high, forcing read-only mode
[ 1623.312477][T20522] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1623.327599][   T24] usb 4-1: string descriptor 0 read error: -22
[ 1623.343945][   T24] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1623.359516][T20522] System zones: 0-1, 15-15, 18-18, 34-34
[ 1623.369194][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1623.378755][T20522] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1623.394720][T20522] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0
[ 1623.404546][T20519] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1623.411571][T20519] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1623.444593][T20522] EXT4-fs warning (device loop1): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1623.489377][T20522] EXT4-fs (loop1): Cannot turn on quotas: error -22
[ 1623.497949][T20526] syz.2.4663: attempt to access beyond end of device
[ 1623.497949][T20526] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1623.515220][T20522] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.4666: bg 0: block 40: padding at end of block bitmap is not set
[ 1623.554527][T20522] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1623.585854][T20522] EXT4-fs (loop1): 1 truncate cleaned up
[ 1623.596365][T20522] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1624.033014][T20532] EXT4-fs error (device loop1): ext4_encrypted_get_link:46: inode #16: comm syz.1.4666: bad symlink.
[ 1624.355158][ T5007] usb 6-1: USB disconnect, device number 22
[ 1624.401464][T20535] loop5: detected capacity change from 0 to 512
[ 1624.446478][T13215] EXT4-fs (loop1): unmounting filesystem.
[ 1624.463915][T20535] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1624.511050][T20535] EXT4-fs (loop5): revision level too high, forcing read-only mode
[ 1624.526060][T20535] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1624.546239][T20535] System zones: 0-1
[ 1624.546341][  T635] kmmpd-loop0: attempt to access beyond end of device
[ 1624.546341][  T635] loop0: rw=14337, sector=128, nr_sectors = 2 limit=64
[ 1624.564441][T20535] , 15-15, 18-18, 34-34
[ 1624.576948][T20535] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1624.596479][  T635] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[ 1624.604912][T20535] Quota error (device loop5): v2_read_header: Failed header read: expected=8 got=0
[ 1624.628533][T20535] EXT4-fs warning (device loop5): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1624.657707][T20535] EXT4-fs (loop5): Cannot turn on quotas: error -22
[ 1624.664514][T20535] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.4668: bg 0: block 40: padding at end of block bitmap is not set
[ 1624.678592][   T24] usb 7-1: new low-speed USB device number 32 using dummy_hcd
[ 1624.686487][T20535] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1624.699209][T20535] EXT4-fs (loop5): 1 truncate cleaned up
[ 1624.796444][T20535] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1624.878029][   T24] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1624.918644][   T24] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1625.011999][   T24] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1625.080723][   T24] usb 7-1: string descriptor 0 read error: -22
[ 1625.090908][   T24] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1625.100045][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1625.112201][T20531] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[ 1625.119334][T20531] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[ 1625.513567][T20547] netlink: 76 bytes leftover after parsing attributes in process `syz.2.4670'.
[ 1625.562839][ T7441] usb 4-1: USB disconnect, device number 21
[ 1625.810207][T13771] EXT4-fs (loop5): unmounting filesystem.
[ 1626.185821][T20549] loop1: detected capacity change from 0 to 40427
[ 1626.231416][   T24] usb 4-1: new low-speed USB device number 22 using dummy_hcd
[ 1626.247241][T20549] F2FS-fs (loop1): Mismatch start address, segment0(0) cp_blkaddr(512)
[ 1626.255521][T20549] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[ 1626.265284][T20549] F2FS-fs (loop1): Ignore s_resuid=0, s_resgid=60929 w/o reserve_root
[ 1626.274861][T20549] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1626.488259][T20549] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[ 1626.497711][   T24] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1626.511515][T20549] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1626.526323][   T24] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1626.748293][   T24] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1626.787767][ T7441] usb 7-1: USB disconnect, device number 32
[ 1626.789963][   T24] usb 4-1: string descriptor 0 read error: -22
[ 1626.833713][   T24] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1626.860258][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1626.889356][T20557] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1626.896496][T20557] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1627.073901][T20562] loop2: detected capacity change from 0 to 40427
[ 1627.128060][T20562] F2FS-fs (loop2): Mismatch start address, segment0(0) cp_blkaddr(512)
[ 1627.143992][T20562] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[ 1627.167286][T20562] F2FS-fs (loop2): Ignore s_resuid=0, s_resgid=60929 w/o reserve_root
[ 1627.195093][T20571] syz.1.4671: attempt to access beyond end of device
[ 1627.195093][T20571] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1627.213314][T20562] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1627.353645][T20562] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[ 1627.370987][T20562] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1627.645759][T20573] loop5: detected capacity change from 0 to 40427
[ 1627.757827][T20573] F2FS-fs (loop5): Mismatch start address, segment0(0) cp_blkaddr(512)
[ 1627.776297][T20573] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[ 1627.789813][T20573] F2FS-fs (loop5): Ignore s_resuid=0, s_resgid=60929 w/o reserve_root
[ 1627.817149][T20573] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1628.119025][T20573] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0
[ 1628.133208][T20573] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 1628.146309][ T5007] usb 2-1: new low-speed USB device number 23 using dummy_hcd
[ 1628.289557][T20589] syz.2.4675: attempt to access beyond end of device
[ 1628.289557][T20589] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1628.338036][ T5007] usb 2-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1628.371640][ T5007] usb 2-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1628.548666][ T5007] usb 2-1: config 1 interface 0 has no altsetting 0
[ 1628.638005][ T5007] usb 2-1: string descriptor 0 read error: -22
[ 1628.663651][ T5007] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1628.687002][ T5007] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1628.750476][T20584] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1628.750596][  T228] usb 4-1: USB disconnect, device number 22
[ 1628.757498][T20584] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1628.906324][   T24] usb 7-1: new low-speed USB device number 33 using dummy_hcd
[ 1629.080089][T20597] syz.5.4677: attempt to access beyond end of device
[ 1629.080089][T20597] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1629.097938][   T24] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1629.151377][   T24] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1629.253734][   T24] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1629.279304][   T24] usb 7-1: string descriptor 0 read error: -22
[ 1629.291592][   T24] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1629.316315][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1629.331139][T20590] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[ 1629.338183][T20590] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[ 1629.596309][  T635] kmmpd-loop0: attempt to access beyond end of device
[ 1629.596309][  T635] loop0: rw=14337, sector=128, nr_sectors = 2 limit=64
[ 1629.630279][  T635] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[ 1629.636034][T20599] loop2: detected capacity change from 0 to 512
[ 1629.707687][T20599] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1629.760870][T20599] EXT4-fs (loop2): revision level too high, forcing read-only mode
[ 1629.769945][T20599] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1629.792231][T20599] System zones: 0-1, 15-15, 18-18, 34-34
[ 1629.914237][T20599] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1629.968748][T20599] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0
[ 1630.075437][T20599] EXT4-fs warning (device loop2): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1630.095841][T20599] EXT4-fs (loop2): Cannot turn on quotas: error -22
[ 1630.103555][T20599] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.4681: bg 0: block 40: padding at end of block bitmap is not set
[ 1630.126357][   T24] usb 4-1: new low-speed USB device number 23 using dummy_hcd
[ 1630.134066][T20599] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1630.150955][T20599] EXT4-fs (loop2): 1 truncate cleaned up
[ 1630.160697][T20599] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1630.317406][   T24] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1630.343803][   T24] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1630.371151][   T24] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1630.373725][T20612] EXT4-fs error (device loop2): ext4_encrypted_get_link:46: inode #16: comm syz.2.4681: bad symlink.
[ 1630.390520][   T24] usb 4-1: string descriptor 0 read error: -22
[ 1630.401133][   T24] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1630.419224][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1630.441341][T20606] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1630.448416][T20606] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1630.734628][   T24] usb 2-1: USB disconnect, device number 23
[ 1631.317079][    T6] usb 7-1: USB disconnect, device number 33
[ 1631.536192][T20625] overlayfs: missing 'workdir'
[ 1631.882857][T13288] EXT4-fs (loop2): unmounting filesystem.
[ 1631.988239][    C1] bridge0: received packet on gretap1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[ 1632.138942][T20635] netlink: 76 bytes leftover after parsing attributes in process `syz.5.4687'.
[ 1632.456309][    T6] usb 7-1: new low-speed USB device number 34 using dummy_hcd
[ 1632.588200][T20632] loop2: detected capacity change from 0 to 40427
[ 1632.614152][T20632] F2FS-fs (loop2): Mismatch start address, segment0(0) cp_blkaddr(512)
[ 1632.622528][T20632] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[ 1632.631698][T20632] F2FS-fs (loop2): Ignore s_resuid=0, s_resgid=60929 w/o reserve_root
[ 1632.647646][    T6] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1632.661525][T20632] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1632.661655][    T6] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1632.694134][    T6] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1632.716464][T19207] usb 4-1: USB disconnect, device number 23
[ 1632.779646][    T6] usb 7-1: string descriptor 0 read error: -22
[ 1632.785781][    T6] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1632.794925][    T6] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1632.822908][T20625] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1632.830101][T20625] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1633.263016][T20632] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[ 1633.277656][T20632] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1633.548013][T20643] loop5: detected capacity change from 0 to 40427
[ 1633.556334][T19207] usb 4-1: new low-speed USB device number 24 using dummy_hcd
[ 1633.574627][T20643] F2FS-fs (loop5): Mismatch start address, segment0(0) cp_blkaddr(512)
[ 1633.595169][T20643] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[ 1633.615654][T20643] F2FS-fs (loop5): Ignore s_resuid=0, s_resgid=60929 w/o reserve_root
[ 1633.641100][T20643] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1633.737416][T19207] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1633.755815][T19207] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1633.761540][T20654] syz.2.4689: attempt to access beyond end of device
[ 1633.761540][T20654] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1633.776062][T19207] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1633.786633][T20643] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0
[ 1633.796682][T20643] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 1633.808816][T19207] usb 4-1: string descriptor 0 read error: -22
[ 1633.818169][T19207] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1633.843623][T19207] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1633.861370][T20645] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1633.868433][T20645] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1634.343497][T19207] usb 7-1: USB disconnect, device number 34
[ 1634.431963][T20660] syz.5.4691: attempt to access beyond end of device
[ 1634.431963][T20660] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1634.636704][  T635] kmmpd-loop0: attempt to access beyond end of device
[ 1634.636704][  T635] loop0: rw=14337, sector=128, nr_sectors = 2 limit=64
[ 1634.791496][  T635] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[ 1634.839967][T20664] loop2: detected capacity change from 0 to 512
[ 1634.877100][T20664] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1634.933478][T20664] EXT4-fs (loop2): revision level too high, forcing read-only mode
[ 1634.941355][T20664] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1634.946373][T19207] usb 7-1: new low-speed USB device number 35 using dummy_hcd
[ 1634.949667][T20664] System zones: 0-1, 15-15, 18-18, 34-34
[ 1634.962619][T20664] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1634.977214][T20664] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0
[ 1635.000220][T20664] EXT4-fs warning (device loop2): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1635.026354][T20664] EXT4-fs (loop2): Cannot turn on quotas: error -22
[ 1635.033688][T20669] loop1: detected capacity change from 0 to 512
[ 1635.040268][T20664] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.4693: bg 0: block 40: padding at end of block bitmap is not set
[ 1635.054821][T20669] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1635.063887][T20664] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1635.076535][T20664] EXT4-fs (loop2): 1 truncate cleaned up
[ 1635.084099][T20664] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1635.086672][T20669] EXT4-fs (loop1): revision level too high, forcing read-only mode
[ 1635.135261][T20669] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1635.146401][T20669] System zones: 0-1, 15-15, 18-18, 34-34
[ 1635.152704][T20669] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1635.157416][T19207] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1635.167223][T20669] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0
[ 1635.176363][T19207] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1635.187798][T19207] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1635.194344][T20669] EXT4-fs warning (device loop1): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1635.208902][T20669] EXT4-fs (loop1): Cannot turn on quotas: error -22
[ 1635.215887][T20669] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.4695: bg 0: block 40: padding at end of block bitmap is not set
[ 1635.230251][T20669] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1635.239097][T20669] EXT4-fs (loop1): 1 truncate cleaned up
[ 1635.244739][T20669] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1635.253657][T19207] usb 7-1: string descriptor 0 read error: -22
[ 1635.260013][T19207] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1635.268958][T19207] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1635.283893][T20662] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1635.290951][T20662] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1635.538329][T20674] EXT4-fs error (device loop1): ext4_encrypted_get_link:46: inode #16: comm syz.1.4695: bad symlink.
[ 1635.912437][T20677] loop5: detected capacity change from 0 to 40427
[ 1635.987307][T20677] F2FS-fs (loop5): Mismatch start address, segment0(0) cp_blkaddr(512)
[ 1635.995417][T20677] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[ 1636.023148][T20677] F2FS-fs (loop5): Ignore s_resuid=0, s_resgid=60929 w/o reserve_root
[ 1636.048259][T19207] usb 4-1: USB disconnect, device number 24
[ 1636.048765][T13215] EXT4-fs (loop1): unmounting filesystem.
[ 1636.070926][T20677] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1636.265537][T13288] EXT4-fs (loop2): unmounting filesystem.
[ 1636.346391][T20677] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0
[ 1636.353311][T20677] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 1636.403181][T20688] loop2: detected capacity change from 0 to 512
[ 1636.425375][T20688] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1636.484308][T20688] EXT4-fs (loop2): revision level too high, forcing read-only mode
[ 1636.496358][T20688] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1636.514652][T20688] System zones: 0-1, 15-15, 18-18, 34-34
[ 1636.516357][T19207] usb 4-1: new low-speed USB device number 25 using dummy_hcd
[ 1636.520964][T20688] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1636.547347][T20688] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0
[ 1636.583186][T20688] EXT4-fs warning (device loop2): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1636.604341][T20695] syz.5.4696: attempt to access beyond end of device
[ 1636.604341][T20695] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1636.728349][T19207] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1636.806142][T20688] EXT4-fs (loop2): Cannot turn on quotas: error -22
[ 1636.837071][T20688] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.4699: bg 0: block 40: padding at end of block bitmap is not set
[ 1636.859188][T19207] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1636.872311][T19207] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1636.882905][T19207] usb 4-1: string descriptor 0 read error: -22
[ 1636.890039][T19207] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1636.899539][T20688] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1636.912340][T20688] EXT4-fs (loop2): 1 truncate cleaned up
[ 1636.922001][T19207] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1636.930964][T20688] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1636.946696][T20684] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1636.953702][T20684] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1637.139955][T20700] loop5: detected capacity change from 0 to 512
[ 1637.197343][T20700] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1637.309723][T20700] EXT4-fs (loop5): revision level too high, forcing read-only mode
[ 1637.320872][T20706] EXT4-fs error (device loop2): ext4_encrypted_get_link:46: inode #16: comm syz.2.4699: bad symlink.
[ 1637.331688][T20700] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1637.339736][T20700] System zones: 0-1, 15-15, 18-18, 34-34
[ 1637.345876][T20700] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1637.355301][T20700] Quota error (device loop5): v2_read_header: Failed header read: expected=8 got=0
[ 1637.376833][T20700] EXT4-fs warning (device loop5): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1637.661232][T20700] EXT4-fs (loop5): Cannot turn on quotas: error -22
[ 1637.678119][T20700] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.4700: bg 0: block 40: padding at end of block bitmap is not set
[ 1637.682803][ T5007] usb 7-1: USB disconnect, device number 35
[ 1637.766640][T20700] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1637.811487][T20700] EXT4-fs (loop5): 1 truncate cleaned up
[ 1637.817747][T20700] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1637.836396][T19207] usb 2-1: new low-speed USB device number 24 using dummy_hcd
[ 1638.298145][T19207] usb 2-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1638.315557][T20715] EXT4-fs error (device loop5): ext4_encrypted_get_link:46: inode #16: comm syz.5.4700: bad symlink.
[ 1638.731523][T19207] usb 2-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1638.841594][T19207] usb 2-1: config 1 interface 0 has no altsetting 0
[ 1638.842849][T13771] EXT4-fs (loop5): unmounting filesystem.
[ 1638.859974][T19207] usb 2-1: string descriptor 0 read error: -22
[ 1638.868149][T19207] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1639.057837][T20717] loop6: detected capacity change from 0 to 40427
[ 1639.066883][T20717] F2FS-fs (loop6): Mismatch start address, segment0(0) cp_blkaddr(512)
[ 1639.074970][T20717] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[ 1639.083928][T20717] F2FS-fs (loop6): Ignore s_resuid=0, s_resgid=60929 w/o reserve_root
[ 1639.110976][T20717] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1639.171900][T19207] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1639.179797][T20717] F2FS-fs (loop6): Try to recover 2th superblock, ret: 0
[ 1639.180321][T13288] EXT4-fs (loop2): unmounting filesystem.
[ 1639.186671][T20717] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[ 1639.200450][ T5007] usb 4-1: USB disconnect, device number 25
[ 1639.291200][T20707] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[ 1639.298265][T20707] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[ 1639.376216][T20727] syz.6.4703: attempt to access beyond end of device
[ 1639.376216][T20727] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1639.932446][  T635] kmmpd-loop0: attempt to access beyond end of device
[ 1639.932446][  T635] loop0: rw=14337, sector=128, nr_sectors = 2 limit=64
[ 1639.964395][  T635] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[ 1640.200926][T20729] loop5: detected capacity change from 0 to 40427
[ 1640.269188][T20729] F2FS-fs (loop5): Mismatch start address, segment0(0) cp_blkaddr(512)
[ 1640.624345][T20729] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[ 1640.668291][T19207] usb 2-1: USB disconnect, device number 24
[ 1640.721666][T20743] netlink: 76 bytes leftover after parsing attributes in process `syz.3.4708'.
[ 1640.905307][T20742] loop2: detected capacity change from 0 to 512
[ 1640.935106][T20729] F2FS-fs (loop5): Ignore s_resuid=0, s_resgid=60929 w/o reserve_root
[ 1640.974271][T20746] loop1: detected capacity change from 0 to 512
[ 1641.003932][T20746] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1641.012898][T20742] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1641.022851][T20729] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1641.031228][T20746] EXT4-fs (loop1): revision level too high, forcing read-only mode
[ 1641.039674][T20746] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1641.051447][T20742] EXT4-fs (loop2): revision level too high, forcing read-only mode
[ 1641.056572][T20746] System zones: 0-1, 15-15, 18-18, 34-34
[ 1641.061310][T20742] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1641.067226][T20746] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1641.083821][T20742] System zones: 0-1, 15-15, 18-18, 34-34
[ 1641.089043][T20746] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0
[ 1641.106937][T20742] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1641.113243][T20746] EXT4-fs warning (device loop1): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1641.138226][T20742] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0
[ 1641.161048][T20742] EXT4-fs warning (device loop2): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1641.175507][T20746] EXT4-fs (loop1): Cannot turn on quotas: error -22
[ 1641.186754][T20746] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.4710: bg 0: block 40: padding at end of block bitmap is not set
[ 1641.199472][T20729] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0
[ 1641.201408][T20742] EXT4-fs (loop2): Cannot turn on quotas: error -22
[ 1641.256303][ T7441] usb 7-1: new low-speed USB device number 36 using dummy_hcd
[ 1641.274761][T20729] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 1641.316511][T20746] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1641.325255][T20742] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.4709: bg 0: block 40: padding at end of block bitmap is not set
[ 1641.339735][T20746] EXT4-fs (loop1): 1 truncate cleaned up
[ 1641.345200][T20746] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1641.354091][T20742] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1641.493902][T20742] EXT4-fs (loop2): 1 truncate cleaned up
[ 1641.578356][T20742] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1641.747366][ T7441] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1641.766298][ T7441] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1641.776375][ T7441] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1641.789640][ T7441] usb 7-1: string descriptor 0 read error: -22
[ 1641.795677][ T7441] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1641.819362][ T7441] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1641.868739][T20735] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1641.875766][T20735] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1642.092056][T20761] EXT4-fs error (device loop2): ext4_encrypted_get_link:46: inode #16: comm syz.2.4709: bad symlink.
[ 1642.250253][T20768] syz.5.4704: attempt to access beyond end of device
[ 1642.250253][T20768] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1642.329704][T20769] overlayfs: missing 'workdir'
[ 1642.626324][T19207] usb 4-1: new low-speed USB device number 26 using dummy_hcd
[ 1642.817403][T19207] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1642.836329][T19207] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1642.863878][T19207] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1643.065861][T13288] EXT4-fs (loop2): unmounting filesystem.
[ 1643.076601][T13215] EXT4-fs (loop1): unmounting filesystem.
[ 1643.228441][ T5007] usb 7-1: USB disconnect, device number 36
[ 1643.511444][T20779] loop5: detected capacity change from 0 to 40427
[ 1643.635860][T20779] F2FS-fs (loop5): Mismatch start address, segment0(0) cp_blkaddr(512)
[ 1643.644032][T20779] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[ 1643.653379][T20779] F2FS-fs (loop5): Ignore s_resuid=0, s_resgid=60929 w/o reserve_root
[ 1643.662847][T20779] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1643.726759][T20779] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0
[ 1643.733675][T20779] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 1643.836699][   T24] usb 3-1: new low-speed USB device number 21 using dummy_hcd
[ 1643.983785][T20789] syz.5.4713: attempt to access beyond end of device
[ 1643.983785][T20789] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1644.036496][ T5007] usb 7-1: new low-speed USB device number 37 using dummy_hcd
[ 1644.046131][   T24] usb 3-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1644.091937][   T24] usb 3-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1644.236356][ T7441] usb 2-1: new low-speed USB device number 25 using dummy_hcd
[ 1644.244025][   T24] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1644.254733][   T24] usb 3-1: string descriptor 0 read error: -22
[ 1644.274245][   T24] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1644.294332][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1644.311035][T20780] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1644.318120][T20780] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1644.337483][ T5007] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1644.355501][ T5007] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1644.375862][ T5007] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1644.393706][ T5007] usb 7-1: string descriptor 0 read error: -22
[ 1644.409267][ T5007] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1644.434250][ T5007] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1644.468343][T20776] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[ 1644.475372][T20776] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[ 1644.487402][ T7441] usb 2-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1644.506328][ T7441] usb 2-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1644.560016][ T7441] usb 2-1: config 1 interface 0 has no altsetting 0
[ 1644.578487][ T7441] usb 2-1: string descriptor 0 read error: -22
[ 1644.584672][ T7441] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1644.593758][ T7441] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1644.605920][T20786] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[ 1644.613146][T20786] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[ 1644.946479][  T635] kmmpd-loop0: attempt to access beyond end of device
[ 1644.946479][  T635] loop0: rw=14337, sector=128, nr_sectors = 2 limit=64
[ 1644.960871][ T7441] usb 7-1: USB disconnect, device number 37
[ 1644.976623][  T635] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[ 1645.148765][T19207] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1645.163290][T19207] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1645.177406][T19207] usb 4-1: can't set config #1, error -71
[ 1645.187683][T19207] usb 4-1: USB disconnect, device number 26
[ 1645.448470][T20796] loop3: detected capacity change from 0 to 40427
[ 1645.478477][T20796] F2FS-fs (loop3): Mismatch start address, segment0(0) cp_blkaddr(512)
[ 1645.493930][T20796] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[ 1645.510632][T20796] F2FS-fs (loop3): Ignore s_resuid=0, s_resgid=60929 w/o reserve_root
[ 1645.892498][T20796] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1645.959993][T20796] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[ 1645.972100][T20796] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1646.131242][T19207] usb 3-1: USB disconnect, device number 21
[ 1646.233440][   T24] usb 2-1: USB disconnect, device number 25
[ 1646.811729][T20820] overlayfs: missing 'workdir'
[ 1647.216382][ T5007] usb 6-1: new low-speed USB device number 23 using dummy_hcd
[ 1647.341757][T20826] loop1: detected capacity change from 0 to 512
[ 1647.363402][T20826] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1647.416742][T20826] EXT4-fs (loop1): revision level too high, forcing read-only mode
[ 1647.424477][T20826] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1647.430831][ T5007] usb 6-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1647.432673][T20826] System zones: 0-1, 15-15, 18-18, 34-34
[ 1647.449268][T20826] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1647.455473][T20826] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0
[ 1647.462831][ T5007] usb 6-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1647.464965][T20826] EXT4-fs warning (device loop1): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1647.485728][T20829] syz.3.4718: attempt to access beyond end of device
[ 1647.485728][T20829] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1647.502604][T20826] EXT4-fs (loop1): Cannot turn on quotas: error -22
[ 1647.509875][T20826] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.4725: bg 0: block 40: padding at end of block bitmap is not set
[ 1647.522848][ T5007] usb 6-1: config 1 interface 0 has no altsetting 0
[ 1647.524330][T20826] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1647.539144][T20826] EXT4-fs (loop1): 1 truncate cleaned up
[ 1647.544703][T20826] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1647.548358][ T5007] usb 6-1: string descriptor 0 read error: -22
[ 1647.596832][ T5007] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1647.634902][ T7441] usb 7-1: new low-speed USB device number 38 using dummy_hcd
[ 1647.636166][ T5007] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1647.730351][T20820] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1647.737411][T20820] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1647.940963][T20835] EXT4-fs error (device loop1): ext4_encrypted_get_link:46: inode #16: comm syz.1.4725: bad symlink.
[ 1648.168971][ T7441] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1648.191155][ T7441] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1648.215748][ T7441] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1648.231520][ T7441] usb 7-1: string descriptor 0 read error: -22
[ 1648.242873][ T7441] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1648.261078][ T7441] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1648.282055][T20822] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1648.289733][T20822] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1648.423256][T13215] EXT4-fs (loop1): unmounting filesystem.
[ 1649.006478][ T5007] usb 4-1: new low-speed USB device number 27 using dummy_hcd
[ 1649.198362][ T5007] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1649.255171][ T5007] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1649.275747][ T5007] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1649.291704][ T5007] usb 4-1: string descriptor 0 read error: -22
[ 1649.303529][ T5007] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1649.324950][ T5007] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1649.338447][ T1635] usb 6-1: USB disconnect, device number 23
[ 1649.520856][T20852] loop5: detected capacity change from 0 to 40427
[ 1649.529051][T20852] F2FS-fs (loop5): Mismatch start address, segment0(0) cp_blkaddr(512)
[ 1649.537199][T20852] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[ 1649.609530][ T7441] usb 7-1: USB disconnect, device number 38
[ 1649.609834][T20845] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1649.622407][T20845] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[ 1649.623711][T20852] F2FS-fs (loop5): Ignore s_resuid=0, s_resgid=60929 w/o reserve_root
[ 1649.790347][T20855] loop2: detected capacity change from 0 to 40427
[ 1649.800847][T20855] F2FS-fs (loop2): Mismatch start address, segment0(0) cp_blkaddr(512)
[ 1649.808986][T20855] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[ 1649.818431][T20855] F2FS-fs (loop2): Ignore s_resuid=0, s_resgid=60929 w/o reserve_root
[ 1649.826512][T20852] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1649.888961][T20855] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1649.934833][T20852] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0
[ 1649.941762][T20852] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 1649.986357][  T635] kmmpd-loop0: attempt to access beyond end of device
[ 1649.986357][  T635] loop0: rw=14337, sector=128, nr_sectors = 2 limit=64
[ 1650.018183][T20865] loop1: detected capacity change from 0 to 256
[ 1650.034512][  T635] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[ 1650.087120][T20855] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[ 1650.094027][T20855] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1650.636846][T20868] syz.5.4730: attempt to access beyond end of device
[ 1650.636846][T20868] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1650.679313][T20865] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[ 1651.044581][T20871] syz.2.4731: attempt to access beyond end of device
[ 1651.044581][T20871] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1651.081956][T20865] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186)
[ 1651.518811][  T848] usb 4-1: USB disconnect, device number 27
[ 1651.995919][ T1273] usb 7-1: new low-speed USB device number 39 using dummy_hcd
[ 1652.208330][ T1273] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1652.274468][ T1273] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1652.326511][  T848] usb 6-1: new low-speed USB device number 24 using dummy_hcd
[ 1652.419660][ T1273] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1652.456389][ T1273] usb 7-1: string descriptor 0 read error: -22
[ 1652.467005][ T1273] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1652.490239][ T1273] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1652.523102][T20881] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1652.530127][T20881] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1652.543891][  T848] usb 6-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1652.576087][  T848] usb 6-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1652.586291][   T24] usb 3-1: new low-speed USB device number 22 using dummy_hcd
[ 1652.596555][  T848] usb 6-1: config 1 interface 0 has no altsetting 0
[ 1652.613224][  T848] usb 6-1: string descriptor 0 read error: -22
[ 1652.629557][  T848] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1652.716305][  T848] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1652.751783][T20888] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1652.768583][T20888] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1652.798628][   T24] usb 3-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1652.861720][T20893] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4738'.
[ 1653.063376][   T24] usb 3-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1653.130840][   T24] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1653.188412][   T24] usb 3-1: string descriptor 0 read error: -22
[ 1653.225759][   T24] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1653.250567][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1653.336652][T20889] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[ 1653.343683][T20889] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[ 1653.816388][T20898] fuse: Bad value for 'fd'
[ 1654.529190][    T6] usb 7-1: USB disconnect, device number 39
[ 1654.543727][   T24] usb 6-1: USB disconnect, device number 24
[ 1654.546850][T20903] loop3: detected capacity change from 0 to 512
[ 1654.629181][T20903] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1654.675421][T20903] EXT4-fs (loop3): revision level too high, forcing read-only mode
[ 1654.864250][T20912] fuse: Unknown parameter '0xffffffffffffffff'
[ 1655.683592][T20903] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1655.702598][  T635] kmmpd-loop0: attempt to access beyond end of device
[ 1655.702598][  T635] loop0: rw=14337, sector=128, nr_sectors = 2 limit=64
[ 1655.723987][T20903] System zones: 0-1, 15-15, 18-18, 34-34
[ 1655.740739][ T5007] usb 3-1: USB disconnect, device number 22
[ 1655.822933][T20903] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1655.833144][T20903] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=0
[ 1655.842747][T20903] EXT4-fs warning (device loop3): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1656.044642][T20903] EXT4-fs (loop3): Cannot turn on quotas: error -22
[ 1656.058668][T20903] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.4741: bg 0: block 40: padding at end of block bitmap is not set
[ 1656.089280][T20919] loop1: detected capacity change from 0 to 512
[ 1656.122590][  T635] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[ 1656.131090][T20903] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1656.146305][T20903] EXT4-fs (loop3): 1 truncate cleaned up
[ 1656.146915][T20919] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1656.217038][T20919] EXT4-fs (loop1): revision level too high, forcing read-only mode
[ 1656.224811][T20919] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1656.226849][T20903] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1656.998017][T20919] System zones: 0-1, 15-15, 18-18, 34-34
[ 1657.270057][T20919] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1657.306400][T20919] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0
[ 1657.345193][T20919] EXT4-fs warning (device loop1): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1657.365230][T20919] EXT4-fs (loop1): Cannot turn on quotas: error -22
[ 1657.397477][T20919] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.4744: bg 0: block 40: padding at end of block bitmap is not set
[ 1657.434430][T20919] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1657.456213][T20919] EXT4-fs (loop1): 1 truncate cleaned up
[ 1657.471428][T20919] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1657.507750][T20935] EXT4-fs error (device loop3): ext4_encrypted_get_link:46: inode #16: comm syz.3.4741: bad symlink.
[ 1657.518564][    T6] usb 7-1: new low-speed USB device number 40 using dummy_hcd
[ 1657.631321][T20938] loop2: detected capacity change from 0 to 512
[ 1657.679597][T20938] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1657.717045][T20938] EXT4-fs (loop2): revision level too high, forcing read-only mode
[ 1657.726036][T20938] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1657.737503][    T6] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1657.764846][T20938] System zones: 0-1, 15-15, 18-18, 34-34
[ 1657.766311][    T6] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1657.793533][T20938] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1657.796296][    T6] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1657.810430][T20942] EXT4-fs error (device loop1): ext4_encrypted_get_link:46: inode #16: comm syz.1.4744: bad symlink.
[ 1657.818026][    T6] usb 7-1: string descriptor 0 read error: -22
[ 1657.827192][    T6] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1657.835972][    T6] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1657.836552][T20938] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0
[ 1657.854578][T20925] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1657.861604][T20925] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1657.926402][T20938] EXT4-fs warning (device loop2): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1657.950970][T20938] EXT4-fs (loop2): Cannot turn on quotas: error -22
[ 1657.960983][T20938] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.4748: bg 0: block 40: padding at end of block bitmap is not set
[ 1658.000058][T20938] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1658.048836][    T6] usb 7-1: USB disconnect, device number 40
[ 1658.056721][T20938] EXT4-fs (loop2): 1 truncate cleaned up
[ 1658.062290][T20938] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1658.167760][T20945] loop6: detected capacity change from 0 to 512
[ 1658.177309][T20945] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1658.225200][T20945] EXT4-fs (loop6): revision level too high, forcing read-only mode
[ 1658.268379][T20945] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1658.287318][T20945] System zones: 0-1, 15-15, 18-18, 34-34
[ 1658.293567][T20945] EXT4-fs (loop6): orphan cleanup on readonly fs
[ 1658.299883][T20945] Quota error (device loop6): v2_read_header: Failed header read: expected=8 got=0
[ 1658.309170][T20945] EXT4-fs warning (device loop6): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1658.323633][T20945] EXT4-fs (loop6): Cannot turn on quotas: error -22
[ 1658.330412][T20945] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.4749: bg 0: block 40: padding at end of block bitmap is not set
[ 1658.344686][T20945] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1658.353408][T20945] EXT4-fs (loop6): 1 truncate cleaned up
[ 1658.358992][T20945] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1658.369714][T20950] EXT4-fs error (device loop2): ext4_encrypted_get_link:46: inode #16: comm syz.2.4748: bad symlink.
[ 1658.541815][T20955] fuse: Bad value for 'fd'
[ 1658.975119][T20957] EXT4-fs error (device loop6): ext4_encrypted_get_link:46: inode #16: comm syz.6.4749: bad symlink.
[ 1659.063845][T12946] EXT4-fs (loop3): unmounting filesystem.
[ 1659.191659][T20960] loop3: detected capacity change from 0 to 256
[ 1659.239146][T20960] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[ 1659.263466][T20960] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[ 1659.537540][T13215] EXT4-fs (loop1): unmounting filesystem.
[ 1659.573908][T13288] EXT4-fs (loop2): unmounting filesystem.
[ 1659.888647][T20975] fuse: Unknown parameter '0xffffffffffffffff'
[ 1659.926364][ T8481] usb 6-1: new low-speed USB device number 25 using dummy_hcd
[ 1660.121433][ T8481] usb 6-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1660.171800][ T8481] usb 6-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1660.225431][ T8481] usb 6-1: config 1 interface 0 has no altsetting 0
[ 1660.252864][ T8481] usb 6-1: string descriptor 0 read error: -22
[ 1660.269783][ T8481] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1660.280193][T13526] EXT4-fs (loop6): unmounting filesystem.
[ 1660.322638][ T8481] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1660.360930][T20972] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1660.364179][T20978] loop6: detected capacity change from 0 to 512
[ 1660.380385][T20972] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1660.405982][T20978] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1660.461226][T20978] EXT4-fs (loop6): revision level too high, forcing read-only mode
[ 1660.476852][T20978] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1660.484775][T20978] System zones: 0-1, 15-15, 18-18, 34-34
[ 1660.491082][T20978] EXT4-fs (loop6): orphan cleanup on readonly fs
[ 1660.497393][T20978] Quota error (device loop6): v2_read_header: Failed header read: expected=8 got=0
[ 1660.506726][T20978] EXT4-fs warning (device loop6): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1660.556342][T20978] EXT4-fs (loop6): Cannot turn on quotas: error -22
[ 1660.579660][T20978] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.4756: bg 0: block 40: padding at end of block bitmap is not set
[ 1660.706401][  T635] kmmpd-loop0: attempt to access beyond end of device
[ 1660.706401][  T635] loop0: rw=14337, sector=128, nr_sectors = 2 limit=64
[ 1660.720051][T20978] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1660.744323][  T635] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[ 1660.766489][T20978] EXT4-fs (loop6): 1 truncate cleaned up
[ 1660.802980][T20978] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1661.407101][T20995] EXT4-fs error (device loop6): ext4_encrypted_get_link:46: inode #16: comm syz.6.4756: bad symlink.
[ 1661.565674][T20999] loop1: detected capacity change from 0 to 512
[ 1661.607357][T20999] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1661.654512][T20999] EXT4-fs (loop1): revision level too high, forcing read-only mode
[ 1661.669376][T20999] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1661.693907][T20999] System zones: 0-1, 15-15, 18-18, 34-34
[ 1661.740787][T20999] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1661.797457][T20999] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0
[ 1661.836299][ T7441] usb 4-1: new low-speed USB device number 28 using dummy_hcd
[ 1661.843749][T20999] EXT4-fs warning (device loop1): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1661.915223][T21003] loop2: detected capacity change from 0 to 512
[ 1661.926357][T20999] EXT4-fs (loop1): Cannot turn on quotas: error -22
[ 1661.940659][T20999] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.4760: bg 0: block 40: padding at end of block bitmap is not set
[ 1661.985013][T21003] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1662.009741][T20999] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1662.029067][T20999] EXT4-fs (loop1): 1 truncate cleaned up
[ 1662.039190][T21003] EXT4-fs (loop2): revision level too high, forcing read-only mode
[ 1662.048184][ T7441] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1662.077167][T21003] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1662.091465][T20999] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1662.100470][ T7441] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1662.117468][T21003] System zones: 0-1, 15-15, 18-18, 34-34
[ 1662.131843][ T7441] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1662.150180][T21003] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1662.170964][T21003] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0
[ 1662.180267][T21003] EXT4-fs warning (device loop2): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1662.195071][T21003] EXT4-fs (loop2): Cannot turn on quotas: error -22
[ 1662.202033][T21003] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.4761: bg 0: block 40: padding at end of block bitmap is not set
[ 1662.226672][T21003] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1662.267777][ T7441] usb 4-1: string descriptor 0 read error: -22
[ 1662.271701][T21003] EXT4-fs (loop2): 1 truncate cleaned up
[ 1662.273827][ T7441] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1662.301144][T21003] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1662.326290][ T7441] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1662.396387][T20997] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1662.446372][T20997] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1662.456588][T21008] EXT4-fs error (device loop1): ext4_encrypted_get_link:46: inode #16: comm syz.1.4760: bad symlink.
[ 1662.561248][T13526] EXT4-fs (loop6): unmounting filesystem.
[ 1662.623654][T21011] EXT4-fs error (device loop2): ext4_encrypted_get_link:46: inode #16: comm syz.2.4761: bad symlink.
[ 1662.686984][T21013] loop6: detected capacity change from 0 to 512
[ 1662.720795][T21013] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1662.786991][T21013] EXT4-fs (loop6): revision level too high, forcing read-only mode
[ 1662.796336][T21013] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1662.815126][T21013] System zones: 0-1, 15-15, 18-18, 34-34
[ 1662.845078][T21013] EXT4-fs (loop6): orphan cleanup on readonly fs
[ 1662.875121][T21013] Quota error (device loop6): v2_read_header: Failed header read: expected=8 got=0
[ 1662.922383][T21013] EXT4-fs warning (device loop6): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1662.988777][T21013] EXT4-fs (loop6): Cannot turn on quotas: error -22
[ 1663.016229][T21013] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.4762: bg 0: block 40: padding at end of block bitmap is not set
[ 1663.068383][T21013] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1663.098728][T21013] EXT4-fs (loop6): 1 truncate cleaned up
[ 1663.118315][T21013] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1663.157418][ T7441] usb 6-1: USB disconnect, device number 25
[ 1663.367633][T21019] netlink: 52 bytes leftover after parsing attributes in process `syz.5.4763'.
[ 1663.399364][T21019] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4763'.
[ 1663.426870][T21019] loop5: detected capacity change from 0 to 512
[ 1663.483306][T21019] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1663.522440][T21019] ext4 filesystem being mounted at /311/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1663.555810][T13288] EXT4-fs (loop2): unmounting filesystem.
[ 1663.563405][T21024] EXT4-fs error (device loop6): ext4_encrypted_get_link:46: inode #16: comm syz.6.4762: bad symlink.
[ 1663.583646][T21019] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1663.666942][T13771] EXT4-fs (loop5): unmounting filesystem.
[ 1663.674522][T13215] EXT4-fs (loop1): unmounting filesystem.
[ 1663.724570][T21031] loop5: detected capacity change from 0 to 512
[ 1663.800647][T21031] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1663.875487][   T28] audit: type=1400 audit(1742024479.589:1957): avc:  denied  { bind } for  pid=21034 comm="syz.2.4767" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1664.176880][T21031] EXT4-fs (loop5): revision level too high, forcing read-only mode
[ 1664.206968][T21031] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1664.222911][T21031] System zones: 0-1, 15-15, 18-18, 34-34
[ 1664.227489][   T28] audit: type=1400 audit(1742024479.949:1958): avc:  denied  { ioctl } for  pid=21039 comm="syz.2.4768" path="socket:[79757]" dev="sockfs" ino=79757 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1664.229418][T21031] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1664.253485][T19340] usb 2-1: new low-speed USB device number 26 using dummy_hcd
[ 1664.259333][T21031] Quota error (device loop5): v2_read_header: Failed header read: expected=8 got=0
[ 1664.275709][T21031] EXT4-fs warning (device loop5): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1664.296339][T21031] EXT4-fs (loop5): Cannot turn on quotas: error -22
[ 1664.306426][T21031] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.4765: bg 0: block 40: padding at end of block bitmap is not set
[ 1664.325044][T21042] loop2: detected capacity change from 0 to 256
[ 1664.334060][T21042] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[ 1664.358296][   T28] audit: type=1400 audit(1742024480.079:1959): avc:  denied  { setopt } for  pid=21041 comm="syz.2.4769" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1664.379370][T21031] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1664.402872][T21031] EXT4-fs (loop5): 1 truncate cleaned up
[ 1664.409799][T21031] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1664.420156][T21045] FAULT_INJECTION: forcing a failure.
[ 1664.420156][T21045] name failslab, interval 1, probability 0, space 0, times 1
[ 1664.432579][T21045] CPU: 1 PID: 21045 Comm: syz.2.4770 Not tainted 6.1.128-syzkaller-00012-g4da91a8e563c #0
[ 1664.442295][T21045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1664.452243][T21045] Call Trace:
[ 1664.455314][T21045]  <TASK>
[ 1664.458093][T21045]  dump_stack_lvl+0x151/0x1b7
[ 1664.462602][T21045]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1664.467906][T21045]  ? avc_denied+0x1b0/0x1b0
[ 1664.472239][T21045]  dump_stack+0x15/0x18
[ 1664.476233][T21045]  should_fail_ex+0x3d0/0x520
[ 1664.480742][T21045]  ? __sigqueue_alloc+0x138/0x210
[ 1664.485598][T21045]  __should_failslab+0xaf/0xf0
[ 1664.490201][T21045]  should_failslab+0x9/0x20
[ 1664.494665][T21045]  kmem_cache_alloc+0x3b/0x320
[ 1664.499250][T21045]  __sigqueue_alloc+0x138/0x210
[ 1664.503936][T21045]  __send_signal_locked+0x1a3/0xc30
[ 1664.508983][T21045]  send_signal_locked+0x43a/0x590
[ 1664.513996][T21045]  do_send_sig_info+0xde/0x230
[ 1664.518591][T21045]  group_send_sig_info+0x113/0x320
[ 1664.523538][T21045]  ? __fget_files+0x2cb/0x330
[ 1664.528051][T21045]  ? __lock_task_sighand+0x100/0x100
[ 1664.533166][T21045]  ? __task_pid_nr_ns+0x1d8/0x270
[ 1664.538025][T21045]  __se_sys_pidfd_send_signal+0x662/0x8a0
[ 1664.543581][T21045]  ? __x64_sys_pidfd_send_signal+0xb0/0xb0
[ 1664.549219][T21045]  ? __kasan_check_write+0x14/0x20
[ 1664.554178][T21045]  ? fput+0x15b/0x1b0
[ 1664.557987][T21045]  ? raw_irqentry_exit_cond_resched+0x2a/0x30
[ 1664.563906][T21045]  ? irqentry_exit+0x30/0x40
[ 1664.568313][T21045]  ? sysvec_reschedule_ipi+0x8f/0x170
[ 1664.573534][T21045]  __x64_sys_pidfd_send_signal+0x9b/0xb0
[ 1664.578999][T21045]  x64_sys_call+0x8e8/0x9a0
[ 1664.583329][T21045]  do_syscall_64+0x3b/0xb0
[ 1664.587581][T21045]  ? clear_bhb_loop+0x55/0xb0
[ 1664.592097][T21045]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1664.597832][T21045] RIP: 0033:0x7f46a958d169
[ 1664.602079][T21045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1664.621518][T21045] RSP: 002b:00007f46aa4c9038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a8
[ 1664.629762][T21045] RAX: ffffffffffffffda RBX: 00007f46a97a5fa0 RCX: 00007f46a958d169
[ 1664.637575][T21045] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000004
[ 1664.645388][T21045] RBP: 00007f46aa4c9090 R08: 0000000000000000 R09: 0000000000000000
[ 1664.653206][T21045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1664.661015][T21045] R13: 0000000000000000 R14: 00007f46a97a5fa0 R15: 00007ffecf8981b8
[ 1664.668832][T21045]  </TASK>
[ 1664.707368][T19340] usb 2-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1664.737570][T19340] usb 2-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1664.795178][T19340] usb 2-1: config 1 interface 0 has no altsetting 0
[ 1664.877040][ T5007] usb 4-1: USB disconnect, device number 28
[ 1664.887719][T19340] usb 2-1: string descriptor 0 read error: -22
[ 1664.893765][T19340] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1664.907880][T21052] EXT4-fs error (device loop5): ext4_encrypted_get_link:46: inode #16: comm syz.5.4765: bad symlink.
[ 1664.946621][T19340] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1664.964617][T21037] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1664.971844][T21037] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1665.025964][T21055] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4771'.
[ 1665.365573][T13526] EXT4-fs (loop6): unmounting filesystem.
[ 1665.477062][T21059] fuse: Bad value for 'fd'
[ 1665.746325][  T635] kmmpd-loop0: attempt to access beyond end of device
[ 1665.746325][  T635] loop0: rw=14337, sector=128, nr_sectors = 2 limit=64
[ 1665.776462][  T635] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[ 1665.840912][T21067] FAULT_INJECTION: forcing a failure.
[ 1665.840912][T21067] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 1665.868287][T21067] CPU: 0 PID: 21067 Comm: syz.2.4775 Not tainted 6.1.128-syzkaller-00012-g4da91a8e563c #0
[ 1665.878024][T21067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1665.888009][T21067] Call Trace:
[ 1665.891221][T21067]  <TASK>
[ 1665.893992][T21067]  dump_stack_lvl+0x151/0x1b7
[ 1665.898522][T21067]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1665.903803][T21067]  ? vfs_write+0x952/0xed0
[ 1665.908050][T21067]  ? __kasan_slab_free+0x11/0x20
[ 1665.912831][T21067]  dump_stack+0x15/0x18
[ 1665.916824][T21067]  should_fail_ex+0x3d0/0x520
[ 1665.921334][T21067]  should_fail+0xb/0x10
[ 1665.925322][T21067]  should_fail_usercopy+0x1a/0x20
[ 1665.930185][T21067]  _copy_from_user+0x1e/0xc0
[ 1665.934611][T21067]  __sys_bpf+0x23b/0x7f0
[ 1665.938692][T21067]  ? bpf_link_show_fdinfo+0x300/0x300
[ 1665.943911][T21067]  ? __ia32_sys_read+0x90/0x90
[ 1665.948509][T21067]  ? debug_smp_processor_id+0x17/0x20
[ 1665.953704][T21067]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1665.959607][T21067]  __x64_sys_bpf+0x7c/0x90
[ 1665.963860][T21067]  x64_sys_call+0x87f/0x9a0
[ 1665.968204][T21067]  do_syscall_64+0x3b/0xb0
[ 1665.972450][T21067]  ? clear_bhb_loop+0x55/0xb0
[ 1665.976969][T21067]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1665.982694][T21067] RIP: 0033:0x7f46a958d169
[ 1665.986954][T21067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1666.006392][T21067] RSP: 002b:00007f46aa4c9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1666.014632][T21067] RAX: ffffffffffffffda RBX: 00007f46a97a5fa0 RCX: 00007f46a958d169
[ 1666.022446][T21067] RDX: 0000000000000024 RSI: 0000400000000400 RDI: 0000000000000005
[ 1666.030257][T21067] RBP: 00007f46aa4c9090 R08: 0000000000000000 R09: 0000000000000000
[ 1666.038068][T21067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1666.045879][T21067] R13: 0000000000000001 R14: 00007f46a97a5fa0 R15: 00007ffecf8981b8
[ 1666.053699][T21067]  </TASK>
[ 1666.073689][   T28] audit: type=1400 audit(1742024481.789:1960): avc:  denied  { create } for  pid=21068 comm="syz.3.4776" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1666.126340][ T7441] usb 7-1: new low-speed USB device number 41 using dummy_hcd
[ 1666.154057][T13771] EXT4-fs (loop5): unmounting filesystem.
[ 1666.317363][ T7441] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1666.331055][T21073] fuse: root generation should be zero
[ 1666.339524][ T7441] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1666.366313][ T2180] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[ 1666.377984][ T7441] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1666.397164][ T7441] usb 7-1: string descriptor 0 read error: -22
[ 1666.407427][ T7441] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1666.436703][ T7441] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1666.456366][T21064] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1666.475453][T21064] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1666.556295][ T2180] usb 4-1: Using ep0 maxpacket: 32
[ 1666.562736][ T2180] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1666.583040][ T2180] usb 4-1: config 128 has an invalid interface number: 127 but max is 3
[ 1666.606300][ T2180] usb 4-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config
[ 1666.635996][ T2180] usb 4-1: config 128 has 1 interface, different from the descriptor's value: 4
[ 1666.664483][ T2180] usb 4-1: config 128 has no interface number 0
[ 1666.681101][ T2180] usb 4-1: config 128 interface 127 altsetting 14 endpoint 0x5 has an invalid bInterval 0, changing to 7
[ 1666.766620][ T2180] usb 4-1: config 128 interface 127 altsetting 14 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1666.796310][ T2180] usb 4-1: config 128 interface 127 has no altsetting 0
[ 1666.804194][    T6] usb 2-1: USB disconnect, device number 26
[ 1666.827678][ T2180] usb 4-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55
[ 1666.846792][ T2180] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1666.894723][ T2180] usb 4-1: Product: syz
[ 1666.903398][ T2180] usb 4-1: Manufacturer: syz
[ 1666.916792][ T2180] usb 4-1: SerialNumber: syz
[ 1666.937519][T21087] xt_hashlimit: size too large, truncated to 1048576
[ 1667.394285][ T2180] usb 4-1: USB disconnect, device number 29
[ 1667.402884][ T1204] udevd[1204]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:128.127/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1667.999025][T21105] FAULT_INJECTION: forcing a failure.
[ 1667.999025][T21105] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1668.056320][T21105] CPU: 0 PID: 21105 Comm: syz.3.4785 Not tainted 6.1.128-syzkaller-00012-g4da91a8e563c #0
[ 1668.066076][T21105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1668.075976][T21105] Call Trace:
[ 1668.079096][T21105]  <TASK>
[ 1668.081871][T21105]  dump_stack_lvl+0x151/0x1b7
[ 1668.086389][T21105]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1668.091691][T21105]  ? vfs_write+0x952/0xed0
[ 1668.095938][T21105]  ? __kasan_slab_free+0x11/0x20
[ 1668.100707][T21105]  dump_stack+0x15/0x18
[ 1668.104698][T21105]  should_fail_ex+0x3d0/0x520
[ 1668.109221][T21105]  should_fail+0xb/0x10
[ 1668.113202][T21105]  should_fail_usercopy+0x1a/0x20
[ 1668.118065][T21105]  _copy_from_user+0x1e/0xc0
[ 1668.122491][T21105]  __sys_bpf+0x23b/0x7f0
[ 1668.126573][T21105]  ? bpf_link_show_fdinfo+0x300/0x300
[ 1668.131806][T21105]  ? __ia32_sys_read+0x90/0x90
[ 1668.136383][T21105]  ? debug_smp_processor_id+0x17/0x20
[ 1668.141599][T21105]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1668.147499][T21105]  __x64_sys_bpf+0x7c/0x90
[ 1668.151743][T21105]  x64_sys_call+0x87f/0x9a0
[ 1668.156093][T21105]  do_syscall_64+0x3b/0xb0
[ 1668.160343][T21105]  ? clear_bhb_loop+0x55/0xb0
[ 1668.164846][T21105]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1668.170578][T21105] RIP: 0033:0x7fe39798d169
[ 1668.174839][T21105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1668.194272][T21105] RSP: 002b:00007fe3987d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1668.202564][T21105] RAX: ffffffffffffffda RBX: 00007fe397ba5fa0 RCX: 00007fe39798d169
[ 1668.210332][T21105] RDX: 0000000000000024 RSI: 0000400000000400 RDI: 0000000000000005
[ 1668.218135][T21105] RBP: 00007fe3987d1090 R08: 0000000000000000 R09: 0000000000000000
[ 1668.225946][T21105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1668.233758][T21105] R13: 0000000000000000 R14: 00007fe397ba5fa0 R15: 00007fff42c1a678
[ 1668.241586][T21105]  </TASK>
[ 1668.441714][ T5007] usb 7-1: USB disconnect, device number 41
[ 1668.533171][   T28] audit: type=1400 audit(1742024489.251:1961): avc:  denied  { relabelfrom } for  pid=21108 comm="syz.6.4787" name="" dev="pipefs" ino=80957 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 1668.582165][T21111] loop5: detected capacity change from 0 to 512
[ 1668.667172][T21111] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1668.739194][T21111] EXT4-fs (loop5): revision level too high, forcing read-only mode
[ 1668.747079][T21111] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1668.754987][T21111] System zones: 0-1, 15-15, 18-18, 34-34
[ 1668.761458][T21111] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1668.768019][T21111] Quota error (device loop5): v2_read_header: Failed header read: expected=8 got=0
[ 1668.777344][T21111] EXT4-fs warning (device loop5): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1668.794209][T21111] EXT4-fs (loop5): Cannot turn on quotas: error -22
[ 1668.931839][T21111] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.4788: bg 0: block 40: padding at end of block bitmap is not set
[ 1668.996429][ T5007] usb 7-1: new high-speed USB device number 42 using dummy_hcd
[ 1669.069599][T21111] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1669.116352][T19340] usb 4-1: new low-speed USB device number 30 using dummy_hcd
[ 1669.156672][T21111] EXT4-fs (loop5): 1 truncate cleaned up
[ 1669.167960][T21111] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1669.196339][ T5007] usb 7-1: Using ep0 maxpacket: 32
[ 1669.213189][ T5007] usb 7-1: config 0 has an invalid interface number: 35 but max is 0
[ 1669.298039][ T5007] usb 7-1: config 0 has no interface number 0
[ 1669.316588][ T5007] usb 7-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[ 1669.328616][ T5007] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1669.337048][T19340] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1669.356284][ T5007] usb 7-1: Product: syz
[ 1669.360362][ T5007] usb 7-1: Manufacturer: syz
[ 1669.364732][ T5007] usb 7-1: SerialNumber: syz
[ 1669.370883][T19340] usb 4-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1669.387502][ T5007] usb 7-1: config 0 descriptor??
[ 1669.397100][T19340] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1669.405866][T19340] usb 4-1: string descriptor 0 read error: -22
[ 1669.424932][T19340] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1669.434294][T19340] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1669.448090][T21127] EXT4-fs error (device loop5): ext4_encrypted_get_link:46: inode #16: comm syz.5.4788: bad symlink.
[ 1669.459524][T21119] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1669.466547][T21119] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1669.795483][ T2180] usb 7-1: USB disconnect, device number 42
[ 1670.069037][T13771] EXT4-fs (loop5): unmounting filesystem.
[ 1670.239319][T21134] loop5: detected capacity change from 0 to 512
[ 1670.287183][T21134] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1670.317468][T21134] EXT4-fs (loop5): revision level too high, forcing read-only mode
[ 1670.325341][T21134] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1670.337707][T21134] System zones: 0-1, 15-15, 18-18, 34-34
[ 1670.344105][T21134] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1670.350388][T21134] Quota error (device loop5): v2_read_header: Failed header read: expected=8 got=0
[ 1670.361719][T21134] EXT4-fs warning (device loop5): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1670.376157][T21134] EXT4-fs (loop5): Cannot turn on quotas: error -22
[ 1670.383081][T21134] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.4793: bg 0: block 40: padding at end of block bitmap is not set
[ 1670.397331][T21134] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1670.406145][T21134] EXT4-fs (loop5): 1 truncate cleaned up
[ 1670.411746][T21134] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1670.522554][T21141] loop6: detected capacity change from 0 to 128
[ 1670.586915][T21141] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1670.606727][T21141] ext4 filesystem being mounted at /336/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1670.739181][T21152] EXT4-fs error (device loop5): ext4_encrypted_get_link:46: inode #16: comm syz.5.4793: bad symlink.
[ 1670.760503][T21144] kvm [21143]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x25
[ 1670.786303][  T635] kmmpd-loop0: attempt to access beyond end of device
[ 1670.786303][  T635] loop0: rw=14337, sector=128, nr_sectors = 2 limit=64
[ 1670.867211][   T28] audit: type=1400 audit(1742024491.581:1962): avc:  denied  { ioctl } for  pid=21140 comm="syz.6.4795" path="socket:[80084]" dev="sockfs" ino=80084 ioctlcmd=0x7436 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1670.881776][T21144] kvm [21143]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x88a
[ 1670.931737][  T635] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[ 1671.179710][T21144] kvm [21143]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x25
[ 1671.263485][T21151] loop1: detected capacity change from 0 to 40427
[ 1671.289535][T21151] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[ 1671.305426][T21151] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1671.322990][T21151] F2FS-fs (loop1): invalid crc value
[ 1671.353409][   T28] audit: type=1400 audit(1742024492.071:1963): avc:  denied  { ioctl } for  pid=21159 comm="syz.2.4798" path="socket:[81079]" dev="sockfs" ino=81079 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1671.384657][T21151] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1671.495747][T21151] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1671.507037][T21151] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1671.545987][T13526] EXT4-fs (loop6): unmounting filesystem.
[ 1671.574836][T21151] syz.1.4796: attempt to access beyond end of device
[ 1671.574836][T21151] loop1: rw=34817, sector=77824, nr_sectors = 128 limit=40427
[ 1671.686699][    T6] usb 4-1: USB disconnect, device number 30
[ 1672.323693][T13215] syz-executor: attempt to access beyond end of device
[ 1672.323693][T13215] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1672.568242][T21173] syz.3.4800 (21173) used greatest stack depth: 19736 bytes left
[ 1672.822058][T13771] EXT4-fs (loop5): unmounting filesystem.
[ 1672.875693][T21171] loop6: detected capacity change from 0 to 512
[ 1672.901025][T21171] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 1673.010753][   T28] audit: type=1400 audit(1742024493.731:1964): avc:  denied  { create } for  pid=21178 comm="syz.5.4803" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1673.016896][T21171] EXT4-fs (loop6): 1 orphan inode deleted
[ 1673.096339][T21171] EXT4-fs (loop6): 1 truncate cleaned up
[ 1673.101880][T21171] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1673.252747][T21171] EXT4-fs error (device loop6): ext4_lookup:1858: inode #15: comm syz.6.4801: iget: bad extra_isize 46 (inode size 256)
[ 1673.276347][T21171] EXT4-fs (loop6): Remounting filesystem read-only
[ 1673.301705][   T28] audit: type=1400 audit(1742024494.021:1965): avc:  denied  { unmount } for  pid=13215 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1673.370536][   T28] audit: type=1400 audit(1742024494.091:1966): avc:  denied  { setcheckreqprot } for  pid=21191 comm="syz.1.4807" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[ 1673.533410][T13526] EXT4-fs (loop6): unmounting filesystem.
[ 1674.648511][   T28] audit: type=1400 audit(1742024495.371:1967): avc:  denied  { map } for  pid=21230 comm="syz.1.4817" path="socket:[81215]" dev="sockfs" ino=81215 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[ 1675.076221][T21239] loop2: detected capacity change from 0 to 256
[ 1675.104039][T21239] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1675.145105][T21239] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[ 1675.174255][T21239] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1675.272622][T21241] kvm [21240]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x25
[ 1675.309463][T21241] kvm [21240]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x88a
[ 1675.323698][T21241] kvm [21240]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x25
[ 1675.835079][  T635] kmmpd-loop0: attempt to access beyond end of device
[ 1675.835079][  T635] loop0: rw=14337, sector=128, nr_sectors = 2 limit=64
[ 1675.906377][   T28] audit: type=1400 audit(1742024496.601:1968): avc:  denied  { mounton } for  pid=21238 comm="syz.2.4819" path="/366/file0/file0" dev="loop2" ino=1049559 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1675.991200][  T635] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[ 1676.602987][T21260] syz.6.4823[21260] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1676.603075][T21260] syz.6.4823[21260] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1676.630282][T21260] loop6: detected capacity change from 0 to 128
[ 1676.721220][T21260] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1676.730975][T21260] ext4 filesystem being mounted at /342/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1677.040788][   T28] audit: type=1400 audit(1742024497.761:1969): avc:  denied  { getopt } for  pid=21249 comm="syz.6.4823" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1678.498210][T13526] EXT4-fs (loop6): unmounting filesystem.
[ 1678.658552][   T28] audit: type=1400 audit(1742024499.381:1970): avc:  denied  { write } for  pid=21267 comm="syz.1.4826" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[ 1678.682730][T21268] loop1: detected capacity change from 0 to 128
[ 1678.792674][   T28] audit: type=1400 audit(1742024499.511:1971): avc:  denied  { ioctl } for  pid=21267 comm="syz.1.4826" path="socket:[80460]" dev="sockfs" ino=80460 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1678.845528][T21268] syz.1.4826: attempt to access beyond end of device
[ 1678.845528][T21268] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[ 1679.167730][T21281] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4827'.
[ 1679.177596][T21278] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4828'.
[ 1679.546298][   T24] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[ 1679.603090][T21278] loop1: detected capacity change from 0 to 512
[ 1679.660473][T21278] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.4828: corrupted inode contents
[ 1679.677004][T21278] EXT4-fs error (device loop1): ext4_dirty_inode:6091: inode #16: comm syz.1.4828: mark_inode_dirty error
[ 1679.736331][   T24] usb 4-1: Using ep0 maxpacket: 32
[ 1679.743029][   T24] usb 4-1: config 1 has an invalid descriptor of length 164, skipping remainder of the config
[ 1679.757218][T21278] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.4828: corrupted inode contents
[ 1679.832520][   T24] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1679.851820][T21278] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.4828: mark_inode_dirty error
[ 1679.884841][   T24] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1679.900819][T21278] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.4828: corrupted inode contents
[ 1679.955031][   T24] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1679.966498][T21278] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[ 1679.979124][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1679.996311][   T24] usb 4-1: Product: syz
[ 1680.000727][T21278] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.4828: corrupted inode contents
[ 1680.006759][   T24] usb 4-1: Manufacturer: syz
[ 1680.026400][   T24] usb 4-1: SerialNumber: syz
[ 1680.028605][T21278] EXT4-fs error (device loop1): ext4_truncate:4313: inode #16: comm syz.1.4828: mark_inode_dirty error
[ 1680.062518][T21278] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[ 1680.082633][T21278] EXT4-fs (loop1): 1 truncate cleaned up
[ 1680.096370][T21278] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1680.096542][ T1611] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1680.114971][T21278] ext4 filesystem being mounted at /352/bus/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1680.156006][ T1611] EXT4-fs error (device loop1): ext4_release_dquot:6805: comm kworker/u4:7: Failed to release dquot type 1
[ 1680.196824][T13215] EXT4-fs (loop1): unmounting filesystem.
[ 1680.296331][   T28] audit: type=1400 audit(1742024501.001:1972): avc:  denied  { write } for  pid=21276 comm="syz.3.4829" name="usbmon1" dev="devtmpfs" ino=156 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1680.383884][T21293] kvm [21292]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x25
[ 1680.721653][T21293] kvm [21292]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x88a
[ 1680.747400][T21293] kvm [21292]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x25
[ 1680.756328][ T5007] usb 2-1: new low-speed USB device number 27 using dummy_hcd
[ 1680.866338][  T635] kmmpd-loop0: attempt to access beyond end of device
[ 1680.866338][  T635] loop0: rw=14337, sector=128, nr_sectors = 2 limit=64
[ 1680.894284][  T635] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[ 1680.919776][   T28] audit: type=1400 audit(1742024501.641:1973): avc:  denied  { read } for  pid=21289 comm="syz.2.4830" name="loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1680.948884][ T5007] usb 2-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1680.968077][ T5007] usb 2-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1680.984335][ T5007] usb 2-1: config 1 interface 0 has no altsetting 0
[ 1680.996052][   T28] audit: type=1400 audit(1742024501.641:1974): avc:  denied  { open } for  pid=21289 comm="syz.2.4830" path="/dev/loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1681.028235][ T5007] usb 2-1: string descriptor 0 read error: -22
[ 1681.038451][ T5007] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1681.048592][   T28] audit: type=1400 audit(1742024501.641:1975): avc:  denied  { ioctl } for  pid=21289 comm="syz.2.4830" path="/dev/loop-control" dev="devtmpfs" ino=113 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1681.057707][ T5007] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1681.107535][T21299] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1681.114545][T21299] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1681.821989][T21309] loop6: detected capacity change from 0 to 1024
[ 1681.845244][T21309] EXT4-fs: Ignoring removed nobh option
[ 1681.851307][T21309] EXT4-fs: Ignoring removed bh option
[ 1681.857214][T21309] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1681.879184][T21309] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1681.975800][T21313] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3841: comm syz.6.4835: Allocating blocks 497-513 which overlap fs metadata
[ 1681.990120][T21313] EXT4-fs (loop6): pa ffff8881145450a8: logic 256, phys. 385, len 8
[ 1681.998081][T21313] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1682.051600][   T24] cdc_ncm 4-1:1.0: CDC Union missing and no IAD found
[ 1682.058468][   T24] cdc_ncm 4-1:1.0: bind() failure
[ 1682.064849][   T24] usb 4-1: USB disconnect, device number 31
[ 1682.179376][T13526] EXT4-fs (loop6): unmounting filesystem.
[ 1682.273704][T21326] FAULT_INJECTION: forcing a failure.
[ 1682.273704][T21326] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1682.316274][T21326] CPU: 0 PID: 21326 Comm: syz.3.4839 Not tainted 6.1.128-syzkaller-00012-g4da91a8e563c #0
[ 1682.326015][T21326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1682.335909][T21326] Call Trace:
[ 1682.339035][T21326]  <TASK>
[ 1682.341814][T21326]  dump_stack_lvl+0x151/0x1b7
[ 1682.346325][T21326]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1682.351622][T21326]  ? kstrtouint+0xf6/0x180
[ 1682.355958][T21326]  ? _kstrtol+0x150/0x150
[ 1682.360128][T21326]  dump_stack+0x15/0x18
[ 1682.364123][T21326]  should_fail_ex+0x3d0/0x520
[ 1682.368633][T21326]  should_fail+0xb/0x10
[ 1682.372627][T21326]  should_fail_usercopy+0x1a/0x20
[ 1682.377483][T21326]  _copy_from_user+0x1e/0xc0
[ 1682.381910][T21326]  copy_msghdr_from_user+0xaa/0x670
[ 1682.386947][T21326]  ? sendmsg_copy_msghdr+0x70/0x70
[ 1682.391992][T21326]  __sys_sendmsg+0x236/0x390
[ 1682.396411][T21326]  ? ____sys_sendmsg+0x9a0/0x9a0
[ 1682.401185][T21326]  ? __kasan_check_write+0x14/0x20
[ 1682.406128][T21326]  ? mutex_unlock+0xb2/0x260
[ 1682.410568][T21326]  ? percpu_array_map_lookup_percpu_elem+0x139/0x1e0
[ 1682.417066][T21326]  ? __ia32_sys_read+0x90/0x90
[ 1682.421672][T21326]  __x64_sys_sendmsg+0x7f/0x90
[ 1682.426263][T21326]  x64_sys_call+0x16a/0x9a0
[ 1682.430599][T21326]  do_syscall_64+0x3b/0xb0
[ 1682.434851][T21326]  ? clear_bhb_loop+0x55/0xb0
[ 1682.439365][T21326]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1682.445092][T21326] RIP: 0033:0x7fe39798d169
[ 1682.449347][T21326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1682.468793][T21326] RSP: 002b:00007fe3987d1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1682.477033][T21326] RAX: ffffffffffffffda RBX: 00007fe397ba5fa0 RCX: 00007fe39798d169
[ 1682.484956][T21326] RDX: 0000000000000000 RSI: 0000400000000100 RDI: 0000000000000003
[ 1682.492769][T21326] RBP: 00007fe3987d1090 R08: 0000000000000000 R09: 0000000000000000
[ 1682.500580][T21326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1682.508390][T21326] R13: 0000000000000000 R14: 00007fe397ba5fa0 R15: 00007fff42c1a678
[ 1682.516296][T21326]  </TASK>
[ 1682.554825][   T28] audit: type=1400 audit(1742024503.271:1976): avc:  denied  { write } for  pid=21328 comm="syz.6.4840" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1682.610019][T21315] loop2: detected capacity change from 0 to 40427
[ 1682.613279][   T28] audit: type=1400 audit(1742024503.331:1977): avc:  denied  { connect } for  pid=21330 comm="syz.6.4841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1682.637188][   T28] audit: type=1400 audit(1742024503.361:1978): avc:  denied  { write } for  pid=21330 comm="syz.6.4841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1682.657564][T21315] F2FS-fs (loop2): invalid crc value
[ 1682.678092][T21315] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1682.679770][T21336] FAULT_INJECTION: forcing a failure.
[ 1682.679770][T21336] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1682.697394][T21336] CPU: 0 PID: 21336 Comm: syz.3.4842 Not tainted 6.1.128-syzkaller-00012-g4da91a8e563c #0
[ 1682.707200][T21336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1682.717095][T21336] Call Trace:
[ 1682.720216][T21336]  <TASK>
[ 1682.722992][T21336]  dump_stack_lvl+0x151/0x1b7
[ 1682.727511][T21336]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1682.732806][T21336]  dump_stack+0x15/0x18
[ 1682.736799][T21336]  should_fail_ex+0x3d0/0x520
[ 1682.741312][T21336]  should_fail+0xb/0x10
[ 1682.745300][T21336]  should_fail_usercopy+0x1a/0x20
[ 1682.750160][T21336]  _copy_from_iter+0x18d/0xe00
[ 1682.754763][T21336]  ? _parse_integer_limit+0x19b/0x1e0
[ 1682.759971][T21336]  ? copyout_mc+0x80/0x80
[ 1682.764141][T21336]  ? kstrtoull+0x1cd/0x2e0
[ 1682.768393][T21336]  ? _parse_integer+0x40/0x40
[ 1682.772903][T21336]  tun_get_user+0x489/0x3a90
[ 1682.777326][T21336]  ? kstrtouint+0xf6/0x180
[ 1682.781578][T21336]  ? kasan_save_free_info+0x2b/0x40
[ 1682.786617][T21336]  ? _kstrtol+0x150/0x150
[ 1682.790782][T21336]  ? tun_do_read+0x2000/0x2000
[ 1682.795376][T21336]  ? ref_tracker_alloc+0x31d/0x450
[ 1682.800329][T21336]  ? ref_tracker_dir_print+0x160/0x160
[ 1682.805713][T21336]  ? avc_policy_seqno+0x1b/0x70
[ 1682.810523][T21336]  ? tun_get+0xe9/0x120
[ 1682.814511][T21336]  tun_chr_write_iter+0x129/0x210
[ 1682.819377][T21336]  vfs_write+0xaf6/0xed0
[ 1682.823452][T21336]  ? __kasan_slab_free+0x11/0x20
[ 1682.828273][T21336]  ? file_end_write+0x1c0/0x1c0
[ 1682.832915][T21336]  ? __fget_files+0x2cb/0x330
[ 1682.837427][T21336]  ? __fdget_pos+0x204/0x390
[ 1682.841854][T21336]  ? ksys_write+0x77/0x2c0
[ 1682.846106][T21336]  ksys_write+0x199/0x2c0
[ 1682.850291][T21336]  ? __this_cpu_preempt_check+0x13/0x20
[ 1682.855669][T21336]  ? __ia32_sys_read+0x90/0x90
[ 1682.860260][T21336]  ? debug_smp_processor_id+0x17/0x20
[ 1682.865458][T21336]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1682.871479][T21336]  __x64_sys_write+0x7b/0x90
[ 1682.875875][T21336]  x64_sys_call+0x2f/0x9a0
[ 1682.880124][T21336]  do_syscall_64+0x3b/0xb0
[ 1682.884381][T21336]  ? clear_bhb_loop+0x55/0xb0
[ 1682.888914][T21336]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1682.894627][T21336] RIP: 0033:0x7fe39798d169
[ 1682.898876][T21336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1682.918317][T21336] RSP: 002b:00007fe3987d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1682.926561][T21336] RAX: ffffffffffffffda RBX: 00007fe397ba5fa0 RCX: 00007fe39798d169
[ 1682.934385][T21336] RDX: 000000000000ffdd RSI: 0000000000000000 RDI: 0000000000000003
[ 1682.942186][T21336] RBP: 00007fe3987d1090 R08: 0000000000000000 R09: 0000000000000000
[ 1682.949521][T21315] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[ 1682.950077][T21336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1682.950094][T21336] R13: 0000000000000000 R14: 00007fe397ba5fa0 R15: 00007fff42c1a678
[ 1682.973136][T21336]  </TASK>
[ 1683.004877][T21340] FAULT_INJECTION: forcing a failure.
[ 1683.004877][T21340] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1683.035377][T21340] CPU: 1 PID: 21340 Comm: syz.6.4843 Not tainted 6.1.128-syzkaller-00012-g4da91a8e563c #0
[ 1683.045122][T21340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1683.055014][T21340] Call Trace:
[ 1683.058134][T21340]  <TASK>
[ 1683.060911][T21340]  dump_stack_lvl+0x151/0x1b7
[ 1683.065425][T21340]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1683.070795][T21340]  ? is_bpf_text_address+0x172/0x190
[ 1683.075840][T21340]  dump_stack+0x15/0x18
[ 1683.079832][T21340]  should_fail_ex+0x3d0/0x520
[ 1683.084357][T21340]  should_fail+0xb/0x10
[ 1683.088344][T21340]  should_fail_usercopy+0x1a/0x20
[ 1683.093197][T21340]  _copy_from_user+0x1e/0xc0
[ 1683.097627][T21340]  copy_msghdr_from_user+0xaa/0x670
[ 1683.097775][   T28] audit: type=1400 audit(1742024503.801:1979): avc:  denied  { map } for  pid=21314 comm="syz.2.4836" path="socket:[81429]" dev="sockfs" ino=81429 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1683.102656][T21340]  ? _parse_integer+0x2a/0x40
[ 1683.130089][T21340]  ? sendmsg_copy_msghdr+0x70/0x70
[ 1683.135038][T21340]  __sys_sendmmsg+0x375/0x6f0
[ 1683.139547][T21340]  ? kasan_set_track+0x4b/0x70
[ 1683.144148][T21340]  ? __ia32_sys_sendmsg+0x90/0x90
[ 1683.148433][   T28] audit: type=1400 audit(1742024503.801:1980): avc:  denied  { read } for  pid=21314 comm="syz.2.4836" path="socket:[81429]" dev="sockfs" ino=81429 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1683.149005][T21340]  ? __kasan_check_write+0x14/0x20
[ 1683.176965][T21340]  ? __kasan_check_write+0x14/0x20
[ 1683.181910][T21340]  ? proc_fail_nth_write+0x20b/0x290
[ 1683.187028][T21340]  ? selinux_file_permission+0x2bb/0x560
[ 1683.192522][T21340]  ? proc_fail_nth_read+0x210/0x210
[ 1683.197528][T21340]  ? fsnotify_perm+0x6a/0x5b0
[ 1683.202040][T21340]  ? vfs_write+0x952/0xed0
[ 1683.206294][T21340]  ? __kasan_slab_free+0x11/0x20
[ 1683.211072][T21340]  ? __kasan_check_write+0x14/0x20
[ 1683.216009][T21340]  ? mutex_unlock+0xb2/0x260
[ 1683.220455][T21340]  ? __ia32_sys_read+0x90/0x90
[ 1683.225038][T21340]  ? debug_smp_processor_id+0x17/0x20
[ 1683.230244][T21340]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1683.236155][T21340]  __x64_sys_sendmmsg+0xa0/0xb0
[ 1683.240959][T21340]  x64_sys_call+0x81d/0x9a0
[ 1683.245294][T21340]  do_syscall_64+0x3b/0xb0
[ 1683.249551][T21340]  ? clear_bhb_loop+0x55/0xb0
[ 1683.254060][T21340]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1683.259794][T21340] RIP: 0033:0x7f7e0398d169
[ 1683.264041][T21340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1683.283483][T21340] RSP: 002b:00007f7e047bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1683.291726][T21340] RAX: ffffffffffffffda RBX: 00007f7e03ba5fa0 RCX: 00007f7e0398d169
[ 1683.299625][T21340] RDX: 000000000400008a RSI: 0000400000000180 RDI: 0000000000000003
[ 1683.307442][T21340] RBP: 00007f7e047bb090 R08: 0000000000000000 R09: 0000000000000000
[ 1683.315252][T21340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1683.323060][T21340] R13: 0000000000000000 R14: 00007f7e03ba5fa0 R15: 00007fff13761a18
[ 1683.330882][T21340]  </TASK>
[ 1683.377960][T19340] usb 2-1: USB disconnect, device number 27
[ 1683.430123][T21344] loop3: detected capacity change from 0 to 1024
[ 1683.437032][T21344] EXT4-fs: Ignoring removed i_version option
[ 1683.443359][T21344] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1683.477990][T21344] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1683.578463][T21344] fscrypt: AES-256-XTS using blk-crypto-fallback
[ 1683.946400][T19340] usb 7-1: new low-speed USB device number 43 using dummy_hcd
[ 1683.951009][T12946] EXT4-fs (loop3): unmounting filesystem.
[ 1684.000760][T21358] FAULT_INJECTION: forcing a failure.
[ 1684.000760][T21358] name failslab, interval 1, probability 0, space 0, times 0
[ 1684.033649][T21358] CPU: 1 PID: 21358 Comm: syz.3.4848 Not tainted 6.1.128-syzkaller-00012-g4da91a8e563c #0
[ 1684.043391][T21358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1684.053288][T21358] Call Trace:
[ 1684.056408][T21358]  <TASK>
[ 1684.059197][T21358]  dump_stack_lvl+0x151/0x1b7
[ 1684.063700][T21358]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1684.068995][T21358]  ? avc_has_perm+0x16f/0x260
[ 1684.073511][T21358]  dump_stack+0x15/0x18
[ 1684.077516][T21358]  should_fail_ex+0x3d0/0x520
[ 1684.082011][T21358]  __should_failslab+0xaf/0xf0
[ 1684.086611][T21358]  should_failslab+0x9/0x20
[ 1684.090944][T21358]  slab_pre_alloc_hook+0x2e/0x1b0
[ 1684.095807][T21358]  kmem_cache_alloc_lru+0x49/0x270
[ 1684.100752][T21358]  ? sock_alloc_inode+0x28/0xc0
[ 1684.105446][T21358]  sock_alloc_inode+0x28/0xc0
[ 1684.109956][T21358]  ? sockfs_init_fs_context+0xb0/0xb0
[ 1684.115182][T21358]  new_inode_pseudo+0x65/0x1d0
[ 1684.119767][T21358]  __sock_create+0x132/0x7e0
[ 1684.124191][T21358]  __sys_socketpair+0x29f/0x6e0
[ 1684.128873][T21358]  ? __ia32_sys_socket+0x90/0x90
[ 1684.133649][T21358]  ? __ia32_sys_read+0x90/0x90
[ 1684.138431][T21358]  ? debug_smp_processor_id+0x17/0x20
[ 1684.143627][T21358]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1684.149530][T21358]  __x64_sys_socketpair+0x9b/0xb0
[ 1684.154392][T21358]  x64_sys_call+0x19b/0x9a0
[ 1684.158731][T21358]  do_syscall_64+0x3b/0xb0
[ 1684.162982][T21358]  ? clear_bhb_loop+0x55/0xb0
[ 1684.167500][T21358]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1684.173224][T21358] RIP: 0033:0x7fe39798d169
[ 1684.177500][T21358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1684.197007][T21358] RSP: 002b:00007fe3987d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[ 1684.205340][T21358] RAX: ffffffffffffffda RBX: 00007fe397ba5fa0 RCX: 00007fe39798d169
[ 1684.213156][T21358] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000000a
[ 1684.220959][T21358] RBP: 00007fe3987d1090 R08: 0000000000000000 R09: 0000000000000000
[ 1684.228771][T21358] R10: 0000400000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1684.236584][T21358] R13: 0000000000000000 R14: 00007fe397ba5fa0 R15: 00007fff42c1a678
[ 1684.244400][T21358]  </TASK>
[ 1684.288484][T21358] socket: no more sockets
[ 1684.357399][T19340] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt
[ 1684.376298][T19340] usb 7-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt
[ 1684.394193][T19340] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1684.408498][T19340] usb 7-1: string descriptor 0 read error: -22
[ 1684.415129][T19340] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1684.424098][T19340] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1684.436214][T21353] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1684.443312][T21353] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1684.452224][T21355] incfs_lookup_dentry err:-5
[ 1684.456690][T21355] incfs: Can't find or create .index dir in ./file0
[ 1684.471029][T21355] incfs: mount failed -5
[ 1684.967179][T21371] loop2: detected capacity change from 0 to 40427
[ 1684.974100][T21371] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[ 1684.989011][T21371] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1684.997544][T21371] F2FS-fs (loop2): fault_injection options not supported
[ 1685.005347][T21371] F2FS-fs (loop2): invalid crc value
[ 1685.012077][T21371] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1685.061522][T21371] F2FS-fs (loop2): Start checkpoint disabled!
[ 1685.068352][T21371] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1685.075349][T21371] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[ 1685.122174][T21371] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21371 comm=syz.2.4852
[ 1685.146950][T21371] syz.2.4852: attempt to access beyond end of device
[ 1685.146950][T21371] loop2: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[ 1685.210310][T15698] kworker/u4:6: attempt to access beyond end of device
[ 1685.210310][T15698] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[ 1685.433213][T21376] kvm [21375]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x25
[ 1685.450719][T21376] kvm [21375]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x88a
[ 1685.463187][T21376] kvm [21375]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x25
[ 1685.666697][T21388] FAULT_INJECTION: forcing a failure.
[ 1685.666697][T21388] name failslab, interval 1, probability 0, space 0, times 0
[ 1685.759023][T21388] CPU: 0 PID: 21388 Comm: syz.2.4857 Not tainted 6.1.128-syzkaller-00012-g4da91a8e563c #0
[ 1685.768770][T21388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1685.778663][T21388] Call Trace:
[ 1685.781793][T21388]  <TASK>
[ 1685.784568][T21388]  dump_stack_lvl+0x151/0x1b7
[ 1685.789084][T21388]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1685.794373][T21388]  ? __kasan_check_read+0x11/0x20
[ 1685.799230][T21388]  dump_stack+0x15/0x18
[ 1685.803221][T21388]  should_fail_ex+0x3d0/0x520
[ 1685.807827][T21388]  __should_failslab+0xaf/0xf0
[ 1685.812432][T21388]  ? kvmalloc_node+0x221/0x640
[ 1685.817154][T21388]  should_failslab+0x9/0x20
[ 1685.821487][T21388]  __kmem_cache_alloc_node+0x3d/0x2a0
[ 1685.826703][T21388]  ? kvmalloc_node+0x221/0x640
[ 1685.831298][T21388]  __kmalloc_node+0xa3/0x1e0
[ 1685.835740][T21388]  kvmalloc_node+0x221/0x640
[ 1685.840150][T21388]  ? vmx_read_guest_seg_ar+0x183/0x390
[ 1685.845439][T21388]  ? vmx_sched_in+0x68/0x310
[ 1685.849891][T21388]  ? vm_mmap+0xb0/0xb0
[ 1685.853786][T21388]  ? kvm_sched_in+0x86/0xc0
[ 1685.858204][T21388]  __kvm_mmu_topup_memory_cache+0x317/0x4a0
[ 1685.863931][T21388]  kvm_mmu_topup_memory_cache+0x22/0x30
[ 1685.869308][T21388]  kvm_mmu_load+0x111/0x2970
[ 1685.873733][T21388]  ? __sched_text_start+0x8/0x8
[ 1685.878428][T21388]  ? __kasan_check_read+0x11/0x20
[ 1685.883278][T21388]  ? preempt_schedule_irq+0xe7/0x140
[ 1685.888413][T21388]  ? kvm_mmu_unload+0x120/0x120
[ 1685.893102][T21388]  ? __kasan_check_read+0x11/0x20
[ 1685.897951][T21388]  ? preempt_schedule_irq+0xe7/0x140
[ 1685.903073][T21388]  ? preempt_schedule_notrace+0x140/0x140
[ 1685.908740][T21388]  ? raw_irqentry_exit_cond_resched+0x2a/0x30
[ 1685.914614][T21388]  ? irqentry_exit+0x30/0x40
[ 1685.919041][T21388]  ? sysvec_reschedule_ipi+0x8f/0x170
[ 1685.924273][T21388]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[ 1685.929714][T21388]  ? kvm_apic_has_interrupt+0x9d0/0xa70
[ 1685.935094][T21388]  ? kvm_cpu_has_injectable_intr+0x162/0x330
[ 1685.940913][T21388]  ? kvm_cpu_has_injectable_intr+0x30e/0x330
[ 1685.946733][T21388]  vcpu_enter_guest+0x6c7d/0x9490
[ 1685.951597][T21388]  ? vmx_vcpu_pi_load+0x12b/0x7f0
[ 1685.956448][T21388]  ? nested_vmx_inject_exception_vmexit+0x4d0/0x4d0
[ 1685.962873][T21388]  ? pvclock_gtod_update_fn+0x2b0/0x2b0
[ 1685.968254][T21388]  ? read_msr+0x50/0x50
[ 1685.972248][T21388]  ? cpudl_cleanup+0x40/0x40
[ 1685.976672][T21388]  ? __kasan_check_write+0x14/0x20
[ 1685.981618][T21388]  ? kvm_arch_vcpu_load+0x577/0x760
[ 1685.986652][T21388]  ? do_get_msr_feature+0x320/0x320
[ 1685.991693][T21388]  ? vmx_read_guest_seg_ar+0x183/0x390
[ 1685.996983][T21388]  ? vmx_sched_in+0x68/0x310
[ 1686.001408][T21388]  ? kvm_sched_in+0x86/0xc0
[ 1686.005746][T21388]  ? finish_task_switch+0x6a8/0x7b0
[ 1686.010795][T21388]  ? __schedule+0xcbd/0x1560
[ 1686.015223][T21388]  ? __sched_text_start+0x8/0x8
[ 1686.019895][T21388]  ? queued_write_lock_slowpath+0x460/0x547
[ 1686.025622][T21388]  ? __kasan_check_read+0x11/0x20
[ 1686.030486][T21388]  ? preempt_schedule_irq+0xe7/0x140
[ 1686.035603][T21388]  ? preempt_schedule_notrace+0x140/0x140
[ 1686.041164][T21388]  ? raw_irqentry_exit_cond_resched+0x2a/0x30
[ 1686.047060][T21388]  ? irqentry_exit+0x30/0x40
[ 1686.051489][T21388]  ? sysvec_reschedule_ipi+0x8f/0x170
[ 1686.056695][T21388]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[ 1686.062166][T21388]  ? kvm_arch_vcpu_ioctl_run+0x7ba/0x2270
[ 1686.067717][T21388]  kvm_arch_vcpu_ioctl_run+0x1478/0x2270
[ 1686.073191][T21388]  ? __kvm_request_immediate_exit+0x70/0x70
[ 1686.078917][T21388]  ? __sanitizer_cov_trace_pc+0x1/0x60
[ 1686.084208][T21388]  kvm_vcpu_ioctl+0x7eb/0xcf0
[ 1686.088722][T21388]  ? xa_release+0x40/0x40
[ 1686.092888][T21388]  ? selinux_file_ioctl+0x3cc/0x540
[ 1686.097921][T21388]  ? selinux_file_alloc_security+0x120/0x120
[ 1686.103738][T21388]  ? __fget_files+0x2cb/0x330
[ 1686.108254][T21388]  ? security_file_ioctl+0x84/0xb0
[ 1686.113196][T21388]  ? xa_release+0x40/0x40
[ 1686.117368][T21388]  __se_sys_ioctl+0x114/0x190
[ 1686.121876][T21388]  __x64_sys_ioctl+0x7b/0x90
[ 1686.126302][T21388]  x64_sys_call+0x98/0x9a0
[ 1686.130554][T21388]  do_syscall_64+0x3b/0xb0
[ 1686.134807][T21388]  ? clear_bhb_loop+0x55/0xb0
[ 1686.139325][T21388]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1686.145051][T21388] RIP: 0033:0x7f46a958d169
[ 1686.149304][T21388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1686.168832][T21388] RSP: 002b:00007f46aa4c9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1686.177077][T21388] RAX: ffffffffffffffda RBX: 00007f46a97a5fa0 RCX: 00007f46a958d169
[ 1686.184892][T21388] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 1686.192699][T21388] RBP: 00007f46aa4c9090 R08: 0000000000000000 R09: 0000000000000000
[ 1686.200598][T21388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1686.208409][T21388] R13: 0000000000000000 R14: 00007f46a97a5fa0 R15: 00007ffecf8981b8
[ 1686.216225][T21388]  </TASK>
[ 1686.328489][  T635] ------------[ cut here ]------------
[ 1686.333813][  T635] kernel BUG at fs/buffer.c:2714!
[ 1686.344910][  T635] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 1686.351132][  T635] CPU: 0 PID: 635 Comm: kmmpd-loop0 Not tainted 6.1.128-syzkaller-00012-g4da91a8e563c #0
[ 1686.360763][  T635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1686.370656][  T635] RIP: 0010:submit_bh_wbc+0x4cd/0x4f0
[ 1686.375862][  T635] Code: c3 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c bd fe ff ff 48 89 df e8 14 bc e6 ff e9 b0 fe ff ff e8 8a 1d 9f ff 0f 0b e8 83 1d 9f ff <0f> 0b e8 7c 1d 9f ff 0f 0b e8 75 1d 9f ff 0f 0b e8 6e 1d 9f ff 0f
[ 1686.395310][  T635] RSP: 0018:ffffc9001004fc20 EFLAGS: 00010293
[ 1686.401226][  T635] RAX: ffffffff81d6775d RBX: 0000000000000000 RCX: ffff88811355e540
[ 1686.409026][  T635] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1686.416829][  T635] RBP: ffffc9001004fc70 R08: ffffffff81d67330 R09: ffffed10228bcafd
[ 1686.424642][  T635] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[ 1686.432450][  T635] R13: 1ffff110228bcafc R14: ffff8881145e57e0 R15: 0000000000003801
[ 1686.440260][  T635] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 1686.449117][  T635] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1686.449616][T21392] loop3: detected capacity change from 0 to 512
[ 1686.455534][  T635] CR2: 000000110c2a3e13 CR3: 0000000129f70000 CR4: 00000000003526b0
[ 1686.455556][  T635] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1686.455568][  T635] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1686.455582][  T635] Call Trace:
[ 1686.455589][  T635]  <TASK>
[ 1686.490951][  T635]  ? __die_body+0x62/0xb0
[ 1686.495114][  T635]  ? die+0x88/0xb0
[ 1686.498675][  T635]  ? do_trap+0x103/0x330
[ 1686.502757][  T635]  ? submit_bh_wbc+0x4cd/0x4f0
[ 1686.507355][  T635]  ? handle_invalid_op+0x95/0xc0
[ 1686.512143][  T635]  ? submit_bh_wbc+0x4cd/0x4f0
[ 1686.516731][  T635]  ? exc_invalid_op+0x32/0x50
[ 1686.521242][  T635]  ? asm_exc_invalid_op+0x1b/0x20
[ 1686.526104][  T635]  ? submit_bh_wbc+0xa0/0x4f0
[ 1686.530700][  T635]  ? submit_bh_wbc+0x4cd/0x4f0
[ 1686.535298][  T635]  ? submit_bh_wbc+0x4cd/0x4f0
[ 1686.539903][  T635]  ? __kasan_check_read+0x11/0x20
[ 1686.544757][  T635]  submit_bh+0x1d/0x30
[ 1686.548666][  T635]  write_mmp_block_thawed+0x3a0/0x570
[ 1686.553872][  T635]  ? read_mmp_block+0x7d0/0x7d0
[ 1686.558652][  T635]  ? update_process_times+0x1b0/0x1b0
[ 1686.563862][  T635]  write_mmp_block+0x12b/0x2a0
[ 1686.568464][  T635]  kmmpd+0x40c/0xa10
[ 1686.572197][  T635]  ? write_mmp_block_thawed+0x570/0x570
[ 1686.577578][  T635]  ? __kthread_parkme+0x12d/0x180
[ 1686.582522][  T635]  kthread+0x26d/0x300
[ 1686.586426][  T635]  ? write_mmp_block_thawed+0x570/0x570
[ 1686.591812][  T635]  ? kthread_blkcg+0xd0/0xd0
[ 1686.596255][  T635]  ret_from_fork+0x1f/0x30
[ 1686.600494][  T635]  </TASK>
[ 1686.603350][  T635] Modules linked in:
[ 1686.643836][ T7441] usb 7-1: USB disconnect, device number 43
[ 1686.654962][T21392] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1686.688022][T21392] EXT4-fs (loop3): revision level too high, forcing read-only mode
[ 1686.702642][T21392] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[ 1686.709733][  T635] ---[ end trace 0000000000000000 ]---
[ 1686.716220][  T635] RIP: 0010:submit_bh_wbc+0x4cd/0x4f0
[ 1686.726373][T21392] System zones: 0-1, 15-15, 18-18, 34-34
[ 1686.737107][  T635] Code: c3 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c bd fe ff ff 48 89 df e8 14 bc e6 ff e9 b0 fe ff ff e8 8a 1d 9f ff 0f 0b e8 83 1d 9f ff <0f> 0b e8 7c 1d 9f ff 0f 0b e8 75 1d 9f ff 0f 0b e8 6e 1d 9f ff 0f
[ 1686.738668][T21392] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1686.762849][T21392] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=0
[ 1686.772306][T21392] EXT4-fs warning (device loop3): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1686.787945][T21392] EXT4-fs (loop3): Cannot turn on quotas: error -22
[ 1686.794560][T21392] EXT4-fs (loop3): ext4_process_orphan: truncating inode 16 to 9000 bytes
[ 1686.796469][  T635] RSP: 0018:ffffc9001004fc20 EFLAGS: 00010293
[ 1686.803129][T21392] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.4858: bg 0: block 40: padding at end of block bitmap is not set
[ 1686.823284][T21392] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1686.825298][  T635] 
[ 1686.832029][T21392] EXT4-fs (loop3): 1 truncate cleaned up
[ 1686.839454][T21392] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1686.842849][  T635] RAX: ffffffff81d6775d RBX: 0000000000000000 RCX: ffff88811355e540
[ 1686.870092][  T635] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1686.896146][  T635] RBP: ffffc9001004fc70 R08: ffffffff81d67330 R09: ffffed10228bcafd
[ 1686.917255][  T635] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[ 1686.933832][  T635] R13: 1ffff110228bcafc R14: ffff8881145e57e0 R15: 0000000000003801
[ 1686.950492][  T635] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 1686.967926][  T635] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1686.974470][  T635] CR2: 00007f57ff178ab8 CR3: 000000011fcf3000 CR4: 00000000003506b0
[ 1686.982447][  T635] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1686.990328][  T635] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1686.998097][  T635] Kernel panic - not syncing: Fatal exception
[ 1687.004234][  T635] Kernel Offset: disabled
[ 1687.008402][  T635] Rebooting in 86400 seconds..