last executing test programs:

1m16.688544836s ago: executing program 3 (id=153):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='task_rename\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r2, &(0x7f00000006c0), &(0x7f0000000000), 0x2}, 0x20)

1m16.644407937s ago: executing program 3 (id=155):
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
syz_memcpy_off$IO_URING_METADATA_FLAGS(r0, 0x114, &(0x7f0000000040), 0x0, 0x4)
syz_io_uring_complete(r0)
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000400)={&(0x7f000092b000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x1000})

1m15.792935003s ago: executing program 3 (id=183):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x8)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x610880, 0x0)
read$FUSE(r1, 0x0, 0x0)
prlimit64(0x0, 0x7, &(0x7f00000003c0)={0x4, 0xd7}, 0x0)
fcntl$dupfd(r1, 0x0, r0)

1m15.750077283s ago: executing program 3 (id=185):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000002c0)='inet_sock_set_state\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
listen(r1, 0xfff)

1m15.682880544s ago: executing program 3 (id=189):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x280})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/43, 0x7ffff000}, {&(0x7f0000000480)=""/165, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x2aa, 0x0)

1m15.619142275s ago: executing program 3 (id=191):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffff7a, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002c00000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

1m15.516694455s ago: executing program 32 (id=191):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffff7a, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002c00000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

55.017473181s ago: executing program 0 (id=795):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r2 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
write$selinux_validatetrans(r2, &(0x7f0000000580)=ANY=[@ANYBLOB='system_u:object_r:cron_spool_t:s0 system_u:object_r:lib_t:s0 184'], 0x61)

54.983989081s ago: executing program 0 (id=785):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000004c0)={0x2c, r1, 0x1, 0x0, 0x25dfdbfc, {0x1c}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}]}]}, 0x2c}}, 0x4000000)

54.951141162s ago: executing program 0 (id=786):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000fb"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x4)
chroot(&(0x7f0000000000)='./file0/../file0\x00')

54.930764132s ago: executing program 0 (id=787):
syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x1010d1, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x2081c80, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x20000, 0x0)
move_mount(r0, &(0x7f0000008080)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x160)

54.875765222s ago: executing program 0 (id=792):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000640)='./bus\x00', 0xa00000, &(0x7f0000000ac0), 0x41, 0x53d, &(0x7f0000019b00)="$eJzs3c9vI1cdAPDvTOJsdjfFKSBUKlEqWrRbwdqbhrYRQlAucKoElPsSEm8UrR1HsVM2UUVT8R8gJJA4ceKCxIUbEuqBPwBVqgQXxAEBAiHYwgHxo4NmPFZTx07SNrF3489HmvV78+v73ozyPDN++yaAqfV4RDwfETMR8VREVMv5aTndyjMHvfXevPfyWj4lkWUv/i2JpJzX31een42Iq71NYj4ivvbliG8mR+N29vbvrDabjZ0yX++2tuudvf0bm63VjcZGY2t5eenZledWnlm5mZXeVz0X+4kff+nzv/j0t35/6y/Xv50X63MfiUoM1OMs9apeKY5FX36Mds4j2ATMlPWpTLogAACcSn6N/8GI+ERx/V+NmeJqbsDMQP7SuEoHAAAAnIXsCwvx3yQiAwAAAC6sNCIWIklrZV+AhUjTufLZwIfjStpsd7qfut3e3VrPl0UsRiW9vdls3Cz7Ci9GJcnzS2Uf237+6YH8ckQ8HBHfq14u8rW1dnN9ws8+AAAAYFpcHbj//2c1LdInG/L/BAAAAID71+LIDAAAAHBRuOUHAACAi2/w/n9wvH8AAADggfaVF17Ip6z//uv1l/Z277RfurHe6NyptXbXamvtne3aRru9UYzZ1zppf812e/szsbV7t95tdLr1zt7+rVZ7d6t7a/Mdr8AGAAAAxujhj7/2myQiDj57uZiiHAcQ4B3+OOkCAGdJVz+YXkbxhulVmXQBgIlLTlje67yTHIylMAAAwLm49tGjv//33//v2QBcbPr6AMD0eS+//7svgIuhUvQAvDzpYgATMFs+A/hAL3tp1HojB+/41WkjZVnE69XDc1xHAADAeC0UU5LWyvuAhUjTWi3ioYh0MSrJ7c1m42Z5f/DrauVSnl8qtkxO7DMMAAAAAAAAAAAAAAAAAAAAAAAAAPRkWRIZAAAAcKFFpH9OitH8I65Vn1wYfD4wl/yrGn8qMz988ft3V7vdnaV8/t+Ld3nNRUT3B+X8p0e+PgwAAAA4a8nByEW9+/Tyc2mspQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgCrx57+W1/jTOuH/9YkQsDos/G/PF53xUIuLKP5KYPbRdEhEzZxD/4NWIeGRY/CTeyrJXoizFsPiXzzn+YnFohsdPI+LqGcSHafZa3v48P+zvL43Hi8/hf3+z5fR+jW7/0jLyI0U7N6z9eejI3lpDYzz6xk/rvVTlaPxXIx6dHd7+9NvfZET8J47s7T9Zlh2N/42v7++Pqn/2o4hrQ79/ksrhWPVua7ve2du/sdla3WhsNLaWl5eeXXlu5ZmVm/Xbm81G+e/QGN/92M/fGhU/r/+VIfF/99te+3tc/Z8ctdMB/3vj7r0P9ZJHTkAe//oTQ79/52NE/LT87vtkmc6XX+unD3rpwx77yeuPHVf/9eHH/8Tzf/2U9X/qq9/5wylXBQDGoLO3f2e12WzsHJOYP8U6D2Lil/P3RTHeZSJ7pXfm7pfyvNdEfrX69px+rQ6tMxdnHPRn/454d1tlYzkal4rr+dNuNTem0zTRZgkAADgHb1/0T7okAAAAAAAAAAAAAAAAAAAAML0GBv26eh7DiQ3GPJhMVQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjvX/AAAA///WVtuo")
creat(&(0x7f00000000c0)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x63d014, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x8102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)

54.796168213s ago: executing program 0 (id=793):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f0000000ac0)='mm_page_free_batched\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, 0xffffffffffffffff, 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

54.790024023s ago: executing program 33 (id=793):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f0000000ac0)='mm_page_free_batched\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, 0xffffffffffffffff, 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

11.923352569s ago: executing program 5 (id=1970):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x3a)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000580)={'vcan0\x00', <r3=>0x0})
bind$can_raw(r0, &(0x7f0000000100)={0x1d, r3}, 0x10)
bind$can_raw(r0, &(0x7f0000000280), 0x10)

11.85445318s ago: executing program 5 (id=1976):
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x8001, 0x0)

10.995338307s ago: executing program 5 (id=2005):
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f00000000c0)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r0, @ANYBLOB="3bf81bb9f9"], 0x20000600}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
sendmsg$can_bcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2}, 0x0)

10.918495897s ago: executing program 5 (id=2009):
syz_mount_image$ext4(&(0x7f0000000680)='ext4\x00', &(0x7f0000000c80)='./bus\x00', 0x0, &(0x7f0000000840)={[{@nolazytime}, {@jqfmt_vfsv1}, {@block_validity}, {@max_batch_time={'max_batch_time', 0x3d, 0x8}}, {@block_validity}, {@resuid}, {@nombcache}, {@noauto_da_alloc}, {@nolazytime}]}, 0xfc, 0x57c, &(0x7f0000000cc0)="$eJzs3V1rHNUbAPBnNpv0/d8USvnrhRR6YaV20yS+VBCsl6LFgt7XJZmGkk23ZDeliQXbC3vjjRRBxIL4Abz3svgF/BQFLRQpQS9EiMxmNt0ku3nrxk27vx9Mcs7OTM48e+aZnLOzywbQt05mPwoRL0XE10nEUMu6YuQrTy5vt/jk1kS2JLG09MkfSST5Y83tk/z3obzy/4j45cuIM4X17dbmF6bLlUo6m9dH6jPXR2rzC2evzpSn0qn02tj4+Pk3x8feefutrsX62qW/vvv4wQfnvzq1+O1Pj47dS+JCHM7XtcbxDG63Vk6W/8lLg3FhzYajXWhsL0l6fQDsyECe54ORXQOOxkCe9cCL74uIWAL6VCL/oU81xwHNuX2X5sHPjcfvL0+AGrEPtcZfXH5tJPY35kYHF5NVM6NsvjvchfazNn7+/f69bImNX4c4sEkdYFtu34mIc8Xi+ut/kl//du5c48Xjja1to9/+/0AvPcjGP6+3G/8VVsY/0Wb8c6hN7u7E5vlfeNSFZjrKxn/vth3/rly6hgfy2pHGmG8wuXK1kp6LiP9FxOkY3JfVN7qfc37x4VKnda3jv2zJ2m+OBfPjeFTct3qfyXK9HKtv1e3Y4zsRLxfbxZ+s9H/Spv+z5+PSFts4kd5/pdO6NfEnxXXx766lHyNebdv/T+9oJRvfnxxpnA8jzbNivT/vnvi1U/ub9//uyvr/4MbxDyet92tr22/jh/1/p53W7fT8H0o+bZSbSXCzXK/PjkYMJR+tf3zs6b7NenP7LP7Tpza+/rU7/7PJ12dbjP/u8bsdN10d/5HoRf9Pbqv/t194+OHn33dqf2v9/0ajdDp/JL/+tZefK1s9wGd9/gAAAAAAAGAvKUTE4UgKpZVyoVAqLb+/43gcLFSqtfqZK9W5a5PR+KzscAwWmne6j7a8H2I0fz9ssz62pj4eEcci4puBA416aaJamex18AAAAAAAAAAAAAAAAAAAALBHHOrw+f/MbwO9Pjpg1zW+2GBfr48C6IVNv/K/G9/0BOxJm+Y/8MKS/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kPAAAAAAAAAAAAAAAAAAAAAAAAAAAAXXXp4sVsWVp8cmsiq0/emJ+brt44O5nWpkszcxOliers9dJUtTpVSUsT1ZnN/l6lWr0+OhZzN0fqaa0+UptfuDxTnbtWv3x1pjyVXk4H/5OoAAAAAAAAAAAAAAAAAAAA4PlSm1+YLlcq6axCx8J7sScOYzcDXLaj3Yt7JQqFDoU7efdub68eXpQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYI1/AwAA///VDy/N")
openat(0xffffffffffffff9c, &(0x7f0000000740)='./file0\x00', 0x143042, 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x1efb7e, 0x86d7ae2592eaaba6)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x1a1)
write$binfmt_script(r0, &(0x7f0000000080), 0x208e24b)
listxattr(&(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x11)

10.842240257s ago: executing program 5 (id=2015):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4)
recvmmsg(r1, &(0x7f0000000300)=[{{0x0, 0x0, 0x0}, 0x101}], 0x1, 0x0, 0x0)

10.688144659s ago: executing program 5 (id=2017):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f00000000c0), 0x2, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x300, 0x0)
rename(&(0x7f00000001c0)='./file2\x00', &(0x7f0000000200)='./file1\x00')
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ef)
sendfile(r1, r0, 0x0, 0xfffa83)

10.634068829s ago: executing program 34 (id=2017):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f00000000c0), 0x2, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x300, 0x0)
rename(&(0x7f00000001c0)='./file2\x00', &(0x7f0000000200)='./file1\x00')
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ef)
sendfile(r1, r0, 0x0, 0xfffa83)

2.474609741s ago: executing program 1 (id=2263):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x44, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x8, 0xa}, {}, {0x7, 0xb}}, [@filter_kind_options=@f_basic={{0xa}, {0xfffffffffffffdf3, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0xd, 0xc}}, @TCA_BASIC_CLASSID={0x8, 0x1, {0x8, 0xffe0}}]}}]}, 0x44}}, 0x40)

2.388512512s ago: executing program 1 (id=2267):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r4, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01dfffffff9a26000000210000000c00018008000100", @ANYRES32=r3], 0x20}}, 0x0)

2.327391323s ago: executing program 1 (id=2271):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000240)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x4, @local, 0x5}, 0x1c, 0x0}}], 0x1, 0x6001)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d80)={&(0x7f0000000d40)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
ppoll(&(0x7f0000000080)=[{0xffffffffffffffff, 0x1020}], 0x1, &(0x7f0000000100), &(0x7f0000000140)={[0xfffffffffffffff8]}, 0x8)

2.278166853s ago: executing program 1 (id=2275):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffdfc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x2c, r3, 0x1, 0x72bd27, 0x25dfdbfc, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}]}]}, 0x2c}}, 0x2)

2.190153084s ago: executing program 1 (id=2280):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000200)='mm_page_alloc\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r2, &(0x7f00000018c0)=[{{&(0x7f0000000100)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f0000001ac0)="0561", 0x2}], 0x1}}], 0x2, 0x240080e4)
sendto$inet(r2, 0x0, 0x0, 0x20000000, 0x0, 0x0)

2.177793004s ago: executing program 4 (id=2282):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x45)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x103441, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305839, &(0x7f00000001c0)={0x0, 0x0, 0x1df, 0xffb})
pwrite64(r1, &(0x7f0000000000)='J', 0x1, 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000140))

2.169864254s ago: executing program 1 (id=2283):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write(r0, 0x82, 0x5, &(0x7f0000002340)='hello')

2.069162244s ago: executing program 4 (id=2286):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXCEPTION_PAYLOAD(r1, 0x4068aea3, &(0x7f0000000040)={0xa4, 0x0, 0x1})
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000004c0)={0x79, 0x0, 0x3})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x13, r2, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000000c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x3, 0x100000000000, 0x5]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.941242326s ago: executing program 4 (id=2294):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r3}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

1.877113746s ago: executing program 4 (id=2296):
personality(0x400000d)
syz_emit_ethernet(0x0, 0x0, 0x0)
ppoll(0x0, 0x0, 0x0, &(0x7f0000000180)={[0x7]}, 0x8)
timer_create(0x2, 0x0, &(0x7f0000000480))
timer_settime(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_create(0x2, 0x0, &(0x7f0000000480)=<r0=>0x0)
timer_settime(r0, 0x1, &(0x7f0000000000)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_delete(r0)

1.36817111s ago: executing program 2 (id=2304):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xc0000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xffffffffffffffff)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000893000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f00000000c0)="0f20c06635000001000f22c00f01c36565d86b6766660f388129a5660fd9430d0f3a0fcc35f20f38f14029f20fc24686490ebc", 0x33}], 0x1, 0x8, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

909.994443ms ago: executing program 4 (id=2306):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getresuid(0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x80, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

483.756246ms ago: executing program 6 (id=2318):
r0 = socket(0x2, 0x3, 0xb)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
close_range(r0, 0xffffffffffffffff, 0x0)

456.290147ms ago: executing program 6 (id=2319):
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x6}}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}})

404.830067ms ago: executing program 7 (id=2320):
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r3}, 0x10)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

395.649557ms ago: executing program 6 (id=2321):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r3}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

369.699917ms ago: executing program 7 (id=2322):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)

365.822137ms ago: executing program 2 (id=2323):
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x81, 0x8, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={r0, &(0x7f00000004c0), &(0x7f0000000400)=@udp6=r1}, 0x3f)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fd8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000007c0)={r0, &(0x7f0000000000), &(0x7f0000000780)=@udp6=r1}, 0x20)
bpf$MAP_UPDATE_ELEM(0x4, &(0x7f0000000100)={r0, &(0x7f0000000000), &(0x7f00000000c0)=@udp6}, 0x20)

355.046407ms ago: executing program 6 (id=2324):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000140)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="200000006800e97800000000000000000a0000000000000008000500", @ANYRES32=r3], 0x20}}, 0x44000)
sendmsg$nl_route(r1, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@ipv6_newrule={0x24, 0x18, 0x409, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}]}, 0x24}}, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x8, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x1c)

347.217618ms ago: executing program 2 (id=2325):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r2}, 0x10)
r3 = syz_io_uring_setup(0x371d, &(0x7f0000000440)={0x0, 0x0, 0x400, 0xa, 0xffffff}, &(0x7f0000000380), &(0x7f0000000400))
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)

338.373418ms ago: executing program 6 (id=2326):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080)={r3, r2}, 0xc)

326.801218ms ago: executing program 7 (id=2327):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28e)
r3 = socket$nl_route(0x10, 0x3, 0x0)
writev(r0, 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=@newlink={0x38, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x9801}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @broadcast}]}}}]}, 0x38}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=ANY=[@ANYBLOB="5c0000001000390400"/20, @ANYRES32=r2, @ANYBLOB="00000000000000003c0012800800010067726500300002800400120005000a"], 0x5c}}, 0x0)

317.160698ms ago: executing program 2 (id=2328):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000004}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x4c, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x8}, {}, {0x7, 0xb}}, [@filter_kind_options=@f_flow={{0x9}, {0x1c, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x1cc05}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_MASK={0x8, 0x6, 0x158}]}}]}, 0x4c}}, 0x400c084)

301.414628ms ago: executing program 6 (id=2329):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
syz_mount_image$exfat(&(0x7f0000006c00), &(0x7f0000001b40)='./file0\x00', 0x208008de, &(0x7f0000001b80)=ANY=[@ANYBLOB='utf8,errors=continue,namecase=1,utf8,gid=', @ANYRESHEX=0x0, @ANYBLOB=',umask=00000000000000000000077,umask=00000000000000000005676,uid=', @ANYRESHEX=0x0, @ANYBLOB=',gid=', @ANYRESHEX=0x0, @ANYBLOB="2c000ca8768ddddc191573cbd33da79641936c9de64e264f331d1b50f4c4f54702f51dcbddb39c14c19175f07a639bb65ea608fbf6fadf5d8da30ace1281bed3e61b084526e10dbe921dad84fbcabc5791f52445cb76b789ed377aa0cd17309c4df04d525e8af05fb246b33836d90656cd2daa991b916be40df3bd607ae5672e1bb90730d0ff03000000000000c5f0cf287ea707c1fc66165f74e7d8a78c37a4b86907cec1df06da3611f616718d88770a2520ceb039bc06ef4d1183"], 0x1, 0x1503, &(0x7f0000000580)="$eJzs3AuYj1XXMPC99t43Y5L+TXIY9trr5p8G2yRJDgk5JEmSJDklJCZJEhJDTklDEnKcJIchJIdpTBrn8yHnpMkjTZKE5BT2d+np/Tzv0/O+fe9X3+e93lm/69qXvdz/tf7rnjXX3Pf9v66Z73uOqtu8Xq2mRCT+FPj7P8lCiBghxDAhxA1CiEAIUTGuYtyV4/kUJP+5N2F/rUfTrnUH7Fri+eduPP/cjeefu/H8czeef+7G88/deP65G8+fsdxs+5yiN/LKvYs//8/N+Pr/P0hOuclfbyx3c6//QgrPP3fj+eduPP/cjeefu/H8czee//98Nf+TYzz/3I3nz1hudq0/f+Z1bde1/v5jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZY7nPNXaSHEv+2vdV+MMcYYY4wxxhj76/i817oDxhhjjDHGGGOM/b8HQgoltAhEHpFXxIh8IlZcJ/KL60UBcYOIiBtFnLhJFBQ3i0KisCgiiop4UUwUF0agsIJEKEqIkiIqbhGlxK0iQZQWZURZ4UQ5kShuE+XF7aKCuENUFHeKSuIuUVlUEVVFNXG3qC7uETVETVFL3Ctqizqirqgn7hP1xf2igXhANBQPikbiIdFYPCyaiEdEU/GoaCYeE83F46KFeEK0FK1Ea9FGtP2/yn9Z9BWviH6iv0gWA8RA8aoYJAaLIWKoGCZeE8PF62KEeEOkiJFilHhTjBZviTHibTFWjBPjxTtigpgoJonJYoqYKlLFu2KaeE9MF++LGWKmmCVmizQxR8wVH4h5Yr5YID4UC8VHYpFYLJaIpSJdfCwyxDKRKT4Ry8WnIkusECvFKrFarBFrxTqxXmwQG8UmsVlsEVvFNrFdfCZ2iJ1il9gt9oi9Yp/4XOwXX4gD4kuRLb76L+af/af8XiBAgAQJGjTkgTwQAzEQC7GQH/JDASgAEYhAHMRBQSgIhaAQFIEiEA/xUByKAwICAUEJKAFRiEIpKAUJkABloAw4cJAIiVAebocKUAEqQkWoBJWgMlSBKlANqkF1qA41oAbUglpQG2pDXagL98F9cD80gAbQEBpCI2gEjaExNIEm0BSaQjNoBs2hObSAFtASWkJraA1toS20g3bQHtpDR+gInaATdIbOkARJ0BW6QjfoBt2hO/SAHtATekIv6A294WV4GV6BV6A/1JYDYCAMhEEwCIbAUBgKr8FweB1ehzcgBUbCKHgT3oS3YAycgbEwDsbDeKguJ8IkmAwkp0IqpMI0mAbTYTrMgJkwE2ZDGsyBuTAX5sF8mA8fwkL4CD6CxbAYlkI6pEMGLINMyITlcBayYAWshFWwGtbAalgH62EdbIRNsBG2wBbYBtvgM/gMdsJO2A27YS/shc/hc/gCvoAUyIZsOAgH4RAcgsNwGHIgB47AETgKR+EYHIPjcBxOwEk4BSfhNJyGM3AWzsE5uAAX4CK8GP9ts72lN6QIeYWWWuaReWSMjJGxMlbml/llAVlARmRExsk4WVAWlIVkIVlEFpHxMl4Wl8UlSpQkQ1lClogRQshSspRMkAmyjCwjnXQyUSbK8rK8rCAryIryTllJ3iUryyqyg6smq8nqsqOrIWvKWrKWrC3ryLqynqwn68v6soFsIBvKhrKRbCQby4dlEzkAhsCj8spkmsuR0EKOgpaylWwt28i34EnZTo6B9rKD7CifluNgLHSW7VySfFZ2lZOgm3xeToYXZA85FXrKl2Qv2Vv2kS/LvrK96yf7yxkwQA6Us2GQHCyHyKFyHtSRVyZWV74hU+RIOUq+KZfCW3KMfFuOlePkePmOnCAnyklyspwip8pU+a6cJt+T0+X7coacKWfJ2TJNzpFz5QdynpwvF8gP5UL5kVwkF8slcqlMlx/LDLlMZspP5HL5qcySK+RKuUqulmvkWrlOrpcb5Ea5SW6WW+RWuU1ul5/JHXKn3CV3yz1yr9wnP5f75RfygPxSZsuv5EH5N3lIfi0Py29kjvxWHpHfyaPye3lM/iCPyx/lCXlSnpI/ydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaDyqLwqRuVTseo6lV9drwqoG1RE3aji1E2qoLpZFVKFVRFVVMWrYqq4MgqVVaRCVUKVVFF1iyqlblUJqrQqo8oqp8qpRHWbKq9uVxXUHaqiulNVUnepyqqKqqqqqbtVdXWPqqFqqlrqXlVb1VF1VT11n6qv7lcN1AOqoXpQNVIPqcbqYdVEPaKaqkdVM/WYaq4eVy3UE6qlaqVaqzaqrXpStVNPqfaqg+qonlad1DOqs+qiktSzqqt6TnVTz6vu6gXVQ72oeqqXVC/VW/VRl9Rl5VU/1V8lqwFqoHpVDVKD1RA1VA1Tr6nh6nU1Qr2hUtRINUq9qUart9QY9bYaq8ap8eodNUFNVJPUZDVFTVWp6l01Tb2npqv31Qw1U81Ss1WamqOG/FZpwT/lD/jtqvuP+e/9i/wRv777NrVdfaZ2qJ1ql9qt9qi9ap/ap/ar/eqAOqCyVbY6qA6qQ+qQOqwOqxyVo46oI+qoOqqOqWPquDquTqiT6rz6SZ1WP6sz6qw6q86rC+qCuvjb10Bo0FIrrXWg8+i8Okbn07H6Op1fX68L6Bt0RN+o4/RNuqC+WRfShXURXVTH62K6uDYatdWkQ11Cl9RRfYsupW/VCbq0LqPLaqfL6UR925/O/6P+2uq2up1up9vr9rqj7qg76U66s+6sk3SS7qq76m66m+6uu+seuofuqXvqXrqX7qP76L66r+6n++lknawH6lf1ID1YD9FD9TD9mh6uh+sReoRO0Sl6lB6lR+vReoweo8fqsXq8Hq8n6Al6kp6kp+gpOlWn6ml6mp6up+sZeoaepWfpNJ2m5+q5ep6epxfoBXqhXqgX6UV6iV6i03W6ztAZOlNn6uV6uc7SK/QKvUqv0mv0Gr1Or9Mb9Aa9SW/SW/QWnaW36+16h96hd+ldeo/eo/fpfXq/3q8P6AM6W2frg/qgPqQP6cP6sM7ROfqIPqKP6qP6mD424Lg+rk/oE/qUPqVP69P6jD6jz+lz+oK+oC/qi/qyvnzlti+QgQx0oIM8QZ4gJogJYoPYIH+QPygQFAgiQSSIC+KCgsHNQaGgcFAkKBrEB8WC4oEJMLABBWFQIigZRINbglLBrUFCUDooE5QNXFAuSAxuC8oHtwcVgjuCisGdQaXgrqByUCWoGlQL7g6qB/cENYKaQa3g3qB2UCeoG9QL7gvqB/cHDYIHgobBg0Gj4KGgcfBw0CR4JGgaPBo0Cx4LmgePBy2CJ4KWQaugddAmaPuX1vf+TOGnXD/T3ySbAWagedUMMoPNEDPUDDOvmeHmdTPCvGFSzEgzyrxpRpu3zBjzthlrxpnx5h0zwUw0k8xkM8VMNanmXTPNvGemm/fNDDPTzDKzTZqZY+aaD8w8M98sMB+aheYjs8gsNkvMUpNuPjYZZpnJNJ+Y5eZTk2VWmJVmlVlt1py/UQiz3mwwG80ms9lsMVvNNrPdfGZ2mJ1ml9lt9pi9Zp/53Ow3X5gD5kuTbb4yB83fzCHztTlsvjE55ltzxHxnjprvzTHzgzlufjQnzElzyvxkTpufzRlz1pwz580F84u5aC6Zy8Zfubm/cnlHjRrzYB6MwRiMxVjMj/mxABbACEYwDuOwIBbEQlgIi2ARjMd4LI7F8QpCwhJYAqMYxVJYChMwActgGXToMBETsTyWxwpYAStiRayElbAyVsaqWBXvxrvxHrwHa2JNvBfvxTpYB+thPayP9bEBNsCG2BAbYSNsjI2xCTbBptgUm2EzbI7NsQW2wJbYEltja2yLbbEdtsP22B47YkfshJ2wM3bGJEzCrtgVu2E37I7dsQf2wJ7YE3thL+yDfbAv9sV+2A+TMRkH4kAchINwCA7BYTgMh+NwHIEjMAVTcBSOwtE4GsfgGByL43A8voMTcCJOwsk4BadiKqbiNJyG03E6zsAZOAtnYRqm4Vyci/NwHi7ABbgQF+IiXIRLcAmmYzpmYAZmYiYux+WYhVm4ElfialyNa3Etrsf1uBE34mbcjFtxK27H7bgDd+Au3IV7cA/uw324H/fjATyA2ZiNB/EgHsJDeBgPYw7m4BE8gkfxKB7DY3gcj+MJPIGn8BSextN4Bs/gOTyHF/AXvIiX8DJ6jLFSxNrrbH57vS1gb7AxNp/9x7iILWrjbTFb3BpbyBb+dzFaaxNsaVvGlrXOlrOJ9rbfxZVtFVvVVrN32+r2Hlvjd3F9e79tYB+wDe2Dtp6977c4769xI/uQbWwft03sE7apbWWb2Ta2uX3ctrBP2Ja2lW1t29hO9hnb2XaxSfZZ29U+97s4wy6z6+0Gu9FusvvtF/acPW+P2u/tBfuL7Wf722H2NTvcvm5H2Ddsih35u3i8fcdOsBPtJDvZTrFTfxfPsrNtmp1j59oP7Dw7/3dxuv3YLrSZdpFdbJfYpb/GV3rKtJ/Y5fZTm2VX2JV2lV1t19i1dt3/7nWV3WK32m12n/3c7rA77S672+6xe3+Nr5zHAfulzbZf2SP2O3vIfm0P22M2x377a3zl/I7ZH+xx+6M9YU/aU/Yne9r+bM/Ys7+e/5Vz/8lespett4KAJCnSFFAeyksxlI9i6TrKT9dTAbqBInQjxdFNVJBupkJUmIpQUYqnYlScDCFZIgqpBJWkKN1CpehWSqDSVIbKkqNylEi3UXm6nSrQHVSR7qRKdBdVpipUlarR3VSd7qEaVJNq0b1Um+pQXapH91F9up8a0APUkB6kRvQQNaaHqQk9Qk3pUWpGj1Fzepxa0BPUklpRa2pDbelJakdPUXvqQB3paepEz1Bn6kJJ9Cx1peeoGz1P3ekF6kEvUk96iXpRb+pDL1NfeoX6UX9KpgE0kF6lQTSYhtBQGkav0XB6nUbQG5RCI2kUvUmj6S0aQ2/TWBpH4+kdmkATaRJNpik0lVLpXTqb3qXIlXu9GTSTZtFsSqM5NJc+oHk0nxbQh7SQPqJFtJiW0FJKp48pg5ZRJn1Cy+lTyqIVtJJW0WpaQ2tpHa2nDbSRNtFm2kJbaRttp89oB+2kXbSb9tBe2kef0376gg7Ql5RNX9FB+hsdoq/pMH1DOfQtHaHv6Ch9T8foBzpOP9IJOkmn6Cc6TT/TGTpL5+g8XaBf6CJdosvkSYQQylCFOgzCPGHeMCbMF8aG14X5w+vDAuENYSS8MYwLbwoLhjeHhcLCYZGwaBgfFguLhybE0IYUhmGJsGQYDW8JS4W3hglh6bBMWDZ0YbkwMbwtLB/eHlYI7wgrhneGlcK7wsphlfDxB6uFd4fVw3vCGmHNsFZ4b1g7rBPWDeuF94X1w/vDBuEDYcPwwbBC+FDYOHw4bBI+EjYNHw2bhY+FzcPHwxbhE2HLsFXYOmwTtg2fDNuFT4Xtww5hx/DpsFP4TNg57BImhc+GXcPn/vB4cjggHBi+Gr4aev+AWhJdGk2PfhzNiC6LZkY/iS6PfhrNiq6Iroyuiq6Oromuja6Lro9uiG6Mbopujm6Jbo1ui3pfL69w4KRTTrvA5XF5XYzL52LddS6/u94VcDe4iLvRxbmbXEF3syvkCrsirqiLd8VccWccOuvIha6EK+mi7hZXyt3qElxpV8aVdc6Vc4mujWvr2rp27inX3nVwHd3T7mn3jHvGdXFd3LOuq3vOdXPPu+7uBdfDvehedC+5Xq636+Nedn3dK66f6++SXbIb6Aa6QW6QG+KGuGFumBvuhrsRboRLcSlulBvlRrvRbowb48a6sW68G+8muAlukpvkprgpLtWlumlumpvuprsZboab5Wa5NJfm5rq5bp6b5xa4BW5hwkK3yC1yS9wSl+7SXYbLcJku0y13y12Wy3Ir3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt8vtcnvcHrfP7XP73X53wB1w2S7bHXQH3SF3yB1237gc96074r5zR9337pj7wR13P7oT7qQ75X5yp93P7ow768658+6C+8VddJfcZeddauTdyLTIe5HpkfcjMyIzI7MisyNpkTmRuZEPIvMi8yMLIh9GFkY+iiyKLI4siSyNpEc+jmRElkUyI59Elkc+jWRFVkRWRlZFVkfWRLwvtiP0JXxJH/W3+FL+Vp/gS/syvqx3vpxP9Lf58v52X8Hf4Sv6O30lf5ev7Kv4qv4J39K38q19G9/WP+nb+ad8e9/Bd/RP+07+Gd/Zd/FJ/lnf1T/nu/nnfXf/gu/hX/Q9/Uu+l+/t+/iXfV//iu/n+/tkP8AP9K/6QX6wH+KH+mH+NT/cv+5H+Dd8ih/pR/k3/Wj/lh/j3/Zj/Tg/3r/jJ/iJfpKf7Kf4qT7Vv+un+ff8dP++n+Fn+ll+tk/zc/xc/4Gf5+f7Bf5Dv9B/5Bf5xX6JX+rT/cc+wy/zmf4Tv9x/6rP8Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/Wd+h9/pd/ndfo/f6/f5z/1+/4U/4L/02f4rf9D/zR/yX/vD/huf47/1R/x3/qj/3h/zP/jj/kd/wp/0p/xP/rT/2Z/xZ/05f95f8L/4i/6Sv8y/s8YYY4wx9n9E/cHxAf/i/+Rv64qBQojrdxbN+eeamwv9fT9YxneKCCGe7d/z0X9btWsnJyf/9tosJYKSi4UQkav5ecTVeIXoKJ4RSaKDKP8v+xsse1+gP6gfvVOI2KuVfxUr/rn+7f9B/SefHp9RKTwX95/UXyxEQsmrOfnE1fhq/Qr/Qf3C7f6g/3xfpwrR/h9y8our8dX6ieIp8ZxI+nevZIwxxhhjjDHG/m6wrNr9j56frzyfx+urOXnF1fiPns8ZY4wxxhhjjDF27b3Qu0+XJ5OSOnTnzZ/Y1Pjv0QZvePOXba71TybGGGOMMcbYX+3qTf+17oQxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMu9/n/8ObFrfY6MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYtfa/AgAA///mJjhh")
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x5412, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB='\x00'], 0x1, 0x274, &(0x7f0000000000)="$eJzs3cFqE1EUBuCTNm1jNxPQlbgYcOMqNH2DQSqIASGSRV012BakCYUpBHRhu/NdfBwfwyeIIETaCSapoyC2jk2+D8IcuPnhThY5szg3OXg0PDk8PTvev/8lGo006hEX8TUiYi3Wo1Cbu9ZiM+ZdBABw13S7/azqPXC78jzrb0TE1k8rvU+VbAgAAAAAAAAAAIC/Vjr/P45olsz/r5n/B4ClYP5/+eV51t+ePr8tMv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAVGc8mSST37yq3h8AcPP0fwBYPfo/AKye8UKvr4X+DwDL79X+6xdZp7PXTdNGxPDjqDfqFddiPTuOtzGIo9iJJL7F5fPBVFE/e97Z20mvNONgeD7Nn49664v5diTRLM+3i3y6mN+I7fn8biTxoDy/W5rfjCeP5/KtSOLzmziNQRzGZXaW/9BO06cvO9fyW1fvAwAAAAAAAAAAAAAAAAAAgH+hlf5Qen6/1frVepH/g98HuHa+vh4P69XeOwAAAAAAAAAAAAAAAAAAAPwvzt69P+kPBke54gaKez5VxZIUFX8xAQAAAAAAAAAAAAAAAADACpod+q16JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQndn//99eUfU9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKvhewAAAP//C57oKA==")
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000100)='!', 0xffdf}], 0x1)

284.154208ms ago: executing program 7 (id=2330):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x6b, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001c40)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000000300), 0x800, r0}, 0x38)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$unix(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

255.568678ms ago: executing program 7 (id=2331):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x3)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x4, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)

245.321588ms ago: executing program 2 (id=2332):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10)
io_setup(0x3, &(0x7f0000000340))

227.757848ms ago: executing program 7 (id=2333):
socket$nl_generic(0x10, 0x3, 0x10)
pipe2$9p(&(0x7f0000002180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc000ff}]})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000480)={<r3=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000080)={r3, 0x3, r2, 0x5})
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

62.1753ms ago: executing program 2 (id=2334):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
io_setup(0x4, &(0x7f0000000100))

0s ago: executing program 4 (id=2335):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_all\x00', 0x275a, 0x0)
write$cgroup_pid(r0, &(0x7f0000000180)=0xffffffffffffffff, 0x12)
fcntl$lock(r0, 0x26, &(0x7f0000000100)={0x0, 0x1, 0x7fffffffffffffff, 0x7fffffff})
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x258a, 0x36, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xa0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, &(0x7f0000000100)={0xa0028000})
syz_usb_control_io(r1, &(0x7f00000000c0)={0x2c, &(0x7f0000000100)={0x20, 0x0, 0x7, {0x7, 0x0, "392cdaab4a"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

kernel console output (not intermixed with test programs):

  T28] kauditd_printk_skb: 22 callbacks suppressed
[   43.042150][   T28] audit: type=1400 audit(1742442783.980:412): avc:  denied  { read } for  pid=1738 comm="syz.2.616" dev="nsfs" ino=4026532539 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   43.069783][   T28] audit: type=1400 audit(1742442783.980:413): avc:  denied  { open } for  pid=1738 comm="syz.2.616" path="pid:[4026532539]" dev="nsfs" ino=4026532539 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   43.168840][   T28] audit: type=1400 audit(1742442784.120:414): avc:  denied  { create } for  pid=1758 comm="syz.5.623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   43.598437][ T1773] xt_bpf: check failed: parse error
[   43.626236][ T1767] loop4: detected capacity change from 0 to 40427
[   43.642406][ T1767] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   43.662067][ T1767] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   43.676181][ T1767] F2FS-fs (loop4): invalid crc value
[   43.690998][ T1771] loop1: detected capacity change from 0 to 40427
[   43.698732][ T1767] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[   43.706978][   T28] audit: type=1400 audit(1742442784.650:415): avc:  denied  { unmount } for  pid=779 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   43.729145][ T1771] F2FS-fs (loop1): fault_injection options not supported
[   43.736659][ T1767] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   43.752517][ T1771] F2FS-fs (loop1): invalid crc value
[   43.784503][ T1771] F2FS-fs (loop1): Found nat_bits in checkpoint
[   43.820993][ T1767] F2FS-fs (loop4): Try to recover 1th superblock, ret: -30
[   43.830937][ T1767] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   43.844516][   T28] audit: type=1400 audit(1742442784.790:416): avc:  denied  { write } for  pid=1794 comm="syz.5.636" path="socket:[21643]" dev="sockfs" ino=21643 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   43.918532][ T1771] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   43.962887][ T1802] loop5: detected capacity change from 0 to 256
[   43.996196][ T1802] FAT-fs (loop5): Unrecognized mount option "�������" or missing value
[   44.225861][ T1822] mmap: syz.0.648 (1822) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   44.271967][ T1824] syz.2.649[1824] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   44.272047][ T1824] syz.2.649[1824] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   44.308781][   T28] audit: type=1400 audit(1742442785.260:417): avc:  denied  { read } for  pid=1827 comm="syz.4.651" name="msr" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   44.393422][   T28] audit: type=1400 audit(1742442785.300:418): avc:  denied  { open } for  pid=1827 comm="syz.4.651" path="/dev/cpu/0/msr" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   44.485537][ T1839] I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   44.541060][ T1839] FAT-fs (loop11): unable to read boot sector
[   44.730272][  T292] syz-executor: attempt to access beyond end of device
[   44.730272][  T292] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   44.827415][  T300] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   44.863263][ T1864] loop5: detected capacity change from 0 to 256
[   44.883631][ T1864] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   44.919210][ T1864] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[   44.939415][ T1864] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[   44.970525][   T28] audit: type=1400 audit(1742442785.920:419): avc:  denied  { write } for  pid=1863 comm="syz.5.667" name="/" dev="loop5" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   45.015653][   T28] audit: type=1400 audit(1742442785.950:420): avc:  denied  { add_name } for  pid=1863 comm="syz.5.667" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   45.057430][  T300] usb 1-1: Using ep0 maxpacket: 16
[   45.062507][   T28] audit: type=1400 audit(1742442785.950:421): avc:  denied  { associate } for  pid=1863 comm="syz.5.667" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   45.106736][  T300] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[   45.116749][  T300] usb 1-1: config 1 has no interface number 1
[   45.131495][  T300] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[   45.148516][  T300] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   45.163773][  T300] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   45.187228][  T300] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   45.207549][  T300] usb 1-1: Product: syz
[   45.211820][  T300] usb 1-1: Manufacturer: syz
[   45.216289][  T300] usb 1-1: SerialNumber: syz
[   45.262227][ T1881] loop1: detected capacity change from 0 to 512
[   45.319453][ T1881] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   45.330466][ T1881] ext4 filesystem being mounted at /108/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.359979][  T292] EXT4-fs (loop1): unmounting filesystem.
[   45.433035][  T300] usb 1-1: 2:1: invalid format type 0x1002 is detected, processed as PCM
[   45.442497][  T300] usb 1-1: 2:1 : sample bitwidth 39 in over sample bytes 2
[   45.450296][  T300] usb 1-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[   45.456326][  T300] usb 1-1: 2:1 : invalid channels 0
[   45.497891][  T300] usb 1-1: USB disconnect, device number 3
[   45.604540][ T1920] loop1: detected capacity change from 0 to 256
[   45.620562][ T1920] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[   45.672671][ T1931] netlink: 8 bytes leftover after parsing attributes in process `syz.2.695'.
[   45.701412][ T1935] SELinux:  Context system_u:object_r:dhcpd_initrc_exec_t:s0 is not valid (left unmapped).
[   46.050828][ T1972] syz.1.714[1972] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   46.050910][ T1972] syz.1.714[1972] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   46.151133][ T1986] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=2590233156 (165774921984 ns) > initial count (19809803072 ns). Using initial count to start timer.
[   46.270591][ T1999] netlink: 'syz.5.725': attribute type 2 has an invalid length.
[   46.278675][ T1999] netlink: 36 bytes leftover after parsing attributes in process `syz.5.725'.
[   46.448269][ T1625] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   46.523995][ T2023] loop4: detected capacity change from 0 to 512
[   46.558491][ T2023] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   46.569249][ T2023] ext4 filesystem being mounted at /166/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.603419][  T295] EXT4-fs (loop4): unmounting filesystem.
[   46.647316][ T1625] usb 3-1: Using ep0 maxpacket: 16
[   46.653479][ T1625] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[   46.679624][ T1625] usb 3-1: config 1 has no interface number 1
[   46.685547][ T1625] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[   46.703845][ T1625] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   46.737681][ T1625] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   46.746768][ T1625] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   46.754843][ T1625] usb 3-1: Product: syz
[   46.759003][ T1625] usb 3-1: Manufacturer: syz
[   46.777096][ T1625] usb 3-1: SerialNumber: syz
[   46.862044][ T2062] loop4: detected capacity change from 0 to 1024
[   46.868585][ T2066] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=1543 sclass=netlink_audit_socket pid=2066 comm=syz.5.756
[   46.894300][ T2062] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   46.926456][ T2062] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[   46.957042][ T2062] EXT4-fs (loop4): invalid journal inode
[   46.967204][ T2074] loop0: detected capacity change from 0 to 512
[   46.974206][ T2074] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   46.993273][ T1625] usb 3-1: 2:1: invalid format type 0x1002 is detected, processed as PCM
[   47.004965][ T1625] usb 3-1: 2:1 : sample bitwidth 39 in over sample bytes 2
[   47.012167][ T2074] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   47.021983][ T1625] usb 3-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[   47.028105][ T1625] usb 3-1: 2:1 : invalid channels 0
[   47.045817][ T1625] usb 3-1: USB disconnect, device number 3
[   47.046551][ T2074] EXT4-fs (loop0): 1 truncate cleaned up
[   47.060094][ T2074] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   47.064865][ T2056] loop1: detected capacity change from 0 to 40427
[   47.096074][ T2056] F2FS-fs (loop1): Wrong SIT boundary, start(1536) end(2560) blocks(4608)
[   47.104726][ T2056] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   47.115590][ T2056] F2FS-fs (loop1): Found nat_bits in checkpoint
[   47.129995][  T294] EXT4-fs (loop0): unmounting filesystem.
[   47.185382][ T2084] tipc: Started in network mode
[   47.190278][   T24] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   47.198215][ T2056] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   47.205253][ T2084] tipc: Node identity ffffffff, cluster identity 4711
[   47.211978][ T2056] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   47.219553][ T2084] tipc: Node number set to 4294967295
[   47.399293][   T24] usb 6-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xA1, skipping
[   47.417375][   T24] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[   47.424458][ T2056] syz.1.750: attempt to access beyond end of device
[   47.424458][ T2056] loop1: rw=34817, sector=77824, nr_sectors = 32 limit=40427
[   47.436475][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   47.448775][   T24] usb 6-1: config 0 descriptor??
[   47.453807][ T2066] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[   47.561190][  T292] syz-executor: attempt to access beyond end of device
[   47.561190][  T292] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   47.637368][   T19] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   47.663104][  T300] usb 6-1: USB disconnect, device number 4
[   47.771152][ T2115] netlink: 4 bytes leftover after parsing attributes in process `syz.2.773'.
[   47.817384][   T19] usb 5-1: Using ep0 maxpacket: 8
[   47.823192][ T2119] loop1: detected capacity change from 0 to 2048
[   47.823460][   T19] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[   47.839449][   T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   47.848085][   T19] usb 5-1: config 0 descriptor??
[   47.859007][ T2119] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   47.879443][  T292] EXT4-fs (loop1): unmounting filesystem.
[   49.057304][   T19] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[   49.067187][   T19] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[   49.077254][   T19] asix: probe of 5-1:0.0 failed with error -71
[   49.084328][   T19] usb 5-1: USB disconnect, device number 2
[   49.740463][ T2134] loop2: detected capacity change from 0 to 40427
[   49.747377][ T2134] F2FS-fs (loop2): Wrong SIT boundary, start(1536) end(2560) blocks(4608)
[   49.755861][ T2134] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   49.771029][ T2134] F2FS-fs (loop2): Found nat_bits in checkpoint
[   49.820022][ T2134] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   49.826935][ T2134] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   49.907308][   T19] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   49.965939][ T2134] syz.2.781: attempt to access beyond end of device
[   49.965939][ T2134] loop2: rw=34817, sector=77824, nr_sectors = 32 limit=40427
[   50.097343][   T19] usb 5-1: Using ep0 maxpacket: 16
[   50.108010][   T19] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[   50.116777][   T19] usb 5-1: config 1 has no interface number 1
[   50.137320][   T19] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[   50.157305][   T19] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   50.188646][   T19] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   50.207350][   T19] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   50.215169][   T19] usb 5-1: Product: syz
[   50.227309][   T19] usb 5-1: Manufacturer: syz
[   50.231713][   T19] usb 5-1: SerialNumber: syz
[   50.452235][   T19] usb 5-1: 2:1: invalid format type 0x1002 is detected, processed as PCM
[   50.467343][   T19] usb 5-1: 2:1 : sample bitwidth 39 in over sample bytes 2
[   50.474377][   T19] usb 5-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[   50.480715][   T19] usb 5-1: 2:1 : invalid channels 0
[   50.490950][  T296] syz-executor: attempt to access beyond end of device
[   50.490950][  T296] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   50.523768][   T19] usb 5-1: USB disconnect, device number 3
[   50.535215][ T2150] netlink: 83 bytes leftover after parsing attributes in process `syz.1.784'.
[   50.659365][   T43] tipc: Left network mode
[   50.780348][   T28] kauditd_printk_skb: 9 callbacks suppressed
[   50.780363][   T28] audit: type=1400 audit(1742442791.730:431): avc:  denied  { mounton } for  pid=2164 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   50.872960][ T2164] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.880010][  T300] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   50.883628][ T2164] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.895163][ T2164] device bridge_slave_0 entered promiscuous mode
[   50.904150][ T2164] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.911132][ T2164] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.918508][ T2164] device bridge_slave_1 entered promiscuous mode
[   51.009264][ T2164] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.016161][ T2164] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.023291][ T2164] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.030155][ T2164] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.067758][  T300] usb 2-1: Using ep0 maxpacket: 32
[   51.073925][  T300] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   51.074066][ T1876] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   51.091712][  T300] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   51.091750][  T300] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   51.110427][  T300] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   51.117431][ T1876] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.126168][  T300] usb 2-1: config 0 descriptor??
[   51.132758][  T300] hub 2-1:0.0: USB hub found
[   51.135734][ T1876] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.153796][ T1876] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.162194][ T1876] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.169091][ T1876] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.188050][ T1876] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   51.196165][ T1876] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.203075][ T1876] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.211071][ T1876] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   51.219331][ T1876] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   51.225065][ T2179] loop2: detected capacity change from 0 to 40427
[   51.247727][ T2179] F2FS-fs (loop2): fault_injection options not supported
[   51.254731][ T2179] F2FS-fs (loop2): Image doesn't support compression
[   51.262251][ T2179] F2FS-fs (loop2): Image doesn't support compression
[   51.268169][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   51.269802][ T2179] F2FS-fs (loop2): invalid crc value
[   51.283477][ T2179] F2FS-fs (loop2): Found nat_bits in checkpoint
[   51.285609][ T2164] device veth0_vlan entered promiscuous mode
[   51.297468][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   51.305442][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   51.313204][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   51.332951][  T300] hub 2-1:0.0: 1 port detected
[   51.340624][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   51.361193][ T2179] F2FS-fs (loop2): Start checkpoint disabled!
[   51.366289][ T2164] device veth1_macvtap entered promiscuous mode
[   51.376279][   T43] device bridge_slave_1 left promiscuous mode
[   51.387605][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.403532][ T2179] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   51.411452][   T43] device bridge_slave_0 left promiscuous mode
[   51.421803][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.077549][   T43] device veth1_macvtap left promiscuous mode
[   54.083426][   T43] device veth0_vlan left promiscuous mode
[   54.116989][ T2196] kworker/u4:7: attempt to access beyond end of device
[   54.116989][ T2196] loop2: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[   54.136774][ T2192] loop4: detected capacity change from 0 to 40427
[   54.152231][ T2192] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   54.167202][ T2192] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   54.191630][ T2192] F2FS-fs (loop4): invalid crc value
[   54.211695][ T2192] F2FS-fs (loop4): Found nat_bits in checkpoint
[   54.234732][    T6] hub 2-1:0.0: activate --> -90
[   54.293908][   T28] audit: type=1400 audit(1742442795.240:432): avc:  denied  { create } for  pid=2205 comm="syz.5.809" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   54.294934][ T2206] netlink: 52 bytes leftover after parsing attributes in process `syz.5.809'.
[   54.342976][   T28] audit: type=1400 audit(1742442795.240:433): avc:  denied  { write } for  pid=2205 comm="syz.5.809" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   54.345479][ T2192] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   54.370324][ T2192] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   54.390965][ T2211] syz.2.811[2211] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.391047][ T2211] syz.2.811[2211] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   54.403326][   T28] audit: type=1400 audit(1742442795.240:434): avc:  denied  { nlmsg_write } for  pid=2205 comm="syz.5.809" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   54.435584][    T6] hub 2-1:0.0: hub_ext_port_status failed (err = -71)
[   54.443195][  T300] usb 2-1: USB disconnect, device number 5
[   54.453217][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   54.474755][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   54.487631][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   54.505039][   T28] audit: type=1400 audit(1742442795.450:435): avc:  denied  { remount } for  pid=2191 comm="syz.4.805" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   54.525196][ T2196] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   54.535132][   T28] audit: type=1400 audit(1742442795.470:436): avc:  denied  { setopt } for  pid=2218 comm="syz.2.815" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   54.556573][ T2196] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   54.565482][ T2219] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.572528][ T2219] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.598880][   T28] audit: type=1400 audit(1742442795.550:437): avc:  denied  { mounton } for  pid=2164 comm="syz-executor" path="/root/syzkaller.xbJAYq/syz-tmp" dev="sda1" ino=1952 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   54.601657][ T2220] device bridge_slave_1 left promiscuous mode
[   54.629826][   T28] audit: type=1400 audit(1742442795.550:438): avc:  denied  { mount } for  pid=2164 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   54.664029][ T2220] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.674518][ T2220] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.680913][   T28] audit: type=1400 audit(1742442795.550:439): avc:  denied  { mounton } for  pid=2164 comm="syz-executor" path="/root/syzkaller.xbJAYq/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   54.684388][ T2222] loop5: detected capacity change from 0 to 128
[   54.735165][   T28] audit: type=1400 audit(1742442795.550:440): avc:  denied  { mounton } for  pid=2164 comm="syz-executor" path="/root/syzkaller.xbJAYq/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=22821 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   54.958763][ T2250] netlink: 32 bytes leftover after parsing attributes in process `syz.4.828'.
[   54.983257][ T2250] netem: unknown loss type 13
[   54.997355][ T2250] netem: change failed
[   55.032724][ T2265] loop4: detected capacity change from 0 to 1024
[   55.072699][ T2265] EXT4-fs: Ignoring removed orlov option
[   55.087803][ T2265] EXT4-fs: Ignoring removed nomblk_io_submit option
[   55.158772][ T2265] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   55.223852][ T2293] xt_hashlimit: size too large, truncated to 1048576
[   55.237611][ T2300] 9pnet_virtio: no channels available for device syz
[   55.238465][  T295] EXT4-fs (loop4): unmounting filesystem.
[   55.247947][ T2300] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[   55.297381][ T2300] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[   55.337639][ T2300] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[   55.353624][ T2308] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[   55.847220][ T2345] loop2: detected capacity change from 0 to 256
[   55.866916][ T2345] exfat: Deprecated parameter 'utf8'
[   55.874966][ T2345] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011e5d, chksum : 0x63a11b78, utbl_chksum : 0xe619d30d)
[   55.888721][ T2347] netlink: 32 bytes leftover after parsing attributes in process `syz.5.869'.
[   55.899465][ T2347] netem: unknown loss type 13
[   55.903980][ T2347] netem: change failed
[   55.912526][   T28] kauditd_printk_skb: 5 callbacks suppressed
[   55.912539][   T28] audit: type=1400 audit(1742442796.860:446): avc:  denied  { remove_name } for  pid=2344 comm="syz.2.868" name="file0" dev="loop2" ino=1048616 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   55.942214][   T28] audit: type=1400 audit(1742442796.880:447): avc:  denied  { rename } for  pid=2344 comm="syz.2.868" name="file0" dev="loop2" ino=1048616 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   56.012355][ T2357] xt_hashlimit: size too large, truncated to 1048576
[   56.019741][   T28] audit: type=1400 audit(1742442796.920:448): avc:  denied  { rmdir } for  pid=2344 comm="syz.2.868" name="file0" dev="loop2" ino=1048615 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   56.049646][ T2359] netlink: 32 bytes leftover after parsing attributes in process `syz.2.884'.
[   56.067378][ T2359] netem: unknown loss type 13
[   56.087337][   T28] audit: type=1400 audit(1742442796.920:449): avc:  denied  { append } for  pid=2344 comm="syz.2.868" path="/171/file0/memory.current" dev="loop2" ino=1048617 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   56.404127][ T2378] loop2: detected capacity change from 0 to 256
[   56.420820][ T2378] FAT-fs (loop2): Unrecognized mount option "�������" or missing value
[   56.667790][ T2382] loop6: detected capacity change from 0 to 1024
[   56.674349][ T2382] EXT4-fs: Ignoring removed orlov option
[   56.729386][ T2382] EXT4-fs: Ignoring removed nomblk_io_submit option
[   56.769627][ T2382] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   56.843095][ T2164] EXT4-fs (loop6): unmounting filesystem.
[   57.035634][ T2412] xt_hashlimit: size too large, truncated to 1048576
[   57.234912][ T2406] loop6: detected capacity change from 0 to 40427
[   57.247370][ T2406] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[   57.258754][ T2406] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[   57.276088][ T2406] F2FS-fs (loop6): invalid crc value
[   57.282796][ T2406] F2FS-fs (loop6): Found nat_bits in checkpoint
[   57.332109][ T2406] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[   57.339088][ T2406] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   57.374449][ T2196] F2FS-fs (loop6): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   57.389504][ T2196] F2FS-fs (loop6): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   57.398686][ T2424] loop1: detected capacity change from 0 to 256
[   57.403298][ T2428] loop5: detected capacity change from 0 to 1024
[   57.405122][ T2424] FAT-fs (loop1): Unrecognized mount option "�������" or missing value
[   57.411880][ T2428] EXT4-fs: Ignoring removed orlov option
[   57.424755][ T2428] EXT4-fs: Ignoring removed nomblk_io_submit option
[   57.444950][ T2428] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   57.488498][  T779] EXT4-fs (loop5): unmounting filesystem.
[   57.642939][   T28] audit: type=1400 audit(1742442798.590:450): avc:  denied  { bind } for  pid=2446 comm="syz.5.911" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   57.712677][   T28] audit: type=1400 audit(1742442798.590:451): avc:  denied  { read } for  pid=2446 comm="syz.5.911" path="socket:[23127]" dev="sockfs" ino=23127 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   57.752632][ T2455] xt_hashlimit: size too large, truncated to 1048576
[   57.922448][   T28] audit: type=1400 audit(1742442798.870:452): avc:  denied  { read } for  pid=2460 comm="syz.1.915" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   57.979557][   T28] audit: type=1400 audit(1742442798.870:453): avc:  denied  { open } for  pid=2460 comm="syz.1.915" path="/dev/ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   58.022453][ T2464] loop6: detected capacity change from 0 to 1024
[   58.053018][ T2464] EXT4-fs: Ignoring removed i_version option
[   58.071097][   T28] audit: type=1400 audit(1742442798.880:454): avc:  denied  { ioctl } for  pid=2460 comm="syz.1.915" path="/dev/ppp" dev="devtmpfs" ino=154 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   58.099229][ T2452] loop2: detected capacity change from 0 to 256
[   58.102078][ T2464] EXT4-fs (loop6): Test dummy encryption mode enabled
[   58.128853][ T2464] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   58.148342][ T2452] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe9e488b, utbl_chksum : 0xe619d30d)
[   58.203128][ T2452] exFAT-fs (loop2): error, invalid access to FAT bad cluster (entry 0x00000005)
[   58.218115][ T2452] exFAT-fs (loop2): failed to initialize root inode
[   58.363181][ T2164] EXT4-fs (loop6): unmounting filesystem.
[   58.363295][ T2466] loop1: detected capacity change from 0 to 40427
[   58.392749][ T2466] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   58.400553][ T2466] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   58.421481][ T2466] F2FS-fs (loop1): invalid crc value
[   58.437657][ T2466] F2FS-fs (loop1): Found nat_bits in checkpoint
[   58.488453][   T28] audit: type=1400 audit(1742442799.440:455): avc:  denied  { watch watch_reads } for  pid=2486 comm="syz.4.923" path="/195/control" dev="tmpfs" ino=1050 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   58.516093][ T2466] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   58.523293][ T2466] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   58.584768][ T2196] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   58.593871][ T2196] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   58.605702][ T2504] loop6: detected capacity change from 0 to 128
[   58.625001][ T2504] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   58.644561][ T2504] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.847361][   T60] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   59.038526][   T60] usb 6-1: config index 0 descriptor too short (expected 2340, got 36)
[   59.046635][   T60] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   59.057503][   T60] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[   59.067173][   T60] usb 6-1: config 0 interface 0 has no altsetting 0
[   59.073745][   T60] usb 6-1: New USB device found, idVendor=0000, idProduct=6085, bcdDevice= 0.00
[   59.082569][   T60] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   59.091503][   T60] usb 6-1: config 0 descriptor??
[   59.444277][ T2164] EXT4-fs (loop6): unmounting filesystem.
[   59.501374][   T60] hid-generic 0003:0000:6085.0002: item fetching failed at offset 0/3
[   59.518097][   T60] hid-generic: probe of 0003:0000:6085.0002 failed with error -22
[   59.608062][ T2549] loop4: detected capacity change from 0 to 512
[   59.614416][ T2549] EXT4-fs: Ignoring removed orlov option
[   59.646971][ T2549] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.951: inode #1: comm syz.4.951: iget: illegal inode #
[   59.712111][   T60] usb 6-1: USB disconnect, device number 5
[   59.713285][ T2549] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.951: error while reading EA inode 1 err=-117
[   59.768553][ T2549] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   59.801576][ T2546] loop6: detected capacity change from 0 to 40427
[   59.801803][ T2549] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.951: inode #1: comm syz.4.951: iget: illegal inode #
[   59.827556][ T2546] F2FS-fs (loop6): fault_injection options not supported
[   59.842325][ T2549] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.951: error while reading EA inode 1 err=-117
[   59.845079][ T2546] F2FS-fs (loop6): invalid crc value
[   59.864700][ T2549] EXT4-fs (loop4): 1 orphan inode deleted
[   59.872503][ T2549] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   59.890893][ T2546] F2FS-fs (loop6): Found nat_bits in checkpoint
[   59.914353][  T295] EXT4-fs (loop4): unmounting filesystem.
[   59.958062][ T2573] futex_wake_op: syz.4.960 tries to shift op by -1; fix this program
[   59.961741][ T2546] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   59.980103][ T2576] loop1: detected capacity change from 0 to 512
[   60.026451][ T2164] syz-executor: attempt to access beyond end of device
[   60.026451][ T2164] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   60.060392][ T2583] loop1: detected capacity change from 0 to 2048
[   60.121492][ T2583] EXT4-fs error (device loop1): __ext4_fill_super:5377: inode #2: comm syz.1.965: casefold flag without casefold feature
[   60.147616][ T2583] EXT4-fs (loop1): get root inode failed
[   60.153136][ T2583] EXT4-fs (loop1): mount failed
[   60.313490][ T2623] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2623 comm=syz.1.980
[   60.347592][ T2625] netlink: 28 bytes leftover after parsing attributes in process `syz.6.982'.
[   60.357208][ T2625] netlink: 28 bytes leftover after parsing attributes in process `syz.6.982'.
[   60.605884][ T2633] loop6: detected capacity change from 0 to 40427
[   60.613074][ T2633] F2FS-fs (loop6): fault_injection options not supported
[   60.621116][ T2633] F2FS-fs (loop6): invalid crc value
[   60.632519][ T2633] F2FS-fs (loop6): Found nat_bits in checkpoint
[   60.700059][ T2633] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   60.746618][ T2164] syz-executor: attempt to access beyond end of device
[   60.746618][ T2164] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   60.838232][ T2667] syz.4.1000[2667] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.838321][ T2667] syz.4.1000[2667] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.917438][   T28] kauditd_printk_skb: 1493 callbacks suppressed
[   60.917455][   T28] audit: type=1326 audit(1742442801.870:1949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2651 comm="syz.5.994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9fd2f29359 code=0x7ffc0000
[   60.992814][ T2680] incfs: Options parsing error. -22
[   61.003996][ T2680] incfs: mount failed -22
[   61.006933][   T28] audit: type=1326 audit(1742442801.910:1950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2651 comm="syz.5.994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9fd2f29359 code=0x7ffc0000
[   61.063452][   T28] audit: type=1326 audit(1742442801.910:1951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2651 comm="syz.5.994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9fd2f29359 code=0x7ffc0000
[   61.119726][   T28] audit: type=1326 audit(1742442801.910:1952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2651 comm="syz.5.994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9fd2f29359 code=0x7ffc0000
[   61.175993][   T28] audit: type=1326 audit(1742442801.910:1953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2651 comm="syz.5.994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9fd2f29359 code=0x7ffc0000
[   61.233168][   T28] audit: type=1326 audit(1742442801.910:1954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2651 comm="syz.5.994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9fd2f29359 code=0x7ffc0000
[   61.290631][   T28] audit: type=1326 audit(1742442801.910:1955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2651 comm="syz.5.994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9fd2f29359 code=0x7ffc0000
[   61.322806][ T2690] loop2: detected capacity change from 0 to 512
[   61.341123][ T2690] EXT4-fs: Ignoring removed orlov option
[   61.355270][   T28] audit: type=1326 audit(1742442801.910:1956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2651 comm="syz.5.994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9fd2f29359 code=0x7ffc0000
[   61.392502][ T2690] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.1011: inode #1: comm syz.2.1011: iget: illegal inode #
[   61.419474][ T2690] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.1011: error while reading EA inode 1 err=-117
[   61.431699][   T28] audit: type=1326 audit(1742442801.910:1957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2651 comm="syz.5.994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9fd2f29359 code=0x7ffc0000
[   61.469638][ T2686] loop6: detected capacity change from 0 to 40427
[   61.481006][   T28] audit: type=1326 audit(1742442801.910:1958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2651 comm="syz.5.994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9fd2f29359 code=0x7ffc0000
[   61.494453][ T2686] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[   61.504234][ T2690] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.1011: inode #1: comm syz.2.1011: iget: illegal inode #
[   61.525019][ T2690] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.1011: error while reading EA inode 1 err=-117
[   61.537382][ T2686] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[   61.537636][ T2690] EXT4-fs (loop2): 1 orphan inode deleted
[   61.577583][ T2690] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   61.589039][ T2686] F2FS-fs (loop6): Found nat_bits in checkpoint
[   61.646412][  T296] EXT4-fs (loop2): unmounting filesystem.
[   61.672164][ T2686] F2FS-fs (loop6): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   61.685651][ T2702] syz.2.1012[2702] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   61.685730][ T2702] syz.2.1012[2702] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   61.725027][ T2686] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[   61.777351][ T2686] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   61.802421][ T2686] syz.6.1009: attempt to access beyond end of device
[   61.802421][ T2686] loop6: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[   61.826592][ T2686] syz.6.1009: attempt to access beyond end of device
[   61.826592][ T2686] loop6: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[   61.856561][ T2717] syz.6.1009: attempt to access beyond end of device
[   61.856561][ T2717] loop6: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[   61.960060][ T2723] capability: warning: `syz.4.1022' uses 32-bit capabilities (legacy support in use)
[   62.196789][ T2750] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[   62.264262][ T2756] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1036'.
[   62.717864][ T2811] syz.1.1062[2811] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   62.717946][ T2811] syz.1.1062[2811] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   63.168829][ T2840] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1074'.
[   63.639527][ T2891] bridge: RTM_NEWNEIGH with invalid ether address
[   63.717671][ T2902] netlink: 96 bytes leftover after parsing attributes in process `syz.6.1102'.
[   63.799142][ T2911] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1105'.
[   63.903230][ T2917] 9pnet: p9_errstr2errno: server reported unknown error �@�΂�(@
[   63.912609][ T2923] bridge: RTM_NEWNEIGH with invalid ether address
[   64.279142][ T2938] loop4: detected capacity change from 0 to 40427
[   64.299597][ T2938] F2FS-fs (loop4): fault_injection options not supported
[   64.317296][ T2938] F2FS-fs (loop4): invalid crc value
[   64.344715][ T2938] F2FS-fs (loop4): Found nat_bits in checkpoint
[   64.408424][ T2977] SELinux:  Context : is not valid (left unmapped).
[   64.433480][ T2979] loop1: detected capacity change from 0 to 1024
[   64.440308][ T2938] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   64.440665][ T2979] EXT4-fs: Ignoring removed mblk_io_submit option
[   64.449826][ T2952] loop5: detected capacity change from 0 to 40427
[   64.454372][ T2979] EXT4-fs: Ignoring removed orlov option
[   64.478065][ T2952] F2FS-fs (loop5): fault_injection options not supported
[   64.488586][ T2979] EXT4-fs (loop1): Test dummy encryption mode enabled
[   64.495391][ T2952] F2FS-fs (loop5): invalid crc value
[   64.521559][ T2979] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   64.531014][ T2952] F2FS-fs (loop5): Found nat_bits in checkpoint
[   64.594942][  T292] EXT4-fs (loop1): unmounting filesystem.
[   64.623651][ T2952] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   64.679928][  T779] syz-executor: attempt to access beyond end of device
[   64.679928][  T779] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   64.742255][ T3008] loop6: detected capacity change from 0 to 512
[   64.783397][ T3008] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   64.797098][ T3008] ext4 filesystem being mounted at /71/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   64.888540][ T3012] EXT4-fs error (device loop6): ext4_get_first_dir_block:3591: inode #12: block 32: comm syz.6.1147: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   64.953005][ T3012] EXT4-fs error (device loop6): ext4_get_first_dir_block:3594: inode #12: comm syz.6.1147: directory missing '.'
[   64.979853][  T295] syz-executor: attempt to access beyond end of device
[   64.979853][  T295] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   65.185964][ T3039] loop4: detected capacity change from 0 to 1024
[   65.218989][ T3039] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   65.258852][  T295] EXT4-fs (loop4): unmounting filesystem.
[   65.548172][ T3072] syz.1.1174[3072] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.548249][ T3072] syz.1.1174[3072] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.674786][ T2164] EXT4-fs (loop6): unmounting filesystem.
[   65.821864][ T3094] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   65.829248][ T3094] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   65.900354][ T3104] x_tables: duplicate underflow at hook 4
[   65.961300][ T3112] loop1: detected capacity change from 0 to 1024
[   65.985316][ T3112] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   66.024327][  T292] EXT4-fs (loop1): unmounting filesystem.
[   66.220033][ T3153] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1212'.
[   66.233109][ T3153] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1212'.
[   66.333453][   T28] kauditd_printk_skb: 6163 callbacks suppressed
[   66.333477][   T28] audit: type=1400 audit(1742442807.280:8122): avc:  denied  { read } for  pid=3168 comm="syz.2.1219" path="socket:[26210]" dev="sockfs" ino=26210 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   66.548234][   T24] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[   66.727889][   T24] usb 5-1: too many configurations: 227, using maximum allowed: 8
[   66.739144][   T24] usb 5-1: config 0 has no interfaces?
[   66.757877][   T24] usb 5-1: config 0 has no interfaces?
[   66.763986][   T24] usb 5-1: config 0 has no interfaces?
[   66.778287][   T24] usb 5-1: config 0 has no interfaces?
[   66.789206][   T24] usb 5-1: config 0 has no interfaces?
[   66.798166][  T300] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   66.806975][   T24] usb 5-1: config 0 has no interfaces?
[   66.815288][   T24] usb 5-1: config 0 has no interfaces?
[   66.827078][   T24] usb 5-1: config 0 has no interfaces?
[   66.838078][   T24] usb 5-1: New USB device found, idVendor=055d, idProduct=9000, bcdDevice=31.44
[   66.854528][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   66.869733][   T24] usb 5-1: config 0 descriptor??
[   66.988436][  T300] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   66.998667][  T300] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[   67.008414][  T300] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   67.018884][  T300] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   67.032633][  T300] usb 6-1: SerialNumber: syz
[   67.081387][   T28] audit: type=1400 audit(1742442808.030:8123): avc:  denied  { append } for  pid=3156 comm="syz.4.1214" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   67.105097][   T24] usb 5-1: USB disconnect, device number 4
[   67.115621][   T28] audit: type=1400 audit(1742442808.030:8124): avc:  denied  { create } for  pid=3156 comm="syz.4.1214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   67.136059][   T28] audit: type=1400 audit(1742442808.030:8125): avc:  denied  { shutdown } for  pid=3156 comm="syz.4.1214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   67.156491][   T28] audit: type=1400 audit(1742442808.050:8126): avc:  denied  { read } for  pid=3156 comm="syz.4.1214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   67.156547][ T3215] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1239'.
[   67.196235][ T3215] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1239'.
[   67.249337][  T300] usb 6-1: 0:2 : does not exist
[   67.337914][  T300] usb 6-1: USB disconnect, device number 6
[   67.361449][ T3213] loop1: detected capacity change from 0 to 40427
[   67.370753][ T3213] F2FS-fs (loop1): Found nat_bits in checkpoint
[   67.420397][ T3213] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   67.586304][ T3213] syz.1.1246: attempt to access beyond end of device
[   67.586304][ T3213] loop1: rw=2049, sector=77824, nr_sectors = 2760 limit=40427
[   67.605299][ T3213] syz.1.1246: attempt to access beyond end of device
[   67.605299][ T3213] loop1: rw=2049, sector=80584, nr_sectors = 1336 limit=40427
[   67.644788][ T3213] syz.1.1246: attempt to access beyond end of device
[   67.644788][ T3213] loop1: rw=2049, sector=49152, nr_sectors = 4096 limit=40427
[   67.720511][ T3213] syz.1.1246: attempt to access beyond end of device
[   67.720511][ T3213] loop1: rw=2049, sector=57344, nr_sectors = 6952 limit=40427
[   67.765785][ T3240] syz.1.1246: attempt to access beyond end of device
[   67.765785][ T3240] loop1: rw=524288, sector=77824, nr_sectors = 2056 limit=40427
[   67.806386][ T3240] syz.1.1246: attempt to access beyond end of device
[   67.806386][ T3240] loop1: rw=524288, sector=79880, nr_sectors = 504 limit=40427
[   67.860493][   T28] audit: type=1400 audit(1742442808.810:8127): avc:  denied  { mounton } for  pid=3248 comm="syz.5.1252" path="/160/file0" dev="tmpfs" ino=889 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[   67.875697][ T3253] syz.4.1254[3253] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   67.884430][ T3249] tmpfs: Unknown parameter 'nolazytime��'
[   67.887466][ T3253] syz.4.1254[3253] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   67.946401][ T3256] overlayfs: missing 'lowerdir'
[   67.963284][ T3253] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1254'.
[   67.994123][  T292] syz-executor: attempt to access beyond end of device
[   67.994123][  T292] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   68.161871][   T28] audit: type=1400 audit(1742442809.110:8128): avc:  denied  { read } for  pid=3273 comm="syz.4.1263" name="usbmon0" dev="devtmpfs" ino=155 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   68.216929][   T28] audit: type=1400 audit(1742442809.110:8129): avc:  denied  { open } for  pid=3273 comm="syz.4.1263" path="/dev/usbmon0" dev="devtmpfs" ino=155 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   68.342805][ T3283] loop4: detected capacity change from 0 to 512
[   68.351142][ T3282] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1267'.
[   68.380745][ T3283] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   68.518151][ T3283] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2186: inode #15: comm syz.4.1268: corrupted in-inode xattr
[   68.617543][ T3283] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1268: couldn't read orphan inode 15 (err -117)
[   68.717490][ T3283] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   68.766931][ T3271] loop5: detected capacity change from 0 to 40427
[   68.774577][ T3271] F2FS-fs (loop5): fault_injection options not supported
[   68.782680][ T3271] F2FS-fs (loop5): invalid crc value
[   68.804827][   T28] audit: type=1400 audit(1742442809.750:8130): avc:  denied  { mount } for  pid=3286 comm="syz.2.1269" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[   68.829564][  T295] EXT4-fs (loop4): unmounting filesystem.
[   68.835856][ T3271] F2FS-fs (loop5): Found nat_bits in checkpoint
[   68.847648][   T28] audit: type=1400 audit(1742442809.750:8131): avc:  denied  { remount } for  pid=3286 comm="syz.2.1269" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[   68.898606][ T3285] loop6: detected capacity change from 0 to 40427
[   68.908165][ T3285] F2FS-fs (loop6): fault_injection options not supported
[   68.925987][ T3285] F2FS-fs (loop6): invalid crc value
[   68.930269][ T3271] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   68.939377][ T3285] F2FS-fs (loop6): Found nat_bits in checkpoint
[   68.979383][ T3310] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1285'.
[   68.999675][ T3285] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   69.469308][ T3351] IPv6: sit2: Disabled Multicast RS
[   69.610810][ T2164] syz-executor: attempt to access beyond end of device
[   69.610810][ T2164] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   69.924747][ T3405] devpts: called with bogus options
[   70.074288][ T3415] serio: Serial port ptm0
[   70.279658][ T3432] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1322'.
[   70.503835][ T3454] input: syz0 as /devices/virtual/input/input5
[   70.709636][ T3465] loop1: detected capacity change from 0 to 256
[   70.744640][ T3465] FAT-fs (loop1): Directory bread(block 64) failed
[   70.761401][ T3465] FAT-fs (loop1): Directory bread(block 65) failed
[   70.777430][ T3465] FAT-fs (loop1): Directory bread(block 66) failed
[   70.784157][ T3465] FAT-fs (loop1): Directory bread(block 67) failed
[   70.792436][ T3465] FAT-fs (loop1): Directory bread(block 68) failed
[   70.800331][ T3465] FAT-fs (loop1): Directory bread(block 69) failed
[   70.806870][ T3465] FAT-fs (loop1): Directory bread(block 70) failed
[   70.814881][ T3465] FAT-fs (loop1): Directory bread(block 71) failed
[   70.821561][ T3465] FAT-fs (loop1): Directory bread(block 72) failed
[   70.835057][ T3465] FAT-fs (loop1): Directory bread(block 73) failed
[   70.919715][ T3468] syz.1.1336: attempt to access beyond end of device
[   70.919715][ T3468] loop1: rw=2049, sector=1224, nr_sectors = 608 limit=256
[   70.938012][ T3468] syz.1.1336: attempt to access beyond end of device
[   70.938012][ T3468] loop1: rw=2049, sector=1864, nr_sectors = 4384 limit=256
[   71.013493][ T3467] loop6: detected capacity change from 0 to 40427
[   71.020563][ T3467] F2FS-fs (loop6): fault_injection options not supported
[   71.028256][ T3467] F2FS-fs (loop6): invalid crc value
[   71.034642][ T3467] F2FS-fs (loop6): Found nat_bits in checkpoint
[   71.070179][ T3467] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   71.359473][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   71.496462][ T3497] netem: change failed
[   71.529675][ T3499] loop2: detected capacity change from 0 to 256
[   71.577421][ T3483] loop5: detected capacity change from 0 to 40427
[   71.592986][ T3483] F2FS-fs (loop5): fault_injection options not supported
[   71.600877][ T3483] F2FS-fs (loop5): invalid crc value
[   71.607141][ T3483] F2FS-fs (loop5): Found nat_bits in checkpoint
[   71.617382][   T19] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   71.664061][ T3483] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   71.807317][   T19] usb 2-1: Using ep0 maxpacket: 16
[   71.813405][   T19] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[   71.834571][   T19] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[   71.854959][   T19] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   71.880463][   T19] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   71.897372][   T19] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.905282][   T19] usb 2-1: Product: syz
[   71.909640][   T19] usb 2-1: Manufacturer: syz
[   71.914062][   T19] usb 2-1: SerialNumber: syz
[   71.970811][ T3533] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[   72.329757][   T19] usb 2-1: 2:1 : format type 0 is detected, processed as PCM
[   72.543623][ T3547] loop2: detected capacity change from 0 to 512
[   72.575605][ T3547] EXT4-fs: Ignoring removed i_version option
[   72.607351][ T3547] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   72.630904][ T3553] loop4: detected capacity change from 0 to 512
[   72.642773][ T3547] EXT4-fs (loop2): 1 truncate cleaned up
[   72.650087][ T3547] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   72.698465][  T296] EXT4-fs (loop2): unmounting filesystem.
[   72.705169][ T3553] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   72.719208][   T28] kauditd_printk_skb: 3 callbacks suppressed
[   72.719222][   T28] audit: type=1400 audit(1742442813.670:8135): avc:  denied  { write } for  pid=3552 comm="syz.4.1370" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   72.787365][   T28] audit: type=1400 audit(1742442813.700:8136): avc:  denied  { open } for  pid=3552 comm="syz.4.1370" path="/301/file1/file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   72.811887][   T28] audit: type=1400 audit(1742442813.700:8137): avc:  denied  { read } for  pid=3552 comm="syz.4.1370" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   72.865609][  T295] EXT4-fs (loop4): unmounting filesystem.
[   72.884704][   T28] audit: type=1326 audit(1742442813.830:8138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3540 comm="syz.6.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f110f58d169 code=0x7ffc0000
[   72.927360][   T28] audit: type=1326 audit(1742442813.830:8139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3540 comm="syz.6.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f110f529359 code=0x7ffc0000
[   72.977348][   T28] audit: type=1326 audit(1742442813.830:8140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3540 comm="syz.6.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f110f529359 code=0x7ffc0000
[   73.027384][   T28] audit: type=1326 audit(1742442813.830:8141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3540 comm="syz.6.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f110f529359 code=0x7ffc0000
[   73.067321][   T28] audit: type=1326 audit(1742442813.830:8142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3540 comm="syz.6.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f110f529359 code=0x7ffc0000
[   73.100631][   T28] audit: type=1326 audit(1742442813.830:8143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3540 comm="syz.6.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f110f529359 code=0x7ffc0000
[   73.150056][   T28] audit: type=1326 audit(1742442813.830:8144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3540 comm="syz.6.1366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f110f529359 code=0x7ffc0000
[   73.263019][ T3576] loop4: detected capacity change from 0 to 512
[   73.279345][ T3576] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   73.288389][ T3576] ext4 filesystem being mounted at /304/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   73.355103][   T19] usb 2-1: USB disconnect, device number 6
[   73.361551][ T3579] EXT4-fs error (device loop4): ext4_get_first_dir_block:3591: inode #12: block 32: comm syz.4.1380: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   73.393947][ T3579] EXT4-fs error (device loop4): ext4_get_first_dir_block:3594: inode #12: comm syz.4.1380: directory missing '.'
[   73.507377][ T1625] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[   73.519659][ T3585] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1383'.
[   73.697744][ T1625] usb 6-1: too many configurations: 227, using maximum allowed: 8
[   73.708986][ T1625] usb 6-1: config 0 has no interfaces?
[   73.722586][ T1625] usb 6-1: config 0 has no interfaces?
[   73.736572][ T1625] usb 6-1: config 0 has no interfaces?
[   73.767012][ T1625] usb 6-1: config 0 has no interfaces?
[   73.773573][ T1625] usb 6-1: config 0 has no interfaces?
[   73.787786][ T1625] usb 6-1: config 0 has no interfaces?
[   73.798198][ T1625] usb 6-1: config 0 has no interfaces?
[   73.814340][ T1625] usb 6-1: config 0 has no interfaces?
[   73.819896][ T1625] usb 6-1: New USB device found, idVendor=055d, idProduct=9000, bcdDevice=31.44
[   73.849594][ T1625] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   73.877185][ T1625] usb 6-1: config 0 descriptor??
[   73.891751][ T3565] loop2: detected capacity change from 0 to 131072
[   73.899226][ T3565] F2FS-fs (loop2): QUOTA feature is enabled, so ignore qf_name
[   73.910401][ T3565] F2FS-fs (loop2): invalid crc value
[   73.929922][ T3565] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[   73.979677][ T3565] F2FS-fs (loop2): Mounted with checkpoint version = 753bd00b
[   74.022527][ T3565] syz.2.1375 (pid 3565) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[   74.100134][   T24] usb 6-1: USB disconnect, device number 7
[   74.163612][ T3602] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1389'.
[   74.171128][  T295] EXT4-fs (loop4): unmounting filesystem.
[   74.249386][ T3613] device batadv_slave_1 entered promiscuous mode
[   74.264035][ T3613] device lo entered promiscuous mode
[   74.274860][ T3612] device lo left promiscuous mode
[   74.281902][ T3612] device batadv_slave_1 left promiscuous mode
[   74.470437][ T3640] netem: change failed
[   74.705857][ T3670] netem: change failed
[   74.905314][ T3709] loop5: detected capacity change from 0 to 256
[   75.090762][ T3709] FAT-fs (loop5): Directory bread(block 64) failed
[   75.099544][ T3709] FAT-fs (loop5): Directory bread(block 65) failed
[   75.116573][ T3709] FAT-fs (loop5): Directory bread(block 66) failed
[   75.131231][ T3709] FAT-fs (loop5): Directory bread(block 67) failed
[   75.144283][ T3744] SELinux:  Context � is not valid (left unmapped).
[   75.154273][ T3709] FAT-fs (loop5): Directory bread(block 68) failed
[   75.172448][ T3709] FAT-fs (loop5): Directory bread(block 69) failed
[   75.194859][ T3747] loop4: detected capacity change from 0 to 8192
[   75.202454][ T3709] FAT-fs (loop5): Directory bread(block 70) failed
[   75.236155][ T3709] FAT-fs (loop5): Directory bread(block 71) failed
[   75.251671][ T3709] FAT-fs (loop5): Directory bread(block 72) failed
[   75.267333][ T3709] FAT-fs (loop5): Directory bread(block 73) failed
[   75.302285][ T3776] loop1: detected capacity change from 0 to 512
[   75.308809][ T3774] loop6: detected capacity change from 0 to 16
[   75.315575][ T3776] EXT4-fs: Ignoring removed bh option
[   75.333426][ T3774] erofs: (device loop6): mounted with root inode @ nid 36.
[   75.348809][ T3776] EXT4-fs: Mount option(s) incompatible with ext3
[   75.361588][ T3774] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   75.410410][ T3774] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress -29 in[58, 4038] out[1851]
[   75.438998][ T3774] erofs: (device loop6): z_erofs_read_folio: failed to read, err [-117]
[   75.473379][ T3789] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   75.494797][ T3789] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   75.514796][ T3709] bio_check_eod: 3 callbacks suppressed
[   75.514815][ T3709] syz.5.1431: attempt to access beyond end of device
[   75.514815][ T3709] loop5: rw=2049, sector=1224, nr_sectors = 608 limit=256
[   75.537554][ T3789] erofs: (device loop6): z_erofs_readahead: readahead error at page 42 @ nid 36
[   75.546475][ T3789] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   75.555886][ T3789] erofs: (device loop6): z_erofs_readahead: readahead error at page 41 @ nid 36
[   75.575797][ T3709] syz.5.1431: attempt to access beyond end of device
[   75.575797][ T3709] loop5: rw=2049, sector=1864, nr_sectors = 6504 limit=256
[   75.589715][ T3789] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   75.610127][ T3789] erofs: (device loop6): z_erofs_readahead: readahead error at page 40 @ nid 36
[   75.633493][ T3789] erofs: (device loop6): z_erofs_readahead: readahead error at page 39 @ nid 36
[   75.646897][ T3785] syz.5.1431: attempt to access beyond end of device
[   75.646897][ T3785] loop5: rw=0, sector=1224, nr_sectors = 4 limit=256
[   75.660187][ T3789] erofs: (device loop6): z_erofs_readahead: readahead error at page 38 @ nid 36
[   75.669934][ T3789] erofs: (device loop6): z_erofs_readahead: readahead error at page 36 @ nid 36
[   75.703316][ T3789] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   75.725759][ T3789] erofs: (device loop6): z_erofs_readahead: readahead error at page 31 @ nid 36
[   75.740765][ T3826] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1454'.
[   75.749846][ T3789] erofs: (device loop6): z_erofs_readahead: readahead error at page 25 @ nid 36
[   75.766842][ T3789] erofs: (device loop6): z_erofs_readahead: readahead error at page 24 @ nid 36
[   75.776099][ T3789] erofs: (device loop6): z_erofs_readahead: readahead error at page 19 @ nid 36
[   75.785413][ T3789] syz.6.1445: attempt to access beyond end of device
[   75.785413][ T3789] loop6: rw=524288, sector=784, nr_sectors = 64 limit=16
[   75.811638][ T3789] syz.6.1445: attempt to access beyond end of device
[   75.811638][ T3789] loop6: rw=524288, sector=13478624080, nr_sectors = 24 limit=16
[   75.837285][ T3789] syz.6.1445: attempt to access beyond end of device
[   75.837285][ T3789] loop6: rw=524288, sector=13478624032, nr_sectors = 48 limit=16
[   75.852117][ T3789] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress -29 in[58, 4038] out[2639]
[   75.863713][ T3789] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   75.873414][ T3789] erofs: (device loop6): z_erofs_readahead: readahead error at page 47 @ nid 36
[   75.884513][ T3789] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   75.901283][ T3837] loop4: detected capacity change from 0 to 1024
[   75.908526][ T3789] erofs: (device loop6): z_erofs_readahead: readahead error at page 46 @ nid 36
[   75.912422][ T3837] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   75.920467][ T3839] loop1: detected capacity change from 0 to 512
[   75.932401][ T3789] erofs: (device loop6): z_erofs_readahead: readahead error at page 45 @ nid 36
[   75.941834][ T3789] syz.6.1445: attempt to access beyond end of device
[   75.941834][ T3789] loop6: rw=524288, sector=16, nr_sectors = 16 limit=16
[   75.948491][ T3839] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   75.957674][ T3789] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress -29 in[58, 4038] out[3537]
[   75.965533][  T295] EXT4-fs (loop4): unmounting filesystem.
[   75.982800][ T3839] EXT4-fs (loop1): 1 truncate cleaned up
[   75.994303][ T3839] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   76.026415][ T3848] loop6: detected capacity change from 0 to 512
[   76.035444][  T292] EXT4-fs (loop1): unmounting filesystem.
[   76.035679][ T3848] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[   76.065309][ T3848] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   76.102352][ T2164] EXT4-fs (loop6): unmounting filesystem.
[   76.221577][ T3882] loop4: detected capacity change from 0 to 2048
[   76.268001][ T3882]  loop4: p1 < > p4
[   76.273907][ T3882] loop4: p4 size 8388608 extends beyond EOD, truncated
[   76.419670][ T3909] loop4: detected capacity change from 0 to 128
[   76.577347][   T19] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   76.757333][   T19] usb 2-1: Using ep0 maxpacket: 8
[   76.763286][   T19] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[   76.772347][   T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.780824][   T19] usb 2-1: config 0 descriptor??
[   77.390014][ T3939] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1503'.
[   78.189339][   T19] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[   78.199324][   T19] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9
[   78.210066][   T19] asix: probe of 2-1:0.0 failed with error -71
[   78.216555][   T19] usb 2-1: USB disconnect, device number 7
[   78.750552][   T28] kauditd_printk_skb: 636 callbacks suppressed
[   78.750568][   T28] audit: type=1400 audit(1742442819.700:8781): avc:  denied  { read } for  pid=3970 comm="syz.4.1518" name="loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   78.788308][   T28] audit: type=1400 audit(1742442819.730:8782): avc:  denied  { open } for  pid=3970 comm="syz.4.1518" path="/dev/loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   78.829788][   T28] audit: type=1400 audit(1742442819.730:8783): avc:  denied  { ioctl } for  pid=3970 comm="syz.4.1518" path="/dev/loop-control" dev="devtmpfs" ino=113 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   78.849694][ T3982] loop1: detected capacity change from 0 to 512
[   78.864383][ T3982] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   78.912443][ T3982] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   78.922309][ T3982] ext4 filesystem being mounted at /310/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.932584][   T28] audit: type=1400 audit(1742442819.880:8784): avc:  denied  { read } for  pid=3985 comm="syz.5.1524" name="snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   78.932620][   T28] audit: type=1400 audit(1742442819.880:8785): avc:  denied  { open } for  pid=3985 comm="syz.5.1524" path="/dev/snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   78.943440][   T28] audit: type=1400 audit(1742442819.890:8786): avc:  denied  { read write } for  pid=3999 comm="syz.6.1529" name="uhid" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   79.003522][  T292] EXT4-fs (loop1): unmounting filesystem.
[   79.012632][ T4003] loop6: detected capacity change from 0 to 1024
[   79.023000][   T28] audit: type=1400 audit(1742442819.910:8787): avc:  denied  { open } for  pid=3999 comm="syz.6.1529" path="/dev/uhid" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   79.037754][ T4003] EXT4-fs: Ignoring removed nomblk_io_submit option
[   79.053192][ T4003] EXT4-fs: Mount option(s) incompatible with ext2
[   79.080777][ T4007] netlink: 'syz.1.1531': attribute type 4 has an invalid length.
[   79.106458][ T4007] netlink: 'syz.1.1531': attribute type 4 has an invalid length.
[   79.208701][ T4023] loop1: detected capacity change from 0 to 512
[   79.225761][ T4029] netlink: 'syz.4.1541': attribute type 1 has an invalid length.
[   79.233475][ T4029] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1541'.
[   79.252739][ T4023] Quota error (device loop1): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[   79.265398][ T4023] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   79.299516][ T4023] EXT4-fs error (device loop1): ext4_acquire_dquot:6782: comm syz.1.1538: Failed to acquire dquot type 1
[   79.329845][ T4023] EXT4-fs (loop1): 1 truncate cleaned up
[   79.345245][ T4023] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   79.362837][ T4023] ext4 filesystem being mounted at /314/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.381548][   T28] audit: type=1400 audit(1742442820.330:8788): avc:  denied  { write } for  pid=4042 comm="syz.6.1545" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   79.409971][ T4023] EXT4-fs (loop1): unmounting filesystem.
[   79.491498][ T4051] netlink: 'syz.4.1549': attribute type 4 has an invalid length.
[   79.515822][ T4053] IPv6: sit2: Disabled Multicast RS
[   79.540440][ T4051] netlink: 'syz.4.1549': attribute type 4 has an invalid length.
[   79.619532][ T4063] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1554'.
[   79.752383][ T4074] loop6: detected capacity change from 0 to 512
[   79.793577][ T4074] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   79.830567][ T4074] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   79.850147][ T4074] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.930025][ T2164] EXT4-fs (loop6): unmounting filesystem.
[   80.333417][ T4086] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1561'.
[   80.813213][ T4123] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   80.864547][ T4129] loop5: detected capacity change from 0 to 512
[   80.894753][ T4129] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   80.917362][ T4129] EXT4-fs error (device loop5): ext4_orphan_get:1426: comm syz.5.1582: bad orphan inode 131083
[   80.967987][ T4129] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   81.051784][  T779] EXT4-fs (loop5): unmounting filesystem.
[   81.059609][ T4140] loop2: detected capacity change from 0 to 2048
[   81.082567][ T4140] EXT4-fs: Ignoring removed mblk_io_submit option
[   81.138548][ T4140] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   81.235222][  T296] EXT4-fs (loop2): unmounting filesystem.
[   81.256553][ T4167] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1598'.
[   81.281716][ T4172] loop2: detected capacity change from 0 to 512
[   81.288787][ T4172] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   81.319575][ T4172] EXT4-fs error (device loop2): ext4_orphan_get:1426: comm syz.2.1599: bad orphan inode 131083
[   81.337934][ T4172] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   81.473582][  T296] EXT4-fs (loop2): unmounting filesystem.
[   81.635739][   T24] kernel write not supported for file bpf-prog (pid: 24 comm: kworker/1:0)
[   81.667406][   T60] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[   81.868424][   T60] usb 2-1: config 0 has an invalid interface number: 89 but max is 0
[   81.879100][   T60] usb 2-1: config 0 has no interface number 0
[   81.886875][   T60] usb 2-1: config 0 interface 89 has no altsetting 0
[   81.908765][   T60] usb 2-1: New USB device found, idVendor=2c7c, idProduct=0306, bcdDevice=9b.9d
[   81.927305][   T60] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.945407][   T60] usb 2-1: Product: syz
[   81.949657][   T60] usb 2-1: Manufacturer: syz
[   81.954263][   T60] usb 2-1: SerialNumber: syz
[   81.967527][   T60] usb 2-1: config 0 descriptor??
[   82.123903][ T4218] loop4: detected capacity change from 0 to 2048
[   82.137394][ T4202] loop6: detected capacity change from 0 to 40427
[   82.144384][ T4218] EXT4-fs: Ignoring removed mblk_io_submit option
[   82.151496][ T4202] F2FS-fs (loop6): fault_type options not supported
[   82.159516][ T4202] F2FS-fs (loop6): invalid crc value
[   82.165831][ T4202] F2FS-fs (loop6): Found nat_bits in checkpoint
[   82.189444][ T4218] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   82.241057][  T295] EXT4-fs (loop4): unmounting filesystem.
[   82.269938][ T4202] F2FS-fs (loop6): Start checkpoint disabled!
[   82.291445][ T4202] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[   82.338934][   T60] usb 2-1: USB disconnect, device number 8
[   82.457546][ T4239] device veth1_to_team entered promiscuous mode
[   82.473397][ T4241] xt_TPROXY: Can be used only with -p tcp or -p udp
[   82.479965][ T4238] device veth1_to_team left promiscuous mode
[   82.673320][ T4274] xt_TPROXY: Can be used only with -p tcp or -p udp
[   82.790920][   T60] kernel write not supported for file bpf-prog (pid: 60 comm: kworker/1:2)
[   83.112362][ T4283] loop6: detected capacity change from 0 to 40427
[   83.137867][ T4283] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[   83.155546][ T4283] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[   83.187371][ T4283] F2FS-fs (loop6): invalid crc value
[   83.223563][ T4283] F2FS-fs (loop6): Found nat_bits in checkpoint
[   83.242724][ T4294] loop1: detected capacity change from 0 to 40427
[   83.278270][ T4294] F2FS-fs (loop1): Found nat_bits in checkpoint
[   83.355028][ T4283] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[   83.362945][ T4283] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   83.407091][ T4294] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   83.496154][  T292] syz-executor: attempt to access beyond end of device
[   83.496154][  T292] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   83.839275][ T4340] device bond_slave_1 entered promiscuous mode
[   83.856659][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   83.888040][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   83.964364][ T4283] syz.6.1646: attempt to access beyond end of device
[   83.964364][ T4283] loop6: rw=2049, sector=77824, nr_sectors = 2232 limit=40427
[   83.996499][ T4354] loop1: detected capacity change from 0 to 2048
[   83.998500][ T4283] syz.6.1646: attempt to access beyond end of device
[   83.998500][ T4283] loop6: rw=2049, sector=80056, nr_sectors = 1864 limit=40427
[   84.032925][ T4360] netlink: 45 bytes leftover after parsing attributes in process `syz.5.1670'.
[   84.057989][ T4283] syz.6.1646: attempt to access beyond end of device
[   84.057989][ T4283] loop6: rw=2049, sector=49152, nr_sectors = 2896 limit=40427
[   84.080453][ T4354] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   84.080487][ T4283] syz.6.1646: attempt to access beyond end of device
[   84.080487][ T4283] loop6: rw=2049, sector=52048, nr_sectors = 1200 limit=40427
[   84.111722][ T4283] syz.6.1646: attempt to access beyond end of device
[   84.111722][ T4283] loop6: rw=2049, sector=57344, nr_sectors = 3056 limit=40427
[   84.112506][   T28] kauditd_printk_skb: 10 callbacks suppressed
[   84.112523][   T28] audit: type=1400 audit(1742442825.060:8799): avc:  denied  { mounton } for  pid=4352 comm="syz.1.1668" path="/335/file0/bus" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   84.162281][ T4283] syz.6.1646: attempt to access beyond end of device
[   84.162281][ T4283] loop6: rw=2049, sector=60400, nr_sectors = 9864 limit=40427
[   84.201066][  T292] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   84.245603][  T292] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   84.271846][   T28] audit: type=1400 audit(1742442825.220:8800): avc:  denied  { unlink } for  pid=292 comm="syz-executor" name="file1" dev="loop1" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[   84.284260][ T4384] binfmt_misc: register: failed to install interpreter file ./file2
[   84.304954][  T292] EXT4-fs (loop1): unmounting filesystem.
[   84.306749][ T4283] syz.6.1646: attempt to access beyond end of device
[   84.306749][ T4283] loop6: rw=2049, sector=70264, nr_sectors = 4952 limit=40427
[   84.374119][ T2164] syz-executor: attempt to access beyond end of device
[   84.374119][ T2164] loop6: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[   84.476700][ T4412] loop1: detected capacity change from 0 to 1024
[   84.484151][ T4412] EXT4-fs: Ignoring removed nobh option
[   84.490095][ T4412] EXT4-fs: Ignoring removed bh option
[   84.495808][ T4408] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1689'.
[   84.504884][ T4412] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   84.516190][ T4408] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1689'.
[   84.525732][ T4408] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1689'.
[   84.552629][ T4412] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   84.610067][ T4412] EXT4-fs (loop1): unmounting filesystem.
[   84.789814][ T4443] SELinux:  Context system_u:object_r:lvm_control_t:s0 is not valid (left unmapped).
[   84.800354][   T28] audit: type=1400 audit(1742442825.750:8801): avc:  denied  { relabelto } for  pid=4440 comm="syz.2.1703" name="vcs" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 trawcon="system_u:object_r:lvm_control_t:s0"
[   84.828163][ T4442] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1704'.
[   84.842730][   T28] audit: type=1400 audit(1742442825.780:8802): avc:  denied  { associate } for  pid=4440 comm="syz.2.1703" name="vcs" dev="devtmpfs" ino=13 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 srawcon="system_u:object_r:lvm_control_t:s0"
[   85.118611][ T4421] loop6: detected capacity change from 0 to 131072
[   85.125805][ T4421] F2FS-fs (loop6): QUOTA feature is enabled, so ignore qf_name
[   85.134375][ T4421] F2FS-fs (loop6): invalid crc value
[   85.141311][ T4421] F2FS-fs (loop6): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[   85.167114][ T4421] F2FS-fs (loop6): Mounted with checkpoint version = 753bd00b
[   85.387474][   T24] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[   85.597355][   T24] usb 2-1: Using ep0 maxpacket: 16
[   85.604335][   T24] usb 2-1: config 0 has no interfaces?
[   85.611765][   T24] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[   85.628588][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.647308][   T24] usb 2-1: Product: syz
[   85.651300][   T24] usb 2-1: Manufacturer: syz
[   85.655781][   T24] usb 2-1: SerialNumber: syz
[   85.667503][   T24] r8152-cfgselector 2-1: config 0 descriptor??
[   85.876508][   T24] r8152-cfgselector 2-1: Unknown version 0x0000
[   85.883180][   T24] r8152-cfgselector 2-1: USB disconnect, device number 9
[   86.307899][ T4490] loop5: detected capacity change from 0 to 131072
[   86.315003][ T4490] F2FS-fs (loop5): QUOTA feature is enabled, so ignore qf_name
[   86.323277][ T4490] F2FS-fs (loop5): invalid crc value
[   86.330283][ T4490] F2FS-fs (loop5): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387)
[   86.362467][ T4490] F2FS-fs (loop5): Mounted with checkpoint version = 753bd00b
[   86.399559][   T28] audit: type=1400 audit(1742442827.350:8803): avc:  denied  { mounton } for  pid=4511 comm="syz.6.1739" path="/168/file0" dev="tmpfs" ino=903 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[   86.677273][   T28] audit: type=1400 audit(1742442827.620:8804): avc:  denied  { connect } for  pid=4542 comm="syz.4.1745" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   87.254005][ T4557] loop6: detected capacity change from 0 to 40427
[   87.277856][ T4557] F2FS-fs (loop6): Found nat_bits in checkpoint
[   87.342319][ T4557] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   87.382372][ T2164] syz-executor: attempt to access beyond end of device
[   87.382372][ T2164] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   87.638263][ T4591] netem: incorrect gi model size
[   87.643093][ T4591] netem: change failed
[   87.707461][ T4598] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.714460][ T4598] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.735563][ T4598] device bridge_slave_0 left promiscuous mode
[   87.743116][ T4598] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.796334][ T4598] device bridge_slave_1 left promiscuous mode
[   87.802458][ T4598] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.895151][ T4617] device bridge0 entered promiscuous mode
[   87.911711][ T4617] bridge0: port 3(macsec1) entered blocking state
[   87.933382][ T4617] bridge0: port 3(macsec1) entered disabled state
[   87.965253][ T4617] device bridge0 left promiscuous mode
[   88.047721][ T4633] netlink: 'syz.2.1776': attribute type 4 has an invalid length.
[   88.055502][ T4633] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.1776'.
[   88.430900][ T4678] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1796'.
[   88.440194][ T4678] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1796'.
[   88.455045][   T28] audit: type=1400 audit(1742442829.410:8805): avc:  denied  { map } for  pid=4680 comm="syz.4.1798" path="socket:[31655]" dev="sockfs" ino=31655 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[   88.456768][ T4678] bridge0: port 3(vlan2) entered blocking state
[   88.491360][ T4678] bridge0: port 3(vlan2) entered disabled state
[   88.644806][ T4669] loop5: detected capacity change from 0 to 40427
[   88.722295][ T4669] F2FS-fs (loop5): fault_type options not supported
[   88.743111][ T4669] F2FS-fs (loop5): invalid crc value
[   88.757575][ T4669] F2FS-fs (loop5): Found nat_bits in checkpoint
[   88.936084][   T28] audit: type=1400 audit(1742442829.880:8806): avc:  denied  { load_policy } for  pid=4746 comm="syz.2.1806" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   88.958623][ T4669] F2FS-fs (loop5): Start checkpoint disabled!
[   88.963004][ T4748] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   88.979471][ T4669] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[   88.990053][ T4748] SELinux: failed to load policy
[   89.062421][ T4755] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1807'.
[   89.074033][ T4669] F2FS-fs (loop5): ino:10, start:1, end:8193, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[   89.108373][   T28] audit: type=1400 audit(1742442830.060:8807): avc:  denied  { remove_name } for  pid=4668 comm="syz.5.1792" name="file2" dev="loop5" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   89.207991][ T4752] kworker/u4:156: attempt to access beyond end of device
[   89.207991][ T4752] loop5: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[   89.470009][ T4791] loop5: detected capacity change from 0 to 2048
[   89.498468][ T4791] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   89.516209][  T779] EXT4-fs (loop5): unmounting filesystem.
[   89.540729][   T28] audit: type=1400 audit(1742442830.490:8808): avc:  denied  { setcurrent } for  pid=4804 comm="syz.2.1823" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   89.565255][   T28] audit: type=1401 audit(1742442830.490:8809): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[   89.582535][ T4809] netlink: 'syz.5.1822': attribute type 4 has an invalid length.
[   89.627066][ T4813] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1826'.
[   89.715372][ T4821] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   89.724359][ T4815] device bond_slave_1 left promiscuous mode
[   89.788954][ T4838] loop4: detected capacity change from 0 to 2048
[   89.834322][ T4838] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   89.852449][  T295] EXT4-fs (loop4): unmounting filesystem.
[   89.883074][ T4601] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[   89.956298][ T4601] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[   89.963989][ T4601] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[   89.971814][ T4601] hid-generic 0000:0004:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   90.139057][ T4831] hid-generic 0000:0004:0000.0004: unknown main item tag 0x0
[   90.146461][ T4831] hid-generic 0000:0004:0000.0004: unknown main item tag 0x0
[   90.153708][ T4831] hid-generic 0000:0004:0000.0004: unknown main item tag 0x0
[   90.162793][ T4831] hid-generic 0000:0004:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   90.258811][ T4901] netem: change failed
[   90.296822][ T4909] netlink: 'syz.2.1865': attribute type 4 has an invalid length.
[   90.319830][ T4913] bridge0: port 3(syz_tun) entered blocking state
[   90.326254][ T4913] bridge0: port 3(syz_tun) entered disabled state
[   90.333524][ T4913] device syz_tun entered promiscuous mode
[   90.339558][ T4913] bridge0: port 3(syz_tun) entered blocking state
[   90.345820][ T4913] bridge0: port 3(syz_tun) entered forwarding state
[   90.353225][ T4913] bridge0: port 3(syz_tun) entered learning state
[   90.382183][ T4919] netlink: 'syz.1.1879': attribute type 4 has an invalid length.
[   90.387630][ T4831] hid-generic 0000:0004:0000.0005: unknown main item tag 0x0
[   90.402714][ T4831] hid-generic 0000:0004:0000.0005: unknown main item tag 0x0
[   90.420975][ T4831] hid-generic 0000:0004:0000.0005: unknown main item tag 0x0
[   90.436747][ T4831] hid-generic 0000:0004:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   90.495923][ T4931] netem: change failed
[   90.652542][ T4946] loop4: detected capacity change from 0 to 16
[   90.661840][ T4946] erofs: (device loop4): mounted with root inode @ nid 36.
[   90.763580][   T28] audit: type=1326 audit(1742442831.710:8810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4954 comm="syz.2.1886" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f35c198d169 code=0x0
[   90.866435][ T4960] netlink: 'syz.4.1887': attribute type 4 has an invalid length.
[   91.016539][   T28] audit: type=1400 audit(1742442831.960:8811): avc:  denied  { setopt } for  pid=4973 comm="syz.5.1893" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   91.312190][ T4980] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.319401][ T4980] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.344691][ T4980] device bridge_slave_0 left promiscuous mode
[   91.351308][ T4980] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.362000][ T4980] device bridge_slave_1 left promiscuous mode
[   91.368044][ T4980] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.546918][   T28] audit: type=1400 audit(1742442832.490:8812): avc:  denied  { shutdown } for  pid=4991 comm="syz.1.1901" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   91.704045][ T5008] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1908'.
[   91.767350][   T60] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   91.784851][ T5010] netem: incorrect gi model size
[   91.789764][ T5010] netem: change failed
[   91.931454][ T5032] bridge0: port 1(syz_tun) entered blocking state
[   91.938145][ T5032] bridge0: port 1(syz_tun) entered disabled state
[   91.944948][ T5032] device syz_tun entered promiscuous mode
[   91.957321][   T60] usb 5-1: Using ep0 maxpacket: 16
[   91.968223][   T60] usb 5-1: config 0 has no interfaces?
[   91.977521][ T5034] loop2: detected capacity change from 0 to 512
[   91.989118][ T5034] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.1921: casefold flag without casefold feature
[   92.001799][   T60] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[   92.001876][ T5034] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1921: couldn't read orphan inode 15 (err -117)
[   92.015373][   T60] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   92.023421][ T5034] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   92.032571][   T60] usb 5-1: Product: syz
[   92.053628][   T60] usb 5-1: Manufacturer: syz
[   92.059519][  T296] EXT4-fs (loop2): unmounting filesystem.
[   92.065648][   T60] usb 5-1: SerialNumber: syz
[   92.076191][   T60] r8152-cfgselector 5-1: config 0 descriptor??
[   92.085571][ T5039] loop2: detected capacity change from 0 to 512
[   92.092116][ T5039] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[   92.294048][   T60] r8152-cfgselector 5-1: Unknown version 0x0000
[   92.300857][   T60] r8152-cfgselector 5-1: USB disconnect, device number 5
[   92.417916][   T28] audit: type=1400 audit(1742442833.370:8813): avc:  denied  { sys_module } for  pid=5043 comm="syz.5.1926" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   92.418242][ T5044] Invalid ELF header len 8
[   92.439350][   T28] audit: type=1400 audit(1742442833.370:8814): avc:  denied  { module_load } for  pid=5043 comm="syz.5.1926" path="/297/bus" dev="tmpfs" ino=1600 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1
[   92.568512][ T5060] devtmpfs: Unknown parameter 'posixacl'
[   92.707344][ T1239] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   92.809482][ T5087] loop1: detected capacity change from 0 to 1024
[   92.842692][ T5087] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   92.851446][ T5087] ext4 filesystem being mounted at /390/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.872696][  T292] EXT4-fs (loop1): unmounting filesystem.
[   92.948637][ T5091] bridge0: port 3(syz_tun) entered disabled state
[   92.960685][ T5099] loop4: detected capacity change from 0 to 1024
[   92.967811][ T5091] device syz_tun left promiscuous mode
[   93.040924][ T5091] bridge0: port 3(syz_tun) entered disabled state
[   93.076760][ T5091] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.083829][ T5091] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.151152][ T5091] device bridge_slave_0 left promiscuous mode
[   93.170720][ T5091] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.198505][ T5091] device bridge_slave_1 left promiscuous mode
[   93.218297][ T5091] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.227687][ T5118] loop1: detected capacity change from 0 to 128
[   93.234125][ T5118] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   93.265674][ T5118] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   93.282546][   T28] audit: type=1400 audit(1742442834.230:8815): avc:  denied  { getopt } for  pid=5117 comm="syz.1.1958" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   93.326620][ T5125] Invalid ELF header len 8
[   93.493004][ T5134] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1965'.
[   93.536286][ T5136] netlink: 'syz.5.1966': attribute type 5 has an invalid length.
[   93.543965][ T5136] netlink: 7 bytes leftover after parsing attributes in process `syz.5.1966'.
[   93.620199][ T5149] 9pnet: p9_errstr2errno: server reported unknown error �@�BN[9
[   93.620199][ T5149] tr��0�HJ��X���Իx��[K��&K

[   93.868844][ T5176] syz.4.1984[5176] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   93.868930][ T5176] syz.4.1984[5176] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   94.545889][ T5225] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2006'.
[   94.589886][ T5231] loop5: detected capacity change from 0 to 1024
[   94.613352][ T5231] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   94.659484][  T779] EXT4-fs error (device loop5): ext4_map_blocks:634: inode #2: block 16: comm syz-executor: lblock 0 mapped to illegal pblock 16 (length 1)
[   94.685802][  T779] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5887: Corrupt filesystem
[   94.687400][    T6] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[   94.695735][  T779] EXT4-fs error (device loop5): ext4_dirty_inode:6091: inode #2: comm syz-executor: mark_inode_dirty error
[   94.744604][ T2223] EXT4-fs (loop5): unmounting filesystem.
[   94.889825][ T5248] loop2: detected capacity change from 0 to 40427
[   94.896518][ T5248] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   94.904335][ T5248] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   94.908453][    T6] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   94.913700][ T5248] F2FS-fs (loop2): invalid crc value
[   94.928382][    T6] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[   94.938006][    T6] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   94.938536][ T5248] F2FS-fs (loop2): Found nat_bits in checkpoint
[   94.946870][    T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   94.987319][    T6] usb 2-1: SerialNumber: syz
[   94.994154][ T5248] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   95.001348][ T5248] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   95.018349][   T28] audit: type=1400 audit(1742442835.970:8816): avc:  denied  { mounton } for  pid=5247 comm="syz.2.2025" path="/396/bus/file0" dev="loop2" ino=455 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   95.049407][ T5248] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   95.052776][   T28] audit: type=1400 audit(1742442835.990:8817): avc:  denied  { setattr } for  pid=5247 comm="syz.2.2025" name="work" dev="loop2" ino=458 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   95.082284][   T28] audit: type=1400 audit(1742442835.990:8818): avc:  denied  { unlink } for  pid=5247 comm="syz.2.2025" name="#2d" dev="loop2" ino=461 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[   95.087299][  T501] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   95.112258][   T28] audit: type=1400 audit(1742442836.070:8819): avc:  denied  { rmdir } for  pid=296 comm="syz-executor" name="file0" dev="loop2" ino=455 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   95.134445][ T4320] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   95.143609][ T4320] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   95.165348][ T5255] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.172365][ T5255] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.179983][ T5255] device bridge_slave_0 entered promiscuous mode
[   95.186964][ T5255] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.193959][ T5255] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.201092][    T6] usb 2-1: 0:2 : does not exist
[   95.201528][ T5255] device bridge_slave_1 entered promiscuous mode
[   95.210705][    T6] usb 2-1: unit 255 not found!
[   95.228532][    T6] usb 2-1: 5:0: cannot get min/max values for control 2 (id 5)
[   95.248612][    T6] usb 2-1: 5:0: cannot get min/max values for control 3 (id 5)
[   95.264909][    T6] usb 2-1: USB disconnect, device number 10
[   95.303329][ T5255] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.310212][ T5255] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.317334][ T5255] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.324081][ T5255] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.331567][  T501] usb 7-1: Using ep0 maxpacket: 16
[   95.340647][  T501] usb 7-1: config 0 has an invalid interface number: 251 but max is 0
[   95.349030][  T501] usb 7-1: config 0 has no interface number 0
[   95.354986][  T501] usb 7-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[   95.364717][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   95.371734][  T501] usb 7-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[   95.381615][ T4704] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.383186][  T501] usb 7-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[   95.397513][ T4704] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.402280][  T501] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.412249][  T501] usb 7-1: Product: syz
[   95.416274][  T501] usb 7-1: Manufacturer: syz
[   95.420739][  T501] usb 7-1: SerialNumber: syz
[   95.426523][  T501] usb 7-1: config 0 descriptor??
[   95.431945][ T5234] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[   95.439063][ T5234] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[   95.439184][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   95.454423][ T4704] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.461275][ T4704] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.468501][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   95.476494][ T4704] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.483345][ T4704] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.492794][ T4742] device bridge_slave_1 left promiscuous mode
[   95.498823][ T4742] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.506225][ T4742] device bridge_slave_0 left promiscuous mode
[   95.512352][ T4742] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.520188][ T4742] device veth1_macvtap left promiscuous mode
[   95.526043][ T4742] device veth0_vlan left promiscuous mode
[   95.655361][ T5234] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   95.663862][ T5234] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   95.673032][  T501] asix 7-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[   95.684016][  T501] asix 7-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -71
[   95.693610][  T501] asix: probe of 7-1:0.251 failed with error -5
[   95.699925][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   95.708133][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   95.709136][  T501] usb 7-1: USB disconnect, device number 2
[   95.716086][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   95.730440][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   95.748785][ T5255] device veth0_vlan entered promiscuous mode
[   95.754874][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   95.763263][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   95.771593][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   95.780847][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   95.790192][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   95.797667][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   95.809056][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   95.817042][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   95.826153][ T5255] device veth1_macvtap entered promiscuous mode
[   95.835548][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   95.843340][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   95.851497][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   95.861029][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   95.869242][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   95.908402][ T5265] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2031'.
[   95.955817][ T5270] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.962826][ T5270] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.977852][ T5270] device bridge_slave_0 left promiscuous mode
[   95.983936][ T5270] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.995248][ T5270] device bridge_slave_1 left promiscuous mode
[   96.001313][ T5270] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.023142][ T5276] HTB: quantum of class 8018000C is small. Consider r2q change.
[   96.065526][ T5282] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2023'.
[   96.095819][ T5288] netlink: 'syz.7.2028': attribute type 13 has an invalid length.
[   96.103086][ T5289] 9pnet_fd: p9_fd_create_unix (5289): problem connecting socket: ./file0: -5
[   96.103959][ T5288] gretap0: refused to change device tx_queue_len
[   96.118333][ T5288] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   96.131865][   T28] audit: type=1326 audit(1742442837.080:8820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5290 comm="syz.1.2032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd40638d169 code=0x7ffc0000
[   96.163484][   T28] audit: type=1326 audit(1742442837.080:8821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5290 comm="syz.1.2032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd40638d169 code=0x7ffc0000
[   96.187566][   T28] audit: type=1326 audit(1742442837.080:8822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5290 comm="syz.1.2032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd40638d169 code=0x7ffc0000
[   96.189484][ T5293] device ip6tnl1 entered promiscuous mode
[   96.221153][   T28] audit: type=1326 audit(1742442837.080:8823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5290 comm="syz.1.2032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd40638d169 code=0x7ffc0000
[   96.245637][   T28] audit: type=1326 audit(1742442837.080:8824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5290 comm="syz.1.2032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd40638d169 code=0x7ffc0000
[   96.271054][   T28] audit: type=1326 audit(1742442837.080:8825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5290 comm="syz.1.2032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd40638d169 code=0x7ffc0000
[   96.308750][ T5301] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2037'.
[   96.367820][  T501] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   96.438583][ T5317] loop6: detected capacity change from 0 to 512
[   96.444965][ T5317] ext4: Unknown parameter 'noacl'
[   96.558720][  T501] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   96.580776][  T501] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   96.590560][  T501] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   96.598679][  T501] usb 5-1: Product: syz
[   96.602740][  T501] usb 5-1: Manufacturer: syz
[   96.607097][  T501] usb 5-1: SerialNumber: syz
[   96.639053][ T5339] loop1: detected capacity change from 0 to 128
[   97.617111][  T501] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42
[   97.623600][  T501] cdc_ncm 5-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048
[   97.631276][  T501] cdc_ncm 5-1:1.0: setting rx_max = 2048
[   97.830337][ T5410] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2092'.
[   97.882503][ T5415] loop6: detected capacity change from 0 to 256
[   97.895156][ T5418] device syzkaller0 entered promiscuous mode
[   98.024163][  T501] cdc_ncm 5-1:1.0: setting tx_max = 88
[   98.036740][  T501] cdc_ncm 5-1:1.0 eth1: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[   98.058593][  T501] usb 5-1: USB disconnect, device number 6
[   98.064639][  T501] cdc_ncm 5-1:1.0 eth1: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM (NO ZLP)
[   98.119030][ T5438] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2095'.
[   98.447335][ T4829] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   98.557100][ T5489] loop6: detected capacity change from 0 to 256
[   98.638634][ T4829] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   98.654809][ T4829] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   98.665704][ T4829] usb 3-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[   98.677931][ T4829] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.687576][ T4829] usb 3-1: config 0 descriptor??
[   98.804607][ T5512] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2128'.
[   98.820338][ T5513] loop1: detected capacity change from 0 to 512
[   98.830531][ T5513] ext4: Unknown parameter 'noacl'
[   98.931950][ T5522] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12 sclass=netlink_route_socket pid=5522 comm=syz.4.2132
[   99.012242][ T5530] loop1: detected capacity change from 0 to 256
[   99.022815][ T5528] netem: change failed
[   99.027872][ T5530] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[   99.056255][ T5532] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2137'.
[   99.071404][ T5532] HTB: quantum of class 801A0003 is big. Consider r2q change.
[   99.095687][ T4829] logitech-hidpp-device 0003:046D:C086.0006: item fetching failed at offset 0/5
[   99.111225][ T5534] device wireguard0 entered promiscuous mode
[   99.118491][ T4829] logitech-hidpp-device 0003:046D:C086.0006: hidpp_probe:parse failed
[   99.129294][ T4829] logitech-hidpp-device: probe of 0003:046D:C086.0006 failed with error -22
[   99.168866][ T5539] netlink: 96 bytes leftover after parsing attributes in process `syz.7.2140'.
[   99.262807][ T5547] random: crng reseeded on system resumption
[   99.299376][  T501] usb 3-1: USB disconnect, device number 4
[   99.863363][ T5573] loop2: detected capacity change from 0 to 256
[   99.872727][ T5573] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  100.055999][ T5604] loop2: detected capacity change from 0 to 256
[  100.121905][   T28] kauditd_printk_skb: 19 callbacks suppressed
[  100.121922][   T28] audit: type=1400 audit(1742442841.070:8845): avc:  denied  { create } for  pid=5608 comm="syz.4.2171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  100.153075][ T5611] loop7: detected capacity change from 0 to 512
[  100.174811][ T5611] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  100.184014][ T5611] ext4 filesystem being mounted at /41/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  100.197198][ T5619] loop4: detected capacity change from 0 to 256
[  100.205946][ T5255] EXT4-fs (loop7): unmounting filesystem.
[  100.206698][ T5619] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x884b6648, utbl_chksum : 0xe619d30d)
[  100.233410][ T5621] netlink: 96 bytes leftover after parsing attributes in process `syz.7.2176'.
[  100.339191][ T5640] loop1: detected capacity change from 0 to 256
[  100.437714][  T501] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  100.481739][ T5657] loop4: detected capacity change from 0 to 128
[  100.497101][ T5657] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  100.505863][ T5657] ext4 filesystem being mounted at /499/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.529988][ T5657] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-generic)"
[  100.540646][ T5657] fscrypt: Adiantum using blk-crypto-fallback
[  100.555706][  T295] EXT4-fs (loop4): unmounting filesystem.
[  100.609316][ T5669] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12 sclass=netlink_route_socket pid=5669 comm=syz.1.2194
[  100.627501][  T501] usb 3-1: Using ep0 maxpacket: 16
[  100.633711][  T501] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  100.643626][  T501] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  100.656317][ T5677] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2198'.
[  100.657095][  T501] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  100.683183][  T501] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  100.694033][  T501] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.702008][  T501] usb 3-1: Product: syz
[  100.706000][  T501] usb 3-1: Manufacturer: syz
[  100.710472][  T501] usb 3-1: SerialNumber: syz
[  100.731630][ T5685] loop1: detected capacity change from 0 to 128
[  100.739713][ T5685] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  100.748641][ T5685] ext4 filesystem being mounted at /443/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.764698][   T28] audit: type=1400 audit(1742442841.710:8846): avc:  denied  { link } for  pid=5683 comm="syz.1.2202" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop1" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  100.811069][  T292] EXT4-fs (loop1): unmounting filesystem.
[  100.862305][   T28] audit: type=1326 audit(1742442841.810:8847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5698 comm="syz.1.2208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd40638d169 code=0x7ffc0000
[  100.886094][ T5699] loop1: detected capacity change from 0 to 1024
[  100.887013][   T28] audit: type=1326 audit(1742442841.810:8848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5698 comm="syz.1.2208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd40638d169 code=0x7ffc0000
[  100.896997][ T5699] EXT4-fs error (device loop1): ext4_map_blocks:744: inode #3: block 1: comm syz.1.2208: lblock 1 mapped to illegal pblock 1 (length 1)
[  100.915924][   T28] audit: type=1326 audit(1742442841.810:8849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5698 comm="syz.1.2208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7fd40638d169 code=0x7ffc0000
[  100.929736][ T5699] EXT4-fs (loop1): Remounting filesystem read-only
[  100.955550][   T28] audit: type=1326 audit(1742442841.810:8850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5698 comm="syz.1.2208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd40638d169 code=0x7ffc0000
[  100.982320][ T4829] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  100.982402][ T5699] Quota error (device loop1): write_blk: dquota write failed
[  100.997201][   T28] audit: type=1326 audit(1742442841.810:8851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5698 comm="syz.1.2208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd40638d169 code=0x7ffc0000
[  100.997867][ T5699] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  101.020642][   T28] audit: type=1326 audit(1742442841.810:8852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5698 comm="syz.1.2208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd40638f087 code=0x7ffc0000
[  101.032216][ T5699] EXT4-fs error (device loop1): ext4_acquire_dquot:6782: comm syz.1.2208: Failed to acquire dquot type 0
[  101.064679][ T5699] EXT4-fs (loop1): Remounting filesystem read-only
[  101.071354][ T5699] EXT4-fs error (device loop1): ext4_free_blocks:6210: comm syz.1.2208: Freeing blocks not in datazone - block = 0, count = 4096
[  101.084849][ T5699] EXT4-fs (loop1): Remounting filesystem read-only
[  101.091298][ T5699] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.2208: Invalid inode bitmap blk 0 in block_group 0
[  101.091394][ T4704] EXT4-fs error (device loop1): ext4_map_blocks:634: inode #3: block 1: comm kworker/u4:121: lblock 1 mapped to illegal pblock 1 (length 1)
[  101.104261][ T5699] EXT4-fs (loop1): Remounting filesystem read-only
[  101.118599][ T4704] EXT4-fs (loop1): Remounting filesystem read-only
[  101.124182][ T5699] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem
[  101.130974][ T4704] EXT4-fs error (device loop1): ext4_release_dquot:6805: comm kworker/u4:121: Failed to release dquot type 0
[  101.147207][ T5699] EXT4-fs (loop1): Remounting filesystem read-only
[  101.151056][ T4704] EXT4-fs (loop1): Remounting filesystem read-only
[  101.156758][ T5699] EXT4-fs (loop1): 1 orphan inode deleted
[  101.164372][  T501] usb 3-1: 0:2 : does not exist
[  101.173287][ T5699] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  101.177675][ T5703] loop6: detected capacity change from 0 to 128
[  101.188714][ T5703] EXT4-fs: Ignoring removed nobh option
[  101.195656][ T5703] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  101.204257][ T5703] ext4 filesystem being mounted at /243/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  101.215085][ T4829] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  101.225885][ T4829] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  101.227207][  T292] EXT4-fs (loop1): unmounting filesystem.
[  101.235690][ T4829] usb 5-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[  101.250094][ T4829] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.259055][ T4829] usb 5-1: config 0 descriptor??
[  101.263843][ T2164] EXT4-fs (loop6): unmounting filesystem.
[  101.308384][ T5706] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12 sclass=netlink_route_socket pid=5706 comm=syz.6.2210
[  101.339309][ T5710] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2211'.
[  101.668838][ T4829] logitech-hidpp-device 0003:046D:C086.0007: item fetching failed at offset 0/5
[  101.682667][ T4829] logitech-hidpp-device 0003:046D:C086.0007: hidpp_probe:parse failed
[  101.691384][ T4829] logitech-hidpp-device: probe of 0003:046D:C086.0007 failed with error -22
[  101.732255][ T5725] loop7: detected capacity change from 0 to 512
[  101.739533][ T5725] ext4: Unknown parameter 'noacl'
[  101.880052][   T19] usb 5-1: USB disconnect, device number 7
[  101.897776][ T5728] loop1: detected capacity change from 0 to 512
[  101.906706][ T5728] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  101.927612][ T5728] ext4 filesystem being mounted at /450/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  101.959612][  T292] EXT4-fs (loop1): unmounting filesystem.
[  102.022328][ T5741] binder: 5740:5741 ioctl c0306201 4000000003c0 returned -14
[  102.080347][ T5751] loop1: detected capacity change from 0 to 512
[  102.087127][ T5751] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  102.099150][ T5751] EXT4-fs (loop1): 1 truncate cleaned up
[  102.104700][ T5751] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  102.124829][ T5751] IPv6: sit4: Disabled Multicast RS
[  102.203267][  T292] EXT4-fs (loop1): unmounting filesystem.
[  102.311015][ T5790] loop1: detected capacity change from 0 to 512
[  102.320064][ T5790] EXT4-fs: Ignoring removed nobh option
[  102.325905][ T5790] EXT4-fs (loop1): Test dummy encryption mode enabled
[  102.336159][ T5795] device pim6reg1 entered promiscuous mode
[  102.336544][ T5792] loop7: detected capacity change from 0 to 16
[  102.344951][ T5790] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #12: comm syz.1.2248: inline data xattr refers to an external xattr inode
[  102.348803][ T5792] erofs: (device loop7): mounted with root inode @ nid 36.
[  102.363524][ T5790] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.2248: couldn't read orphan inode 12 (err -117)
[  102.381610][ T5790] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  102.386221][  T501] usb 3-1: USB disconnect, device number 5
[  102.417999][  T292] EXT4-fs (loop1): unmounting filesystem.
[  102.964329][ T5821] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2260'.
[  103.016964][ T5826] loop2: detected capacity change from 0 to 512
[  103.034048][ T5826] ext4: Unknown parameter 'noacl'
[  103.040666][ T5828] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2263'.
[  103.059656][ T5830] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2264'.
[  103.070699][ T5830] loop7: detected capacity change from 0 to 512
[  103.077522][ T5830] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  103.123524][ T5830] EXT4-fs error (device loop7): ext4_orphan_get:1400: inode #17: comm syz.7.2264: iget: bad i_size value: -6917529027641081756
[  103.152783][ T5830] EXT4-fs error (device loop7): ext4_orphan_get:1405: comm syz.7.2264: couldn't read orphan inode 17 (err -117)
[  103.165098][ T5830] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  103.209520][ T5255] EXT4-fs (loop7): unmounting filesystem.
[  103.263781][ T5859] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2278'.
[  103.337791][ T5870] loop4: detected capacity change from 0 to 128
[  103.346003][ T5870] EXT4-fs: Ignoring removed nobh option
[  103.356405][ T5870] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  103.363598][ T5876] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2285'.
[  103.365881][ T5870] ext4 filesystem being mounted at /510/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  103.377877][ T5876] loop6: detected capacity change from 0 to 512
[  103.390502][ T5876] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  103.396667][ T5873] device pim6reg1 entered promiscuous mode
[  103.411139][ T5876] EXT4-fs error (device loop6): ext4_orphan_get:1400: inode #17: comm syz.6.2285: iget: bad i_size value: -6917529027641081756
[  103.424561][ T5876] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.2285: couldn't read orphan inode 17 (err -117)
[  103.436620][ T5876] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  103.437880][  T295] EXT4-fs (loop4): unmounting filesystem.
[  103.455159][ T2164] EXT4-fs (loop6): unmounting filesystem.
[  103.499517][ T5888] serio: Serial port ptm0
[  103.510216][ T5889] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  103.601177][ T5905] loop7: detected capacity change from 0 to 128
[  103.608072][ T5905] EXT4-fs: Ignoring removed nobh option
[  103.616107][ T5905] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  103.624921][ T5905] ext4 filesystem being mounted at /77/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  103.637347][ T4829] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  103.671989][ T5255] EXT4-fs (loop7): unmounting filesystem.
[  103.736179][ T5912] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2299'.
[  103.838433][ T4829] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  103.850780][ T4829] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  103.859952][ T4829] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.867827][ T4829] usb 2-1: Product: syz
[  103.871746][ T4829] usb 2-1: Manufacturer: syz
[  103.876165][ T4829] usb 2-1: SerialNumber: syz
[  104.641282][ T5931] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  104.775313][ T5938] loop7: detected capacity change from 0 to 16
[  104.797543][ T5938] erofs: (device loop7): mounted with root inode @ nid 36.
[  104.871829][ T5945] loop6: detected capacity change from 0 to 128
[  104.885099][ T4829] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[  104.897377][ T4829] cdc_ncm 2-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048
[  104.905141][ T4829] cdc_ncm 2-1:1.0: setting rx_max = 2048
[  105.000656][ T5957] loop7: detected capacity change from 0 to 128
[  105.036868][ T5957] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  105.046515][ T5957] ext4 filesystem being mounted at /88/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  105.097528][ T5255] EXT4-fs (loop7): unmounting filesystem.
[  105.114888][ T5967] netlink: 96 bytes leftover after parsing attributes in process `syz.7.2320'.
[  105.189604][ T5979] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2327'.
[  105.206266][ T5983] xt_hashlimit: size too large, truncated to 1048576
[  105.258572][ T5988] loop6: detected capacity change from 0 to 256
[  105.277540][ T5988] exfat: Deprecated parameter 'utf8'
[  105.284807][ T5988] exfat: Deprecated parameter 'namecase'
[  105.287511][ T4829] cdc_ncm 2-1:1.0: setting tx_max = 88
[  105.290796][ T5988] exfat: Deprecated parameter 'utf8'
[  105.304931][ T5988] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  105.305908][ T4829] cdc_ncm 2-1:1.0 eth1: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  105.359099][ T4829] usb 2-1: USB disconnect, device number 11
[  105.365009][ T4829] cdc_ncm 2-1:1.0 eth1: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM (NO ZLP)
[  105.402970][   T28] kauditd_printk_skb: 67 callbacks suppressed
[  105.402987][   T28] audit: type=1326 audit(1742442846.350:8919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5991 comm="syz.7.2333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f604878d169 code=0x7fc00000
[  105.464954][   T28] audit: type=1400 audit(1742442846.390:8920): avc:  denied  { unlink } for  pid=85 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  105.495632][ T4828] ==================================================================
[  105.503527][ T4828] BUG: KASAN: use-after-free in __list_del_entry_valid+0xa6/0x130
[  105.511166][ T4828] Read of size 8 at addr ffff888120adccf0 by task kworker/1:9/4828
[  105.518888][ T4828] 
[  105.521082][ T4828] CPU: 1 PID: 4828 Comm: kworker/1:9 Not tainted 6.1.128-syzkaller-00024-g7da329f7cf91 #0
[  105.530781][ T4828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  105.540679][ T4828] Workqueue: events bpf_prog_free_deferred
[  105.546314][ T4828] Call Trace:
[  105.549437][ T4828]  <TASK>
[  105.552216][ T4828]  dump_stack_lvl+0x151/0x1b7
[  105.556734][ T4828]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  105.562028][ T4828]  ? _printk+0xd1/0x111
[  105.566021][ T4828]  ? __virt_addr_valid+0x242/0x2f0
[  105.570968][ T4828]  print_report+0x158/0x4e0
[  105.575303][ T4828]  ? __virt_addr_valid+0x242/0x2f0
[  105.580252][ T4828]  ? kasan_complete_mode_report_info+0x90/0x1b0
[  105.586325][ T4828]  ? __list_del_entry_valid+0xa6/0x130
[  105.591622][ T4828]  kasan_report+0x13c/0x170
[  105.595964][ T4828]  ? __list_del_entry_valid+0xa6/0x130
[  105.601262][ T4828]  __asan_report_load8_noabort+0x14/0x20
[  105.606726][ T4828]  __list_del_entry_valid+0xa6/0x130
[  105.611843][ T4828]  process_one_work+0x4d7/0xcb0
[  105.616528][ T4828]  worker_thread+0xa60/0x1260
[  105.621050][ T4828]  kthread+0x26d/0x300
[  105.624943][ T4828]  ? worker_clr_flags+0x1a0/0x1a0
[  105.629805][ T4828]  ? kthread_blkcg+0xd0/0xd0
[  105.634233][ T4828]  ret_from_fork+0x1f/0x30
[  105.638490][ T4828]  </TASK>
[  105.641351][ T4828] 
[  105.643517][ T4828] Allocated by task 4829:
[  105.647687][ T4828]  kasan_set_track+0x4b/0x70
[  105.652112][ T4828]  kasan_save_alloc_info+0x1f/0x30
[  105.657061][ T4828]  __kasan_kmalloc+0x9c/0xb0
[  105.661485][ T4828]  __kmalloc_node+0xb4/0x1e0
[  105.665911][ T4828]  kvmalloc_node+0x221/0x640
[  105.670339][ T4828]  alloc_netdev_mqs+0x8c/0xf90
[  105.674939][ T4828]  alloc_etherdev_mqs+0x36/0x40
[  105.679624][ T4828]  usbnet_probe+0x213/0x28a0
[  105.684054][ T4828]  usb_probe_interface+0x5b6/0xa90
[  105.688999][ T4828]  really_probe+0x2b8/0x920
[  105.693341][ T4828]  __driver_probe_device+0x1a0/0x310
[  105.698461][ T4828]  driver_probe_device+0x54/0x3d0
[  105.703320][ T4828]  __device_attach_driver+0x2e3/0x490
[  105.708528][ T4828]  bus_for_each_drv+0x183/0x200
[  105.713216][ T4828]  __device_attach+0x312/0x510
[  105.717815][ T4828]  device_initial_probe+0x1a/0x20
[  105.722674][ T4828]  bus_probe_device+0xbe/0x1e0
[  105.727277][ T4828]  device_add+0xb60/0xf10
[  105.731443][ T4828]  usb_set_configuration+0x190f/0x1e80
[  105.736734][ T4828]  usb_generic_driver_probe+0x8b/0x150
[  105.742036][ T4828]  usb_probe_device+0x144/0x260
[  105.746717][ T4828]  really_probe+0x2b8/0x920
[  105.751057][ T4828]  __driver_probe_device+0x1a0/0x310
[  105.756179][ T4828]  driver_probe_device+0x54/0x3d0
[  105.761042][ T4828]  __device_attach_driver+0x2e3/0x490
[  105.766248][ T4828]  bus_for_each_drv+0x183/0x200
[  105.770934][ T4828]  __device_attach+0x312/0x510
[  105.775534][ T4828]  device_initial_probe+0x1a/0x20
[  105.780393][ T4828]  bus_probe_device+0xbe/0x1e0
[  105.784994][ T4828]  device_add+0xb60/0xf10
[  105.789167][ T4828]  usb_new_device+0xf2f/0x1820
[  105.793852][ T4828]  hub_event+0x2db1/0x4830
[  105.798102][ T4828]  process_one_work+0x73d/0xcb0
[  105.802788][ T4828]  worker_thread+0xa60/0x1260
[  105.807301][ T4828]  kthread+0x26d/0x300
[  105.811206][ T4828]  ret_from_fork+0x1f/0x30
[  105.815459][ T4828] 
[  105.817627][ T4828] Freed by task 4829:
[  105.821447][ T4828]  kasan_set_track+0x4b/0x70
[  105.825874][ T4828]  kasan_save_free_info+0x2b/0x40
[  105.830735][ T4828]  ____kasan_slab_free+0x131/0x180
[  105.835713][ T4828]  __kasan_slab_free+0x11/0x20
[  105.840280][ T4828]  __kmem_cache_free+0x21d/0x410
[  105.845055][ T4828]  kfree+0x7a/0xf0
[  105.848614][ T4828]  kvfree+0x35/0x40
[  105.852260][ T4828]  netdev_freemem+0x3f/0x60
[  105.856600][ T4828]  netdev_release+0x7f/0xb0
[  105.860941][ T4828]  device_release+0x95/0x1c0
[  105.865364][ T4828]  kobject_put+0x178/0x260
[  105.869619][ T4828]  put_device+0x1f/0x30
[  105.873612][ T4828]  free_netdev+0x393/0x480
[  105.877864][ T4828]  usbnet_disconnect+0x25f/0x3b0
[  105.882638][ T4828]  usb_unbind_interface+0x1fa/0x8c0
[  105.887672][ T4828]  device_release_driver_internal+0x53e/0x870
[  105.893576][ T4828]  device_release_driver+0x19/0x20
[  105.898521][ T4828]  bus_remove_device+0x2fa/0x360
[  105.903295][ T4828]  device_del+0x663/0xe90
[  105.907459][ T4828]  usb_disable_device+0x380/0x720
[  105.912322][ T4828]  usb_disconnect+0x32a/0x890
[  105.916834][ T4828]  hub_event+0x1ed8/0x4830
[  105.921086][ T4828]  process_one_work+0x73d/0xcb0
[  105.925773][ T4828]  worker_thread+0xd71/0x1260
[  105.930285][ T4828]  kthread+0x26d/0x300
[  105.934192][ T4828]  ret_from_fork+0x1f/0x30
[  105.938446][ T4828] 
[  105.940617][ T4828] Last potentially related work creation:
[  105.946171][ T4828]  kasan_save_stack+0x3b/0x60
[  105.950685][ T4828]  __kasan_record_aux_stack+0xb4/0xc0
[  105.955891][ T4828]  kasan_record_aux_stack_noalloc+0xb/0x10
[  105.961542][ T4828]  insert_work+0x56/0x310
[  105.965698][ T4828]  __queue_work+0x9b6/0xd70
[  105.970043][ T4828]  queue_work_on+0x105/0x170
[  105.974470][ T4828]  usbnet_link_change+0x182/0x1a0
[  105.979342][ T4828]  usbnet_probe+0x1e1e/0x28a0
[  105.983846][ T4828]  usb_probe_interface+0x5b6/0xa90
[  105.988788][ T4828]  really_probe+0x2b8/0x920
[  105.993132][ T4828]  __driver_probe_device+0x1a0/0x310
[  105.998252][ T4828]  driver_probe_device+0x54/0x3d0
[  106.003110][ T4828]  __device_attach_driver+0x2e3/0x490
[  106.008320][ T4828]  bus_for_each_drv+0x183/0x200
[  106.013001][ T4828]  __device_attach+0x312/0x510
[  106.017604][ T4828]  device_initial_probe+0x1a/0x20
[  106.022464][ T4828]  bus_probe_device+0xbe/0x1e0
[  106.027076][ T4828]  device_add+0xb60/0xf10
[  106.031229][ T4828]  usb_set_configuration+0x190f/0x1e80
[  106.036613][ T4828]  usb_generic_driver_probe+0x8b/0x150
[  106.041907][ T4828]  usb_probe_device+0x144/0x260
[  106.046594][ T4828]  really_probe+0x2b8/0x920
[  106.050931][ T4828]  __driver_probe_device+0x1a0/0x310
[  106.056051][ T4828]  driver_probe_device+0x54/0x3d0
[  106.060914][ T4828]  __device_attach_driver+0x2e3/0x490
[  106.066123][ T4828]  bus_for_each_drv+0x183/0x200
[  106.070912][ T4828]  __device_attach+0x312/0x510
[  106.075512][ T4828]  device_initial_probe+0x1a/0x20
[  106.080372][ T4828]  bus_probe_device+0xbe/0x1e0
[  106.084972][ T4828]  device_add+0xb60/0xf10
[  106.089141][ T4828]  usb_new_device+0xf2f/0x1820
[  106.093738][ T4828]  hub_event+0x2db1/0x4830
[  106.097991][ T4828]  process_one_work+0x73d/0xcb0
[  106.102678][ T4828]  worker_thread+0xa60/0x1260
[  106.107191][ T4828]  kthread+0x26d/0x300
[  106.111213][ T4828]  ret_from_fork+0x1f/0x30
[  106.115356][ T4828] 
[  106.117554][ T4828] The buggy address belongs to the object at ffff888120adc000
[  106.117554][ T4828]  which belongs to the cache kmalloc-4k of size 4096
[  106.131416][ T4828] The buggy address is located 3312 bytes inside of
[  106.131416][ T4828]  4096-byte region [ffff888120adc000, ffff888120add000)
[  106.144796][ T4828] 
[  106.146963][ T4828] The buggy address belongs to the physical page:
[  106.153215][ T4828] page:ffffea000482b600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x120ad8
[  106.163281][ T4828] head:ffffea000482b600 order:3 compound_mapcount:0 compound_pincount:0
[  106.171443][ T4828] flags: 0x4000000000010200(slab|head|zone=1)
[  106.177354][ T4828] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100043380
[  106.185768][ T4828] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[  106.194186][ T4828] page dumped because: kasan: bad access detected
[  106.200439][ T4828] page_owner tracks the page as allocated
[  106.205985][ T4828] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 294, tgid 294 (syz-executor), ts 22505321262, free_ts 0
[  106.226124][ T4828]  post_alloc_hook+0x213/0x220
[  106.230723][ T4828]  prep_new_page+0x1b/0x110
[  106.235061][ T4828]  get_page_from_freelist+0x3a98/0x3b10
[  106.240444][ T4828]  __alloc_pages+0x234/0x610
[  106.244954][ T4828]  alloc_slab_page+0x6c/0xf0
[  106.249381][ T4828]  new_slab+0x90/0x3e0
[  106.253315][ T4828]  ___slab_alloc+0x6f9/0xb80
[  106.257713][ T4828]  __slab_alloc+0x5d/0xa0
[  106.261880][ T4828]  __kmem_cache_alloc_node+0x207/0x2a0
[  106.267175][ T4828]  __kmalloc_node_track_caller+0xa2/0x1e0
[  106.272727][ T4828]  __alloc_skb+0x125/0x2d0
[  106.276983][ T4828]  rtmsg_ifinfo_build_skb+0x7f/0x180
[  106.282103][ T4828]  rtmsg_ifinfo+0x78/0x120
[  106.286357][ T4828]  register_netdevice+0x11cf/0x1490
[  106.291389][ T4828]  register_netdev+0x3c/0x50
[  106.295826][ T4828]  sit_init_net+0x244/0x500
[  106.300244][ T4828] page_owner free stack trace missing
[  106.305450][ T4828] 
[  106.307620][ T4828] Memory state around the buggy address:
[  106.313093][ T4828]  ffff888120adcb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  106.320992][ T4828]  ffff888120adcc00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  106.328898][ T4828] >ffff888120adcc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  106.336982][ T4828]                                                              ^
[  106.344539][ T4828]  ffff888120adcd00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  106.352437][ T4828]  ffff888120adcd80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  106.360330][ T4828] ==================================================================
[  106.368231][ T4828] Disabling lock debugging due to kernel taint
[  106.375807][   T28] audit: type=1326 audit(1742442847.330:8921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5991 comm="syz.7.2333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f604878d169 code=0x7fc00000
[  106.567352][  T501] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  106.748405][  T501] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  106.759131][  T501] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  106.768688][  T501] usb 5-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00
[  106.777501][  T501] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.785807][  T501] usb 5-1: config 0 descriptor??
[  107.193428][  T501] hid-generic 0003:258A:0036.0008: item fetching failed at offset 5/7
[  107.201660][  T501] hid-generic: probe of 0003:258A:0036.0008 failed with error -22
[  107.395653][ T4829] usb 5-1: USB disconnect, device number 8