last executing test programs:

21m17.048582921s ago: executing program 32 (id=58):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x0, 0x8, 0x8004, 0x0, 0x9, 0xda, 0x2, 0xfa11, 0x7}, 0x0)
r2 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x54})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsopen(&(0x7f0000000000)='cifs\x00', 0x0)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000002140)=ANY=[])

20m45.069720934s ago: executing program 33 (id=104):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setfsgid(0xee01)
r3 = syz_open_procfs(0x0, &(0x7f0000000100)='task\x00')
fchdir(r3)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x800000, 0x0)
r4 = syz_clone(0x20100000, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = syz_open_procfs(r4, &(0x7f0000000240)='wchan\x00')
pread64(r5, &(0x7f0000000100)=""/45, 0x2d, 0x40000000009)

20m16.350236831s ago: executing program 34 (id=150):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x2, 0x7f61, 0x1, 0xc5, 0xe23, 0x3, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000540)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0x80000, {0x0, 0x0, 0x0, r3, {}, {0x5, 0xb}, {0xffe0, 0x3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0x1, 0x406, 0x1, 0xffffffff, 0x9}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$kcm(r5, &(0x7f0000000280)={&(0x7f0000000380)=@xdp={0x2c, 0xdd86, r7, 0x3e}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x5)

18m49.339770683s ago: executing program 35 (id=242):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xa031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
setgroups(0x24, 0xffffffffffffffff)

18m8.996383601s ago: executing program 36 (id=285):
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
socket$inet6(0xa, 0x802, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0xa2203, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000000c0), 0x2, 0x149882)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7ffffcb9}]})
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)

17m54.85193422s ago: executing program 37 (id=305):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$vcsu(0xffffffffffffff9c, 0x0, 0x12202, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000180))
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0, 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_MSG_GETSETELEM(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000005500)=ANY=[@ANYBLOB="e41100000d0a010800000000000000000a0000010900020073797a31000000000900010073797a3100000000b81103800c0000"], 0x11e4}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2a, 0xa9}, 0x0)
sendmsg$IPCTNL_MSG_EXP_GET(r1, &(0x7f00000004c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000003c0)={0x38, 0x1, 0x2, 0x300, 0x0, 0x0, {0x5, 0x0, 0xa}, [@CTA_EXPECT_HELP_NAME={0xf, 0x6, 'tftp-20000\x00'}, @CTA_EXPECT_NAT={0x8, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_TUPLE={0x4}]}, @CTA_EXPECT_HELP_NAME={0x9, 0x6, 'snmp\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x4004000}, 0x20004001)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x8000102)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000000a00))
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
sendfile(r3, r3, 0x0, 0x200000)

17m0.825409712s ago: executing program 38 (id=364):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)
sendmsg$tipc(r3, &(0x7f0000000540)={&(0x7f00000001c0)=@name={0x1e, 0x2, 0x2, {{0x42}, 0x2}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4040000}, 0x10)

16m6.22707484s ago: executing program 39 (id=411):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(0xffffffffffffffff, 0xc0406400, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$kcm(0x10, 0x2, 0x4)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
sendmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000001c0)="39000000140081ae0000dc676f97daf01e2357f9ffffffffffffff0521018701546fabca1b4e8a06a6580e88370200c54c1960b89c40ebb373", 0x39}], 0x1}, 0x0)

14m46.828566966s ago: executing program 40 (id=520):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x6)
fcntl$lock(0xffffffffffffffff, 0x22, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x2})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x11c0, 0x80000)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file4\x00', &(0x7f0000000380)={0x8a001, 0x0, 0x12}, 0x18)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$setregs(0x2, r1, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x650ce4b086bd444b)
sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$VIDIOC_S_INPUT(0xffffffffffffffff, 0xc0045627, &(0x7f00000002c0))
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, 0x0, 0x0)

14m44.942785698s ago: executing program 41 (id=508):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
getpid()
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee7, 0x10010, 0xffffffffffffffff, 0xffffe000)
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/diskstats\x00', 0x0, 0x0)
r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
sendfile(r4, r3, 0x0, 0x7ffff000)

14m37.630369554s ago: executing program 42 (id=526):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x20132, 0xffffffffffffffff, 0xb29d3000)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_serviced\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000500)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6ce2c9b0, 0xfa11, 0xffffffff}, 0x0)
mount_setattr(0xffffffffffffffff, 0x0, 0x1000, &(0x7f0000000400)={0x81, 0x8, 0x100000}, 0x20)
mmap(&(0x7f00009bf000/0x3000)=nil, 0x3000, 0xf, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000e39000/0x3000)=nil, 0x3000, 0x0, 0x4, 0x100)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x20132, 0xffffffffffffffff, 0xb299b000)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r3 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2)
ioctl$FE_SET_FRONTEND(r3, 0x40246f4c, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0x208e24b)

13m46.432166364s ago: executing program 43 (id=576):
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r0 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x10, &(0x7f0000000100)={[{@dioread_lock}]}, 0x5, 0x7e5, &(0x7f00000018c0)="$eJzs3ctrW9kZAPDvyvKjTlK7UGjSlaHQGoLlOnWTFrpI6aIUGgi06yZCVkxq2QqWHGJjSEMpdFNoQxeFdpN12qa7btuZ7cy/MLMZhiEhM+OESZjF4OHqEcu25MgZWZqJfz+49jn3oXO++zj3yPdwHcCxNZX+yESciYg/JxETjflJRAzXUtmIi/X1nm1tFtIpie3tX32U1NZ5urVZiJZtYnw8TjQypyPijT9EnM3sL7eyvrGUL5WKq438bHX5xmxlfWPm+nJ+sbhYXDk/Nz9/7sIPL4z2LtZP3t44+egvP//evy9++vtvPfjTm0lcjJONZa1x9MpUTNX3SQynu3CXn/W6sAFLBl0BXkl6aQ7Vr/I4ExPZGOl+2+xRVgwAODK3I2IbADhmEvd/ADhmmn8HeLq1WUin7duD/XtEvz3+aUSM1eNvPt+sL8k2ntmN1Z6Djj9Ndj3vSCJisgflT0XEP/77m3+mUxzRc0iAdn53JyKuTk412/+d9ifZN2ahrvsBGd9vJg4YHDC1J6/9g/75X9r/+dFO/2/n+su86P9Em/7PaJtr91VMxe4RJ/uv/8zDHhTTUdr/+8nwzti2Zy3xN0wONXKnan2+4eTa9VIxbdu+HhHTMTya5ufaf3xteNn0k8+e7JrbEnFr/+/ju7+9n5af/t5ZI/Mwu6fJXchX872IPfX4TsS3s+3iT14c/6RD//dyl2X84sd//HunZWn8abzNaXf8Rz+qbPtexHejffxNyUHjE8/P1k6H2eZJ0cZ/3vvbeKfyW49/OqXl178LnOp9sG2kx3/84Pgnk9bxmpXDl/HWvYn/d1rWOf6m9uf/SPLrWrp5Kd3KV6urcxEjyS/3zz+3s20z31w/jX/6O+2v/4PO//Q74dUu488++vBfL42/OWNf/A1jXRZ2SGn8C4c6/m0T6VfhDovypQfPloY6ld/d8Z9PE0PTjTndtH8da5ovlUZa1nnlHQcAAAAAAAAAAAAAAAAAAAAAAAAAh5CpvaQ0yeRepDOZXC5q/8P7mzGeKZUr1bPXymsrC/WXmU7G8GhE1F51OdHyPtS5xvvwm/lze/I/iIhvRMRfR79Wy+cK5dLCoIMHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIYTHf7/f+qD0frv5wOtIQBwJMZeusaTYl8qAgD0zcvv/xExevT1AAD6p6v7PwDwWnH/B4DjZywz6BoAAP02FpEddB0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4rV2+dCmdtp9vbRbS/MLN9bWl8s2ZhWJlKbe8VsgVyqs3covl8mKpmCuUl1s2fafd55XK5RvzsbJ2a7ZarFRnK+sbV5bLayvVK9eX84vFK8XhvkUGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN2rrG8s5Uul4mojcX88YvecPiWGGhXq5SfPnOx3FP1IbE/U99SXpT49T4ztnfP+zLunD9rq7r7TWOILJwbZKgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8dXweAAD//9GqGUs=")
open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc)
r1 = open(&(0x7f0000000140)='./file1\x00', 0x66842, 0x2)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1a00, 0x0, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0xfffffd10, &(0x7f0000000200)=0x2000000000006)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000004c00)=""/102392, 0x18ff8)
r3 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, 0x0, 0x310)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x402, 0x0)

13m43.864470214s ago: executing program 44 (id=581):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000300), 0x2166994bd8d20fda, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000280)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f0000000000)={0xc, r1})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r4 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
ftruncate(r4, 0xffff)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000000), 0x4)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40)

13m30.474230405s ago: executing program 45 (id=597):
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000580)='./file0\x00', 0x2000006, &(0x7f0000000280)=ANY=[@ANYBLOB='utf8=0,uni_xlate=0,shortname=winnt,rodir,codepage=862,shortname=lower,quiet,shortname=winnt,shortname=win95,iocharset=cp932,rodir,\x00ni_xlate=1,nonumtail=0,shortname=winnt,nonumtail=0,\x00'], 0x25, 0x365, &(0x7f0000000a00)="$eJzs3U9oHNUfAPDvdpJsGtpfcvhB0dPqTRBpKoJ6SigVijloZfHfxcWmWrNrIYsL6SGbvSjFk+JF0JO3HvTYs3gQ8ebBqxakKl7sRQoNjuzu7OxsdqPJYWOLn88hfPN97zvvzcwjMwnJy2vt2Lg4G5du374V8/OlmFk5uxJ3SrEUxyKJvp2Y6P25yXkA4B53J03j97Tvn3t/uDCIPPsB4P7Ve/6/cXKYKB+i+NqJaUwJAJiyA37//9zE7JWpTQsAmKKx5//DI817fsw/k/9OAABw/3rh5VeeXV2LuFCpzEc03mtVW9V4eti+eikuRz3W43Qsxm5E/0Wh/7bQ/fjM+bVzpytdPy9FtVvRqkY02q1q/01hNYnLaT3KsRyLsZTVp3l90q1f7tVXImKn3Rs/GqVWdTYWsvF/WIj1OBOL8f+x+ojza+fOVLIDVBuD+nZEJ+YHJ9GdfxKL8d3rcSXqcTG6tcP5by9XKmfTtZH61vVyrx8AAAAAAAAAAAAAAAAAAAAAAEzDY5XcUr7/Tdpot969MNLhZtY/3x+n2v882x+o098fKC0Pdue5luzdH2h0f55WdSaO/WtnDQAAAAAAAAAAAAAAAAAAAPeW5tZc1Or19c3m1tWNYtAuZN7+5vOvjsegaSYrfSsZVkWWXN9szuZHHnQsHDmJfIg0L0+TkT5ZkEQMOu/Urt/IZ1zsU87HGivvBuWxplI2p1q9fvKhnz6ZVPVnN9jpZZIYuyyjQSkbv9DU+F83MR8Ru/tV7R+UJ9+LPPgjTdP9yrc/Hq+KUsRMHHoaBwi+vvXmA483Tz3Ry3yZbfrwyKOLL/740We/btTq0elfmXp9brO5m04+zoni3enOdbxPUlg/pew6lyashMlBZ5jpbDa3asn3v7304Aff7umcTF4/aTHzzv5jfbE3M9cPShFLg4vwd1OdnbD4u8GTo7fy6kbt1bv56j38jTv16UrtxvbNXw5aVfgiYaMOAAAAAAAAAAAAAAAAAAA4EoU/MD6Ep56f3owAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OgN//9/IeiMZQ4S3G3HeFN5fbO57+DHj/RUAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4D/srAAD//xu8baw=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x8528c000)
socket(0x1e, 0x4, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x0, 0x0)
creat(0x0, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)

11m21.168306566s ago: executing program 46 (id=732):
r0 = socket(0x40000000015, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$ax25(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x2f00020b, 0x0, 0x0, 0x0, 0x0, 0x7515, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000640)={r4}, 0x4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r5, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x4a0802, 0x0)
close(r0)

10m0.052998971s ago: executing program 47 (id=813):
socket$inet6_udp(0xa, 0x2, 0x0)
syz_emit_ethernet(0x4a, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r0, &(0x7f0000048040)=""/102392, 0x18ff8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
prctl$PR_GET_SPECULATION_CTRL(0x35, 0x0, 0x10)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
preadv(r1, &(0x7f0000000340)=[{&(0x7f0000000180)=""/112, 0x70}], 0x1, 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000640)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000580)={&(0x7f0000000080)=[r3], 0x1, 0x0, 0x0, 0x3, 0x0, 0xffffffff, 0x804, {0xac7c, 0x1, 0x3, 0x67, 0xf4b, 0x1, 0x2, 0x5, 0x412f, 0xc154, 0x1000, 0x7f, 0x6, 0xffffffff, "fe1d00003413000000000020b42717e47f00"}})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x4040850)

9m56.82840394s ago: executing program 48 (id=803):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r4}, &(0x7f0000000180)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r3, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r5, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x1, 0x3000)

8m49.859637407s ago: executing program 49 (id=871):
mount$fuse(0x0, 0x0, 0x0, 0x10, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
getsockopt$sock_buf(r0, 0x1, 0x3b, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x5, 0x0, &(0x7f00000002c0)="5c2053a401", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x4c)
r2 = syz_io_uring_setup(0x54d, &(0x7f0000000040)={0x0, 0x735a, 0x100, 0x805, 0x350}, &(0x7f0000000100)=<r3=>0x0, &(0x7f00000001c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x5}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
io_uring_enter(r2, 0x47bc, 0x0, 0x0, 0x0, 0x0)

8m31.47580578s ago: executing program 50 (id=896):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$kcm(0x29, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r5 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r5, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x20000811)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000000040)={r5, r4})
sendmsg$kcm(r3, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000002000)=[{&(0x7f0000000880)="1a", 0x100000}], 0x1}, 0x0)

6m52.545392889s ago: executing program 51 (id=1027):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000197, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
fchdir(0xffffffffffffffff)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r3, &(0x7f0000000100)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x60)

6m11.193980575s ago: executing program 4 (id=1094):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee7, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x40, &(0x7f0000000780)=@raw={'raw\x00', 0x4001, 0x3, 0x380, 0x1e8, 0xb, 0x148, 0x0, 0x148, 0x2e8, 0x240, 0x240, 0x2e8, 0x215, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth0\x00', {}, {}, 0x11}, 0x2e8, 0x180, 0x1e8, 0x0, {0xff0f000000000000}, [@common=@inet=@multiport={{0x50}, {0x2, 0xb, [0x4e20, 0x4e23, 0x4e22, 0x4e24, 0x4e24, 0x4e24, 0x4e22, 0x4e23, 0x4e21, 0x4e20, 0x3, 0x4e22, 0x4e23, 0xeac, 0x4e23], [0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1]}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "d40b98e613e5c0d53fa5668bfbd8659b9ba9affcbed065733d0012e401764f592fc2c2bfb0e657e39980dd3655cfdfebceab664ab18605949120401237b982613cbdde69fbfbd40e9505ea3909a03f93f0be8cd9870b50e1d8a655f0a2cc7dba129d9af19184e11feeab1ddd11aa07abfef2f0ace242261fac91893e25989bb2", 0x4, 0x8a119efdab096be9}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}, {{@ip={@broadcast, @broadcast, 0x0, 0x0, 'team0\x00', 'netpci0\x00'}, 0xec010000, 0x98, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x3, 0x8, 0x1, '\x00', 'syz0\x00', {0x8}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3e0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0, 0x2a, 0x0, 0x1}, 0x28)
sched_setscheduler(0x0, 0x2, 0x0)
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r5, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x300, 0x3f, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe07, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3})

6m8.770305842s ago: executing program 4 (id=1085):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, 0x0, 0xc0d0)
syz_clone3(0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r4, 0x84, 0x15, &(0x7f00000000c0)={0xa}, 0x1)
sendto$inet6(r4, &(0x7f0000000040)='l', 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

6m5.867179319s ago: executing program 4 (id=1088):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e25}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)={0x2, 0x3, 0x0, 0x2, 0x10, 0x0, 0x0, 0x0, [@sadb_key={0x2, 0x8, 0x8, 0x0, "a3"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x9}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}]}, 0x80}, 0x1, 0x7}, 0x0)
rt_sigtimedwait(&(0x7f0000000000)={[0x86]}, 0x0, 0x0, 0x8)

6m3.838414993s ago: executing program 4 (id=1091):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x3, 0xff)
syz_io_uring_submit(0x0, 0x0, 0x0)
connect$inet6(r2, &(0x7f0000000480)={0xa, 0xfffe, 0x3, @mcast1, 0x5}, 0x1c)
r3 = dup2(r2, r2)
sendmmsg$unix(r3, &(0x7f0000008380), 0x400000000000174, 0x4008890)
sendmsg$NL80211_CMD_ASSOCIATE(0xffffffffffffffff, 0x0, 0x20008041)
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r4, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x1}, 0x8)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
unshare(0x64000600)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$IPT_SO_GET_ENTRIES(r5, 0x0, 0x41, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0)

5m45.142642459s ago: executing program 52 (id=1091):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x3, 0xff)
syz_io_uring_submit(0x0, 0x0, 0x0)
connect$inet6(r2, &(0x7f0000000480)={0xa, 0xfffe, 0x3, @mcast1, 0x5}, 0x1c)
r3 = dup2(r2, r2)
sendmmsg$unix(r3, &(0x7f0000008380), 0x400000000000174, 0x4008890)
sendmsg$NL80211_CMD_ASSOCIATE(0xffffffffffffffff, 0x0, 0x20008041)
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r4, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x1}, 0x8)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
unshare(0x64000600)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$IPT_SO_GET_ENTRIES(r5, 0x0, 0x41, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0)

5m39.941638271s ago: executing program 53 (id=1106):
sendmsg$unix(0xffffffffffffffff, 0x0, 0xc800)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x100008b}, 0x0)
r0 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$set_timeout(0xf, r0, 0x0)
timer_settime(0x0, 0x1, 0x0, 0x0)
timer_settime(0x0, 0x1, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000200)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, 0x0)
ioctl$IOMMU_VFIO_IOAS$SET(r2, 0x3b88, &(0x7f0000000140)={0xc, r3})
ioctl$IOMMU_VFIO_SET_IOMMU(r2, 0x3b66, 0x1)
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r2, 0x3b72, &(0x7f0000000440)=ANY=[])

4m53.742924413s ago: executing program 7 (id=1174):
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0xa)
r4 = dup(r3)
r5 = open(0x0, 0x109cc2, 0x5c)
fcntl$getown(r2, 0x9)
ioprio_get$pid(0x1, r0)
sendfile(r4, r5, 0x0, 0x80001d00c0d1)

4m38.098211851s ago: executing program 54 (id=1174):
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0xa)
r4 = dup(r3)
r5 = open(0x0, 0x109cc2, 0x5c)
fcntl$getown(r2, 0x9)
ioprio_get$pid(0x1, r0)
sendfile(r4, r5, 0x0, 0x80001d00c0d1)

4m3.663313777s ago: executing program 5 (id=1250):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x6a, 0x4)
bind$inet(r3, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r3, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback}, 0x10)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x81}]}, 0x10)
sendto(r3, &(0x7f0000000900)="50fbdf12a30d7a48b2c5c84948f3426077a9f0ca1475183db3ae52a6b2cdb77ef9af2a603a3e78e0355c09f3bdec242443011f0101251bcef800000000000000006dd50205000000a335445845ad1eaedbe2a4242113527efa170af26f1725", 0x5f, 0x4008044, 0x0, 0x0)
sendto$inet(r3, &(0x7f00000002c0)="01a4acc7cf28ab9f6c7fc745c30bfc165466072a660bbf56352083db9d40454a67f8010000004bd29585885c89773ca3ba28a1e85ffe2a9220e0ecd440e345b745bf2146835ad015c801f95be5b890e44fb3dfbe8e88a1e5176e584c970207f23b0073ca5375abddf56331be396eaa2398ea66b93a74fd4147e826abed1b5d1de578682288c19ac23c1ccc1cdd936d2571c3510b0000000000000000000000000000000000f32bb3874c926a8944caa4677d2eae3bc831e748000000", 0xfffffffffffffe88, 0x0, 0x0, 0x0)

4m0.690820162s ago: executing program 5 (id=1252):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
syz_mount_image$xfs(&(0x7f0000000040), &(0x7f0000009740)='./file0\x00', 0x4000000, &(0x7f0000000180)={[{@pquota}, {@discard}, {@nolargeio}, {@lazytime}, {@nogrpid}, {@bsdgroups}, {@quota}, {@nolazytime}]}, 0x1, 0x97ee, &(0x7f0000012f40)="$eJzs3QW8rGWheP994ACHDkGwACkxSQkD6VBESVFCkJYUEAGlQwkVFAEFFFCQ7u4u6e7u7o7/58AB8bjgcn9/74XLWuvj2bNn5t2zn3m+87zu2e9mZsl5F51zYGCcgTd68/SfnbPr7csuNuaC6x678+Dr9tphoYeGXTzyGyfjzj7sdI5hp3MODAwMGnY7g964bPBsxxw7wsDggaH/+2djjDraCGMMDIw27Oyw2xmY+Y2T0fd/c7vXhosHOunQb7f9G/9eb8yhNzL0k6WXe2WtgYGBIW/7+qHjmvbf7qi0JeeYb95/Wr3lNsKwqwf987rXTwe/8W/0fQcGRt974J0fH0O3HeltX/u/2dDvOc7kA4vf/j587/9zLTnHfAsM5z90LY447LKZh67x4degseEf5zssuvoDw6Zw0LCJG/y29fJ+PO7/n1pyjnkXHHjndTyw0Dyb3P/a6/vNwXMPDAyeZ2Bg8LwDA4Pne7896j/T+/rgq6qqqvelOeacYehz9hGG+3lgyJs/19LPhRe8PN3dAwODF3rjeeLg5d58LlhVVVVVVVVVH8zmmHOGueD5/zjv9vx/0pO3Hrfn/1VVVVVVVVX/d1pgjjlnGPpcf7jn/xO92/P/xx88dL83/vZ/9pnf+KpX3987UVVVVVVVVVXv2rwL4PP/Sd/t+f9Fx0x6ac//q6qqqqqqqv7vtMhrr7222dteZ2/YxVO/eT09/z/1vluXed8GXFVVVVVVVVX/7V595KTT/vma7xMPDPd676837PcCg4444/LL37eBfjAa9O+/D9n8/R7T/9+GOg85aNKBgbUWf7+HUu9D/2deq77+R8rfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/MW9w/H/t17//9SjVnjzveA/M+UM15/0z698/b3/By+0wCNbvE9Dfz/6sB7/H1ht0MDAMN9xVhsYGFhojkUWm3pgYOCk62eYcoqBt66bZeh1Xx1vxNffIP7N/0xknnH5hjef7I3ToQ+UgfHfuo0jXr/9BV7bZ8RBww3ibY173H77rbrkczMOfzrVO9+PEd76bMxjH3zzv2UZYbiNhrzDF795+2/el+Gdh4196qFjn2b9NdeZZr2NNv7iamsuv8pKq6y01qzTzzTdjLPOOtNM06y82horTfvGx3eas0lf/zjXe5mzMYafs0fmePucDX/f3mnOJn33OXv9Fne5cMg33pyzwf/NOZvr3eds0tWGfaNxZx9pYLnX52bQwMC4c480sOHQM9ONMjAw7jzDtp1o6LZfG2+EgYGd/nlHh342yluPwUGbD91myXkXnfON3dTAwD9P/9k7vJ/9yMNGPvuw0zmGnc75xrcZZ+CfD8XBsx1z7AhD5+JfpmOMUUcbYYyBgdGGnR12OwOzvnEy2slvbvcO77M+3EBff5mV7d/493pjDgwMjD70k4mXP3WboVP/v/A+7f9P////b16zDHrr8Tho2L9h27zhNcd8C/zze70+DUPnbsRhl8081OQ//Nb2/9K/jXfSIQOTvst43+V1cV6PHl9rnDTBlv+p18Wh8U70LuN9l9fxfcfxLnH37g+8cVP/sfEOt69b8PWPs7+Xfd3Au+/rRqQbWOmSTw2/r/vWOw/xX3aXb87RKMNt9E77uon2nGTzobc/+7vv6xYcOvaR/mVfN8LAwLhzvbmvG7rjm3ekgZ2Gnpl+6Jn5Rho4YOiZGV4/M+rAGUPPfGmFtddYcegF8//742DqQf/yB5qwzuYdbp0Nett9HzTc33cOfuN09H3ffA+nd9hvDhp2t/7LfQU9bsd5l/G+y/tP4TwPvWzFI4dM8J96/yka75B3H+87vV/2O453x2dPvf0/PN631tlIb5uu+d/LOpv0X9fZ0Ls44ttWxnv9OWxF2P6Nzyd669Y22PTBt36mGGm42/2vfqaY/93X2TirDfd12+09MOjd5ma+9zI3n/y3fdAWb5+b9/rz1tSTv3H9iO8yN6PMuuxUb87NyP/NuZnvvzs3sw+M+K9zM3hgnoGBgSmG7R/mfS9zM9G7z817fdyMBtu/8flKb1009w4Hnffm3Aw/F//V3Mz7352bSd963Ezx+nWTjTAw8sgDGy6//vrrTvfGxzfPTv/Gx3dfg3O/l7kc5z8zlx8f/E5z+c+H6hh3X7rvf7EG/22f/ubtz/3fncuBt+ZyYLXhF0t9UOv3f+7yd5e/u/zd5e8uf3f5i3uH4/9vvf7/buN8dedhv9wY6dJJJtz2/R7v+9yH+vj/MN9/Of6/7YSTXDrCwFvXvevx2Te2+UAen535jZPR939zu+GPD/JA3/n47N6zzrz1/9Lx2f+n3lyr7+H3cO3/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uLe4fj/tG/+HcB90y385LADoSM9tNVSC7/f432f+1Af/x/m+y/H/xdeaquHRhh467p3Pf7/xjaO4/93vjTvjh/k4/9vrtWO/9d/Uf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3lL+4djv/P/ubfARx66O4bv/n3AFePu/1J7/d43+c+rMf/e/9/b+3/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uKGHf8fGO7tLb/b4wKD4///t3sH/4Xzxyz+i+SPWfwXzR+z+C+WP2bxXzx/zOK/RP6Yxf97+WMW/yXzxyz+388fs/j/IH/M4r9U/pjFf+n8MYv/MvljFv9l88cs/j/MH7P4L5c/ZvFfPn/M4v+j/DGL/wr5Yxb/FfPHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4r9a/pjF/8f5Yxb/1fPHLP5r5I9Z/NfMH7P4r5U/ZvFfO3/M4r9O/pjF/yf5Yxb/dfPHLP7r5Y9Z/NfPH7P4/zR/zOK/Qf6Yxf9n+WMW/w3zxyz+G+WPWfw3zh+z+P88f8zi/4v8MYv/JvljFv9N88cs/pvlj1n8N88fs/hvkT9m8d8yf8ziv1X+mMV/6/wxi/82+WMW/23zxyz+v8wfs/j/Kn/M4r9d/pjFf/v8MYv/DvljFv8d88cs/r/OH7P4/yZ/zOL/2/wxi/9O+WMW/53zxyz+v8sfs/j/Pn/M4r9L/pjF/w/5Yxb/XfPHLP675Y9Z/HfPH7P4/zF/zOL/p/wxi/8e+WMW/z3zxyz+e+WPWfz/nD9m8f9L/pjFf+/8MYv/PvljFv9988cs/n/NH7P4/y1/zOK/X/6YxX///DGL/9/zxyz+B+SPWfwPzB+z+B+UP2bxPzh/zOJ/SP6Yxf/Q/DGL/2H5Yxb/w/PHLP5H5I9Z/I/MH7P4H5U/ZvE/On/M4n9M/pjF/9j8MYv/cfljFv/j88cs/ifkj1n8T8wfs/iflD9m8T85f8zif0r+mMX/1Pwxi/9p+WMW/9Pzxyz+Z+SPWfzPzB+z+J+VP2bxPzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4X5I9Z/C/MH7P4X5Q/ZvH/R/6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvG/Mn/M4n9V/pjF/+r8MYv/NfljFv9r88cs/tflj1n8r88fs/jfkD9m8b8xf8zif1P+mMX/5vwxi/8t+WMW/1vzxyz+t+WPWfxvzx+z+N+RP2bxvzN/zOJ/V/6Yxf/u/DGL/z35Yxb/e/PHLP735Y9Z/O/PH7P4P5A/ZvF/MH/M4v9Q/pjF/+H8MYv/I/ljFv9H88cs/o/lj1n8H88fs/g/kT9m8X8yf8zi/1T+mMX/6fwxi/8z+WMW/2fzxyz+z+WPWfyfzx+z+L+QP2bxfzF/zOL/Uv6Yxf/l/DGL/yv5Yxb/V/PHLP6v5Y9J/AcN5I9Z/Aflj1n8R8gfs/iPmD9m8R+cP2bxHyl/zOI/cv6YxX+U/DGL/5D8MYv/qPljFv/R8scs/qPnj1n8x8gfs/iPmT9m8R8rf8ziP3b+mMV/nPwxi/+4+WMW//Hyxyz+H8kfs/iPnz9m8Z8gf8zi/9H8MYv/hPljFv+J8scs/h/LH7P4fzx/zOL/ifwxi/8n88cs/p/KH7P4T5w/ZvGfJH/M4j9p/pjF/9P5Yxb/yd70H/I+jesDmsV/8tY/ZvGfIn/M4j9l/pjFf6r8MYv/Z/LHLP5T549Z/D+bP2bx/1z+mMX/8/ljFv8v5I9Z/L+YP2bx/1L+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+M+YP2bx/3L+mMV/pvwxi//M+WMW/1nyxyz+s+aPWfy/kj9m8f9q/pjF/2v5Yxb/r+ePWfxnyx+z+H8jf8ziP3v+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/zfzxyz+38ofs/gvmD9m8f92/pjFf6H8MYv/d/LHLP7fzR+z+C+cP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP7fyx+z+C+ZP2bx/37+mMX/B/ljFv+l8scs/kvnj1n8l8kfs/gvmz9m8f9h/pjFf7n8MYv/8vljFv8f5Y9Z/FfIH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/j/OH7P4r54/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/j/JH7P4r5s/ZvFfL3/M4r9+/pjF/6f5Yxb/DfLHLP4/yx+z+G+YP2bx3yh/zOK/cf6Yxf/n+WMW/1/kj1n8N8kfs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx/2X+mMX/V/ljFv/t8scs/tvnj1n8d8gfs/jvmD9m8f91/pjF/zf5Yxb/3+aPWfx3yh+z+O+cP2bx/13+mMX/9/ljFv9d8scs/n/IH7P475o/ZvHfLX/M4r97/pjF/4/5Yxb/P+WPWfz3yB+z+O+ZP2bx3yt/zOL/5/wxi/9f8scs/nvnj1n898kfs/jvmz9m8f9r/pjF/2/5Yxb//fLHLP77549Z/P/+r/73/q+P6wOaxf+A1j9m8T8wf8zif1D+mMX/4Pwxi/8h+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6YxP/18v/3JP6DLs4fs/hfkj9m8b80f8zif1n+mMX/8vwxi/8V+WMW/yvzxyz+V+WPWfyvzh+z+F+TP2bxvzZ/zOJ/Xf6Yxf/6/DGL/w35Yxb/G/PHLP435Y9Z/G/OH7P435I/ZvG/NX/M4n9b/pjF//b8MYv/HfljFv8788cs/nflj1n8784fs/jfkz9m8b83f8zif1/+mMX//vwxi/8D+WMW/wfzxyz+D+WPWfwfzh+z+D+SP2bxfzR/zOL/WP6Yxf/x/DGL/xP5Yxb/J/PHLP5P5Y9Z/J/OH7P4P5M/ZvF/Nn/M4v9c/pjF//n8MYv/C/mPTBda/F/MH7P4v5Q/ZvF/OX/M4v9K/pjF/9X8MYv/a/ljEv/XP83/37P4D8ofs/iPkD9m8R8xf8ziPzh/zOI/Uv6YxX/k/DGL/yj5Yxb/IfljFv9R88cs/qPlj1n8R88fs/iPkT9m8R8zf8ziP1b+mMV/7Pwxi/84+WMW/3Hzxyz+4+WPWfw/kj9m8R8/f8ziP0H+mMX/o/ljFv8J88cs/hPlj1n8P5Y/ZvH/eP6Yxf8T+WMW/0/mj1n8P5U/ZvGfOH/M4j9J/pjFf9L8MYv/p/PHLP6T5Y9Z/CfPH7P4T5E/ZvGfMn/M4j9V/pjF/zP5Yxb/qfPHLP6fzR+z+H8uf8zi//n8MYv/F/LHLP5fzB+z+H8pf8ziP03+mMV/2vyxQefsOtLAwMCH3n+6/DHL+p8+f8ziP0P+mMV/xvwxi/+X88cs/jPlj1n8Z84fs/jPkj9m8Z81f8zi/5X8MYv/V/PHLP5fyx+z+H89f8ziP1v+mMX/G/ljFv/Z88cs/nPkj1n858wfs/jPlT9m8Z87f8ziP0/+mMV/3vwxi/98+WMW//nzxyz+C+SPWfy/mT9m8f9W/pjFf8H8MYv/t/PHLP4L5Y9Z/L+TP2bx/27+mMV/4fwxi/8i+WMW/0Xzxyz+i+WPWfwXzx+z+C+RP2bx/17+mMV/yfwxi//388cs/j/IH7P4L5U/ZvFfOn/M4r9M/pjFf9n8MYv/D/PHLP7L5Y9Z/JfPH7P4/yh/zOK/Qv6YxX/F/DGL/0r5Yxb/lfPHLP6r5I9Z/FfNH7P4r5Y/ZvH/cf6YxX/1/DGL/xr5Yxb/NfPHLP5r5Y9Z/NfOH7P4r5M/ZvH/Sf6YxX/d/DGL/3r5Yxb/9fPHLP4/zR+z+G+QP2bx/1n+mMV/w/wxi/9G+WMW/43zxyz+P88fs/j/In/M4r9J/pjFf9P8MYv/ZvljFv/N88cs/lvkj1n8t8wfs/hvlT9m8d86f8ziv03+mMV/2/wxi/8v88cs/r/KH7P4b5c/ZvHfPn/M4r9D/pjFf8f8MYv/r/PHLP6/yR+z+P82f8ziv1P+mMV/5/wxi//v8scs/r/PH7P475I/ZvH/Q/6YxX/X/DGL/275Yxb/3fPHLP5/zB+z+P8pf8ziv0f+mMV/z/wxi/9e+WMW/z/nj1n8/5I/ZvHfO3/M4r9P/pjFf9/8MYv/X/PHLP5/yx+z+O+XP2bx3z9/zOL/9/wxi/8B+WMW/wPzxyz+B+WPWfwPzh+z+B+SP2bxPzR/zOJ/WP6Yxf/w/DGL/xH5Yxb/I/PHLP5H5Y9Z/I/OH7P4H5M/ZvE/Nn/M4n9c/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/ifkj9m8T81f8zif1r+mMX/9Pwxi/8Z+WMW/zPzxyz+Z+WPWfzPzh+z+J+TP2bxPzd/zOJ/Xv6Yxf/8/DGL/wX5Yxb/C/PHLP4X5Y9Z/P+RP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4X5U/ZvG/On/M4n9N/pjF/9r8MYv/dfljFv/r88cs/jfkj1n8b8wfs/jflD9m8b85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+d+SPWfzvzB+z+N+VP2bxvzt/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/B/MH7P4P5Q/ZvF/OH/M4v9I/pjF/9H8MYv/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UP2bxfzl/zOL/Sv6Yxf/V/DGL/2v5YxL/EQfyxyz+g/LHLP4j5I9Z/EfMH7P4D84fs/iPlD9m8R85f8ziP0r+mMV/SP6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv+P5I9Z/MfPH7P4T5A/ZvH/aP6YxX/C/DGL/0T5Yxb/j+WPWfw/nj9m8f9E/pjF/5P5Yxb/T+WPWfwnzh+z+E+SP2bxnzR/zOL/6fwxi/9k+WMW/8nzxyz+U+SPWfynzB+z+E+VP2bx/0z+mMV/6vwxi/9n88cs/p/LH7P4fz5/zOL/hfwxi/8X88cs/l/KH7P4T5M/ZvGfNn/M4j9d/pjFf/r8MYv/DPljFv8Z88cs/l/OH7P4z5Q/ZvGfOX/M4j9L/pjFf9b8MYv/V/LHLP5fzR+z+H8tf8zi//X8MYv/bPljFv9v5I9Z/GfPH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8f9m/pjF/1v5Yxb/BfPHLP7fzh+z+C+UP2bx/07+mMX/u/ljFv+F88cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMX/e/ljFv8l88cs/t/PH7P4/yB/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP4/zB+z+C+XP2bxXz5/zOL/o/wxi/8K+WMW/xXzxyz+K+WPWfxXzh+z+K+SP2bxXzV/zOK/Wv6Yxf/H+WMW/9Xzxyz+a+SPWfzXzB+z+K+VP2bxXzt/zOK/Tv6Yxf8n+WMW/3Xzxyz+6+WPWfzXzx+z+P80f8ziv0H+mMX/Z/ljFv8N88cs/hvlj1n8N84fs/j/PH/M4v+L/DGL/yb5Yxb/TfPHLP6b5Y9Z/DfPH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/NvljFv9t88cs/r/MH7P4/yp/zOK/Xf6YxX/7/DGL/w75Yxb/HfPHLP6/zh+z+P8mf8zi/9v8MYv/TvljFv+d88cs/r/LH7P4/z5/zOK/S/6Yxf8P+WMW/13zxyz+u+WPWfx3zx+z+P8xf8zi/6f8MYv/HvljFv8988cs/nvlj1n8/5w/ZvH/S/6YxX/v/DGL/z75Yxb/ffPHLP5/zR+z+P8tf8ziv1/+mMV///wxi//f88cs/gfkj1n8D8wfs/gflD9m8T84f8zif0j+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4n9K/pjF/9T8MYv/afljFv/T88cs/mfkj1n8z8wfs/iflT9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+F+SPWfwvzB+z+F+UP2bx/0f+mMX/4vwxi/8l+WMW/0vzxyz+l+WPWfwvzx+z+F+RP2bxvzJ/zOJ/Vf6Yxf/q/DGL/zX5Yxb/a/PHLP7X5Y9Z/K/PH7P435A/ZvG/MX/M4n9T/pjF/+b8MYv/LfljFv9b88cs/rflj1n8b88fs/jfkT9m8b8zf8zif1f+mMX/7vwxi/89+WMW/3vzxyz+9+WPWfzvzx+z+D+QP2bxfzB/zOL/UP6Yxf/h/DGL/yP5Yxb/R/PHLP6P5Y9Z/B/PH7P4P5E/ZvF/Mn/M4v9U/pjF/+n8MYv/M/ljFv9n88cs/s/lj1n8n88fs/i/kD9m8X8xf8zi/1L+mMX/5fwxi/8r+WMW/1fzxyz+r+WPSfwHD+SPWfwHvTf/kf/HxvUBzeI/Qusfs/iPmD9m8R+cP2bxHyl/zOI/cv6YxX+U/DGL/5D8MYv/qPljFv/R8scs/qPnj1n8x8gfs/iPmT9m8R8rf8ziP3b+mMV/nPwxi/+4+WMW//Hyxyz+H8kfs/iPnz9m8Z8gf8zi/9H8MYv/hPljFv+J8scs/h/LH7P4fzx/zOL/ifwxi/8n88cs/p/KH7P4T5w/ZvGfJH/M4j9p/pjF/9P5Yxb/yfLHLP6T549Z/KfIH7P4T5k/ZvGfKn/M4v+Z/DGL/9T5Yxb/z+aPWfw/lz9m8f98/pjF/wv5Yxb/L+aPWfy/lD9m8Z8mf8ziP23+mMV/uvwxi//0+WMW/xnyxyz+M+aPWfy/nD9m8Z8pf8ziP3P+mMV/lvwxi/+s+WMW/6/kj1n8v5o/ZvH/Wv6Yxf/r+WMW/9nyxyz+38gfs/jPnj9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxXyB/zOL/zfwxi/+38scs/gvmj1n8v50/ZvFfKH/M4v+d/DGL/3fzxyz+C+ePWfwXyR+z+C+aP2bxXyx/zOK/eP6YxX+J/DGL//fyxyz+S+aPWfy/nz9m8f9B/pjFf6n8MYv/0vljFv9l8scs/svmj1n8f5g/ZvFfLn/M4r98/pjF/0f5Yxb/FfLHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjFf7X8MYv/j/PHLP6r549Z/NfIH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/T/LHLP7r5o9Z/NfLH7P4r58/ZvH/af6YxX+D/DGL/8/yxyz+G+aPWfw3yh+z+G+cP2bx/3n+mMX/F/ljFv9N8scs/pvmj1n8N8sfs/hvnj9m8d8if8ziv2X+mMV/q/wxi//W+WMW/23yxyz+2+aPWfx/mT9m8f9V/pjFf7v8MYv/9vljFv8d8scs/jvmj1n8f50/ZvH/Tf6Yxf+3+WMW/53yxyz+O+ePWfx/lz9m8f99/pjFf5f8MYv/H/LHLP675o9Z/HfLH7P4754/ZvH/Y/6Yxf9P+WMW/z3yxyz+e+aPWfz3yh+z+P85f8zi/5f8MYv/3vljFv998scs/vvmj1n8/5o/ZvH/W/6YxX+//DGL//75Yxb/v+ePWfwPyB+z+B+YP2bxPyh/zOJ/cP6Yxf+Q/DGL/6H5Yxb/w/LHLP6H549Z/I/IH7P4H5k/ZvE/Kn/M4n90/pjF/5j8MYv/sfljFv/j8scs/sfnj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/lPwxi/+p+WMW/9Pyxyz+p+ePWfzPyB+z+J+ZP2bxPyt/zOJ/dv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/C/IH7P4X5g/ZvG/KH/M4v+P/DGL/8X5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYv/1fljFv9r8scs/tfmj1n8r8sfs/hfnz9m8b8hf8zif2P+mMX/pvwxi//N+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOJ/Z/6Yxf+u/DGL/935Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4v9g/pjF/6H8MYv/w/ljFv9H8scs/o/mj1n8H8sfs/g/nj9m8X8if8zi/2T+mMX/qfwxi//T+WMW/2fyxyz+z+aPWfyfyx+z+D+fP2bxfyF/zOL/Yv6Yxf+l/DGL/8v5Yxb/V/LHLP6v5o9Z/F/LH5P4jzSQP2bxH5Q/ZvEfIX/M4j9i/pjFf3D+mMV/pPwxi//I+WMW/1Hyxyz+Q/LHLP6j5o9Z/EfLH7P4j54/ZvEfI3/M4j9m/pjFf6z8MYv/2PljFv9x8scs/uPmj1n8x8sfs/h/JH/M4j9+/pjFf4L8MYv/R/PHLP4T5o9Z/CfKH7P4fyx/zOL/8fwxi/8n8scs/p/MH7P4fyp/zOI/cf6YxX+S/DGL/6T5Yxb/T+ePWfwnyx+z+E+eP2bxnyJ/zOI/Zf6YxX+q/DGL/2fyxyz+U+ePWfw/mz9m8f9c/pjF//P5Yxb/L+SPWfy/mD9m8f9S/pjFf5r8MYv/tPljFv/p8scs/tPnj1n8Z8gfs/jPmD9m8f9y/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8v5I/ZvH/av6Yxf9r+WMW/6/nj1n8Z8sfs/h/I3/M4j97/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMV/gfwxi/8388cs/t/KH7P4L5g/ZvH/dv6YxX+h/DGL/3fyxyz+33X5D36vG1r8F3b5v+cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMX/e/ljFv8l88cs/t/PH7P4/yB/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP4/zB+z+C+XP2bxXz5/zOL/o/wxi/8K+WMW/xXzxyz+K+WPWfxXzh+z+K+SP2bxXzV/zOK/Wv6Yxf/H+WMW/9Xzxyz+a+SPWfzXzB+z+K+VP2bxXzt/zOK/Tv6Yxf8n+WMW/3Xzxyz+6+WPWfzXzx+z+P80f8ziv0H+mMX/Z/ljFv8N88cs/hvlj1n8N84fs/j/PH/M4v+L/DGL/yb5Yxb/TfPHLP6b5Y9Z/DfPH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/NvljFv9t88cs/r/MH7P4/yp/zOK/Xf6YxX/7/DGL/w75Yxb/HfPHLP6/zh+z+P8mf8zi/9v8MYv/TvljFv+d88cs/r/LH7P4/z5/zOK/S/6Yxf8P+WMW/13zxyz+u+WPWfx3zx+z+P8xf8zi/6f8MYv/HvljFv8988cs/nvlj1n8/5w/ZvH/S/6YxX/v/DGL/z75Yxb/ffPHLP5/zR+z+P8tf8ziv1/+mMV///wxi//f88cs/gfkj1n8D8wfs/gflD9m8T84f8zif0j+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4n9K/pjF/9T8MYv/afljFv/T88cs/mfkj1n8z8wfs/iflT9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+F+SPWfwvzB+z+F+UP2bx/0f+mMX/4vwxi/8l+WMW/0vzxyz+l+WPWfwvzx+z+F+RP2bxvzJ/zOJ/Vf6Yxf/q/DGL/zX5Yxb/a/PHLP7X5Y9Z/K/PH7P435A/ZvG/MX/M4n9T/pjF/+b8MYv/LfljFv9b88cs/rflj1n8b88fs/jfkT9m8b8zf8zif1f+mMX/7vwxi/89+WMW/3vzxyz+9+WPWfzvzx+z+D+QP2bxfzB/zOL/UP6Yxf/h/DGL/yP5Yxb/R/PHLP6P5Y9Z/B/PH7P4P5E/ZvF/Mn/M4v9U/pjF/+n8MYv/M/ljFv9n88cs/s/lj1n8n88fs/i/kD9m8X8xf8zi/1L+mMX/5fwxi/8r+WMW/1fzxyz+r+WPSfxHHsgfs/gPyh+z+I+QP2bxHzF/zOI/OH/M4j9S/pjFf+T8MYv/KPljFv8h+WMW/1Hzxyz+o+WPWfxHzx+z+I+RP2bxHzN/zOI/Vv6YxX/s/DGL/zj5Yxb/cfPHLP7j5Y9Z/D+SP2bxHz9/zOI/Qf6Yxf+j+WMW/wnzxyz+E+WPWfw/lj9m8f94/pjF/xP5Yxb/T+aPWfw/lT9m8Z84f8ziP0n+mMV/0vwxi/+n88cs/pPlj1n8J88fs/hPkT9m8Z8yf8ziP1X+mMX/M/ljFv+p88cs/p/NH7P4fy5/zOL/+fwxi/8X8scs/l/MH7P4fyl/zOI/Tf6YxX/a/DGL/3T5Yxb/6fPHLP4z5I9Z/GfMH7P4fzl/zOI/U/6YxX/m/DGL/yz5Yxb/WfPHLP5fyR+z+H81f8zi/7X8MYv/1/PHLP6z5Y9Z/L+RP2bxn/2/9h/lf3RcH9As/nO0/jGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjFf4H8MYv/N/PHLP7fyh+z+C+YP2bx/3b+mMV/ofwxi/938scs/t/NH7P4L5w/ZvFfJH/M4r9o/pjFf7H8MYv/4vljFv8l8scs/t/LH7P4L5k/ZvH/fv6Yxf8H+WMW/6Xyxz6k/oOGsx556fyxD6n/6719/S+TP2bxXzZ/zOL/w/wxi/9y+WMW/+Xzxyz+P8ofs/ivkD826JxBw2bmw+2/Yv6YZf2vlD9m8V85f8ziv0r+mMV/1fwxi/9q+WMW/x/nj1n8V88fs/ivkT9m8V8zf8ziv1b+mMV/7fwxi/86+WMW/5/kj1n8180fs/ivlz9m8V8/f8zi/9P8MYv/BvljFv+f5Y9Z/DfMH7P4b5Q/ZvHfOH/M4v/z/DGL/y/yxyz+m+SPWfw3zR+z+G+WP2bx3zx/zOK/Rf6YxX/L/DGL/1b5Yxb/rfPHLP7b5I9Z/LfNH7P4/zJ/zOL/q/wxi/92+WMW/+3zxyz+O+SPWfx3zB+z+P86f8zi/5v8MYv/b/PHLP475Y9Z/HfOH7P4/y5/zOL/+/wxi/8u+WMW/z/kj1n8d80fs/jvlj9m8d89f8zi/8f8MYv/n/LHLP575I9Z/PfMH7P475U/ZvH/c/6Yxf8v+WMW/73zxyz+++SPWfz3zR+z+P81f8zi/7f8MYv/fvljFv/988cs/n/PH7P4H5A/ZvE/MH/M4n9Q/pjF/+D8MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfyPzx+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4n5E/ZvE/M3/M4n9W/pjF/+z8MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8b8wf8zif1H+mMX/H/ljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V79F/8P/UuD6gWfyvbv1jFv9r8scs/tfmj1n8r8sfs/hfnz9m8b8hf8zif2P+mMX/pvwxi//N+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOJ/Z/6Yxf+u/DGL/935Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4v9g/pjF/6H8MYv/w/ljFv9H8scs/o/mj1n8H8sfs/g/nj9m8X8if8zi/2T+mMX/qfwxi//T+Q+MCpdZ/J/JH7P4P5s/ZvF/Ln/M4v98/pjF/4X8MYv/i/ljFv+X8scs/i/nj1n8X8kfs/i/mj9m8X8tf0ziP8pA/pjFf1D+mMV/hPwxi/+I+WMW/8H5Yxb/kfLHLP4j549Z/EfJH7P4D8kfs/iPmj9m8R8tf8ziP3r+mMV/jPwxi/+Y+WMW/7Hyxyz+Y+ePWfzHyR+z+I+b/7CG/Ms5i/94+WMW/4/kj1n8x88fs/hPkD9m8f9o/pjFf8L8MYv/RPljFv+P5Y9Z/D+eP2bx/0T+mMX/k/ljFv9P5Y9Z/CfOH7P4T5I/ZvGfNH/M4v/p/DGL/2T5Yxb/yfPHLP5T5I9Z/KfMH7P4T5U/ZvH/TP6YxX/q/DGL/2fzxyz+n8sfs/h/Pn/M4v+F/DGL/xfzxyz+X8ofs/hPkz9m8Z82f8ziP13+mMV/+vwxi/8M+WMW/xnzxyz+X84fs/jPlD9m8Z85f8ziP0v+mMV/1vwxi/9X8scs/l/NH7P4fy1/zOL/9fwxi/9s+WMW/2/kj1n8Z88fs/jPkT9m8Z8zf8ziP1f+mMV/7vwxi/88+WMW/3nzxyz+8+WPWfznzx+z+C+QP2bx/2b+mMX/W/ljFv8F88cs/t/OH7P4L5Q/ZvH/Tv6Yxf+7+WMW/4Xzxyz+i+SPWfwXzR+z+C+WP2bxXzx/zOK/RP6Yxf97+WMW/yXzxyz+388fs/j/IH/M4r9U/pjFf+n8MYv/MvljFv9l88cs/j/MH7P4L5c/ZvFfPn/M4v+j/DGL/wr5Yxb/FfPHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4r9a/pjF/8f5Yxb/1fPHLP5r5I9Z/NfMH7P4r5U/ZvFfO3/M4r9O/pjF/yf5Yxb/dfPHLP7r5Y9Z/NfPH7P4/zR/zOK/Qf6Yxf9n+WMW/w3zxyz+G+WPWfw3zh+z+P88f8zi/4v8MYv/JvljFv9N88cs/pvlj1n8N88fs/hvkT9m8d8yf8ziv1X+mMV/6/wxi/826N8jwuK/bdqYxf+X+WMW/1/lj1n8t8sfs/hvnz9m8d/hDf9XXnu/xvUBzeK/Y+sfs/j/On/M4v+b/DGL/2/zxyz+O+WPWfx3zh+z+P8uf8zi//v8MYv/LvljFv8/5I9Z/HfNH7P475Y/ZvHfPX/M4v/H/DGL/5/yxyz+e+SPWfz3zB+z+O+VP2bx//N78h/pf25cH9As/n9p/WMW/73zxyz+++SPWfz3zR+z+P81f8zi/7f8MYv/fvljFv/988cs/n/PH7P4H5A/ZvE/MH/M4n9Q/pjF/+D8MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfyPzx+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4n5E/ZvE/M3/M4n9W/pjF/+z8MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8b8wf8zif1H+mMX/H/ljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/6vzxyz+1+SPWfyvzR+z+F+XP2bxvz5/zOJ/Q/6Yxf/G/DGL/035Yxb/m/PHLP635I9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/878MYv/XfljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8zi/0D+mMX/wfwxi/9D+WMW/4fzxyz+j+SPWfwfzR+z+D+WP2bxfzx/zOL/RP6Yxf/J/DGL/1P5Yxb/p/PHLP7P5I9Z/J/NH7P4P5c/ZvF/Pn/M4v9C/pjF/8X8MYv/S/ljFv+X88cs/q/kj1n8X80fs/i/lj8m8R8ykD9m8R+UP2bxHyF/zOI/Yv6YxX9w/pjFf6T8MYv/yPljFv9R8scs/kPyxyz+o+aPWfxHyx+z+I+eP2bxHyN/zOI/Zv6YxX+s/DGL/9j5Yxb/cfLHLP7j5o9Z/MfLH7P4fyR/zOI/fv6YxX+C/DGL/0fzxyz+E+aPWfwnyh+z+H8sf8zi//H8MYv/J/LHLP6fzB+z+H8qf8ziP3H+mMV/kvwxi/+k+WMW/0/nj1n8J8sfs/hPnj9m8Z8if8ziP2X+mMV/qvwxi/9n8scs/lPnj1n8P5s/ZvH/XP6Yxf/z+WMW/y/kj1n8v5g/ZvH/Uv6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4z5g/ZvH/cv6YxX+m/DGL/8z5Yxb/WfLHLP6z5o9Z/L+SP2bx/+q7+u/+Pz+uD2gW/6+1/jGL/9fzxyz+s+WPWfy/kT9m8Z89f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOK/QP6Yxf+b+WMW/2/lj1n8F8wfs/h/O3/M4r9Q/pjF/zv5Yxb/7+aPWfwXzh+z+C+SP2bxXzR/zOK/WP6YxX/x/DGL/xL5Yxb/7+WPWfyXzB+z+H8/f8zi/4P8MYv/UvljFv+l88cs/svkj1n8l80fs/j/MH/M4r9c/pjFf/n8MYv/j/LHLP4r5I9Z/FfMH7P4r5Q/ZvFfOX/M4r9K/pjFf9X8MYv/avljFv8f549Z/FfPH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv+f5I9Z/NfNH7P4r5c/ZvFfP3/M4v/T/DGL/wb5Yxb/n+WPWfw3zB+z+G+UP2bx3zh/zOL/8/wxi/8v8scs/pvkj1n8N80fs/hvlj9m8d88f8ziv0X+mMV/y/wxi/9W+WMW/63zxyz+2+SPWfy3zR+z+P8yf8zi/6v8MYv/dvljFv/t88cs/jvkj1n8d8wfs/j/On/M4v+b/DGL/2/zxyz+O+WPWfx3zh+z+P8uf8zi//v8MYv/LvljFv8/5I9Z/HfNH7P475Y/ZvHfPX/M4v/H/DGL/5/yxyz+e+SPWfz3zB+z+O+VP2bx/3P+mMX/L/ljFv+988cs/vvkj1n8980fs/j/NX/M4v+3/DGL/375Yxb//fPHLP5/zx+z+B+QP2bxPzB/zOJ/UP6Yxf/g/DGL/yH5Yxb/Q/PHLP6H5Y9Z/A/PH7P4H5E/ZvE/Mn/M4n9U/pjF/+j8MYv/MfljFv9j88cs/sflj1n8j88fs/ifkD9m8T8xf8zif1L+mMX/5Pwxi/8p+WMW/1Pzxyz+p+WPWfxPzx+z+J+RP2bxPzN/zOJ/Vv6Yxf/s/DGL/zn5Yxb/c/PHLP7n5Y9Z/M/PH7P4X5A/ZvG/MH/M4n9R/pjF/x/5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/8r8MYv/VfljFv+r88cs/tfkj1n8r80fs/hflz9m8b8+f8zif0P+mMX/xvwxi/9N+WMW/5vzxyz+t+SPWfxvzR+z+N+WP2bxvz1/zOJ/R/6Yxf/O/DGL/135Yxb/u/PHLP735I9Z/O/NH7P435c/ZvG/P3/M4v/Au/mP9b8wrg9oFv8HW/+Yxf+h/DGL/8P5Yxb/R/LHDP6DBg8MeTR/zOA/dP0/lj9m8X88f8zi/0T+mMX/yfwxi/9T+WMW/6fzxyz+z+SPWfyfzR+z+D+XP2bxfz5/zOL/Qv6Yxf/F/DGL/0v5Yxb/l/PHLP6v5I9Z/F/NH7P4v5Y/JvEfdSB/zOI/KH/M4j9C/pjFf8T8MYv/4Pwxi/9I+WMW/5Hzxyz+o+SPWfyH5I9Z/EfNH7P4j5Y/ZvEfPX/M4j9G/pjFf8z8MYv/WPljFv+x88cs/uPkj1n8x80fs/iPlz9m8f9I/pjFf/z8MYv/BPljFv+P5o9Z/CfMH7P4T5Q/ZvH/WP6Yxf/j+WMW/0/kj1n8P5k/ZvH/VP6YxX/i/DGL/yT5Yxb/SfPHLP6fzh+z+E+WP2bxnzx/zOI/Rf6YxX/K/DGL/1T5Yxb/z+SPWfynzh+z+H82f8zi/7n8MYv/5/PHLP5fkPlP9x63s/h/Ueb/XrP4fyl/zOI/Tf6YxX/agYHN3q8hfZCz+E/X+scs/tPnj1n8Z8gfs/jPmD9m8f9y/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8v5I/ZvH/av6Yxf9r+WMW/6/nj1n8Z8sfs/h/I3/M4j97/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMV/gfwxi/8388cs/t/KH7P4L5g/ZvH/dv6YxX+h/DGL/3fyxyz+380fs/gvnD9m8V8kf8ziv2j+mMV/sfwxi//i+WMW/yXyxyz+38sfs/gvmT9m8f9+/pjF/wf5Yxb/pfLHLP5L549Z/JfJH7P4L5s/ZvH/Yf6YxX+5/DGL//L5Yxb/H+WPWfxXyB+z+K+YP2bxXyl/zOK/cv6YxX+V/DGL/6r5Yxb/1fLHLP4/zh+z+K+eP2bxXyN/zOK/Zv6YxX+t/DGL/9r5Yxb/dfLHLP4/yR+z+K+bP2bxXy9/zOK/fv6Yxf+n+WMW/w3yxyz+P8sfs/hvmD9m8d8of8ziv3H+mMX/5/ljFv9f5I9Z/DfJH7P4b5o/ZvHfLH/M4r95/pjFf4v8MYv/lvljFv+t8scs/lvnj1n8t8kfs/hvmz9m8f9l/pjF/1f5Yxb/7fLHLP7b549Z/HfIH7P475g/ZvH/df6Yxf83+WMW/9/mj1n8d8ofs/jvnD9m8f9d/pjF//f5Yxb/XfLHLP5/yB+z+O+aP2bx3y1/zOK/e/6Yxf+P+WMW/z/lj1n898gfs/jvmT9m8d8rf8zi/+f8MYv/X/LHLP57549Z/PfJH7P475s/ZvH/a/6Yxf9v+WMW//3yxyz+++ePWfz/nj9m8T8gf8zif2D+mMX/oPwxi//B+WMW/0Pyxyz+h+aPWfwPyx+z+B+eP2bxPyJ/zOJ/ZP6Yxf+o/DGL/9H5Yxb/Y/LHLP7H5o9Z/I/LH7P4H58/ZvE/IX/M4n9i/pjF/6T8MYv/yfljH17/PS5826WjnpI/9uH1/9f1f2r+mMX/tPwxi//p+WMW/zPyxyz+Z+aPWfzPyh+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP4X5o9Z/C/KH7P4/yN/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4X5k/ZvG/Kn/M4n91/pjF/5r8MYv/tfljFv/r8scs/tfnj1n8b8gfs/jfmD9m8b8pf8zif3P+mMX/lvwxi/+t+WMW/9vyxyz+t+ePWfzvyB+z+N+ZP2bxvyt/zOJ/d/6Yxf+e/DGL/735Yxb/+/LHLP73549Z/B/IH7P4P5g/ZvF/KH/M4v9w/pjF/5H8MYv/o/ljFv/H8scs/o/nj1n8n8gfs/g/mT9m8X8qf8zi/3T+mMX/mfwxi/+z+WMW/+fyxyz+z+ePWfxfyB+z+L+YP2bxfyl/zOL/cv6Yxf+V/DGL/6v5Yxb/1/LHJP6jDeSPWfwH5Y9Z/EfIH7P4j5g/ZvEfnD9m8R8pf8ziP3L+mMV/FJX/qO95S4v/EJX/e8/iP2r+mMV/tPwxi//o+WMW/zHyxyz+Y+aPWfzHyh+z+I+dP2bxHyd/zOI/bv6YxX+8/DGL/0fyxyz+4+ePWfwnyB+z+H80f8ziP2H+mMV/ovwxi//H8scs/h/PH7P4fyJ/zOL/yfwxi/+n8scs/hPnj1n8J8kfs/hPmj9m8f90/pjFf7L8MYv/5PljFv8p8scs/lPmj1n8p8ofs/h/Jn/M4j91/pjF/7P5Yxb/z+WPWfw/nz9m8f9C/pjF/4v5Yxb/L+WPWfynyR+z+E+bP2bxny5/zOI/ff6YxX+G/DGL/4z5Yxb/L+ePWfxnyh+z+M+cP2bxnyV/zOI/a/6Yxf8r+WMW/6/mj1n8v5Y/ZvH/ev6YxX+2/DGL/zfyxyz+s+ePWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/BfIH7P4fzN/zOL/rfwxi/+C+WMW/2/nj1n8F8ofs/h/J3/M4v/d/DGL/8L5Yxb/RfLHLP6L5o9Z/BfLH7P4L54/ZvFfIn/M4v+9/DGL/5L5Yxb/7+ePWfx/kD9m8V8qf8ziv3T+mMV/mfwxi/+y+WMW/x/mj1n8l8sfs/gvnz9m8f9R/pjFf4X8MYv/ivljFv+V8scs/ivnj1n8V8kfs/ivmj9m8V8tf8zi/+P8MYv/6vljFv818scs/mvmj1n818ofs/ivnT9m8V8nf8zi/5P8MYv/uvljFv/18scs/uvnj1n8f5o/ZvHfIH/M4v+z/DGL/4b5Yxb/jfLHLP4b549Z/H+eP2bx/0X+mMV/k/wxi/+m+WMW/83yxyz+m+ePWfy3yB+z+G+ZP2bx3yp/zOK/df6YxX+b/DGL/7b5Yxb/X+aPWfx/lT9m8d8uf8ziv33+mMV/h/wxi/+O+WMW/1/nj1n8f5M/ZvH/bf6YxX+n/DGL/875Yxb/3+WPWfx/nz9m8d8lf8zi/4f8MYv/rvljFv/d8scs/rvnj1n8/5g/ZvH/U/6YxX+P/DGL/575Yxb/vfLHLP5/zh+z+P8lf8ziv3f+mMV/n/wxi/+++WMW/7/mj1n8/5Y/ZvHfL3/M4r9//pjF/+/5Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J/8Nv8R3o9xfUCz+J/S+scs/qfmj1n8T8sfs/ifnj9m8T8jf8zif2b+mMX/rPwxi//Z+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOJ/Yf6Yxf+i/DGL/z/yxyz+F+ePWfwvyR+z+F+aP2bxvyx/zOJ/ef6Yxf+K/DGL/5X5Yxb/q/LHLP5X549Z/K/JH7P4X5s/ZvG/Ln/M4n99/pjF/4b8MYv/jfljFv+b8scs/jfnj1n8b8kfs/jfmj9m8b8tf8zif3v+mMX/jvwxi/+d+WMW/7vyxyz+d+ePWfzvyR+z+N+bP2bxvy9/zOJ/f/6Yxf+B/DGL/4P5Yxb/h/LHLP4P549Z/B/JH7P4P5o/ZvF/LH/M4v94/pjF/4n8MYv/k/ljFv+n8scs/k/nj1n8n8kfs/g/mz9m8X8uf8zi/3z+mMX/hfwxi/+LQv9R38M2Fv+XhP7vJYv/y/ljFv9X8scs/q/mj1n8X8sfk/iPPpA/ZvEflD9m8R8hf8ziP2L+mMV/cP6YxX+k/DGL/8j5Yxb/UfLHLP5D8scs/qPmj1n8R8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/3Hyxyz+4+aPWfzHyx+z+H8kf8ziP37+mMV/gvwxi/9H88cs/hPmj1n8J8ofs/h/LH/M4v/x/DGL/yfyxyz+n8wfs/h/Kn/M4j9x/pjFf5L8MYv/pPljFv9P549Z/CfLH7P4T54/ZvGfIn/M4j9l/pjFf6r8MYv/Z/LHLP5T549Z/D+bP2bx/1z+mMX/8/ljFv8v5I9Z/L+YP2bx/1L+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+M+YP2bx/3L+mMV/pvwxi//M+WMW/1nyxyz+s+aPWfy/kj9m8Z97SP6Uxf9rrX/M4v/1/DGL/2z5Yxb/b+SPWfxnzx+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP7z5Y9Z/OfPH7P4L5A/ZvH/Zv6Yxf9b+WMW/wXzxyz+384fs/gvlD9m8f9O/pjF/7v5Yxb/hfPHLP6L5I9Z/BfNH7P4L5Y/ZvFfPH/M4r9E/pjF/3v5Yxb/JfPHLP7fzx+z+P8gf8ziv1T+mMV/6fwxi/8y+WMW/2Xzxyz+P8wfs/gvlz9m8V8+f8zi/6P8MYv/CvljFv8V88cs/ivlj1n8V84fs/ivkj9m8V81f8ziv1r+mMX/x/ljFv/V88cs/mvkj1n818wfs/ivlT9m8V87f8ziv07+mMX/J/ljFv9188cs/uvlj1n8188fs/j/NH/M4r9B/pjF/2f5Yxb/DfPHLP4b5Y9Z/DfOH7P4/zx/zOL/i/wxi/8m+WMW/03zxyz+m+WPWfw3zx+z+G+RP2bx3zJ/zOK/Vf6YxX/r/DGL/zb5Yxb/bfPHLP6/zB+z+P8qf8ziv13+mMV/+/wxi/8O+WMW/x3zxyz+v84fs/j/Jn/M4v/b/LEPnf/bkN/uv1P+2IfO/x3W/875Yxb/3+WPWfx/nz9m8d8lf8zi/4f8MYv/rvljFv/d8scs/rvnj1n8/5g/ZvH/U/6YxX+P/DGL/575Yxb/vfLHLP5/zh+z+P8lf8ziv3f+mMV/n/wxi/+++WMW/7/mj1n8/5Y/ZvHfL3/M4r9//pjF/+/5Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP/am/8CQgYEPs/8p+WOW9X9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+F+aPWfwvyh+z+P8jf8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB9z+Cf/Tjn8B0Z/qEcBZvF/OH/M4v9I/pjF/9H8MYv/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UP2bxfzl/zOL/Sv6Yxf/V/DGL/2v5YxL/MQbyxyz+g/LHLP4j5I9Z/EfMH7P4D84fs/iPlD9m8R85f8ziP0r+mMV/SP6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv+P5I9Z/MfPH7P4T5A/ZvH/aP6YxX/C/DGL/0T5Yxb/j+WPWfw/nj9m8f9E/pjF/5P5Yxb/T+WPWfwnzh+z+E+SP2bxnzR/zOL/6fwxi/9k+WMW/8nzxyz+U+SPWfynzB+z+E+VP2bx/0z+mMV/6vwxi/9n88cs/p/LH7P4fz5/zOL/hfwxi/8X88cs/l/KH7P4T5M/ZvGfNn/M4j9d/pjFf/r8MYv/DPljFv8Z88cs/l/OH7P4z5Q/ZvGfOX/M4j9L/pjFf9b8MYv/V/LHLP5fzR+z+H8tf8zi//X8MYv/bPljFv9v5I9Z/GfPH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8f9m/pjF/1v5Yxb/BfPHLP7fzh+z+C+UP2bx/07+mMX/u/ljFv+F88cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMX/e/ljFv8l88cs/t/PH7P4/yB/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP4/zB+z+C+XP2bxXz5/zOL/o/wxi/8K+WMW/xWN/u/hDlv8VzL6v4cs/ivnj1n8V8kfs/ivmj9m8V8tf8zi/+P8MYv/6vljFv818scs/mvmj1n818ofs/ivnT9m8V8nf8zi/5P8MYv/uvljFv/18scs/uvnj1n8f5o/ZvHfIH/M4v+z/DGL/4b5Yxb/jfLHLP4b549Z/H+eP2bx/0X+mMV/k/wxi/+m+WMW/83yxyz+m+ePWfy3yB+z+G+ZP2bx3yp/zOK/df6YxX+b/DGL/7b5Yxb/X+aPWfx/lT9m8d8uf8ziv33+mMV/h/wxi/+O+WMW/1/nj1n8f5M/ZvH/bf6YxX+n/DGL/875Yxb/3+WPWfx/nz9m8d8lf8zi/4f8MYv/rvljFv/d8scs/rvnj1n8/5g/ZvH/U/6YxX+P/DGL/575Yxb/vfLHLP5/zh+z+P8lf8ziv3f+mMV/n/wxi/+++WMW/7/mj1n8/5Y/ZvHfL3/M4r9//pjF/+/5Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/j/I3/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/LEPt//tb146xq35Yx9u/7ca47b8MYv/7fljFv878scs/nfmj1n878ofs/jfnT9m8b8nf8zif2/+2IfUf8rhLh3jvvyxD6n/6719/d+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYv/0/ljFv9n8scs/s/mj1n8n8sfs/g/nz9m8X8hf8zi/2L+mMX/pfwxi//L+WMW/1fyxyz+r+aPWfxfyx+T+I85kD9m8R+UP2bxHyF/zOI/Yv6YxX9w/pjFf6T8MYv/yPljFv9R8scs/kPyxyz+o+aPWfxHyx+z+I+eP2bxHyN/zOI/Zv6YxX+s/DGL/9j5Yxb/cfLHLP7j5o9Z/MfLH7P4fyR/zOI/fv6YxX+C/DGL/0fzxyz+E+aPWfwnyh+z+H8sf8zi//H8MYv/J/LHLP6fzB+z+H8qf8ziP3H+mMV/kvwxi/+k+WMW/0/nj1n8J8sfs/hPnj9m8Z8if8ziP2X+mMV/qvwxi/9n8scs/lPnj1n8P5s/ZvH/XP6Yxf/z+WMW/y/kj1n8v5g/ZvH/Uv6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4z5g/ZvH/cv6YxX+m/DGL/8z5Yxb/WfLH/sV/2GXjvM9j+v/VO/jPmj9mWf9fyR+z+H81f8zi/7X8MYv/1/PHLP6z5Y9Z/L+RP2bxnz1/zOI/R/6YxX/O/DGL/1z5Yxb/ufPHLP7z5I9Z/OfNH7P4z5c/ZvGfP3/M4r9A/pjF/5v5Yxb/b+WPWfwXzB+z+H87f8ziv1D+mMX/O/ljFv/v5o9Z/BfOH7P4L5I/ZvFfNH/M4r9Y/pjFf/H8MYv/EvljFv/v5Y9Z/JfMH7P4fz9/zOL/g/wxi/9S+WMW/6Xzxyz+y+SPWfyXzR+z+P8wf8ziv1z+mMV/+fwxi/+P8scs/ivkj1n8V8wfs/ivlD9m8V85f8ziv0r+mMV/1fwxi/9q+WMW/x/nj1n8V88fs/ivkT9m8V8zf8ziv1b+mMV/7fwxi/86+WMW/5/kj1n8180fs/ivlz9m8V8/f8zi/9P8MYv/BvljFv+f5Y9Z/DfMH7P4b5Q/ZvHfOH/M4v/z/DGL/y/yxyz+m+SPWfw3zR+z+G+WP2bx3zx/zOK/Rf6YxX/L/DGL/1b5Yxb/rfPHLP7b5I9Z/LfNH7P4/zJ/zOL/q/wxi/92+WMW/+3zxyz+O+SPWfx3zB+z+P86f8zi/5v8MYv/b/PHLP475Y9Z/HfOH/uw+g8Zzv93+WMfVv+B4fx/nz9m8d8lf8zi/4f8MYv/rvljFv/d8scs/rvnj1n8/5g/ZvH/U/6YxX+P/DGL/575Yxb/vfLHLP5/zh+z+P8lf8ziv3f+mMV/n/wxi/+++WMW/7/mj1n8/5Y/ZvHfL3/M4r9//pjF/+/5Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/j/I3/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/7hvff/H95XB/QLP73t/4xi/8D+WMW/wfzxyz+D+WPWfwfzh+z+D+SP2bxfzR/zOL/WP6Yxf/x/DGL/xP5Yxb/J/PHLP5P5Y9Z/J/OH7P4P5M/ZvF/Nn/M4v9c/pjF//n8MYv/C/ljFv8X88cs/i/lj1n8X84fs/i/kj9m8X81f8zi/1r+mMR/rIH8MYv/oPwxi/8I+WMW/xHzxyz+g/PHLP4j5Y9Z/EfOH7P4j5I/ZvEfkj9m8R81f8ziP1r+mMV/9Pwxi/8Y+WMW/zHzxyz+Y+WPWfzHzh+z+I+TP2bxHzd/zOI/Xv6Yxf8j+WMW//Hzxyz+E+SPWfw/mj9m8Z8wf8ziP1H+mMX/Y/ljFv+P549Z/D+RP2bx/2T+mMX/U/ljFv+J88cs/pPkj1n8J80fs/h/On/M4j9Z/pjFf/L8MYv/FPljFv8p88cs/lPlj1n8P5M/ZvGfOn/M4v/Z/DGL/+fyxyz+n88fs/h/IX/M4v/F/DGL/5fyxyz+0+SPWfynzR+z+E+XP2bxnz5/zOI/Q/6YxX/G/DGL/5fzxyz+M+WPWfxnzh+z+M+SP2bxnzV/zOL/lfwxi/9X88cs/l/LH7P4fz1/zOI/W/6Yxf8bav/lRn+nayz+s6v93zmL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/AvljFv9v5o9Z/L+VP2bxXzB/zOL/7fwxi/9C+WMW/+/kj1n8v5s/ZvFfOH/M4r9I/pjFf9H8MYv/YvljFv/F88cs/kvkj1n8v5c/ZvFfMn/M4v/9/DGL/w/yxyz+S+WPWfyXzh+z+C+TP2bxXzZ/zOL/w/wxi/9y+WMW/+Xzxyz+P8ofs/ivkD9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfx/nD9m8V89f8ziv0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfx/kj9m8V83f8ziv17+mMV//fwxi/9P88cs/hvkj1n8f5Y/ZvHfMH/M4r9R/pjFf+P8MYv/z/MfGBgY9d8usfj/In/M4r9J/pjFf9P8MYv/ZvljFv/N88cs/lvkj1n8t8wfs/hvlT9m8d86f8ziv03+mMV/2/wxi/8v88cs/r/KH7P4b5c/ZvHfPn/M4r9D/pjFf8f8MYv/r/PHLP6/yR+z+P82f8ziv1P+mMV/5/wxi//v8scs/r/PH7P475I/ZvH/Q/6YxX/X/DGL/275Yxb/3fPHLP5/zB+z+P8pf8ziv0f+mMV/z/wxi/9e+WMW/z/nj1n8/5I/ZvHfO3/M4r9P/pjFf9/8MYv/X/PHLP5/yx+z+O+XP2bx3z9/zOL/9/wxi/8B+WMW/wPzxyz+B+WPWfwPzh+z+B+SP2bxPzR/zOJ/WP6Yxf/w/DGL/xH5Yxb/I/PHLP5H5Y9Z/I/OH7P4H5M/ZvE/Nn/M4n9c/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/ifkj9m8T81f8zif1r+mMX/9Pwxi/8Z+WMW/zPzxyz+Z+WPWfzPzh+z+J+TP2bxPzd/zOJ/Xv6Yxf/8/DGL/wX5Yxb/C/PHLP4X5Y9Z/P+RP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4X5U/ZvG/On/M4n9N/pjF/9r8MYv/dfljFv/r88cs/jfkj1n8b8wfs/jflD9m8b85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+d+SPWfzvzB+z+N+VP2bxvzt/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/B/MH7P4P5Q/ZvF/OH/M4v9I/pjF/9H8MYv/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UP2bxfzl/zOL/Sv6Yxf/V/DGL/2v5YxL/sQfyxyz+g/LHLP4j5I9Z/EfMH7P4D84fs/iPlD9m8R85f8ziP0r+mMV/SP6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv+P5I9Z/MfPH7P4T5A/ZvH/aP7Y/8fO3Yd7Xdd3HP9xT5azT7sudWnDoTHXZiQyGrUQFcXjzSkTzbxHPQLJjdxIgCmw0Uodmy51s2ATC8ecrVricHPdrWhY1myN2FrlFNfCGHOwyJyx68A5BGdvz7XzZd+vm+/H4w/O+f2O71/K83r5+3lxXWXpf5j+oSz9D9c/lKX/z+gfytL/1fqHsvQ/Qv9Qlv5H6h/K0v81+oey9P9Z/UNZ+g/TP5Sl/1H6h7L0/zn9Q1n6D9c/lKX/0fqHsvQ/Rv9Qlv6v1T+Upf8I/UNZ+v+8/qEs/Y/VP5Sl/y/oH8rS/3X6h7L0/0X9Q1n6/5L+oSz9j9M/lKX/6/UPZek/Uv9Qlv5v0D+Upf/x+oey9B+lfyhL/xP0D2XpP1r/UJb+v6x/KEv/MfqHsvR/o/6hLP1/Rf9Qlv5j9Q9l6f8m/UNZ+r9Z/1CW/r+qfyhL/7foH8rSf5z+oSz9T9Q/lKX/eP1DWfqfpH8oS/+T9Q9l6X+K/qEs/SfoH8rS/1T9Q1n6n6Z/KEv/ifqHsvQ/Xf9Qlv5t+oey9D9D/1CW/mfqH8rS/yz9Q1n6n61/KEv/dv1DWfq/Vf9Qlv5v0z+Upf85+oey9H+7/qEs/c/VP5Sl/yT9Q1n6n6d/KEv/8/UPZen/Dv1DWfpfoH8oS/936h/K0v9C/UNZ+l+kfyhL/4v1D2Xpf4n+oSz9L9U/lKX/ZfqHsvS/XP9Qlv6T9Q9l6X+F/qEs/a/UP5Sl/1X6h7L079A/lKX/1fqHsvSfon8oS/+p+oey9J+mfyhL/3fpH8rS/xr9Q1n6T9c/lKX/DP1DWfrP1D+Upf8s/UNZ+l+rfyhL/9n6h7L0n6N/KEv/ufqHsvSfp38oS//r9A9l6T9f/1CW/u/WP5Sl/wL9Q1n6L9Q/lKX/Iv1DWfpfr38oS//36B/K0v8G/UNZ+t+ofyhL/8X6h7L0X6J/KEv/pfqHsvT/Nf1DWfr/uv6hLP2X6R/K0v+9+oey9P8N/UNZ+r9P/1CW/u/XP5Sl/036h7L0v1n/UJb+t+gfytL/N/UPZem/XP9Qlv6/pX8oS//f1j+Upf+t+oey9L9N/1CW/r+jfyhL/w/oH8rS/3b9Q1n636F/KEv/O/UPZen/u/qHsvT/Pf1DWfrfpX8oS/8P6h/K0v9D+oey9F+hfyhL/5X6h7L0/339Q1n6/4H+oSz979Y/lKX/Kv1DWfrfo38oS/8P6x/K0v8j+oey9F+tfyhL/3v1D2Xp/4f6h7L0X6N/KEv/P9I/lKX/ffqHsvT/Y/1DWfrfr38oS/+P6h/K0v9P9A9l6f8x/UNZ+n9c/1CW/p/QP5Sl/5/qH8rS/5P6h7L0f0D/UJb+a/UPZen/oP6hLP3/TP9Qlv7r9A9l6f+Q/qEs/f9c/1CW/n+hfyhL/4f1D2Xp/5f6h7L0/5T+oSz9P61/KEv/z+gfytL/s/qHsvT/nP6hLP3/Sv9Qlv6f1z+Upf8X9A9l6b9e/1CW/l/UP5Sl/1/rH8rSf4P+oSz9H9E/lKX/l/QPZen/Zf1DWfo/qn8oS/+v6B/K0v+r+oey9P8b/UNZ+j+mfyhL/6/pH8rS/2/1D2Xp/3X9Q1n6/53+oSz9N+ofytL/G/qHsvTfpH8oS/+/1z+Upf8/6B/K0v+b+oey9P9H/UNZ+n9L/1CW/t/WP5Sl/3f0D2Xp/7j+oSz9/0n/UJb+T+gfytL/Sf1DWfpv1j+Upf9T+oey9P9n/UNZ+n9X/1CW/v+ifyhL/+/pH8rSf4v+oSz9n9Y/lKX/9/UPZem/Vf9Qlv7/qn8oS/9t+oey9P83/UNZ+j+jfyhL/3/XP5Sl/3b9Q1n679A/lKX/f+gfytL/B/qHsvTfqX8oS/8f6h/K0v9Z/UNZ+v9I/1CW/s/pH8rS/z/1D2Xp/7z+oSz9f6x/KEv/XfqHkvR/ZUv/UJb+/fQPZenfX/9Qlv4D9A9l6T9Q/1CW/oP0D2XpP1j/UJb+Q/QPZek/VP9Qlv4v0z+Upf9B+oey9H+5/qEs/V+hfyhL/4P1D2Xp/1P6h7L0P0T/0EuuPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP81cxcuumby9Okdc3zjG9/4Zu83L/a/mQAAgP9tP/nQ/2L/nQAAAAAAAAAAAAAAAAAAAEBeTfzfib3Y/4wAAAAAAAAAAAAAAPD/XVv7SVsH9NvvqQH7PnjNox27v47eecHU1asfLN1fu358ZvCS/fd9sGvXrl0rnxk3oevhkFar1fm/9squx0N7Hne+/pJhKw7f86iM//ydj1866eCz5qy9beA3Vt7S/vSg3c8Oal1+9bTpHW/o32qVUwa1FnQ+OL5fq1VOG9S6tfPBqM4HEwe11nQ+OGH3g5e1PtP54PVXzpp+VecTp1f+PYOXirb2Ja0B+y22td+/Dfbd/5JhT0zt/trLS3a/2sBW1/6Hr/3SYT1+1u0F9t/9+uWknvvv8z8g8IL6tv9nN3V/7eUl/9v7/4c37FwU/eyF99/9+uVk+4f6BJ//99toz8/9PT7/HxW85N77E4duuL1z/23n3Xdk11MD/yef/3/y+uWUnvvvv9/n/87P8RO6P/8PabXKqQf42wGptLUv3drb+3/v+x/46h43/fbd/z1f2fyKzv3f+1xrWddTg/q4/wm9vf/f1OPvFeibtvZVu3q8//dh/60RwUvu3f+WtQfv/vy/+f4rD93nZ33Z/6k99z9y3oxrR85duOi4aTMmT+mY0jFz7Kgxx48eO3bMmJG7PxHs+fUAf1MgiQN7/28d1OOmX6vVsfd+/X23TOjc/7aHln2k66mhfdz/ab2+/x/l/R9Cw/u3Bg9uLZg8b96c4/f82v1w1J5f9/xlwf778N//Rx/b9Zd1/5lhv1br8L33Iy4dO6Rz/9fPLuu6nhrcx/1P7HX/4/f/s0qgbw7w/f+qHjf77f/ELTfO79z/MT941eaup/r63/+n97r/u73/w4Foa2/V+ibauf8Thiw9o9p1afPnf1CfJvY/bPutO6pdlzPsH+rTxP4nLX/zFdWuy5n2D/VpYv8PzrhsebXrcpb9Q32a2P/zP73jiGrX5Wz7h/o0sf/HvvvU6mrXpd3+oT5N7P+Dd7WfUO26vNX+oT5N7P+46344rtp1eZv9Q32a2P/VLz93TbXrco79Q32a2P8Zu04+tNp1ebv9Q32a2H+/pd9bUu26nGv/UJ8m9v/k5OWzql2XSfYP9Wli/2uGjXi22nU5z/6hPk3sf9nTb5xY7bqcb/9Qnyb2/9U7VjxW7bq8w/6hPk3s/xMXv2pFtetygf1DfZrY/4+GP3RQtevyTvuH+jSx/40b1zxQ7bpcaP9Qnyb2v3LNgOHVrstF9g/1aWL/i0+f8mi163Kx/UN9mtj/6DFfvqjadbnE/qE+Tez/8M9966lq1+VS+4f6NLH/cx+eP7fadbnM/qE+Tex//hEf/3G163K5/UN9mtj/WzqOmFrtuky2f6hPE/svtx20sdp1ucL+oT5N7P/CbavGV7suV9o/1KeJ/a875Asfq3ZdrrJ/qE8T+98+e+bYatelw/6hPk3s/zvvXfy+atflavuH+jSx/9uf+3qpdl2m2D/Up4n9bxl14cXVrstU+4f6NLH/VWc980i16zLN/qE+Tex/+brH51W7Lu+yf6hPE/tfv/7MJ6pdl2vsH+rTxP6PGTHy4GrXZbr9Q32a2P+sC5Z9qNp1mWH/UJ8m9n/K/Xe8ttp1mWn/UJ8m9j/0a+M+We26zLJ/qE8T+//0uPd/qtp1udb+oT5N7H/H+KOPrXZdZts/1KeJ/W96YNSd1a7LHPuH+jSx/w88clfF6zLX/qE+Tex/9uue31btusyzf6hPE/t/06TzF1a7LtfZP9Snif0fevfEL1a7LvPtH+rTxP4v+fb3z6l2Xd5t/1CfJvZ/9GFXHFntuiywf6hPE/ufOm3DzdWuy0L7h/o0sf8JKzeNrnZdFtk/1KeJ/R/y5Nx7ql2X6+0f6tPE/rcOOOzsatflPfYP9Wli//fe8PA3q12XG+wf6tPE/m++6aMd1a7LjfYP9Wli/5/dOXh7teuy2P4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/2IHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WQfRuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAUAAD//3II6Vg=")
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x18, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xc9}, {}, {}, [@map_idx={0x18, 0xb, 0x5, 0x0, 0xa}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7}, @call={0x85, 0x0, 0x0, 0x75}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5796}, @cb_func={0x18, 0x2, 0x4, 0x0, 0x4}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='syzkaller\x00', 0x0, 0xd9, &(0x7f0000000400)=""/217, 0x40f00, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000000500)={0x5, 0x2, 0x4, 0x5}, 0x10, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000800)=[{0x3, 0x2, 0xd, 0x2}], 0x10, 0x2c}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000180)='./mnt\x00', 0x0, &(0x7f00000001c0)={[{@test_dummy_encryption_v1}, {@auto_da_alloc}, {@nomblk_io_submit}, {@commit}]}, 0x1, 0x241, &(0x7f0000000540)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==")
syz_mount_image$exfat(0x0, &(0x7f0000000300)='./bus\x00', 0x448c, 0x0, 0x0, 0x0, &(0x7f0000000300))
syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2390024, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000000180)=0x2f9, 0x4)

3m55.752797431s ago: executing program 5 (id=1262):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4043, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r3)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0)
r4 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f0000000080)="13", 0x1, 0xfffffffffffffffd)
keyctl$read(0xb, r4, &(0x7f0000000240)=""/112, 0x349b7f55)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f0000000940)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab?P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb8\x10\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\x03\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7vC\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})

3m53.215006997s ago: executing program 5 (id=1269):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000240), 0x1, 0x4bf, &(0x7f0000000540)="$eJzs3c9vG1kdAPDvTJImm81usrASPwRsWRYKqtZO3N1otaflAkKrlRArThzakLhRFDuOYqc0oYf0f0CiEif4EzggcUDqiTs3uCGkckAqUIEaJA5GM56kaWqnEU08Vfz5SE8zb57t73tt573pt41fACPrckTsRcSliLgREbPF9aQo8VGvZK97/OjO8v6jO8tJdLuf/iPJ27NrceQ9mVeLz5yKiB98N+LHybNx2zu760uNRn2rqFc7zc1qe2f3L2vNpdX6an2jVltcWJz/4Nr7tTMb61vNXz/8ztrHP/zdb7/84A973/pp1q2Zou3oOM5Sb+gTh3Ey4xHx8XkEK8FYMZ5LZXeE/0saEZ+JiLez+79bdm8AgGHodmejO3u0DgBcdGmeA0vSSpELmIk0rVR6Obw3YzpttNqdqzdb2xsrvVzZXEykN9ca9fkiVzgXE0lWX8jPn9Rrx+rXIuKNiPjZ5Ct5vbLcaqyU+eADACPs1WPr/78ne+s/AHDBTZXdAQBg6Kz/ADB6rP8AMHqs/wAweqz/ADB6rP8AMHqs/wAwUr7/ySdZ6e4X33+9cmtne711692Venu90txeriy3tjYrq63Wav6dPc3nfV6j1dpceC+2b1c79Xan2t7Zvd5sbW90ruff6329PjGUUQEAJ3njrft/SiJi78NX8hJH9nKwVsPFlpbdAaA0Y2V3ACjNeNkdAErj7/hAny16nzLwvwjdG/gWUwu85K58Qf4fRpX8P4wu+X8YXfL/MLq63cSe/wAwYuT4gXP4938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC48GbykqSVYi/wmUjTSiXitYiYi4nk5lqjPh8Rr0fEHycnJrP6QtmdBgBeUPq3pNj/68rsOzPHWy8l/5nMjxHxk198+vPbS53O1kJ2/Z+H1zv3iuu1EwPZahAASnKwTh+s4wceP7qzfFCG2Z+H3+5tLprF3S9Kr2U8xvPjVP7gMP2vpKj3ZM8rY2cQf+9uRHy+3/iTPDcyV+x8ejx+Fvu1ocZPn4qf5m29Y/Zr8dkz6AuMmvvZ/PNRv/svjcv5sf/9P5XPUC/uYP7bf2b+Sw/nv7EB89/l08Z47/ffG9h2N+KL4/3iJ4fxkwHx3zll/D9/6StvD2rr/jLiSvSPfzRWtdPcrLZ3dt9day6t1lfrG7Xa4sLi/AfX3q9V8xx19SBT/ay/f3j19ZPGPz0g/tRzxv/1U47/V/+98aOvnhD/m1/r//v/5gnxszXxG6eMvzT9m4Hbd2fxV/qPv3jP4PFfPWX8B3/dXTnlSwGAIWjv7K4vNRr1LSdDO8me3V6Cbjgp7ST7E3AWn/O5c+xq2TMTcN6e3PRl9wQAAAAAAAAAAAAAABhkGD/wVPYYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+FwAA//+vctdr")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0x1)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc058534f, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001080)=@base={0x13, 0x80000001, 0x35b3, 0x2, 0x800, 0xffffffffffffffff, 0xa, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x2}, 0x50)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x7f, 0x0, 0x0)
chown(&(0x7f0000000240)='./file1\x00', 0xee00, 0x0)

3m49.187940795s ago: executing program 5 (id=1272):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e25}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)={0x2, 0x3, 0x0, 0x2, 0x10, 0x0, 0x0, 0x0, [@sadb_key={0x2, 0x8, 0x8, 0x0, "a3"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x9}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}]}, 0x80}, 0x1, 0x7}, 0x0)
rt_sigtimedwait(&(0x7f0000000000)={[0x86]}, 0x0, 0x0, 0x8)

3m44.676377879s ago: executing program 5 (id=1278):
r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0xc402, 0x80)
file_setattr(r0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000240)={0x2901, 0x80000000, 0x5, 0x2, 0xc3ef514}, 0x18, 0x1000)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1f, 0x3, &(0x7f0000000040)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket(0x2, 0x2, 0x0)
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000140)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7, 0xfff9, 0x5, 0x500, 0x7, 0x86220018})
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000001880)={'bond0\x00'})
sendmsg$nl_route(r2, 0x0, 0x20024090)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x13, 0x0, 0x0)
openat$comedi(0xffffffffffffff9c, 0x0, 0x400, 0x0)
r4 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r5, &(0x7f0000000480)=""/74, 0x4a)
ioctl$HIDIOCGCOLLECTIONINFO(r5, 0xc0104811, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x80080)
syz_usb_ep_write$ath9k_ep1(r4, 0x82, 0x0, 0x0)

3m29.102108525s ago: executing program 55 (id=1278):
r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0xc402, 0x80)
file_setattr(r0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000240)={0x2901, 0x80000000, 0x5, 0x2, 0xc3ef514}, 0x18, 0x1000)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1f, 0x3, &(0x7f0000000040)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket(0x2, 0x2, 0x0)
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000140)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7, 0xfff9, 0x5, 0x500, 0x7, 0x86220018})
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000001880)={'bond0\x00'})
sendmsg$nl_route(r2, 0x0, 0x20024090)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x13, 0x0, 0x0)
openat$comedi(0xffffffffffffff9c, 0x0, 0x400, 0x0)
r4 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r5, &(0x7f0000000480)=""/74, 0x4a)
ioctl$HIDIOCGCOLLECTIONINFO(r5, 0xc0104811, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x80080)
syz_usb_ep_write$ath9k_ep1(r4, 0x82, 0x0, 0x0)

3m4.367423938s ago: executing program 1 (id=1327):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_init_net_socket$llc(0x1a, 0x802, 0x0)
readlinkat(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup\x00', 0xfffffffffffffffe, 0xfe9c)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10)
sendmsg$inet_sctp(r4, &(0x7f0000000540)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000000)="fd", 0x1}], 0x1, 0x0, 0x0, 0x804c044}, 0x40)
r5 = dup(r4)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
close_range(r0, 0xffffffffffffffff, 0x0)

2m56.396281963s ago: executing program 1 (id=1343):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, 0x0)
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000340)={0x18, r1, 0x2, 0x1c})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, 0x0)
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, 0x0)
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000580)={0x18, r1})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000640)={0x20, r1, 0x0, 0x0, &(0x7f0000000680)})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f00000006c0)={0x48, 0x1, r1, 0x0, 0x1000, 0x2000})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r1, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000040)={0x28, 0x7, 0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1004000})
ioctl$IOMMU_TEST_OP_MD_CHECK_REFS(r0, 0x3ba0, &(0x7f0000000880)={0x48, 0x4, 0x0, 0x0, 0x1000, &(0x7f0000ffc000), 0x1})
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000900)={0x18, r1, 0x1000, 0x1004000})
ioctl$IOMMU_DESTROY$stdev(r0, 0x3b80, &(0x7f0000000940)={0x8, r2})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000980)={0x48, 0x5, r1, 0x0, <r3=>0x0, 0x1})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000a00)={0x28, 0x7, r1, 0x0, 0x0})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r0, 0x3ba0, &(0x7f0000000a40)={0x48, 0x7, r3, 0x0, 0x0, 0x0, 0x0, 0x1000})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r0, 0x3ba0, 0x0)
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000c00)={0x18, r1})

2m54.392160507s ago: executing program 1 (id=1331):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = inotify_init1(0x1800)
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x3, 0x4000010, r1, 0x9e1c7000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet(0x2, 0x3, 0x8d)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
listen(r4, 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
r5 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x160341)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000000)=@usbdevfs_driver={0x0, 0x80805513, 0x0})

2m51.713052904s ago: executing program 1 (id=1335):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
getdents64(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_UNLINK(r2, 0x40044160, 0x3)

2m49.663195407s ago: executing program 1 (id=1337):
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000001c0)={0xa0000011})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000540)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TIOCGPGRP(r4, 0x5437, 0x0)

2m47.517882475s ago: executing program 1 (id=1345):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/seq/clients\x00', 0x0, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x40000000000029a, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
memfd_secret(0x0)
ftruncate(r0, 0x7)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r1, 0x3ba0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000002240)={0x28, 0x2, r5, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1})
read$FUSE(r0, &(0x7f0000000200)={0x2020}, 0x2020)

2m31.028001862s ago: executing program 56 (id=1345):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/seq/clients\x00', 0x0, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x40000000000029a, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
memfd_secret(0x0)
ftruncate(r0, 0x7)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r1, 0x3ba0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000002240)={0x28, 0x2, r5, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1})
read$FUSE(r0, &(0x7f0000000200)={0x2020}, 0x2020)

2m24.514627867s ago: executing program 3 (id=1375):
shmat(0x0, &(0x7f0000f62000/0x1000)=nil, 0x7000)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000049c0)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xa4, 0x0, &(0x7f0000000600)="878b7cdfd4455cf49da7ba6f280ae012ce80389a2aefe4fd04084554d7015aba5330d1b817d6c08af29938b8a9bc2b83462ddadaad3a3a5c0181a0203e49b12c99ac8757fc317fe672938a06f89c133d615cf8c6e94b3ac320fa50046f5c18ac35b49243870e4e6b90c76177feda5469369b2b5a4739cc0b68c1772f1c9b9320d88426bc8f139429054c85b62f2a1dfc705453bea4cabf1f5eee5a0d301fb7c62e36dba0"})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000480)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

2m22.948864435s ago: executing program 3 (id=1377):
sched_setscheduler(0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
unshare(0x4000000)
ioctl$sock_rose_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r2, &(0x7f0000000100)={&(0x7f00000004c0)={0x2, 0xffff, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000003a00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x2a}, @multicast1}}}], 0x20}, 0x4800)
getxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@known='user.incfs.metadata\x00', 0x0, 0x0)

2m16.486250591s ago: executing program 3 (id=1386):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000700)={{0x0, 0x1}, {0xf, 0x2f}, 0x40})
socket(0x10, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newtaction={0x14, 0x30, 0xb, 0xfffffffe, 0xfffffffd}, 0x14}}, 0x4000004)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000340)=0x7)
clock_nanosleep(0x1, 0x1, &(0x7f0000000280), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8071, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
unshare(0x2040400)
eventfd(0x3)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1, 0x0, 0x2})
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x20, 0x4, &(0x7f0000000900)=ANY=[@ANYBLOB="18000000010000000000000000000000791200000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$vim2m_VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000240)=@mmap={0x1, 0x2, 0x4, 0x100000, 0x9, {}, {0x0, 0x2, 0x4, 0xc0, 0x0, 0xf0, "18a6fc23"}, 0x1, 0x1, {}, 0x1})

2m15.387895851s ago: executing program 3 (id=1389):
shmat(0x0, &(0x7f0000f62000/0x1000)=nil, 0x7000)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000049c0)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xa4, 0x0, &(0x7f0000000600)="878b7cdfd4455cf49da7ba6f280ae012ce80389a2aefe4fd04084554d7015aba5330d1b817d6c08af29938b8a9bc2b83462ddadaad3a3a5c0181a0203e49b12c99ac8757fc317fe672938a06f89c133d615cf8c6e94b3ac320fa50046f5c18ac35b49243870e4e6b90c76177feda5469369b2b5a4739cc0b68c1772f1c9b9320d88426bc8f139429054c85b62f2a1dfc705453bea4cabf1f5eee5a0d301fb7c62e36dba0"})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000480)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

2m11.410229335s ago: executing program 3 (id=1394):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = getpgrp(r0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf5c5d000)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@mpls_delroute={0x1c, 0x19, 0x1, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}}, 0x1c}}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = syz_open_dev$media(&(0x7f00000006c0), 0x2, 0x129081)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r5, 0x80047c05, 0x0)

2m11.069703493s ago: executing program 8 (id=1395):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x2, 0x2, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, [@sadb_key={0x1, 0x8}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0xa0000000}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @empty}}]}, 0x40}, 0x1, 0x7}, 0x0)

2m8.883557421s ago: executing program 3 (id=1396):
bind$alg(0xffffffffffffffff, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
sendmsg$alg(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
io_getevents(0x0, 0x3, 0x0, 0x0, 0x0)
io_destroy(0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={0x1c, 0x40, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0x4, 0x1}]}, 0x1c}}, 0xc000)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000780), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000000)=0x200000000)
write$vhost_msg_v2(r1, 0x0, 0x0)
write$vhost_msg(r1, 0x0, 0x0)
write$vhost_msg(r1, 0x0, 0x0)
write$vhost_msg_v2(r1, &(0x7f0000002b00)={0x2, 0x0, {&(0x7f0000000600)=""/13, 0xd, 0x0, 0x3, 0x2}}, 0x48)
write$vhost_msg_v2(r1, &(0x7f0000000180)={0x2, 0x0, {&(0x7f0000000280)=""/184, 0x2562bac182d8b35a, 0x0, 0x2, 0x3}}, 0x48)

2m8.584903278s ago: executing program 8 (id=1397):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000001680)=ANY=[], 0x0, 0xffff789c, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0)
sendfile(r5, r4, 0x0, 0x6)
read$watch_queue(r5, &(0x7f0000000540)=""/4096, 0x1000)
r6 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, r3)
r7 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x3}, 0x0, 0x0, r6)
keyctl$invalidate(0x15, r7)
keyctl$KEYCTL_MOVE(0x1e, r6, r6, r3, 0x0)

2m5.662160801s ago: executing program 8 (id=1399):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
unlinkat(r0, 0x0, 0x200)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
inotify_init1(0x800)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x1aa)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x2, &(0x7f0000000080)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000001240)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="0300ffff0000", 0x6}])

2m2.846053652s ago: executing program 8 (id=1404):
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r1, &(0x7f0000000040)=0x1c9, 0x12)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mknodat$loop(r0, &(0x7f0000000340)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
rename(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='./file1\x00')

2m0.594569595s ago: executing program 8 (id=1407):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x40c03)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000002800), 0x2, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r4, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r5, 0x0, <r6=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_REPLACE(r4, 0x3ba0, &(0x7f0000000280)={0x48, 0xa, r6, 0x0, r7})
ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, 0x0)

1m58.563849217s ago: executing program 8 (id=1410):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000001c0)={[{@oldalloc}, {@stripe={'stripe', 0x3d, 0x7}}, {@grpquota}, {@nouid32}, {@debug}, {@nojournal_checksum}, {@resuid}, {@nojournal_checksum}, {@resuid}]}, 0x1, 0xbc1, &(0x7f0000000bc0)="$eJzs3M1rXOUaAPDnnHy2zb2TXi6X27tpLpdLC5c7TSsptgi2UnHjQtCt0JBOSsj0gyRSk2Yx0X9A1LXgRlCL0oVdd6Pg1o3WrcWFUCQ2CiIaOfORpMlMkjaTnJD8fvDmvO88Z877PDnJnPPCzASwbw1kP9KIIxFxMYko1B9PI6K72uuNqNT2W5ifHfllfnYkicXFl39MIomIh/OzI41jJfXtofqgNyK+ei6Jv725dt7J6Znx4XK5NFEfn5i6cv3E5PTM/8euDF8uXS5dPXn66aFTQ6cHzwy1rdZfvzt35+d/v/B95bePfr/10zsfJHEu+uqxlXXUq96ygRhY+p2s1BkRw204/m7QUa9nZZ1J5wZPSrc5KQAAWkpX3MP9IwrREcs3b4X4/OtckwMAAADaYrEjYhEAAADY4xLrfwAAANjjGu8DeDg/O9Jo+b4jYWc9OB8R/bX6F+qtFumMSnXbG10RcfBhEis/1prUnrZlAxFx/9szn2Ytlj6HvNCGI29OZS4i/tns/CfV+vvrn4ReXX8aEYNtmH9g1Xin//62Uv+5Nsyfd/0A7E93z9cuZGuvf+nS/U80uf51Nrl2PYm8r3+N+7+FNfd/y/V3tLj/e2mTc9z88L0brWJZ/c/cef6TRsvmz7ZbKuoxPJiL+Fdns/qTpfqTFvVf3OQchT9ulFrF8q5/8f2IY9G8/oZk/e8nOjE6Vi4N1n42nWPuy6GPW82fd/3Z+T/Yov6Nzv/1R47U+kt9Xr1w4Xar2Mb1pz90J69Ue931R14fnpqaOBnRnby49vFT69fb2KdxjKz+4/9Z//+/Wf3Za0Kl/nvIKp+rb7PxG6vmfPbWzc/Wqz9b++V5/i894fl/a5Nz/PeLt4+3iq1c/2Ytm/9+UlsLAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBDGhF9kaTFiEiq/TQtFiMORcTf42BavjY59b/Ra69dvZTFIvqjKx0dK5cGI6JQGyfZ+GS1vzw+tWr8VEQcjoh3Cweq4+LItfKlvIsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyaGI6IskLUZEGhELhTQtFvPOCgAAAGi7/rwTAAAAALad9T8AAADsfavX/0klp0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYqw4fvXsviYjK2QPVlumux7pyzQzYbmneCQC56cg7ASA3nXknAOTmMdf4bhdgD0o2iPe2jPS0PRcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdq9jR+7eSyKicvZAtWW667Gups84uoPZAdspzTsBIDcd6wU7dy4PYOf5F4f9q/kaH9hPkg3ivcv7VB6N9GxbTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsPn3VlqTFiEir/TQtFiP+EhH90ZWMjpVLgxHx14j4ptDVk4178k4aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAtpucnhkfLpdLEzo6Ovl2kt2RRq2T9ysTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1sonP7cXZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNnAAAA///AQQ9p")
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_submit(0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="c50f000000000000000011"], 0x1c}}, 0x0)

1m53.203434873s ago: executing program 57 (id=1396):
bind$alg(0xffffffffffffffff, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
sendmsg$alg(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
io_getevents(0x0, 0x3, 0x0, 0x0, 0x0)
io_destroy(0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={0x1c, 0x40, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0x4, 0x1}]}, 0x1c}}, 0xc000)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000780), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000000)=0x200000000)
write$vhost_msg_v2(r1, 0x0, 0x0)
write$vhost_msg(r1, 0x0, 0x0)
write$vhost_msg(r1, 0x0, 0x0)
write$vhost_msg_v2(r1, &(0x7f0000002b00)={0x2, 0x0, {&(0x7f0000000600)=""/13, 0xd, 0x0, 0x3, 0x2}}, 0x48)
write$vhost_msg_v2(r1, &(0x7f0000000180)={0x2, 0x0, {&(0x7f0000000280)=""/184, 0x2562bac182d8b35a, 0x0, 0x2, 0x3}}, 0x48)

1m42.995408959s ago: executing program 58 (id=1410):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000001c0)={[{@oldalloc}, {@stripe={'stripe', 0x3d, 0x7}}, {@grpquota}, {@nouid32}, {@debug}, {@nojournal_checksum}, {@resuid}, {@nojournal_checksum}, {@resuid}]}, 0x1, 0xbc1, &(0x7f0000000bc0)="$eJzs3M1rXOUaAPDnnHy2zb2TXi6X27tpLpdLC5c7TSsptgi2UnHjQtCt0JBOSsj0gyRSk2Yx0X9A1LXgRlCL0oVdd6Pg1o3WrcWFUCQ2CiIaOfORpMlMkjaTnJD8fvDmvO88Z877PDnJnPPCzASwbw1kP9KIIxFxMYko1B9PI6K72uuNqNT2W5ifHfllfnYkicXFl39MIomIh/OzI41jJfXtofqgNyK+ei6Jv725dt7J6Znx4XK5NFEfn5i6cv3E5PTM/8euDF8uXS5dPXn66aFTQ6cHzwy1rdZfvzt35+d/v/B95bePfr/10zsfJHEu+uqxlXXUq96ygRhY+p2s1BkRw204/m7QUa9nZZ1J5wZPSrc5KQAAWkpX3MP9IwrREcs3b4X4/OtckwMAAADaYrEjYhEAAADY4xLrfwAAANjjGu8DeDg/O9Jo+b4jYWc9OB8R/bX6F+qtFumMSnXbG10RcfBhEis/1prUnrZlAxFx/9szn2Ytlj6HvNCGI29OZS4i/tns/CfV+vvrn4ReXX8aEYNtmH9g1Xin//62Uv+5Nsyfd/0A7E93z9cuZGuvf+nS/U80uf51Nrl2PYm8r3+N+7+FNfd/y/V3tLj/e2mTc9z88L0brWJZ/c/cef6TRsvmz7ZbKuoxPJiL+Fdns/qTpfqTFvVf3OQchT9ulFrF8q5/8f2IY9G8/oZk/e8nOjE6Vi4N1n42nWPuy6GPW82fd/3Z+T/Yov6Nzv/1R47U+kt9Xr1w4Xar2Mb1pz90J69Ue931R14fnpqaOBnRnby49vFT69fb2KdxjKz+4/9Z//+/Wf3Za0Kl/nvIKp+rb7PxG6vmfPbWzc/Wqz9b++V5/i894fl/a5Nz/PeLt4+3iq1c/2Ytm/9+UlsLAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBDGhF9kaTFiEiq/TQtFiMORcTf42BavjY59b/Ra69dvZTFIvqjKx0dK5cGI6JQGyfZ+GS1vzw+tWr8VEQcjoh3Cweq4+LItfKlvIsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyaGI6IskLUZEGhELhTQtFvPOCgAAAGi7/rwTAAAAALad9T8AAADsfavX/0klp0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYqw4fvXsviYjK2QPVlumux7pyzQzYbmneCQC56cg7ASA3nXknAOTmMdf4bhdgD0o2iPe2jPS0PRcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdq9jR+7eSyKicvZAtWW667Gups84uoPZAdspzTsBIDcd6wU7dy4PYOf5F4f9q/kaH9hPkg3ivcv7VB6N9GxbTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsPn3VlqTFiEir/TQtFiP+EhH90ZWMjpVLgxHx14j4ptDVk4178k4aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAtpucnhkfLpdLEzo6Ovl2kt2RRq2T9ysTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1sonP7cXZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNnAAAA///AQQ9p")
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_submit(0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="c50f000000000000000011"], 0x1c}}, 0x0)

37.612640749s ago: executing program 6 (id=1512):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x10}]}, @NFT_MSG_DELSETELEM={0x2c, 0xe, 0xa, 0x201, 0x0, 0x0, {0xa}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x98}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
fchdir(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000015c0))
setns(0xffffffffffffffff, 0x20000)
preadv(r1, &(0x7f0000000040), 0x0, 0x9, 0x1)

36.277122172s ago: executing program 6 (id=1514):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r1 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@empty, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8)
r2 = gettid()
r3 = getpgrp(r2)
sched_setaffinity(r3, 0x8, &(0x7f00000002c0)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)
setuid(0xee01)

32.929553953s ago: executing program 9 (id=1516):
shmat(0x0, &(0x7f0000f62000/0x1000)=nil, 0x7000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100))
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r1 = dup3(r0, 0xffffffffffffffff, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x10000000000)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000049c0)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r2, 0x40046208, 0x0)

30.321385132s ago: executing program 2 (id=1518):
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x6, 0x4000000007}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000740)={@map, 0xffffffffffffffff, 0x33, 0x10}, 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
fallocate(0xffffffffffffffff, 0x0, 0x9, 0x10001)
r1 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
mkdir(&(0x7f0000000140)='./control\x00', 0x111)
close(r1)
r2 = inotify_init1(0x800)
fcntl$setstatus(r1, 0x4, 0x2c00)
r3 = gettid()
fcntl$setown(r1, 0x8, r3)
fcntl$setsig(r2, 0xa, 0xe)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
rmdir(&(0x7f0000000100)='./control\x00')

30.150983515s ago: executing program 9 (id=1519):
semctl$IPC_SET(0x0, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x20, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, 0x1c)
execve(&(0x7f0000001040)='./file0\x00', &(0x7f0000001080)={[0x0]}, 0x0)
r4 = semget(0x1, 0x2, 0x210)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), 0x0)
stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0))
semctl$IPC_SET(r4, 0x0, 0x1, 0x0)

20.002986702s ago: executing program 2 (id=1529):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x14)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000001, 0x2172, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
futex(&(0x7f0000004000)=0x2, 0x8d, 0x2, 0x0, 0x0, 0x82)
write(r0, &(0x7f0000000040)="07000000010001", 0x7)

20.002282898s ago: executing program 9 (id=1530):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f00000001c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ptrace(0x10, 0x0)
ptrace$getregset(0x4204, 0x0, 0x2, &(0x7f0000000740)={0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r3 = fsmount(0xffffffffffffffff, 0x0, 0x1)
fchdir(r3)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY_LEVEL(r4, 0x0, 0x2, &(0x7f0000000100)=0x7, 0x4)

19.997125551s ago: executing program 6 (id=1531):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x2)
gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r1 = syz_open_dev$MSR(&(0x7f0000000140), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r2, &(0x7f0000000040)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0102}}}, 0x14)
connect$802154_dgram(r2, &(0x7f00000001c0)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0002}}}, 0x14)
sendmmsg(r2, &(0x7f00000196c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0xd, 0x0}}], 0x4000050, 0x400c010)
r3 = eventfd2(0x0, 0x1)
epoll_create1(0x0)
io_setup(0x3, &(0x7f0000000040)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000140)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x7, r3, 0x0, 0x0, 0x6, 0x0, 0x1, r3}])
r5 = dup(r0)
r6 = syz_open_dev$vcsa(&(0x7f0000001040), 0x101, 0x288002)
ioctl$NILFS_IOCTL_SET_ALLOC_RANGE(r6, 0x40106e8c, &(0x7f0000001080)=[0x1, 0x7fd])
write$UHID_INPUT(r5, &(0x7f0000000000)={0x1a, {"a2e3ad23ed6b52f99cfbf4c087f71e9b230963ff7fc6e5539b9b3b09719b711b5d52101b080d29308f0e1ac6e7049b3468959b189a242a9b45f3988f7ef319520100ffe8d178708c523c921b1b5d380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f070077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

15.967058635s ago: executing program 0 (id=1520):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000740)={0x204, 0x1}, 0x4)
r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x48200, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0xd)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x4008054)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
lseek(r1, 0x1000034, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000003, 0x50032, 0xffffffffffffffff, 0x0)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

15.966263495s ago: executing program 2 (id=1533):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x10000005)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x4b)
close(r4)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r6, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000680)={r7, 0x10000201, 0x7, 0x81, 0x1, [<r8=>0x0], [0x3fd86826, 0xfffffffd, 0xfffffffe], [0x7f, 0x7, 0x109], [0x0, 0x0, 0xfffffffffefffffc, 0x9]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r4, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x0, [r8], [0x2b8], [0x0, 0x0, 0x0, 0x4]})

15.964900716s ago: executing program 9 (id=1521):
r0 = fsopen(&(0x7f0000000000)='exfat\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000001100)='iocharset', &(0x7f0000001140)='\xe0^@&&}\'\x00', 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet(0x2, 0x1, 0x100)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, 0x0)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(0xffffffffffffffff, 0xf504, 0x0)
close(0x3)
socket$inet_icmp_raw(0x2, 0x3, 0x1)

14.055626712s ago: executing program 2 (id=1522):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000197, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r0, 0x29, 0x44, &(0x7f0000000700)={'icmp\x00'}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
fchdir(0xffffffffffffffff)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r4, &(0x7f0000000100)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x60)

11.178044641s ago: executing program 0 (id=1523):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x9376cf429ab18f77, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00')
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$VHOST_SET_VRING_ERR(r3, 0x4008af22, &(0x7f00000001c0)={0x0, r4})
setrlimit(0x2, 0x0)
ioctl$TIOCMIWAIT(r2, 0x5453, 0x300fff2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fsopen(0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002680)=@newsa={0x138, 0x10, 0x1, 0xbffffffe, 0x100, {{@in=@local, @in=@local, 0x1, 0x794, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a, 0x0, 0xee00}, {@in=@loopback, 0x4d4, 0x6c}, @in6=@empty, {0x0, 0x9, 0x6, 0xffff, 0x8251c, 0x2, 0x7e6d}, {0x3, 0x7fff, 0x1f, 0x1ff}, {0x2, 0xfffffffc}, 0x70bd2a, 0x0, 0x2, 0x1, 0xfd, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0xc801}, 0x800)

11.175088725s ago: executing program 9 (id=1537):
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x2)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0xd)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x200000000000000)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x73a, &(0x7f0000000800)="$eJzs3E9rXOUaAPDnnCZtb5t7Jxfu4uJKqFih9iRN1a6EiOtCoR+ghslJCDnJhMykNjFg68KFIKgI/ulGv4EbRXBT+h0UwZ2CC0FrGheCi8iZzEx1OpOObdKR+vvBmfO875kzz/vMHF7mwLwTwD/W4+VDEjEWERciotLqTyPicDM6GnF193m3tzar21ub1SR2di7eSsrTmn3t10pa++PRPCX+HxE3RyNOvXZ33vr6xuJMUeSrrfZEY2llor6+cXphaWY+n8+XpyYnz559burZZyb3rdY3X/nkpzc+f/HLD88t/fb8radnk5hu1h1ddeyn3fdkNKa7+pcPItkQJcMeAAAAAym/5x+KiJHmt9RKHGpGAAAAwKNk58gOAAAA8MhLYtgjAAAAAA5W+3cAt7c2q+3tYf7+4McXImL8ztri7U7+keYa4oijMRoRx7aTP61MSHZPgwdy9VpE3Jjucf0nrevv/nWvXLdG+u/nRjn/TPea/9LO/BM95p+R9n8nPKD2/Ld91/x3J/+hPvPfhQFzHFk9+VXf/NciHhvplT/p5E/65H9pwPyfjn3zbb9jOx9HnIze+f+Ya4//h5iYWyjy1mPPHCc+e/XUXvUf65c/2bv+lQHr/+761Hy/uaTM/9SJvT//XvnLa+Kt1jjSiHi7tS/b73TlePLm5Ad71T/bp/57ff4fDVj/F69vfD/gUwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKApjYixSNKsE6dplkUcj4j/xbG0qNUbp+Zqa8uz5bGI8RhN5xaKfDIiKrvtpGyfacZ32lNd7bMR8d+IeLfyr2Y7q9aK2WEXDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMfxiBiLJM0iIo2IXyppmmXDHhUAAACw78aHPQAAAADgwLn/BwAAgEef+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIbhw/ny57WxvbVbL9uzl9bXF2uXTs3l9MVtaq2bV2upKNl+rzRd5Vq0t3ev1ilpt5Vwsr12ZaOT1xkR9fePSUm1tuXFpYWlmPr+Ujz6UqgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPirxppbkmYRkTbjNM2yiH9HxHiMJnMLRT4ZEf+JiK8ro0fK9plhDxoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9V1/fWJwpinxVIBAIOsGwZyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIahvr6xOFMU+Wp92CMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABguNIfkogot5OVJ8a6jx5Ofq009xHx8vWL712ZaTRWz5T9P3f6G++3+qeGMX4AAACgW/s+vX0fDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMKj6+sbiTFHkqwcYDLtGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/vweAAD//4rSy1s=")
symlink(&(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r2, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f0000000240)=0x40)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x804, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

9.669335748s ago: executing program 0 (id=1524):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_GET_COALESCE(0xffffffffffffffff, 0x0, 0x40001)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
syz_open_dev$vim2m(0x0, 0x2, 0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(0x0, r1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x40)
r2 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x11, 0x4, @tid=r2}, &(0x7f0000000000)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)

9.24059218s ago: executing program 9 (id=1525):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
chdir(0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
r2 = fsopen(&(0x7f0000000100)='squashfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)

8.616281226s ago: executing program 7 (id=1428):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x1, 0x0, 0x0)
syz_init_net_socket$ax25(0x3, 0x2, 0xc4)
r1 = syz_open_dev$sndpcmc(&(0x7f00000002c0), 0xb, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r1, 0xc2604110, &(0x7f0000000040)={0x0, [[0x9ef8, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x3], [0x10], [0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]], '\x00', [{0x0, 0xc}, {0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x0, 0x1, 0x1}, {0x7fff, 0xfffffffa}, {0x2044}, {}, {}, {}, {}, {0x0, 0x5}], '\x00', 0x1000})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x3}}, 0x10)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)

7.282246893s ago: executing program 7 (id=1526):
shmat(0x0, &(0x7f0000f62000/0x1000)=nil, 0x7000)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000480)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

7.16594029s ago: executing program 6 (id=1527):
clock_gettime(0x0, 0x0)
getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x6, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)=@getqdisc={0x24, 0x26, 0x705, 0x70bf2b, 0x5, {0x0, 0x0, 0x0, 0x0, {0xffff, 0xffe0}, {0xc, 0x78bbe9f1cfa0a994}, {0xfff2, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x20004000)
read$FUSE(r3, &(0x7f0000000c00)={0x2020}, 0x3de)
tgkill(0x0, 0x0, 0x25)
socket$inet_udplite(0x2, 0x2, 0x88)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040), 0x208e24b)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

7.164117364s ago: executing program 0 (id=1528):
shmat(0x0, &(0x7f0000f62000/0x1000)=nil, 0x7000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100))
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r1 = dup3(r0, 0xffffffffffffffff, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x10000000000)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000049c0)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r2, 0x40046208, 0x0)

5.557356019s ago: executing program 6 (id=1532):
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000500)=0x6)
syz_emit_ethernet(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket(0x2b, 0x80801, 0x1)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x41)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f00000002c0)={0x0, 0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x20000004)
modify_ldt$write2(0x11, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1}, 0x10)
close(0x3)
r4 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x29, 0x14, &(0x7f0000000100), 0x120)

5.38461895s ago: executing program 0 (id=1534):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x34}, 0x28)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000500)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000140)='cubic', 0x3)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000200)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f00000002c0)={0x28, 0x3, r4, 0x0, &(0x7f0000ffb000/0x4000)=nil, 0x4000})
connect$rose(0xffffffffffffffff, &(0x7f0000000280)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, [@null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40)
ioctl$IOMMU_VFIO_IOAS$SET(r3, 0x3b88, &(0x7f0000000140)={0xc, r4})
ioctl$IOMMU_VFIO_SET_IOMMU(r3, 0x3b66, 0x1)
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r3, 0x3b72, &(0x7f0000000440)=ANY=[@ANYBLOB="1800007f000000000020"])

5.239145907s ago: executing program 7 (id=1535):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0xe, 0x3, &(0x7f0000000000)=@framed={{0x62, 0xa, 0x0, 0xffc4, 0x0, 0x71, 0x10, 0xa3}}, &(0x7f0000000480)='GPL\x00'}, 0x90)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.kill\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x0, 0x0, 0xffffffff}, 0x50)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100ffffffff000040000100000d050007000000000008000900000000101400200000000000000000000000ffff0000000008000a000000000014001f000000000000000000000000000000000006000200000000000500220000000000"], 0x64}, 0x1, 0x620b}, 0x0)
r3 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r3, 0x114, 0x1d, 0x0, 0x20)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000140)=@security={'security\x00', 0xe, 0x4, 0x3f8, 0xffffffff, 0x258, 0x148, 0x0, 0xffffffff, 0xffffffff, 0x328, 0x328, 0x328, 0xffffffff, 0x4, &(0x7f0000000040), {[{{@uncond, 0x0, 0xd8, 0x148, 0x0, {}, [@common=@frag={{0x30}, {[0x7fff, 0x540a422d], 0x6, 0x12, 0x1}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x4, 0x1fde, 0x12e, 0x0, 0x0, "bd583c38951498912d5c8a12249d725a484b80ebd744a3cf6143e42002bb2d13e3648496140805e73ff22b1c3b41a3fe2e1e7a895f81b946e10bbf8ca660a6f6"}}}, {{@ipv6={@dev={0xfe, 0x80, '\x00', 0x2a}, @remote, [0xff000000, 0xffffff00, 0xff, 0xff], [0xffffff00, 0xffffff00, 0xff, 0xff], 'dvmrp1\x00', 'pim6reg1\x00', {}, {0xff}, 0x11, 0x1, 0x1}, 0x0, 0xd0, 0x110, 0x0, {}, [@common=@mh={{0x28}, {"d577", 0x1}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0xff, 0x16, "344df9ba0e249731fb8af60b75c2a00f174429369a79225c963a3e097805"}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @mcast1, [0xffffff00, 0xff000000, 0xff, 0xff], [0xff, 0xff, 0xffffffff], 'pim6reg0\x00', 'pimreg\x00', {}, {0xff}, 0x0, 0xac, 0x4, 0x9}, 0x0, 0xa8, 0xd0}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x3, 0x2, 0x4}, {0xffffffffffffffff, 0x1, 0x2}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x458)
setsockopt$sock_linger(r4, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
socket$unix(0x1, 0x5, 0x0)
close(0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000440)={'veth0_to_hsr\x00', 0x400})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
socket$inet(0x10, 0x3, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000007b80), r5)
sendmsg$NLBL_MGMT_C_ADDDEF(r5, &(0x7f0000007c80)={0x0, 0x0, &(0x7f0000007c40)={&(0x7f0000000080)={0x3c, r6, 0xa5c59466aaff822d, 0x70bd2a, 0x25df5bff, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast1}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @broadcast}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48805}, 0x60040)

5.175536863s ago: executing program 2 (id=1536):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
userfaultfd(0x80001)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7ffffcb9}]})
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000180)=0x6f)
r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read$dsp(r2, &(0x7f00000002c0)=""/4096, 0x1000)
write$dsp(r1, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)

3.94781051s ago: executing program 0 (id=1538):
socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20040844)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x4000050, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
cachestat(r2, &(0x7f0000000040), &(0x7f000009de80), 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
write(r3, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_HMAC_IDENT(r3, 0x84, 0x16, &(0x7f0000000000), &(0x7f0000000040)=0x4)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x2, {{0xa, 0x0, 0xfffffffe, @mcast1={0xff, 0x7}, 0x10}}, {{0xa, 0x0, 0x0, @remote, 0xfffffffc}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x4001, 0x0, @loopback}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108)

3.690010641s ago: executing program 7 (id=1539):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
lsetxattr$security_capability(&(0x7f0000000180)='./file0\x00', &(0x7f0000000200), &(0x7f00000002c0)=@v3={0x3000000, [{0x2, 0x9}, {0x3, 0x3ff}]}, 0x18, 0x1)
r3 = socket(0x10, 0x803, 0x0)
write(r3, &(0x7f0000000300)="fc0000004a000700ab092500090007000aab80ff020000000000369321000100fc0000000000000000ff000000000000008656aaa79bb94b46fe00000007ec020800008c0100036c6c256f1a272f2e117c22ebc205214000000080008934d07326ade01720e6cd5ed6e4e9bfcd772c74fb32c56ce1f0f156272f5b00000005defd5a32e3082038f4f8b29d3e2a73325c6d167c7594978f7bc711fdf3d92c8334b2ccd243f295ed94e0ad91bd073457d43d3f0000000000000000000000000073bfe35951f2d728a1e09c8dcd13323236b0fbe7c61b1bf53cdec0961355f00ca63ff6c90da1dc9f8f594d033472cb97e3b5f3395aa0a4a827", 0xf8)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

3.594770213s ago: executing program 4 (id=1368):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x17, 0x0, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x19, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket(0x1e, 0x4, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, 0x0)
read$FUSE(r1, 0x0, 0x0)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000240)=0x3)
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f0000000080)=0x7f)
ioctl$SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f0000000000))
read$dsp(r2, &(0x7f0000000280)=""/79, 0x4f)

2.298292131s ago: executing program 7 (id=1540):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x9376cf429ab18f77, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00')
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$VHOST_SET_VRING_ERR(r3, 0x4008af22, &(0x7f00000001c0)={0x0, r4})
setrlimit(0x2, 0x0)
ioctl$TIOCMIWAIT(r2, 0x5453, 0x300fff2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fsopen(0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002680)=@newsa={0x138, 0x10, 0x1, 0xbffffffe, 0x100, {{@in=@local, @in=@local, 0x1, 0x794, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a, 0x0, 0xee00}, {@in=@loopback, 0x4d4, 0x6c}, @in6=@empty, {0x0, 0x9, 0x6, 0xffff, 0x8251c, 0x2, 0x7e6d}, {0x3, 0x7fff, 0x1f, 0x1ff}, {0x2, 0xfffffffc}, 0x70bd2a, 0x0, 0x2, 0x1, 0xfd, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0xc801}, 0x800)

2.040601209s ago: executing program 2 (id=1541):
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x2)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0xd)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x200000000000000)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x73a, &(0x7f0000000800)="$eJzs3E9rXOUaAPDnnCZtb5t7Jxfu4uJKqFih9iRN1a6EiOtCoR+ghslJCDnJhMykNjFg68KFIKgI/ulGv4EbRXBT+h0UwZ2CC0FrGheCi8iZzEx1OpOObdKR+vvBmfO875kzz/vMHF7mwLwTwD/W4+VDEjEWERciotLqTyPicDM6GnF193m3tzar21ub1SR2di7eSsrTmn3t10pa++PRPCX+HxE3RyNOvXZ33vr6xuJMUeSrrfZEY2llor6+cXphaWY+n8+XpyYnz559burZZyb3rdY3X/nkpzc+f/HLD88t/fb8radnk5hu1h1ddeyn3fdkNKa7+pcPItkQJcMeAAAAAym/5x+KiJHmt9RKHGpGAAAAwKNk58gOAAAA8MhLYtgjAAAAAA5W+3cAt7c2q+3tYf7+4McXImL8ztri7U7+keYa4oijMRoRx7aTP61MSHZPgwdy9VpE3Jjucf0nrevv/nWvXLdG+u/nRjn/TPea/9LO/BM95p+R9n8nPKD2/Ld91/x3J/+hPvPfhQFzHFk9+VXf/NciHhvplT/p5E/65H9pwPyfjn3zbb9jOx9HnIze+f+Ya4//h5iYWyjy1mPPHCc+e/XUXvUf65c/2bv+lQHr/+761Hy/uaTM/9SJvT//XvnLa+Kt1jjSiHi7tS/b73TlePLm5Ad71T/bp/57ff4fDVj/F69vfD/gUwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKApjYixSNKsE6dplkUcj4j/xbG0qNUbp+Zqa8uz5bGI8RhN5xaKfDIiKrvtpGyfacZ32lNd7bMR8d+IeLfyr2Y7q9aK2WEXDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMfxiBiLJM0iIo2IXyppmmXDHhUAAACw78aHPQAAAADgwLn/BwAAgEef+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIbhw/ny57WxvbVbL9uzl9bXF2uXTs3l9MVtaq2bV2upKNl+rzRd5Vq0t3ev1ilpt5Vwsr12ZaOT1xkR9fePSUm1tuXFpYWlmPr+Ujz6UqgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPirxppbkmYRkTbjNM2yiH9HxHiMJnMLRT4ZEf+JiK8ro0fK9plhDxoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9V1/fWJwpinxVIBAIOsGwZyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIahvr6xOFMU+Wp92CMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABguNIfkogot5OVJ8a6jx5Ofq009xHx8vWL712ZaTRWz5T9P3f6G++3+qeGMX4AAACgW/s+vX0fDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMKj6+sbiTFHkqwcYDLtGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/vweAAD//4rSy1s=")
symlink(&(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r2, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f0000000240)=0x40)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x804, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

2.03973013s ago: executing program 6 (id=1542):
r0 = open_tree(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x80100)
ioctl$TUNATTACHFILTER(r0, 0x400854d5, &(0x7f00000000c0)={0x5, &(0x7f0000000300)=[{0x9, 0x3, 0x6, 0x80000001}, {0xe, 0x1, 0x40, 0xffffc8d6}, {0x5, 0xf3, 0x0, 0x3}, {0x7, 0x41, 0x3, 0x7}, {0xfffa, 0x41, 0x9, 0x1}]})
r1 = socket(0x18, 0x800, 0x0)
connect$pppoe(r1, &(0x7f0000000100)={0x18, 0x0, {0x1, @multicast, 'wg2\x00'}}, 0x1e)
r2 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xf635, 0x0, 0x0, 0xfffffffc, 0x0, r0}, &(0x7f0000000240)=<r3=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, 0x0, 0x0)
io_uring_enter(r2, 0xdb4, 0x0, 0x0, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x4, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0xeffffffe}, [@call={0x85, 0x0, 0x0, 0x75}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, 0x0, 0x0)
r5 = mq_open(&(0x7f00000001c0)='ba\xa5J_\xe5\xf9|a\x1dv]\x13mave_1\x00\xe0\xb2\xf0\xabT\x87I\xa4\xd4)c\xf2\xe0\xd0\xba\xdb\f\x16n\x96J\x90c\xc5~#\xc9\xfb\xef5\xab\xb9\xe8\xc7\xde\xc2\x80\f\x19L\xdb\xdc\x14\xb4\x86\x1d\xe0\x9b\xe4\"m\'+\xc8\x05\xa4\x1cT`\xdcL\x8f\xf0\xc9\xb7\xc8D\xcdWG\xe6%\xd9', 0x8c2, 0x30, &(0x7f0000000080)={0x8000000000000004, 0x8, 0x1, 0xc05})
mq_getsetattr(r5, &(0x7f0000000040)={0x0, 0x40, 0x4, 0xfffb}, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r6, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r6, 0x90004)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
accept(r6, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)

0s ago: executing program 4 (id=1543):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfc409000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, 0x0, 0x8, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000080)={<r4=>0x0, @in={{0x2, 0x4e22, @empty}}, 0x9, 0x3cf2, 0xf181, 0x9, 0x11, 0x8, 0x81}, &(0x7f00000001c0)=0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000280)={r4, 0x8}, 0xc)
sendto$inet(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000003e0007012bbd700000000000017c00000400fc800c00018008000600", @ANYRES32=0x0, @ANYBLOB="080002807235ab62080007"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0x4040)

kernel console output (not intermixed with test programs):

] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1035.429568][T11772] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1035.490135][ T2965] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1035.497556][ T2965] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1035.626111][T11796] veth0_vlan: entered promiscuous mode
[ 1035.685026][T11796] veth1_vlan: entered promiscuous mode
[ 1035.756209][T11796] veth0_macvtap: entered promiscuous mode
[ 1035.788652][T11796] veth1_macvtap: entered promiscuous mode
[ 1035.855134][T11796] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1035.879239][T11796] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1035.926493][ T1319] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1035.944562][ T2965] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1035.960470][  T417] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1036.004162][  T417] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1036.213310][T12036] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1036.271018][ T2965] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1036.299863][ T2965] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1036.346883][T12001] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1036.378165][ T1319] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1036.404200][ T1319] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1036.499379][T12036] veth0_vlan: entered promiscuous mode
[ 1036.596992][T12036] veth1_vlan: entered promiscuous mode
[ 1037.951136][T12036] veth0_macvtap: entered promiscuous mode
[ 1037.964296][T12036] veth1_macvtap: entered promiscuous mode
[ 1038.719869][T12036] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1038.985689][T12036] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1039.058160][   T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1039.175534][   T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1039.382870][ T1319] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1039.407745][ T1319] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1041.192414][T12206] loop1: detected capacity change from 0 to 2048
[ 1041.214349][   T31] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1041.285375][T12206] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[ 1041.360334][   T31] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1041.894104][T12206] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1042.953976][ T2933] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1042.961949][ T2933] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1043.232582][T12001] veth0_vlan: entered promiscuous mode
[ 1043.434744][T12214] Set syz1 is full, maxelem 2 reached
[ 1043.466551][T12001] veth1_vlan: entered promiscuous mode
[ 1044.159259][T12001] veth0_macvtap: entered promiscuous mode
[ 1044.957900][T12001] veth1_macvtap: entered promiscuous mode
[ 1045.478971][T12001] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1045.503653][T12230] binder: BINDER_SET_CONTEXT_MGR already set
[ 1045.520825][T12230] binder: 12229:12230 ioctl 4018620d 200000004a80 returned -16
[ 1045.605934][T12001] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1045.706051][   T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1045.805246][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1045.986977][   T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1046.073303][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1050.337480][T12251] loop3: detected capacity change from 0 to 32768
[ 1050.464887][T12251] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1051.264034][T12265] EXT4-fs (nbd1): unable to read superblock
[ 1051.632874][T12251] XFS (loop3): Ending clean mount
[ 1051.647321][T12251] XFS (loop3): Quotacheck needed: Please wait.
[ 1051.768891][T12251] XFS (loop3): Quotacheck: Done.
[ 1051.924321][ T7398] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1052.002226][ T7398] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1052.282518][T12269] loop7: detected capacity change from 0 to 40427
[ 1052.307372][T12269] F2FS-fs (loop7): invalid crc value
[ 1052.341403][T12036] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1052.517741][T12269] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1052.543396][T12269] F2FS-fs (loop7): Start checkpoint disabled!
[ 1052.615079][T12269] F2FS-fs (loop7): f2fs_disable_checkpoint() finish, err:0
[ 1052.652854][T12269] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[ 1053.748201][   T30] audit: type=1800 audit(1773526655.150:24): pid=12280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1068" name="bus" dev="loop7" ino=10 res=0 errno=0
[ 1053.814583][T12280] bio_check_eod: 182 callbacks suppressed
[ 1053.814631][T12280] syz.7.1068: attempt to access beyond end of device
[ 1053.814631][T12280] loop7: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[ 1054.004902][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.100614][T12280] syz.7.1068: attempt to access beyond end of device
[ 1054.100614][T12280] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1054.117249][T12280] syz.7.1068: attempt to access beyond end of device
[ 1054.117249][T12280] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1054.133486][T12280] syz.7.1068: attempt to access beyond end of device
[ 1054.133486][T12280] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1054.150243][T12280] syz.7.1068: attempt to access beyond end of device
[ 1054.150243][T12280] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1054.178094][T11772] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1054.187127][T12280] syz.7.1068: attempt to access beyond end of device
[ 1054.187127][T12280] loop7: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1054.202061][T12280] syz.7.1068: attempt to access beyond end of device
[ 1054.202061][T12280] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1054.218617][T12280] syz.7.1068: attempt to access beyond end of device
[ 1054.218617][T12280] loop7: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1054.235426][T12280] syz.7.1068: attempt to access beyond end of device
[ 1054.235426][T12280] loop7: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1054.251245][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.259396][T12280] syz.7.1068: attempt to access beyond end of device
[ 1054.259396][T12280] loop7: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[ 1054.356393][T11772] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1056.648244][T12296] loop3: detected capacity change from 0 to 128
[ 1058.505083][ T2933] CPU: 0 UID: 0 PID: 2933 Comm: kworker/u8:9 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1058.505137][ T2933] Tainted: [L]=SOFTLOCKUP
[ 1058.505148][ T2933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1058.505170][ T2933] Workqueue: writeback wb_workfn (flush-7:7)
[ 1058.505230][ T2933] Call Trace:
[ 1058.505240][ T2933]  <TASK>
[ 1058.505252][ T2933]  dump_stack_lvl+0x100/0x190
[ 1058.505304][ T2933]  f2fs_handle_critical_error+0x5d7/0x970
[ 1058.505342][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.505380][ T2933]  ? f2fs_build_fault_attr+0x53/0x280
[ 1058.505436][ T2933]  f2fs_write_end_io+0xc3f/0xf30
[ 1058.505475][ T2933]  ? __pfx_f2fs_write_end_io+0x10/0x10
[ 1058.505556][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.505603][ T2933]  ? __pfx_f2fs_write_end_io+0x10/0x10
[ 1058.505639][ T2933]  bio_endio+0x7a3/0x910
[ 1058.505675][ T2933]  submit_bio_noacct+0x64c/0x2010
[ 1058.505730][ T2933]  f2fs_submit_write_bio+0x133/0x350
[ 1058.505765][ T2933]  __submit_merged_bio+0x331/0x7b0
[ 1058.505813][ T2933]  __submit_merged_write_cond+0x3fe/0x510
[ 1058.505864][ T2933]  ? __pfx___submit_merged_write_cond+0x10/0x10
[ 1058.505913][ T2933]  ? __pfx___might_resched+0x10/0x10
[ 1058.505948][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.505997][ T2933]  f2fs_write_cache_pages+0x21c0/0x2720
[ 1058.506064][ T2933]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[ 1058.506108][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.506157][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.506198][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.506239][ T2933]  ? find_held_lock+0x2b/0x80
[ 1058.506278][ T2933]  ? nr_blockdev_pages+0xde/0x120
[ 1058.506320][ T2933]  ? nr_blockdev_pages+0xde/0x120
[ 1058.506358][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.506412][ T2933]  ? si_meminfo+0x118/0x230
[ 1058.506441][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.506480][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.506580][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.506619][ T2933]  ? rcu_is_watching+0x12/0xc0
[ 1058.506664][ T2933]  f2fs_write_data_pages+0x799/0x16d0
[ 1058.506710][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.506761][ T2933]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1058.506823][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.506863][ T2933]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1058.506910][ T2933]  do_writepages+0x278/0x600
[ 1058.506966][ T2933]  ? __pfx_do_writepages+0x10/0x10
[ 1058.507021][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.507074][ T2933]  __writeback_single_inode+0x164/0x13c0
[ 1058.507126][ T2933]  ? find_held_lock+0x2b/0x80
[ 1058.507179][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.507234][ T2933]  ? __pfx___writeback_single_inode+0x10/0x10
[ 1058.507286][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.507338][ T2933]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1058.507386][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.507448][ T2933]  writeback_sb_inodes+0x766/0x1c70
[ 1058.507522][ T2933]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1058.507565][ T2933]  ? do_raw_spin_lock+0x128/0x260
[ 1058.507602][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.507699][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.507741][ T2933]  ? rcu_is_watching+0x12/0xc0
[ 1058.507778][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.507826][ T2933]  ? queue_io+0x287/0x550
[ 1058.507866][ T2933]  wb_writeback+0x1c0/0xbe0
[ 1058.507922][ T2933]  ? __pfx_wb_writeback+0x10/0x10
[ 1058.507976][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.508019][ T2933]  ? mark_held_locks+0x40/0x70
[ 1058.508070][ T2933]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1058.508122][ T2933]  wb_workfn+0x142/0xc00
[ 1058.508175][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.508217][ T2933]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1058.508266][ T2933]  ? __pfx_wb_workfn+0x10/0x10
[ 1058.508313][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.508360][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.508406][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.508448][ T2933]  ? rcu_is_watching+0x12/0xc0
[ 1058.508492][ T2933]  process_one_work+0xa23/0x19a0
[ 1058.508545][ T2933]  ? __pfx_process_one_work+0x10/0x10
[ 1058.508576][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.508633][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.508683][ T2933]  worker_thread+0x5ef/0xe50
[ 1058.508728][ T2933]  ? __pfx_worker_thread+0x10/0x10
[ 1058.508762][ T2933]  ? kthread+0x13a/0x450
[ 1058.508818][ T2933]  ? __pfx_worker_thread+0x10/0x10
[ 1058.508849][ T2933]  kthread+0x370/0x450
[ 1058.508901][ T2933]  ? __pfx_kthread+0x10/0x10
[ 1058.508958][ T2933]  ret_from_fork+0x754/0xd80
[ 1058.509016][ T2933]  ? __pfx_ret_from_fork+0x10/0x10
[ 1058.509075][ T2933]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1058.509116][ T2933]  ? __switch_to+0x7b4/0x1120
[ 1058.509155][ T2933]  ? __pfx_kthread+0x10/0x10
[ 1058.509211][ T2933]  ret_from_fork_asm+0x1a/0x30
[ 1058.509272][ T2933]  </TASK>
[ 1059.073466][ T2933] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[ 1059.352159][T12307] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1060.119589][ T5831] Bluetooth: hci3: unknown advertising packet type: 0x75
[ 1060.119689][ T5831] Bluetooth: hci3: Malformed LE Event: 0x02
[ 1061.266623][T12312] binder_alloc: 12308: binder_alloc_buf, no vma
[ 1063.489035][T12319] tipc: Started in network mode
[ 1063.804772][T12319] tipc: Node identity 0638d42a100a, cluster identity 4711
[ 1065.572856][T12319] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1065.684636][ T5924] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[ 1065.827158][T12337] syzkaller0: entered promiscuous mode
[ 1065.946020][T12337] syzkaller0: entered allmulticast mode
[ 1066.034146][ T5924] usb 4-1: Using ep0 maxpacket: 8
[ 1066.046538][ T5924] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1066.368286][ T5928] tipc: Node number set to 372429866
[ 1066.382509][ T5924] usb 4-1: New USB device found, idVendor=1397, idProduct=00bd, bcdDevice= 0.40
[ 1066.404267][ T5924] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1066.412290][ T5924] usb 4-1: Product: syz
[ 1066.417542][ T5924] usb 4-1: Manufacturer: syz
[ 1066.422161][ T5924] usb 4-1: SerialNumber: syz
[ 1067.942087][ T5924] usb 4-1: can't set config #1, error -71
[ 1067.971244][ T5924] usb 4-1: USB disconnect, device number 2
[ 1068.535036][T12360] qnx6: unable to read the first superblock
[ 1068.542829][T12360] qnx6: unable to read the first superblock
[ 1068.876699][T12360] qnx6: unable to read the first superblock
[ 1071.806543][T12319] tipc: Resetting bearer <eth:syzkaller0>
[ 1073.039451][T12319] tipc: Disabling bearer <eth:syzkaller0>
[ 1077.071617][T12411] loop8: detected capacity change from 0 to 64
[ 1078.099380][T12426] loop7: detected capacity change from 0 to 512
[ 1079.268900][T12426] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1079.336169][T12426] ext4 filesystem being mounted at /159/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1081.774362][T12449] hfs: node is corrupted: leaf_head 11, leaf_tail 5
[ 1081.919468][T12448] overlayfs: failed index dir cleanup (-512)
[ 1081.926279][T12448] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[ 1082.548832][ T8996] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1082.679673][T12456] input: syz0 as /devices/virtual/input/input5
[ 1084.740326][T12469] loop8: detected capacity change from 0 to 2048
[ 1088.299742][T12469] NILFS (loop8): error -4 creating segctord thread
[ 1089.902962][T12484] binder_alloc: 12483: binder_alloc_buf, no vma
[ 1094.255455][T12516] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1094.324377][ T8982] Bluetooth: hci1: unknown advertising packet type: 0x75
[ 1094.324510][ T8982] Bluetooth: hci1: Malformed LE Event: 0x02
[ 1100.982446][T12541] loop3: detected capacity change from 0 to 2048
[ 1101.074329][T12541] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1101.257492][T12542] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1102.054713][ T5831] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1102.068788][ T5831] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1102.120112][ T8853] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1102.131435][T11798] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1102.159955][T11798] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1102.177824][T11798] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1102.196430][T11798] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1102.203665][T11798] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1102.230995][T11798] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1102.247765][T11798] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1102.915493][T12553] loop3: detected capacity change from 0 to 4096
[ 1104.301733][T11798] Bluetooth: hci2: command tx timeout
[ 1104.349851][T11798] Bluetooth: hci6: command tx timeout
[ 1106.333974][T11798] Bluetooth: hci2: command tx timeout
[ 1106.411744][T11798] Bluetooth: hci6: command tx timeout
[ 1108.483812][T11798] Bluetooth: hci2: command tx timeout
[ 1108.489384][T11798] Bluetooth: hci6: command tx timeout
[ 1109.126204][T12584] loop3: detected capacity change from 0 to 64
[ 1110.743810][ T5831] Bluetooth: hci6: command tx timeout
[ 1110.751853][T11798] Bluetooth: hci2: command tx timeout
[ 1110.892353][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1111.126478][T12592] hfs: node is corrupted: leaf_head 11, leaf_tail 5
[ 1112.739855][T12601] loop3: detected capacity change from 0 to 256
[ 1112.747286][T12601] vfat: Bad value for 'dmask'
[ 1113.814362][T12602] ipvlan2: entered promiscuous mode
[ 1114.611953][T12610] SQUASHFS error: Failed to read block 0x0: -5
[ 1115.235849][T12611] loop8: detected capacity change from 0 to 1024
[ 1115.296694][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1115.325673][T12611] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1115.368379][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1115.378312][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1115.974141][   T30] audit: type=1804 audit(1773526717.350:25): pid=12619 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.8.1144" name="/newroot/85/file2/bus" dev="loop8" ino=18 res=1 errno=0
[ 1116.547682][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1116.712158][T10219] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1116.896204][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1117.421383][T12522] chnl_net:caif_netlink_parms(): no params data found
[ 1117.611735][   T12] bridge_slave_1: left allmulticast mode
[ 1117.624574][   T12] bridge_slave_1: left promiscuous mode
[ 1117.630503][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1117.667502][   T12] bridge_slave_0: left allmulticast mode
[ 1117.673209][   T12] bridge_slave_0: left promiscuous mode
[ 1117.698664][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1118.123187][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1118.138173][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1118.170530][   T12] bond0 (unregistering): Released all slaves
[ 1118.284220][T12498] chnl_net:caif_netlink_parms(): no params data found
[ 1118.738194][T12498] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1118.755328][T12498] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1118.762644][T12498] bridge_slave_0: entered allmulticast mode
[ 1118.795593][T12498] bridge_slave_0: entered promiscuous mode
[ 1118.804712][T12522] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1118.811959][T12522] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1118.834549][T12522] bridge_slave_0: entered allmulticast mode
[ 1118.842497][T12522] bridge_slave_0: entered promiscuous mode
[ 1118.895291][T12498] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1118.902484][T12498] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1118.924199][T12498] bridge_slave_1: entered allmulticast mode
[ 1118.932117][T12498] bridge_slave_1: entered promiscuous mode
[ 1118.955244][T12522] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1118.962416][T12522] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1118.969904][T12522] bridge_slave_1: entered allmulticast mode
[ 1118.993961][T12522] bridge_slave_1: entered promiscuous mode
[ 1119.091550][   T12] hsr_slave_0: left promiscuous mode
[ 1119.098935][   T12] hsr_slave_1: left promiscuous mode
[ 1119.105737][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1119.113120][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1119.124352][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1119.131937][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1119.146366][   T12] veth1_macvtap: left promiscuous mode
[ 1119.151895][   T12] veth0_macvtap: left promiscuous mode
[ 1119.157631][   T12] veth1_vlan: left promiscuous mode
[ 1119.162920][   T12] veth0_vlan: left promiscuous mode
[ 1119.421581][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1119.454243][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1119.622760][T12522] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1119.651951][T12522] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1119.681758][T12498] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1119.736188][T12498] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1119.794803][T12522] team0: Port device team_slave_0 added
[ 1119.806601][T12522] team0: Port device team_slave_1 added
[ 1119.886926][T12522] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1119.904194][T12522] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1119.934494][T12522] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1119.949743][T12498] team0: Port device team_slave_0 added
[ 1119.960392][T12522] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1119.969189][T12522] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1120.008508][T12522] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1120.023206][T12498] team0: Port device team_slave_1 added
[ 1120.115311][T12498] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1120.122468][T12498] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1120.155728][T12498] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1120.217357][T12498] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1120.225640][T12498] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1120.252498][T12498] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1120.286939][T12522] hsr_slave_0: entered promiscuous mode
[ 1120.295124][T12522] hsr_slave_1: entered promiscuous mode
[ 1120.393339][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1120.432665][T12498] hsr_slave_0: entered promiscuous mode
[ 1120.442781][T12498] hsr_slave_1: entered promiscuous mode
[ 1120.449442][T12498] debugfs: 'hsr0' already exists in 'hsr'
[ 1120.455296][T12498] Cannot create hsr debugfs directory
[ 1120.556101][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1120.628965][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1120.689196][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1121.051166][   T12] bridge_slave_1: left allmulticast mode
[ 1121.077471][   T12] bridge_slave_1: left promiscuous mode
[ 1121.083352][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1121.101290][   T12] bridge_slave_0: left allmulticast mode
[ 1121.109806][   T12] bridge_slave_0: left promiscuous mode
[ 1121.116093][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1121.389724][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1121.402969][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1121.417668][   T12] bond0 (unregistering): Released all slaves
[ 1121.869232][   T12] hsr_slave_0: left promiscuous mode
[ 1121.876895][   T12] hsr_slave_1: left promiscuous mode
[ 1121.883216][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1121.896609][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1121.909230][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1121.917417][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1121.935451][   T12] veth1_macvtap: left promiscuous mode
[ 1121.941041][   T12] veth0_macvtap: left promiscuous mode
[ 1121.947813][   T12] veth1_vlan: left promiscuous mode
[ 1121.953245][   T12] veth0_vlan: left promiscuous mode
[ 1122.329607][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1122.359992][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1122.941605][T12522] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1122.976625][T12522] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1123.004397][T12522] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1123.016371][T12522] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1123.073255][T12498] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1123.085808][T12498] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1123.098180][T12498] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1123.118503][T12498] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1123.267648][T12522] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1123.305367][T12522] 8021q: adding VLAN 0 to HW filter on device team0
[ 1123.322641][T12498] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1123.333638][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1123.341089][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1123.372742][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1123.379981][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1123.408910][T12498] 8021q: adding VLAN 0 to HW filter on device team0
[ 1123.432097][  T417] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1123.439288][  T417] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1123.469433][  T417] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1123.476589][  T417] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1123.889775][T12522] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1124.042069][T12498] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1124.525178][T12522] veth0_vlan: entered promiscuous mode
[ 1124.553009][T12522] veth1_vlan: entered promiscuous mode
[ 1124.608208][T12498] veth0_vlan: entered promiscuous mode
[ 1124.661971][T12522] veth0_macvtap: entered promiscuous mode
[ 1124.679628][T12498] veth1_vlan: entered promiscuous mode
[ 1124.711019][T12522] veth1_macvtap: entered promiscuous mode
[ 1124.771469][T12522] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1124.803076][T12498] veth0_macvtap: entered promiscuous mode
[ 1124.822938][T12522] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1124.839386][T12498] veth1_macvtap: entered promiscuous mode
[ 1124.864755][   T62] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1124.905163][T12498] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1124.912498][   T62] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1124.925628][   T62] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1124.954969][   T62] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1124.990619][T12498] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1125.077961][   T31] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1125.100437][   T31] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1125.117881][   T31] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1125.139360][   T31] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1125.225472][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1125.234034][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1125.312359][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1125.320790][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1125.523184][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1125.582893][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1127.955297][  T417] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1127.963166][  T417] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1130.141462][T12780] dummy0: entered promiscuous mode
[ 1130.163158][T12780] netdevsim netdevsim8 netdevsim0: entered promiscuous mode
[ 1130.217768][T12780] hsr1: entered allmulticast mode
[ 1130.223057][T12780] dummy0: entered allmulticast mode
[ 1130.230231][T12780] netdevsim netdevsim8 netdevsim0: entered allmulticast mode
[ 1135.169198][T12820] delete_channel: no stack
[ 1135.195827][T12820] loop7: detected capacity change from 0 to 22
[ 1135.212992][T12820] MTD: Attempt to mount non-MTD device "/dev/loop7"
[ 1135.274091][T12820] romfs: Mounting image 'rom 637cf1fa' through the block layer
[ 1136.846834][T12829] loop3: detected capacity change from 0 to 32768
[ 1136.993949][T12829] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1169 (12829)
[ 1137.551470][T12829] BTRFS info (device loop3): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1137.561928][T12829] BTRFS info (device loop3): using crc32c checksum algorithm
[ 1137.569451][T12829] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1139.793623][T12829] BTRFS error (device loop3): open_ctree failed: -4
[ 1143.065522][ T5831] Bluetooth: hci5: command 0x0406 tx timeout
[ 1146.090622][T12911] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1149.321048][T12929] binder: BINDER_SET_CONTEXT_MGR already set
[ 1149.327626][T12929] binder: 12928:12929 ioctl 4018620d 200000004a80 returned -16
[ 1149.423105][T12922] loop8: detected capacity change from 0 to 4096
[ 1151.505655][T12936] loop1: detected capacity change from 0 to 512
[ 1151.742806][T12944] binder_alloc: 12943: binder_alloc_buf, no vma
[ 1151.754407][T12936] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1151.871641][T12936] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1152.139535][T12953] SQUASHFS error: Failed to read block 0x0: -5
[ 1153.319632][ T5928] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[ 1153.413282][T11798] Bluetooth: hci1: command 0x0406 tx timeout
[ 1153.703810][ T5928] usb 10-1: Using ep0 maxpacket: 8
[ 1153.714528][ T5928] usb 10-1: unable to get BOS descriptor or descriptor too short
[ 1153.750548][ T5928] usb 10-1: New USB device found, idVendor=1397, idProduct=00bd, bcdDevice= 0.40
[ 1154.206275][ T5928] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1154.229567][T12958] overlayfs: failed index dir cleanup (-512)
[ 1154.235662][T12958] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[ 1154.470444][ T5928] usb 10-1: Product: syz
[ 1154.483069][T11796] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1154.494849][ T5928] usb 10-1: Manufacturer: syz
[ 1154.499662][ T5928] usb 10-1: SerialNumber: syz
[ 1154.779094][T12963] EXT4-fs (nbd3): unable to read superblock
[ 1156.425159][T12976] loop8: detected capacity change from 0 to 512
[ 1156.454873][ T5928] usb 10-1: invalid MIDI EP
[ 1156.520456][ T5928] usb 10-1: snd-bcd2000: error during probing
[ 1156.545925][T12976] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1156.621435][ T5928] snd-bcd2000 10-1:1.1: probe with driver snd-bcd2000 failed with error -22
[ 1156.704776][T12976] ext4 filesystem being mounted at /99/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1156.739476][ T5928] usb 10-1: invalid MIDI EP
[ 1156.762852][ T5928] usb 10-1: snd-bcd2000: error during probing
[ 1156.792141][ T5928] snd-bcd2000 10-1:1.2: probe with driver snd-bcd2000 failed with error -22
[ 1157.084722][ T5928] usb 10-1: USB disconnect, device number 2
[ 1157.181785][T12985] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1312: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[ 1157.202884][T12985] Quota error (device loop8): write_blk: dquota write failed
[ 1157.213816][T12985] Quota error (device loop8): qtree_write_dquot: Error -28 occurred while creating quota
[ 1157.224219][T12985] EXT4-fs error (device loop8): ext4_acquire_dquot:6999: comm syz.8.1202: Failed to acquire dquot type 0
[ 1157.742996][T10219] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1157.801607][T11798] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1157.823951][T11798] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1157.834586][T11798] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1157.842848][T11798] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1157.850906][T11798] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1158.279832][T12991] loop9: detected capacity change from 0 to 2048
[ 1158.288573][ T8267] udevd[8267]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1159.415644][T12999] loop1: detected capacity change from 0 to 4096
[ 1160.086046][ T5831] Bluetooth: hci0: command tx timeout
[ 1160.127711][T12991] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1160.140666][T12991] ext4 filesystem being mounted at /9/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1160.433440][T13001] overlayfs: failed to verify upper (/file0, ino=12, err=-28)
[ 1160.441445][T13001] overlayfs: failed to verify index dir 'upper' xattr
[ 1160.449058][T13001] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[ 1162.163926][ T5831] Bluetooth: hci0: command tx timeout
[ 1162.682374][T12999] ntfs3(loop1): Failed to read $AttrDef (-4).
[ 1162.940928][T12498] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1164.255474][ T5831] Bluetooth: hci0: command tx timeout
[ 1164.539594][T13022] binder: BINDER_SET_CONTEXT_MGR already set
[ 1164.545992][T13022] binder: 13015:13022 ioctl 4018620d 200000004a80 returned -16
[ 1164.668347][T13026] SQUASHFS error: Failed to read block 0x0: -5
[ 1166.323912][ T5831] Bluetooth: hci0: command tx timeout
[ 1166.567918][T13039] EXT4-fs (nbd5): unable to read superblock
[ 1166.940022][ T3008] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1168.273554][T12988] chnl_net:caif_netlink_parms(): no params data found
[ 1169.676439][T13058] binder: BINDER_SET_CONTEXT_MGR already set
[ 1169.700727][T13058] binder: 13056:13058 ioctl 4018620d 200000004a80 returned -16
[ 1171.015437][ T3008] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1171.422477][T12988] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1171.444626][T12988] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1171.466319][T12988] bridge_slave_0: entered allmulticast mode
[ 1171.682639][T12988] bridge_slave_0: entered promiscuous mode
[ 1171.695848][T12988] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1171.703028][T12988] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1171.711341][T12988] bridge_slave_1: entered allmulticast mode
[ 1171.728154][T12988] bridge_slave_1: entered promiscuous mode
[ 1172.690511][ T3008] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1174.679309][ T3008] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1174.880281][T12988] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1174.940107][T12988] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1175.205837][T12988] team0: Port device team_slave_0 added
[ 1175.215503][T12988] team0: Port device team_slave_1 added
[ 1176.909146][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1176.918892][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.194406][T13119] evm: overlay not supported
[ 1177.925772][T13117] EXT4-fs (nbd8): unable to read superblock
[ 1178.338031][T12988] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1178.363719][T12988] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1178.453269][T13116] Bluetooth: MGMT ver 1.23
[ 1178.539971][T12988] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1178.604580][T12988] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1178.611589][T12988] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1179.703419][T12988] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1181.182878][T12988] hsr_slave_0: entered promiscuous mode
[ 1181.183948][T13138] loop8: detected capacity change from 0 to 512
[ 1181.189996][T12988] hsr_slave_1: entered promiscuous mode
[ 1182.124979][T12988] debugfs: 'hsr0' already exists in 'hsr'
[ 1182.130831][T12988] Cannot create hsr debugfs directory
[ 1182.169374][T13138] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1182.184447][T13138] ext4 filesystem being mounted at /108/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1185.600660][T10219] EXT4-fs error (device loop8): ext4_empty_dir:3075: inode #12: comm syz-executor: invalid size
[ 1185.619126][ T3008] bridge_slave_1: left allmulticast mode
[ 1185.663800][ T3008] bridge_slave_1: left promiscuous mode
[ 1185.668316][T10219] EXT4-fs (loop8): Remounting filesystem read-only
[ 1185.672263][ T3008] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1185.987720][T10219] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1186.000822][ T3008] bridge_slave_0: left allmulticast mode
[ 1187.013531][ T3008] bridge_slave_0: left promiscuous mode
[ 1187.774074][ T3008] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1194.743952][T13220] loop5: detected capacity change from 0 to 32768
[ 1194.836459][T13220] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1195.395514][T13220] XFS (loop5): Ending clean mount
[ 1195.480975][T13220] XFS (loop5): Quotacheck needed: Please wait.
[ 1196.595456][T13220] XFS (loop5): Quotacheck: Done.
[ 1197.531444][ T3008] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1197.657039][ T3008] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1197.723613][ T3008] bond0 (unregistering): Released all slaves
[ 1197.747773][T13250] loop3: detected capacity change from 0 to 8
[ 1197.768744][T12522] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1197.868092][T13233] dummy0: entered promiscuous mode
[ 1197.882317][T13233] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[ 1198.169030][T13233] debugfs: 'hsr1' already exists in 'hsr'
[ 1198.829945][T13233] Cannot create hsr debugfs directory
[ 1198.864548][T13233] hsr1: entered allmulticast mode
[ 1198.870174][T13233] dummy0: entered allmulticast mode
[ 1198.910893][T13233] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[ 1201.361870][T13279] loop5: detected capacity change from 0 to 512
[ 1201.578571][T13279] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1201.724038][T13279] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1201.814702][T13285] loop1: detected capacity change from 0 to 1024
[ 1204.095295][T13294] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1312: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[ 1204.110227][T13294] Quota error (device loop5): write_blk: dquota write failed
[ 1204.117877][T13294] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota
[ 1204.127880][T13294] EXT4-fs error (device loop5): ext4_acquire_dquot:6999: comm syz.5.1269: Failed to acquire dquot type 0
[ 1204.377575][T13285] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1204.493195][T12522] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1205.379110][   T30] audit: type=1804 audit(1773526806.780:26): pid=13302 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1270" name="/newroot/46/file2/bus" dev="loop1" ino=18 res=1 errno=0
[ 1206.434433][T13304] binder: BINDER_SET_CONTEXT_MGR already set
[ 1206.440502][T13304] binder: 13303:13304 ioctl 4018620d 200000004a80 returned -16
[ 1206.501696][T11796] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1207.807033][ T3008] hsr_slave_0: left promiscuous mode
[ 1207.828803][ T3008] hsr_slave_1: left promiscuous mode
[ 1207.841325][ T3008] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1208.834247][ T3008] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1209.274652][ T3008] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1209.282079][ T3008] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1209.438180][ T3008] veth1_macvtap: left promiscuous mode
[ 1210.417992][ T3008] veth0_macvtap: left promiscuous mode
[ 1210.439962][ T3008] veth1_vlan: left promiscuous mode
[ 1210.453215][ T3008] veth0_vlan: left promiscuous mode
[ 1210.600405][T13330] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1282'.
[ 1211.433919][ T5924] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[ 1212.233848][ T5924] usb 6-1: Using ep0 maxpacket: 8
[ 1214.857179][T13351] delete_channel: no stack
[ 1214.893385][T13351] loop1: detected capacity change from 0 to 22
[ 1214.913084][T13351] MTD: Attempt to mount non-MTD device "/dev/loop1"
[ 1215.578312][T13351] romfs: Mounting image 'rom 637cf1fa' through the block layer
[ 1217.687020][ T5924] usb 6-1: device descriptor read/all, error -110
[ 1217.729492][T11798] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1218.477031][T11798] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1218.489723][T11798] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1218.498096][T11798] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1218.703835][T13370] binder: BINDER_SET_CONTEXT_MGR already set
[ 1218.721422][ T5924] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[ 1218.732717][T11798] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1218.744304][T13370] binder: 13368:13370 ioctl 4018620d 200000004a80 returned -16
[ 1219.751300][ T5924] usb 6-1: device descriptor read/64, error -32
[ 1219.832665][ T3008] team0 (unregistering): Port device team_slave_1 removed
[ 1219.865364][ T5924] usb usb6-port1: attempt power cycle
[ 1219.918024][ T3008] team0 (unregistering): Port device team_slave_0 removed
[ 1221.703950][T11798] Bluetooth: hci4: command tx timeout
[ 1221.984259][ T5924] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 1222.040071][ T5924] usb 6-1: device descriptor read/8, error -32
[ 1222.453817][ T5924] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1222.485037][ T5924] usb 6-1: device descriptor read/8, error -32
[ 1222.595678][ T5924] usb usb6-port1: unable to enumerate USB device
[ 1223.942342][T13388] input: syz1 as /devices/virtual/input/input6
[ 1224.041380][ T8982] Bluetooth: hci4: command tx timeout
[ 1225.044192][ T8853] Bluetooth: hci2: command 0x0406 tx timeout
[ 1225.050824][ T8982] Bluetooth: hci6: command 0x0406 tx timeout
[ 1226.084665][ T8853] Bluetooth: hci4: command tx timeout
[ 1226.363390][ T5831] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1226.382488][ T5831] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1226.393615][ T5831] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1226.407732][ T5831] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1226.416717][ T5831] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1228.163981][ T5831] Bluetooth: hci4: command tx timeout
[ 1228.484584][ T5831] Bluetooth: hci7: command tx timeout
[ 1228.995121][T13318] raw-gadget.0 gadget.5: failed to queue disconnect event
[ 1229.304550][T13359] chnl_net:caif_netlink_parms(): no params data found
[ 1231.325232][ T5831] Bluetooth: hci7: command tx timeout
[ 1231.928957][ T3008] IPVS: stop unused estimator thread 0...
[ 1232.715345][T13359] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1232.753982][T13359] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1232.780132][T13359] bridge_slave_0: entered allmulticast mode
[ 1232.813571][T13359] bridge_slave_0: entered promiscuous mode
[ 1233.263266][T13359] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1233.296104][T13359] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1233.998843][T11798] Bluetooth: hci7: command tx timeout
[ 1234.253799][T13359] bridge_slave_1: entered allmulticast mode
[ 1234.320080][T13359] bridge_slave_1: entered promiscuous mode
[ 1236.394762][T11798] Bluetooth: hci7: command tx timeout
[ 1236.741166][ T3008] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1237.265068][T13359] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1237.473289][T13470] loop3: detected capacity change from 0 to 4096
[ 1237.492402][T13470] EXT4-fs: Ignoring removed oldalloc option
[ 1237.522374][T13470] EXT4-fs (loop3): stripe (7) is not aligned with cluster size (16), stripe is disabled
[ 1238.284614][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.291522][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1238.964586][T13470] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a856e018, mo2=0002]
[ 1239.233963][T13470] System zones: 0-5
[ 1240.072416][T13470] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1240.211571][ T3008] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1240.499959][T13359] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1240.528549][T13494] binder: BINDER_SET_CONTEXT_MGR already set
[ 1240.625948][T13497] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1313'.
[ 1240.946319][T13494] binder: 13493:13494 ioctl 4018620d 200000004a80 returned -16
[ 1241.933122][T13399] chnl_net:caif_netlink_parms(): no params data found
[ 1242.103090][T12036] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1242.200452][T13506] loop9: detected capacity change from 0 to 256
[ 1242.241221][ T3008] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1242.418384][T13359] team0: Port device team_slave_0 added
[ 1242.556617][ T3008] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1242.630310][T13359] team0: Port device team_slave_1 added
[ 1242.782478][T13359] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1242.807861][T13359] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1242.864172][T13359] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1242.886547][T13359] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1242.903733][T13359] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1242.960817][T13359] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1242.982731][T13399] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1242.993816][T13399] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1243.012499][T13399] bridge_slave_0: entered allmulticast mode
[ 1243.026202][T13399] bridge_slave_0: entered promiscuous mode
[ 1243.046327][T13399] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1243.058122][T13399] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1243.074108][T13399] bridge_slave_1: entered allmulticast mode
[ 1243.086353][T13399] bridge_slave_1: entered promiscuous mode
[ 1243.400569][T13399] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1243.455492][T13359] hsr_slave_0: entered promiscuous mode
[ 1243.467885][T13359] hsr_slave_1: entered promiscuous mode
[ 1243.485047][T13359] debugfs: 'hsr0' already exists in 'hsr'
[ 1243.491017][T13359] Cannot create hsr debugfs directory
[ 1243.509833][T13399] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1243.533331][ T3008] bridge_slave_1: left allmulticast mode
[ 1243.542055][ T3008] bridge_slave_1: left promiscuous mode
[ 1243.550298][ T3008] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1244.018708][ T3008] bridge_slave_0: left allmulticast mode
[ 1244.037959][ T3008] bridge_slave_0: left promiscuous mode
[ 1244.744096][ T3008] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1246.840044][ T3008] bridge_slave_1: left allmulticast mode
[ 1246.879137][ T3008] bridge_slave_1: left promiscuous mode
[ 1246.894103][ T3008] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1248.019232][ T3008] bridge_slave_0: left allmulticast mode
[ 1248.034267][ T3008] bridge_slave_0: left promiscuous mode
[ 1248.059222][ T3008] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1248.786069][ T3008] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1248.826990][ T3008] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1248.860435][ T3008] bond0 (unregistering): Released all slaves
[ 1251.060343][ T3008] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1251.088665][ T3008] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1251.609059][ T3008] bond0 (unregistering): Released all slaves
[ 1251.955743][T13399] team0: Port device team_slave_0 added
[ 1252.090325][T13399] team0: Port device team_slave_1 added
[ 1252.322717][T13399] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1252.343814][T13399] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1252.393792][T13399] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1252.464743][T13399] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1252.471919][T13399] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1252.536481][T13399] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1252.690176][ T3008] hsr_slave_0: left promiscuous mode
[ 1252.696808][ T3008] hsr_slave_1: left promiscuous mode
[ 1252.703287][ T3008] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1252.712367][ T3008] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1252.726698][ T3008] hsr_slave_0: left promiscuous mode
[ 1252.733067][ T3008] hsr_slave_1: left promiscuous mode
[ 1252.750502][ T3008] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1252.760655][ T3008] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1252.769416][ T3008] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1252.777196][ T3008] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1252.794254][ T3008] veth1_macvtap: left promiscuous mode
[ 1252.799799][ T3008] veth0_macvtap: left promiscuous mode
[ 1252.806146][ T3008] veth1_vlan: left promiscuous mode
[ 1252.811438][ T3008] veth0_vlan: left promiscuous mode
[ 1253.144947][ T3008] team0 (unregistering): Port device team_slave_1 removed
[ 1253.169295][ T3008] team0 (unregistering): Port device team_slave_0 removed
[ 1253.622150][ T3008] team0 (unregistering): Port device team_slave_1 removed
[ 1253.657303][ T3008] team0 (unregistering): Port device team_slave_0 removed
[ 1253.873590][T13399] hsr_slave_0: entered promiscuous mode
[ 1253.889175][T13399] hsr_slave_1: entered promiscuous mode
[ 1254.407137][T13359] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1254.449044][T13359] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1254.520980][T13359] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1254.560362][T13359] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1254.843472][T13359] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1254.904916][T13359] 8021q: adding VLAN 0 to HW filter on device team0
[ 1254.934784][ T7398] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1254.941982][ T7398] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1254.953673][ T7398] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1254.961106][ T7398] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1255.248447][T13399] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1255.285729][T13399] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1255.299772][T13399] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1255.317436][T13399] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1255.493576][T13359] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1255.552908][T13399] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1255.593982][T13399] 8021q: adding VLAN 0 to HW filter on device team0
[ 1255.624004][ T7398] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1255.631465][ T7398] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1255.671913][ T2965] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1255.679161][ T2965] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1256.194610][T13399] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1256.233086][T13359] veth0_vlan: entered promiscuous mode
[ 1256.277236][T13359] veth1_vlan: entered promiscuous mode
[ 1256.341821][T13399] veth0_vlan: entered promiscuous mode
[ 1256.381718][T13359] veth0_macvtap: entered promiscuous mode
[ 1256.391067][T13399] veth1_vlan: entered promiscuous mode
[ 1256.409025][T13359] veth1_macvtap: entered promiscuous mode
[ 1256.454400][T13359] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1256.500310][T13359] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1256.521929][T13399] veth0_macvtap: entered promiscuous mode
[ 1256.555961][ T2965] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1256.587969][T13399] veth1_macvtap: entered promiscuous mode
[ 1256.602511][ T2965] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1256.635961][ T2965] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1256.657094][ T2965] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1256.720987][T13399] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1256.755102][T13399] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1256.776421][T10112] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1256.800003][T10112] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1256.857991][ T2965] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1256.868172][ T2965] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1256.906831][ T2965] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1256.916508][ T2965] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1256.931572][T10112] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1256.961432][T10112] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1257.076209][T10112] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1257.110949][T10112] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1257.194441][ T7398] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1257.202307][ T7398] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1258.038701][T13688] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1261.801936][T13706] loop3: detected capacity change from 0 to 1024
[ 1261.812190][T13709] loop9: detected capacity change from 0 to 512
[ 1263.066588][T13706] EXT4-fs error (device loop3): ext4_ext_check_inode:521: inode #4: comm syz.3.1332: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[ 1263.416631][T13706] loop3: lost file I/O error report for ino 4 type 5 pos 0x0 len 0x0 error -117
[ 1263.423712][    C0] EXT4-fs (loop3): error count since last fsck: 1
[ 1263.439630][    C0] EXT4-fs (loop3): initial error at time 1773526864: ext4_ext_check_inode:521: inode 4
[ 1263.449383][    C0] EXT4-fs (loop3): last error at time 1773526864: ext4_ext_check_inode:521: inode 4
[ 1263.485959][T13706] EXT4-fs error (device loop3): ext4_quota_enable:7194: comm syz.3.1332: Bad quota inode: 4, type: 1
[ 1263.537854][T13706] loop3: lost filesystem error report for type 5 error -117
[ 1263.538289][T13706] EXT4-fs warning (device loop3): ext4_enable_quotas:7232: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1263.698518][T13706] EXT4-fs (loop3): mount failed
[ 1263.885801][T13709] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1263.954130][T13709] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1266.535842][T12498] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1269.840223][T13776] SQUASHFS error: Failed to read block 0x0: -5
[ 1271.672707][T13784] dummy0: entered promiscuous mode
[ 1271.705883][T13784] netdevsim netdevsim6 netdevsim0: entered promiscuous mode
[ 1271.756746][T13784] debugfs: 'hsr1' already exists in 'hsr'
[ 1271.762720][T13784] Cannot create hsr debugfs directory
[ 1271.773725][T13784] hsr1: entered allmulticast mode
[ 1271.780152][T13784] dummy0: entered allmulticast mode
[ 1271.786076][T13784] netdevsim netdevsim6 netdevsim0: entered allmulticast mode
[ 1273.832479][T13796] loop3: detected capacity change from 0 to 512
[ 1274.043804][T13796] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[ 1274.141657][T13798] loop2: detected capacity change from 0 to 32768
[ 1274.162780][T13798] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1359 (13798)
[ 1274.179317][T13798] BTRFS info (device loop2): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1274.189896][T13798] BTRFS info (device loop2): using crc32c checksum algorithm
[ 1274.197358][T13798] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1274.233929][T13796] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1274.391679][T13796] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.1358: inode has both inline data and extents flags
[ 1274.479894][T13796] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1274.484670][    C1] EXT4-fs (loop3): error count since last fsck: 1
[ 1274.500502][    C1] EXT4-fs (loop3): initial error at time 1773526875: ext4_orphan_get:1391: inode 15
[ 1274.509975][    C1] EXT4-fs (loop3): last error at time 1773526875: ext4_orphan_get:1391: inode 15
[ 1274.543517][T13796] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.1358: couldn't read orphan inode 15 (err -117)
[ 1274.614325][T13798] BTRFS info (device loop2): rebuilding free space tree
[ 1274.707191][T13796] loop3: lost filesystem error report for type 5 error -117
[ 1274.821263][T13796] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1275.040149][T13798] BTRFS info (device loop2): disabling free space tree
[ 1275.047579][T13798] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1275.057805][T13798] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1275.117666][T13798] BTRFS info (device loop2): enabling ssd optimizations
[ 1275.124797][T13798] BTRFS info (device loop2): turning on async discard
[ 1275.131684][T13798] BTRFS info (device loop2): enabling disk space caching
[ 1275.138868][T13798] BTRFS info (device loop2): force clearing of disk cache
[ 1275.146016][T13798] BTRFS info (device loop2): use zstd compression, level 3
[ 1275.492993][T13812] EXT4-fs error (device loop3): ext4_validate_block_bitmap:440: comm ext4lazyinit: bg 0: block 256: padding at end of block bitmap is not set
[ 1278.803078][T13399] BTRFS info (device loop2): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1278.918094][T12036] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1279.410490][T13833] loop9: detected capacity change from 0 to 4096
[ 1279.675269][T13833] ntfs3(loop9): ino=3, Correct links count -> 2.
[ 1282.886894][T13855] ntfs3(loop9): ino=5, "/" ntfs_readdir
[ 1284.573457][T13864] loop8: detected capacity change from 0 to 2048
[ 1285.344230][T13864] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1285.357123][T13864] ext4 filesystem being mounted at /136/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1285.720492][T13872] loop9: detected capacity change from 0 to 8
[ 1286.128625][ T5831] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1286.142956][ T5831] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1286.163915][ T5831] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1286.175025][ T5831] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1286.183045][ T5831] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1286.458576][T10219] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1287.367575][  T417] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1287.892524][  T417] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1288.436010][ T5831] Bluetooth: hci0: command tx timeout
[ 1290.480338][  T417] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1290.493849][ T5831] Bluetooth: hci0: command tx timeout
[ 1292.563829][ T5831] Bluetooth: hci0: command tx timeout
[ 1292.658437][  T417] netdevsim netdevsim1 netdevsim0 (unregistering): left promiscuous mode
[ 1292.711950][  T417] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1293.268387][T13925] SQUASHFS error: Failed to read block 0x0: -5
[ 1295.901677][ T5831] Bluetooth: hci0: command tx timeout
[ 1296.424341][  T417] bridge_slave_1: left allmulticast mode
[ 1296.440822][  T417] bridge_slave_1: left promiscuous mode
[ 1296.868914][  T417] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1296.972497][  T417] bridge_slave_0: left allmulticast mode
[ 1297.009349][  T417] bridge_slave_0: left promiscuous mode
[ 1297.024033][  T417] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1297.398629][T13946] syz.9.1384 uses obsolete (PF_INET,SOCK_PACKET)
[ 1297.633337][T13944] loop6: detected capacity change from 0 to 32768
[ 1297.686911][T13944] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1387 (13944)
[ 1297.727623][T13944] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1297.738060][T13944] BTRFS info (device loop6): using sha256 checksum algorithm
[ 1299.127763][T13944] BTRFS info (device loop6): enabling ssd optimizations
[ 1299.134878][T13944] BTRFS info (device loop6): turning on async discard
[ 1299.141933][T13944] BTRFS info (device loop6): enabling free space tree
[ 1299.697218][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1299.714047][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1299.989123][T13978] binder_alloc: 13973: binder_alloc_buf, no vma
[ 1302.031447][  T417] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1302.056930][T13359] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1302.298745][T13989] SQUASHFS error: Failed to read block 0x0: -5
[ 1302.531994][  T417] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1302.632095][  T417] bond0 (unregistering): Released all slaves
[ 1302.725276][T13870] chnl_net:caif_netlink_parms(): no params data found
[ 1310.926221][T14042] block device autoloading is deprecated and will be removed.
[ 1311.024601][T14040] loop2: detected capacity change from 0 to 32768
[ 1311.033367][T14040] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1403 (14040)
[ 1311.054647][T14040] BTRFS info (device loop2): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1311.064953][T14040] BTRFS info (device loop2): using crc32c checksum algorithm
[ 1311.072454][T14040] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1311.737985][T14040] BTRFS info (device loop2): rebuilding free space tree
[ 1311.774780][T13870] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1311.783220][T14060] binder: BINDER_SET_CONTEXT_MGR already set
[ 1311.790577][T14040] BTRFS info (device loop2): disabling free space tree
[ 1311.801597][T14040] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1311.813839][T14040] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1311.837991][T13870] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1311.892957][T14060] binder: 14059:14060 ioctl 4018620d 200000004a80 returned -16
[ 1311.924022][T13870] bridge_slave_0: entered allmulticast mode
[ 1311.924216][T14040] BTRFS info (device loop2): enabling ssd optimizations
[ 1311.937066][T14040] BTRFS info (device loop2): turning on async discard
[ 1311.944197][T14040] BTRFS info (device loop2): enabling disk space caching
[ 1311.951262][T14040] BTRFS info (device loop2): force clearing of disk cache
[ 1311.958594][T14040] BTRFS info (device loop2): use zstd compression, level 3
[ 1311.975719][T13870] bridge_slave_0: entered promiscuous mode
[ 1312.029759][T13870] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1312.082762][T13870] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1312.300455][T13870] bridge_slave_1: entered allmulticast mode
[ 1312.310050][T13870] bridge_slave_1: entered promiscuous mode
[ 1313.028389][T13870] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1313.095061][T13399] BTRFS info (device loop2): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1313.279696][T13870] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1313.378364][T14076] loop9: detected capacity change from 0 to 512
[ 1313.399334][  T417] dummy0: left promiscuous mode
[ 1314.507720][T14079] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1315.027709][T14076] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a856c018, mo2=0082]
[ 1315.036481][T14076] System zones: 0-2, 18-18, 34-35
[ 1315.083128][T14076] EXT4-fs error (device loop9): __ext4_iget:5378: inode #3: block 127754: comm syz.9.1409: invalid block
[ 1315.094915][T14076] loop9: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[ 1315.103661][    C0] EXT4-fs (loop9): error count since last fsck: 1
[ 1315.119351][    C0] EXT4-fs (loop9): initial error at time 1773526916: __ext4_iget:5378: inode 3: block 127754
[ 1315.129710][    C0] EXT4-fs (loop9): last error at time 1773526916: __ext4_iget:5378: inode 3: block 127754
[ 1315.178587][T14076] EXT4-fs error (device loop9): ext4_quota_enable:7194: comm syz.9.1409: Bad quota inode: 3, type: 0
[ 1315.189829][T14076] loop9: lost filesystem error report for type 5 error -117
[ 1315.220892][T14076] EXT4-fs warning (device loop9): ext4_enable_quotas:7232: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[ 1315.247733][T14076] EXT4-fs (loop9): mount failed
[ 1318.128944][T14091] loop8: detected capacity change from 0 to 4096
[ 1318.137133][  T417] hsr_slave_0: left promiscuous mode
[ 1318.270312][T14091] EXT4-fs: Ignoring removed oldalloc option
[ 1318.491740][T14091] EXT4-fs (loop8): stripe (7) is not aligned with cluster size (16), stripe is disabled
[ 1318.511788][  T417] hsr_slave_1: left promiscuous mode
[ 1318.582908][T14091] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a856e018, mo2=0002]
[ 1318.592765][  T417] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1318.604303][  T417] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1318.675367][  T417] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1318.682967][  T417] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1318.694104][T14091] System zones: 0-5
[ 1318.737848][T14091] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1318.896923][  T417] veth1_macvtap: left promiscuous mode
[ 1318.930388][  T417] veth0_macvtap: left promiscuous mode
[ 1318.974518][  T417] veth1_vlan: left promiscuous mode
[ 1318.979838][  T417] veth0_vlan: left promiscuous mode
[ 1319.420580][T14106] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1410'.
[ 1321.716896][T14115] loop9: detected capacity change from 0 to 32768
[ 1321.743994][T14115] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.1418 (14115)
[ 1321.898656][T14115] BTRFS info (device loop9): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1321.908948][T14115] BTRFS info (device loop9): using crc32c checksum algorithm
[ 1321.916563][T14115] BTRFS warning (device loop9): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1322.134308][T14129] binder: BINDER_SET_CONTEXT_MGR already set
[ 1322.164645][T14115] BTRFS info (device loop9): rebuilding free space tree
[ 1322.183900][T14129] binder: 14128:14129 ioctl 4018620d 200000004a80 returned -16
[ 1322.226503][T14115] BTRFS info (device loop9): disabling free space tree
[ 1322.233518][T14115] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1322.243398][T14115] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1322.262138][T14115] BTRFS info (device loop9): enabling ssd optimizations
[ 1322.269313][T14115] BTRFS info (device loop9): turning on async discard
[ 1322.276189][T14115] BTRFS info (device loop9): enabling disk space caching
[ 1322.283287][T14115] BTRFS info (device loop9): force clearing of disk cache
[ 1322.290587][T14115] BTRFS info (device loop9): use zstd compression, level 3
[ 1322.467603][T11798] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1322.479878][T11798] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1322.495534][T11798] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1322.509252][T11798] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1322.518050][T11798] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1323.793239][T12498] BTRFS info (device loop9): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1324.654466][T11798] Bluetooth: hci5: command tx timeout
[ 1326.728063][ T5831] Bluetooth: hci5: command tx timeout
[ 1327.234241][  T417] team0 (unregistering): Port device team_slave_1 removed
[ 1329.147626][ T5831] Bluetooth: hci5: command tx timeout
[ 1329.774703][  T417] team0 (unregistering): Port device team_slave_0 removed
[ 1331.263758][T11798] Bluetooth: hci5: command tx timeout
[ 1333.473018][ T5831] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1333.486327][ T5831] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1333.495905][ T5831] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1333.505380][ T5831] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1333.513833][ T5831] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1333.649139][T14106] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1334.218730][T13870] team0: Port device team_slave_0 added
[ 1334.350873][T13870] team0: Port device team_slave_1 added
[ 1335.328339][T13870] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1335.338520][T13870] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1335.366038][T13870] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1335.389610][T13870] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1335.465352][T13870] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1335.609108][ T5831] Bluetooth: hci1: command tx timeout
[ 1335.662912][T14206] loop9: detected capacity change from 0 to 512
[ 1335.717121][T14206] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1335.743372][T13870] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1335.837587][T14206] EXT4-fs error (device loop9): ext4_orphan_get:1391: inode #15: comm syz.9.1435: inode has both inline data and extents flags
[ 1335.953494][T14206] loop9: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1335.954501][T14206] EXT4-fs error (device loop9): ext4_orphan_get:1394: comm syz.9.1435: couldn't read orphan inode 15 (err -117)
[ 1335.963832][    C1] EXT4-fs (loop9): error count since last fsck: 1
[ 1335.963895][    C1] EXT4-fs (loop9): initial error at time 1773526937: ext4_orphan_get:1391: inode 15
[ 1335.963956][    C1] EXT4-fs (loop9): last error at time 1773526937: ext4_orphan_get:1391: inode 15
[ 1336.039503][T14206] loop9: lost filesystem error report for type 5 error -117
[ 1336.048470][T14206] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1336.217701][T13870] hsr_slave_0: entered promiscuous mode
[ 1336.243277][T13870] hsr_slave_1: entered promiscuous mode
[ 1336.264775][T13870] debugfs: 'hsr0' already exists in 'hsr'
[ 1336.280811][T13870] Cannot create hsr debugfs directory
[ 1336.334272][T14214] loop2: detected capacity change from 0 to 4096
[ 1336.438513][T14214] ntfs3(loop2): ino=3, Correct links count -> 2.
[ 1337.431604][T12498] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1337.693894][ T5831] Bluetooth: hci1: command tx timeout
[ 1338.145133][T14230] ntfs3(loop2): ino=5, "/" ntfs_readdir
[ 1339.631844][T14134] chnl_net:caif_netlink_parms(): no params data found
[ 1339.766311][ T5831] Bluetooth: hci1: command tx timeout
[ 1339.891058][  T417] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1340.200427][T14178] chnl_net:caif_netlink_parms(): no params data found
[ 1341.089290][T14252] loop9: detected capacity change from 0 to 2048
[ 1341.185173][T14252] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1341.852379][ T5831] Bluetooth: hci1: command tx timeout
[ 1342.159407][T14264] loop2: detected capacity change from 0 to 32768
[ 1342.178479][T14264] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1444 (14264)
[ 1342.195521][T14264] BTRFS info (device loop2): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1342.206312][T14264] BTRFS info (device loop2): using crc32c checksum algorithm
[ 1342.214099][T14264] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1342.344894][T14264] BTRFS info (device loop2): rebuilding free space tree
[ 1342.371678][T14264] BTRFS info (device loop2): disabling free space tree
[ 1342.379062][T14264] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1342.389026][T14264] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1342.433806][T14264] BTRFS info (device loop2): enabling ssd optimizations
[ 1342.440912][T14264] BTRFS info (device loop2): turning on async discard
[ 1342.447896][T14264] BTRFS info (device loop2): enabling disk space caching
[ 1342.455837][T14264] BTRFS info (device loop2): force clearing of disk cache
[ 1342.462965][T14264] BTRFS info (device loop2): use zstd compression, level 3
[ 1342.475562][  T417] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1343.826164][T13399] BTRFS info (device loop2): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1344.427663][T14291] loop6: detected capacity change from 0 to 2048
[ 1344.632452][  T417] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1344.974240][T14291] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1344.987136][T14291] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1345.688268][T11798] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1345.736632][T11798] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1345.747020][T11798] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1345.771566][T11798] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1345.779595][T11798] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1345.827340][T13359] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1345.910607][T14178] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1345.918470][T14178] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1345.925820][T14178] bridge_slave_0: entered allmulticast mode
[ 1345.934154][T14178] bridge_slave_0: entered promiscuous mode
[ 1345.943264][T14178] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1345.950488][T14178] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1346.089806][T14178] bridge_slave_1: entered allmulticast mode
[ 1346.738520][T14178] bridge_slave_1: entered promiscuous mode
[ 1346.947071][T14292] dummy0: entered promiscuous mode
[ 1346.953456][T14292] netdevsim netdevsim9 netdevsim0: entered promiscuous mode
[ 1346.995804][T14292] debugfs: 'hsr1' already exists in 'hsr'
[ 1347.019893][T14292] Cannot create hsr debugfs directory
[ 1347.061236][T14306] loop6: detected capacity change from 0 to 512
[ 1347.068638][T14292] hsr1: entered allmulticast mode
[ 1347.077303][T14292] dummy0: entered allmulticast mode
[ 1347.085189][T14292] netdevsim netdevsim9 netdevsim0: entered allmulticast mode
[ 1347.138433][T14306] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 1347.249437][  T417] netdevsim netdevsim8 netdevsim0 (unregistering): left promiscuous mode
[ 1347.260328][T14306] EXT4-fs error (device loop6): ext4_orphan_get:1391: inode #15: comm syz.6.1448: inode has both inline data and extents flags
[ 1347.269730][  T417] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1347.343799][T14306] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1347.344795][T14306] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.1448: couldn't read orphan inode 15 (err -117)
[ 1347.354166][    C1] EXT4-fs (loop6): error count since last fsck: 1
[ 1347.354202][    C1] EXT4-fs (loop6): initial error at time 1773526948: ext4_orphan_get:1391: inode 15
[ 1347.354258][    C1] EXT4-fs (loop6): last error at time 1773526948: ext4_orphan_get:1391: inode 15
[ 1347.418735][T14306] loop6: lost filesystem error report for type 5 error -117
[ 1347.431636][T14306] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1348.003007][T11798] Bluetooth: hci3: command tx timeout
[ 1348.630164][T14178] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1348.682774][T14134] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1348.709114][T14134] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1348.745757][T14134] bridge_slave_0: entered allmulticast mode
[ 1348.800802][T14134] bridge_slave_0: entered promiscuous mode
[ 1348.836064][T14134] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1348.878515][T14134] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1348.907607][T13359] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1348.920185][T14134] bridge_slave_1: entered allmulticast mode
[ 1349.149414][T14323] loop2: detected capacity change from 0 to 32768
[ 1349.177554][T14323] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1453 (14323)
[ 1349.216290][T14323] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1349.226582][T14323] BTRFS info (device loop2): using sha256 checksum algorithm
[ 1349.238705][T14134] bridge_slave_1: entered promiscuous mode
[ 1349.325949][T14178] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1349.407878][T14323] BTRFS info (device loop2): enabling ssd optimizations
[ 1349.415171][T14323] BTRFS info (device loop2): turning on async discard
[ 1349.421952][T14323] BTRFS info (device loop2): enabling free space tree
[ 1350.085724][T11798] Bluetooth: hci3: command tx timeout
[ 1350.217869][T14134] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1350.261628][T14178] team0: Port device team_slave_0 added
[ 1350.337310][T14178] team0: Port device team_slave_1 added
[ 1350.401284][T13399] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1350.598436][T14134] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1352.560212][T11798] Bluetooth: hci3: command tx timeout
[ 1353.636056][T14134] team0: Port device team_slave_0 added
[ 1353.643324][T14178] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1353.674758][T14178] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1353.723641][T14178] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1353.889623][T14134] team0: Port device team_slave_1 added
[ 1353.932166][T14178] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1353.964272][T14178] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1354.043116][T14178] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1354.150768][T14361] binder: BINDER_SET_CONTEXT_MGR already set
[ 1354.163799][T14361] binder: 14360:14361 ioctl 4018620d 200000004a80 returned -16
[ 1354.452282][T14365] loop6: detected capacity change from 0 to 32768
[ 1354.461028][T14365] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1466 (14365)
[ 1354.482652][T14365] BTRFS info (device loop6): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1354.493878][T14365] BTRFS info (device loop6): using crc32c checksum algorithm
[ 1354.501853][T14365] BTRFS warning (device loop6): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1354.674044][T11798] Bluetooth: hci4: command 0x0406 tx timeout
[ 1354.680183][T11798] Bluetooth: hci3: command tx timeout
[ 1355.187776][T14365] BTRFS info (device loop6): rebuilding free space tree
[ 1355.628442][  T417] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1355.784447][T14365] BTRFS info (device loop6): disabling free space tree
[ 1355.791622][T14365] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1355.804316][T14365] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1355.855271][T14365] BTRFS info (device loop6): enabling ssd optimizations
[ 1355.862350][T14365] BTRFS info (device loop6): turning on async discard
[ 1355.869456][T14365] BTRFS info (device loop6): enabling disk space caching
[ 1355.877063][T14365] BTRFS info (device loop6): force clearing of disk cache
[ 1355.884282][T14365] BTRFS info (device loop6): use zstd compression, level 3
[ 1355.913807][T14134] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1355.950051][T14134] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1356.066576][T14134] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1356.808065][T14178] hsr_slave_0: entered promiscuous mode
[ 1356.845320][T14178] hsr_slave_1: entered promiscuous mode
[ 1356.851802][T14178] debugfs: 'hsr0' already exists in 'hsr'
[ 1356.888366][T14178] Cannot create hsr debugfs directory
[ 1358.790274][T13359] BTRFS info (device loop6): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1358.870288][  T417] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1358.967263][T14134] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1359.013765][T14134] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1359.092468][T14134] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1360.452536][  T417] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1360.984068][  T417] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1361.142797][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1361.149637][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1361.169765][T14424] binder: BINDER_SET_CONTEXT_MGR already set
[ 1361.205500][T14424] binder: 14423:14424 ioctl 4018620d 200000004a80 returned -16
[ 1361.236759][T14134] hsr_slave_0: entered promiscuous mode
[ 1361.255360][T14134] hsr_slave_1: entered promiscuous mode
[ 1361.262068][T14134] debugfs: 'hsr0' already exists in 'hsr'
[ 1361.278426][T14134] Cannot create hsr debugfs directory
[ 1361.473241][T14298] chnl_net:caif_netlink_parms(): no params data found
[ 1363.210676][T14447] binder: BINDER_SET_CONTEXT_MGR already set
[ 1363.237066][T14447] binder: 14446:14447 ioctl 4018620d 200000004a80 returned -16
[ 1363.244848][T14450] binder: BINDER_SET_CONTEXT_MGR already set
[ 1363.244873][T14450] binder: 14448:14450 ioctl 4018620d 200000004a80 returned -16
[ 1363.356617][T14452] loop6: detected capacity change from 0 to 4096
[ 1363.372882][T14452] ntfs3(loop6): ino=3, Correct links count -> 2.
[ 1363.942215][T14463] ntfs3(loop6): ino=5, "/" ntfs_readdir
[ 1363.956496][T14298] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1363.971834][T14298] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1363.986356][T14298] bridge_slave_0: entered allmulticast mode
[ 1364.123693][T14298] bridge_slave_0: entered promiscuous mode
[ 1364.212133][T14298] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1364.250242][T14298] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1364.277491][T14298] bridge_slave_1: entered allmulticast mode
[ 1364.316206][T14298] bridge_slave_1: entered promiscuous mode
[ 1365.137694][T14475] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1365.336488][  T417] bridge_slave_1: left allmulticast mode
[ 1365.764319][  T417] bridge_slave_1: left promiscuous mode
[ 1365.770705][  T417] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1365.995529][  T417] bridge_slave_0: left allmulticast mode
[ 1366.022030][  T417] bridge_slave_0: left promiscuous mode
[ 1366.044024][  T417] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1366.327269][T14479] loop6: detected capacity change from 0 to 32768
[ 1366.349650][T14479] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1471 (14479)
[ 1366.368740][T14479] BTRFS info (device loop6): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1366.379551][T14479] BTRFS info (device loop6): using crc32c checksum algorithm
[ 1366.393968][T14479] BTRFS warning (device loop6): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1366.640418][  T417] bridge_slave_1: left allmulticast mode
[ 1366.668274][T14479] BTRFS info (device loop6): rebuilding free space tree
[ 1367.432225][  T417] bridge_slave_1: left promiscuous mode
[ 1367.456735][T14479] BTRFS info (device loop6): disabling free space tree
[ 1367.464326][T14479] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1367.474294][T14479] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1367.489671][T14479] BTRFS info (device loop6): enabling ssd optimizations
[ 1367.496995][T14479] BTRFS info (device loop6): turning on async discard
[ 1367.504149][T14479] BTRFS info (device loop6): enabling disk space caching
[ 1367.511382][T14479] BTRFS info (device loop6): force clearing of disk cache
[ 1367.518633][T14479] BTRFS info (device loop6): use zstd compression, level 3
[ 1367.583982][  T417] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1367.653903][  T417] bridge_slave_0: left allmulticast mode
[ 1367.659791][  T417] bridge_slave_0: left promiscuous mode
[ 1367.923812][  T417] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1368.497345][T13359] BTRFS info (device loop6): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1369.271253][T14513] faux_driver vgem: [drm] Unknown color mode 9; guessing buffer size.
[ 1370.737764][T14517] binder: BINDER_SET_CONTEXT_MGR already set
[ 1370.754674][T14517] binder: 14516:14517 ioctl 4018620d 200000004a80 returned -16
[ 1370.775556][  T417] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1370.789558][  T417] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1370.801296][T14519] binder: BINDER_SET_CONTEXT_MGR already set
[ 1370.807609][T14519] binder: 14518:14519 ioctl 4018620d 200000004a80 returned -16
[ 1370.818960][  T417] bond0 (unregistering): Released all slaves
[ 1371.020044][  T417] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1371.031697][  T417] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1371.042670][  T417] bond0 (unregistering): Released all slaves
[ 1371.115441][T14298] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1371.140737][T14298] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1371.193222][  T417] tipc: Left network mode
[ 1371.317730][T14298] team0: Port device team_slave_0 added
[ 1371.354310][T14298] team0: Port device team_slave_1 added
[ 1371.492261][T14298] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1371.509561][T14298] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1371.538585][T14298] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1371.682521][T14298] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1371.703765][T14298] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1371.887483][T14298] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1371.958782][T14298] hsr_slave_0: entered promiscuous mode
[ 1371.966207][T14298] hsr_slave_1: entered promiscuous mode
[ 1371.972990][T14298] debugfs: 'hsr0' already exists in 'hsr'
[ 1371.978977][T14298] Cannot create hsr debugfs directory
[ 1373.443765][T11798] Bluetooth: hci7: command 0x0406 tx timeout
[ 1375.560802][T14556] loop2: detected capacity change from 0 to 32768
[ 1375.578940][T14556] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1488 (14556)
[ 1375.610787][T14556] BTRFS info (device loop2): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1375.622209][T14556] BTRFS info (device loop2): using crc32c checksum algorithm
[ 1375.629812][T14556] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1375.801312][T14556] BTRFS info (device loop2): rebuilding free space tree
[ 1376.684907][T14556] BTRFS info (device loop2): disabling free space tree
[ 1376.692511][T14556] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1376.702862][T14556] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1376.812648][T14556] BTRFS info (device loop2): enabling ssd optimizations
[ 1376.819750][T14556] BTRFS info (device loop2): turning on async discard
[ 1376.826974][T14556] BTRFS info (device loop2): enabling disk space caching
[ 1376.834510][T14556] BTRFS info (device loop2): force clearing of disk cache
[ 1376.843319][T14556] BTRFS info (device loop2): use zstd compression, level 3
[ 1377.543716][  T417] dummy0: left promiscuous mode
[ 1377.652110][T14588] SQUASHFS error: Failed to read block 0x0: -5
[ 1378.186336][T13399] BTRFS info (device loop2): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1378.504058][  T417] hsr_slave_0: left promiscuous mode
[ 1378.563513][  T417] hsr_slave_1: left promiscuous mode
[ 1378.588553][  T417] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1378.600369][  T417] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1379.014570][  T417] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1379.022188][  T417] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1380.850063][T12701] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1381.177790][T12701] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1381.217095][T12701] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1381.583753][T12701] usb 7-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 1381.592915][T12701] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1381.618578][  T417] hsr_slave_0: left promiscuous mode
[ 1381.693770][T12701] usb 7-1: Product: syz
[ 1381.704968][  T417] hsr_slave_1: left promiscuous mode
[ 1381.738074][T12701] usb 7-1: config 0 descriptor??
[ 1381.754234][T14606] SQUASHFS error: Failed to read block 0x0: -5
[ 1381.761534][  T417] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1381.799004][T12701] usb 7-1: can't set config #0, error -71
[ 1381.803638][  T417] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1381.850877][  T417] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1381.850951][T12701] usb 7-1: USB disconnect, device number 2
[ 1381.908315][  T417] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1382.979085][  T417] veth1_macvtap: left promiscuous mode
[ 1383.027993][  T417] veth0_macvtap: left promiscuous mode
[ 1383.094235][  T417] veth1_vlan: left promiscuous mode
[ 1383.099595][  T417] veth0_vlan: left promiscuous mode
[ 1383.215186][T11798] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1383.227993][T11798] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1383.237182][T11798] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1383.263950][T11798] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1383.278130][T11798] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1383.393849][  T417] veth1_macvtap: left promiscuous mode
[ 1383.399398][  T417] veth0_macvtap: left promiscuous mode
[ 1383.424718][  T417] veth1_vlan: left promiscuous mode
[ 1383.430143][  T417] veth0_vlan: left promiscuous mode
[ 1385.376854][ T5831] Bluetooth: hci0: command tx timeout
[ 1388.458288][ T5831] Bluetooth: hci0: command tx timeout
[ 1388.963879][T14648] loop9: detected capacity change from 0 to 32768
[ 1388.973518][T14648] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.1502 (14648)
[ 1388.989438][T14648] BTRFS info (device loop9): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1388.999705][T14648] BTRFS info (device loop9): using crc32c checksum algorithm
[ 1389.007480][T14648] BTRFS warning (device loop9): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1389.143976][   T30] audit: type=1800 audit(1773526990.510:27): pid=14638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1499" name="bus" dev="overlay" ino=254 res=0 errno=0
[ 1389.263797][T14648] BTRFS info (device loop9): rebuilding free space tree
[ 1389.345276][T14648] BTRFS info (device loop9): disabling free space tree
[ 1389.352249][T14648] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1389.362239][T14648] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1389.379044][T14648] BTRFS info (device loop9): enabling ssd optimizations
[ 1389.386322][T14648] BTRFS info (device loop9): turning on async discard
[ 1389.393117][T14648] BTRFS info (device loop9): enabling disk space caching
[ 1389.400355][T14648] BTRFS info (device loop9): force clearing of disk cache
[ 1389.407551][T14648] BTRFS info (device loop9): use zstd compression, level 3
[ 1389.894838][  T417] team0 (unregistering): Port device team_slave_1 removed
[ 1389.957739][T12498] BTRFS info (device loop9): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1390.012520][  T417] team0 (unregistering): Port device team_slave_0 removed
[ 1390.489712][ T5831] Bluetooth: hci0: command tx timeout
[ 1392.160529][T11798] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1392.176056][T11798] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1392.192794][T11798] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1392.203193][T11798] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1392.212063][T11798] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1392.446559][  T417] team0 (unregistering): Port device team_slave_1 removed
[ 1392.495942][  T417] team0 (unregistering): Port device team_slave_0 removed
[ 1392.564913][ T5831] Bluetooth: hci0: command tx timeout
[ 1393.089214][T14697] binder: BINDER_SET_CONTEXT_MGR already set
[ 1393.104035][T14697] binder: 14696:14697 ioctl 4018620d 200000004a80 returned -16
[ 1394.323765][ T5831] Bluetooth: hci6: command tx timeout
[ 1395.165086][T14723] SQUASHFS error: Failed to read block 0x0: -5
[ 1396.420995][ T5831] Bluetooth: hci6: command tx timeout
[ 1397.619584][T14738] loop2: detected capacity change from 0 to 32768
[ 1397.629317][T14738] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1513 (14738)
[ 1397.681214][T14738] BTRFS info (device loop2): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1397.691642][T14738] BTRFS info (device loop2): using crc32c checksum algorithm
[ 1397.699169][T14738] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1397.821694][T14738] BTRFS info (device loop2): rebuilding free space tree
[ 1397.877963][T14738] BTRFS info (device loop2): disabling free space tree
[ 1397.885119][T14738] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1397.895028][T14738] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1397.936148][T14738] BTRFS info (device loop2): enabling ssd optimizations
[ 1397.943253][T14738] BTRFS info (device loop2): turning on async discard
[ 1397.950283][T14738] BTRFS info (device loop2): enabling disk space caching
[ 1397.957518][T14738] BTRFS info (device loop2): force clearing of disk cache
[ 1397.964860][T14738] BTRFS info (device loop2): use zstd compression, level 3
[ 1398.458618][T13399] BTRFS info (device loop2): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[ 1398.507363][ T5831] Bluetooth: hci6: command tx timeout
[ 1398.733202][T14615] chnl_net:caif_netlink_parms(): no params data found
[ 1398.826533][T14687] chnl_net:caif_netlink_parms(): no params data found
[ 1400.762014][ T5831] Bluetooth: hci6: command tx timeout
[ 1400.846444][T14770] overlayfs: failed to resolve './file0': -2
[ 1401.979616][  T417] IPVS: stop unused estimator thread 0...
[ 1403.299991][T14298] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1403.986467][T14687] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1403.993776][T14687] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1404.001059][T14687] bridge_slave_0: entered allmulticast mode
[ 1404.028994][T14687] bridge_slave_0: entered promiscuous mode
[ 1404.087414][T14615] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1404.303782][T14615] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1404.311154][T14615] bridge_slave_0: entered allmulticast mode
[ 1404.369425][T14615] bridge_slave_0: entered promiscuous mode
[ 1404.417183][T14615] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1404.464757][T14615] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1404.472135][T14615] bridge_slave_1: entered allmulticast mode
[ 1404.496800][T14615] bridge_slave_1: entered promiscuous mode
[ 1404.614094][T14298] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1404.679927][T14687] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1404.706750][T14687] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1404.731312][T14687] bridge_slave_1: entered allmulticast mode
[ 1404.761852][T14687] bridge_slave_1: entered promiscuous mode
[ 1404.785471][T11798] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1404.800486][T11798] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1404.808963][T11798] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1404.825721][T11798] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1404.835649][T11798] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1405.004757][T14615] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1405.028728][T14615] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1405.611357][T14687] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1405.646907][T14687] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1405.697775][T14615] team0: Port device team_slave_0 added
[ 1405.707323][T14615] team0: Port device team_slave_1 added
[ 1405.861822][T14615] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1405.869963][T14615] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1405.896313][T14615] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1405.926406][T14687] team0: Port device team_slave_0 added
[ 1405.936223][T14687] team0: Port device team_slave_1 added
[ 1405.942661][T14615] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1405.949984][T14615] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1405.977680][T14615] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1406.064213][T14687] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1406.071203][T14687] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1406.098996][T14687] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1406.126050][T14687] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1406.133157][T14687] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1406.167686][T14687] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1406.430474][T14615] hsr_slave_0: entered promiscuous mode
[ 1406.440108][T14615] hsr_slave_1: entered promiscuous mode
[ 1406.447189][T14615] debugfs: 'hsr0' already exists in 'hsr'
[ 1406.452971][T14615] Cannot create hsr debugfs directory
[ 1406.497291][T14687] hsr_slave_0: entered promiscuous mode
[ 1406.504703][T14687] hsr_slave_1: entered promiscuous mode
[ 1406.511808][T14687] debugfs: 'hsr0' already exists in 'hsr'
[ 1406.518075][T14687] Cannot create hsr debugfs directory
[ 1406.539913][  T417] bridge_slave_1: left allmulticast mode
[ 1406.546189][  T417] bridge_slave_1: left promiscuous mode
[ 1406.554340][  T417] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1406.565059][  T417] bridge_slave_0: left allmulticast mode
[ 1406.570800][  T417] bridge_slave_0: left promiscuous mode
[ 1406.577259][  T417] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1406.589763][  T417] bridge_slave_1: left allmulticast mode
[ 1406.596002][  T417] bridge_slave_1: left promiscuous mode
[ 1406.601880][  T417] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1406.612179][  T417] bridge_slave_0: left allmulticast mode
[ 1406.618091][  T417] bridge_slave_0: left promiscuous mode
[ 1406.625975][  T417] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1406.642213][  T417] bridge_slave_1: left allmulticast mode
[ 1406.648270][  T417] bridge_slave_1: left promiscuous mode
[ 1406.655373][  T417] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1406.666859][  T417] bridge_slave_0: left allmulticast mode
[ 1406.672540][  T417] bridge_slave_0: left promiscuous mode
[ 1406.678984][  T417] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1406.849690][  T417] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1406.861476][  T417] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1406.872465][  T417] bond0 (unregistering): Released all slaves
[ 1406.964581][ T5831] Bluetooth: hci1: command tx timeout
[ 1407.014610][  T417] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1407.028149][  T417] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1407.040175][  T417] bond0 (unregistering): Released all slaves
[ 1407.185933][  T417] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1407.201616][  T417] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1407.224645][  T417] bond0 (unregistering): Released all slaves
[ 1407.532147][  T417] hsr_slave_0: left promiscuous mode
[ 1407.544543][  T417] hsr_slave_1: left promiscuous mode
[ 1407.550849][  T417] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1407.562383][  T417] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1407.584632][  T417] hsr_slave_0: left promiscuous mode
[ 1407.590737][  T417] hsr_slave_1: left promiscuous mode
[ 1407.597381][  T417] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1407.606728][  T417] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1407.619973][  T417] hsr_slave_0: left promiscuous mode
[ 1407.629498][  T417] hsr_slave_1: left promiscuous mode
[ 1407.636418][  T417] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1407.646252][  T417] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1407.872911][  T417] team0 (unregistering): Port device team_slave_1 removed
[ 1407.902219][  T417] team0 (unregistering): Port device team_slave_0 removed
[ 1408.292589][  T417] team0 (unregistering): Port device team_slave_1 removed
[ 1408.316154][  T417] team0 (unregistering): Port device team_slave_0 removed
[ 1408.692265][  T417] team0 (unregistering): Port device team_slave_1 removed
[ 1408.725697][  T417] team0 (unregistering): Port device team_slave_0 removed
[ 1409.062670][ T5831] Bluetooth: hci1: command tx timeout
[ 1409.089304][T14804] chnl_net:caif_netlink_parms(): no params data found
[ 1409.448584][T14804] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1409.464052][T14804] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1409.471533][T14804] bridge_slave_0: entered allmulticast mode
[ 1409.479651][T14804] bridge_slave_0: entered promiscuous mode
[ 1409.508575][T14615] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1409.536885][T14804] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1409.550499][T14804] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1409.558350][T14804] bridge_slave_1: entered allmulticast mode
[ 1409.566743][T14804] bridge_slave_1: entered promiscuous mode
[ 1409.596491][T14615] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1409.689610][T14615] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1409.717862][T14804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1409.730796][T14615] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1409.792233][T14804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1409.977219][T14804] team0: Port device team_slave_0 added
[ 1409.987636][T14804] team0: Port device team_slave_1 added
[ 1410.070771][T14804] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1410.082408][T14804] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1410.110448][T14804] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1410.141813][T14804] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1410.149918][T14804] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1410.179272][T14804] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1410.331759][T14804] hsr_slave_0: entered promiscuous mode
[ 1410.338842][T14804] hsr_slave_1: entered promiscuous mode
[ 1410.349342][T14804] debugfs: 'hsr0' already exists in 'hsr'
[ 1410.359113][T14804] Cannot create hsr debugfs directory
[ 1410.606372][T14687] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1410.624318][T14687] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1410.652753][T14615] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1410.693995][T14687] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1410.744637][T14687] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1410.836412][T14615] 8021q: adding VLAN 0 to HW filter on device team0
[ 1410.872483][ T7398] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1410.879692][ T7398] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1410.972212][T10112] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1410.979404][T10112] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1411.071139][  T417] bridge_slave_1: left allmulticast mode
[ 1411.077263][  T417] bridge_slave_1: left promiscuous mode
[ 1411.083059][  T417] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1411.092644][  T417] bridge_slave_0: left allmulticast mode
[ 1411.098406][  T417] bridge_slave_0: left promiscuous mode
[ 1411.104689][  T417] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1411.123703][ T5831] Bluetooth: hci1: command tx timeout
[ 1411.249535][  T417] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1411.260767][  T417] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1411.271690][  T417] bond0 (unregistering): Released all slaves
[ 1411.344144][T14615] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1411.461166][  T417] hsr_slave_0: left promiscuous mode
[ 1411.469460][  T417] hsr_slave_1: left promiscuous mode
[ 1411.476428][  T417] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1411.502283][  T417] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1411.667662][  T417] team0 (unregistering): Port device team_slave_1 removed
[ 1411.691880][  T417] team0 (unregistering): Port device team_slave_0 removed
[ 1411.912228][T14687] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1411.966018][T14687] 8021q: adding VLAN 0 to HW filter on device team0
[ 1411.998460][  T103] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1412.005968][  T103] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1412.080617][  T103] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1412.087933][  T103] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1412.297959][T14804] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1412.312950][T14804] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1412.334537][T14804] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1412.361314][T14615] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1412.385475][T14804] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1412.533131][T14615] veth0_vlan: entered promiscuous mode
[ 1412.566974][T14615] veth1_vlan: entered promiscuous mode
[ 1412.679864][T14615] veth0_macvtap: entered promiscuous mode
[ 1412.710682][T14804] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1412.735901][T14615] veth1_macvtap: entered promiscuous mode
[ 1412.782881][T14804] 8021q: adding VLAN 0 to HW filter on device team0
[ 1412.810964][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1412.818237][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1412.833119][T14615] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1412.852456][T14687] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1412.869517][T14615] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1412.887773][T10112] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1412.895265][T10112] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1412.938829][  T103] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1412.961881][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1412.989028][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1413.018646][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1413.205765][ T5831] Bluetooth: hci1: command tx timeout
[ 1413.245616][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1413.266150][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1413.356988][  T417] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1413.389660][  T417] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1414.072043][T14931] GUP no longer grows the stack in syz.2.1529 (14931): 200000006000-200000009000 (200000004000)
[ 1414.083347][T14931] CPU: 1 UID: 0 PID: 14931 Comm: syz.2.1529 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1414.083406][T14931] Tainted: [L]=SOFTLOCKUP
[ 1414.083421][T14931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1414.083446][T14931] Call Trace:
[ 1414.083460][T14931]  <TASK>
[ 1414.083475][T14931]  dump_stack_lvl+0x100/0x190
[ 1414.083543][T14931]  gup_vma_lookup.cold+0x83/0x96
[ 1414.083607][T14931]  fixup_user_fault+0x253/0x510
[ 1414.083672][T14931]  fault_in_user_writeable+0x70/0xe0
[ 1414.083733][T14931]  futex_lock_pi+0x682/0x7b0
[ 1414.083784][T14931]  ? __pfx_futex_lock_pi+0x10/0x10
[ 1414.083823][T14931]  ? preempt_schedule_common+0x42/0xc0
[ 1414.083883][T14931]  ? preempt_schedule_thunk+0x16/0x30
[ 1414.083960][T14931]  ? __pfx_try_to_wake_up+0x10/0x10
[ 1414.084024][T14931]  ? futex_private_hash_put+0x107/0x1c0
[ 1414.084090][T14931]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1414.084148][T14931]  ? finish_task_switch.isra.0+0x205/0xb80
[ 1414.084205][T14931]  ? finish_task_switch.isra.0+0x205/0xb80
[ 1414.084265][T14931]  do_futex+0x18a/0x350
[ 1414.084329][T14931]  ? __pfx_do_futex+0x10/0x10
[ 1414.084392][T14931]  ? preempt_schedule_irq+0x7b/0x90
[ 1414.084446][T14931]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1414.084505][T14931]  __x64_sys_futex+0x34f/0x4d0
[ 1414.084576][T14931]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1414.084669][T14931]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1414.084727][T14931]  do_syscall_64+0x106/0xf80
[ 1414.084783][T14931]  ? irqentry_exit+0x138/0x670
[ 1414.084845][T14931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1414.084887][T14931] RIP: 0033:0x7f788a79c799
[ 1414.084918][T14931] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1414.084961][T14931] RSP: 002b:00007f788b60d028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1414.084999][T14931] RAX: ffffffffffffffda RBX: 00007f788aa16180 RCX: 00007f788a79c799
[ 1414.085027][T14931] RDX: 0000000000000002 RSI: 000000000000008d RDI: 0000200000004000
[ 1414.085053][T14931] RBP: 00007f788a832c99 R08: 0000000000000000 R09: 0000000000000082
[ 1414.085079][T14931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1414.085104][T14931] R13: 00007f788aa16218 R14: 00007f788aa16180 R15: 00007ffc017e4c68
[ 1414.085157][T14931]  </TASK>
[ 1414.331806][T14932] Bluetooth: MGMT ver 1.23
[ 1417.106832][T14804] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1417.307560][T14687] veth0_vlan: entered promiscuous mode
[ 1417.377028][T14687] veth1_vlan: entered promiscuous mode
[ 1421.803381][T14687] veth0_macvtap: entered promiscuous mode
[ 1421.816820][T14687] veth1_macvtap: entered promiscuous mode
[ 1421.842826][T14687] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1421.863779][T14687] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1421.927856][  T103] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1421.954715][  T103] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1421.979243][  T103] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1422.072562][  T103] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1422.197222][T14804] veth0_vlan: entered promiscuous mode
[ 1422.432187][T14804] veth1_vlan: entered promiscuous mode
[ 1422.570243][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1422.577297][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1422.697889][T14961] loop9: detected capacity change from 0 to 2048
[ 1423.096406][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1423.247483][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1423.457404][T14961] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1423.473295][T14961] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1424.024460][  T417] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1424.032455][  T417] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1424.188709][T14804] veth0_macvtap: entered promiscuous mode
[ 1424.509553][T14804] veth1_macvtap: entered promiscuous mode
[ 1424.525824][T12498] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1425.002011][T14804] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1425.100035][T14804] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1426.229673][  T103] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1426.274024][  T103] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1426.282958][  T103] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1426.314098][  T103] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1426.438657][T14981] SQUASHFS error: Failed to read block 0x0: -5
[ 1428.086806][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1428.173704][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1428.406226][T15001] x_tables: duplicate underflow at hook 2
[ 1428.611333][ T2965] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1428.896158][ T2965] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1432.648876][T15035] loop2: detected capacity change from 0 to 2048
[ 1432.988748][ T5831] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[ 1433.021351][ T5831] CPU: 0 UID: 0 PID: 5831 Comm: kworker/u9:4 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1433.021417][ T5831] Tainted: [L]=SOFTLOCKUP
[ 1433.021432][ T5831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1433.021460][ T5831] Workqueue: hci4 hci_rx_work
[ 1433.021514][ T5831] Call Trace:
[ 1433.021527][ T5831]  <TASK>
[ 1433.021543][ T5831]  dump_stack_lvl+0x100/0x190
[ 1433.021606][ T5831]  sysfs_warn_dup.cold+0x1c/0x28
[ 1433.021665][ T5831]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1433.021717][ T5831]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1433.021766][ T5831]  ? find_held_lock+0x2b/0x80
[ 1433.021814][ T5831]  ? kobject_add_internal+0x25f/0x930
[ 1433.021882][ T5831]  ? kobject_add_internal+0x25f/0x930
[ 1433.021958][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.022009][ T5831]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1433.022055][ T5831]  kobject_add_internal+0x2c8/0x930
[ 1433.022131][ T5831]  kobject_add+0x16a/0x1e0
[ 1433.022169][ T5831]  ? __pfx_kobject_add+0x10/0x10
[ 1433.022206][ T5831]  ? preempt_schedule_thunk+0x16/0x30
[ 1433.022267][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.022316][ T5831]  ? kobject_put+0xb9/0x640
[ 1433.022376][ T5831]  ? _raw_spin_unlock+0x3e/0x50
[ 1433.022441][ T5831]  device_add+0x294/0x1950
[ 1433.022488][ T5831]  ? __pfx_dev_set_name+0x10/0x10
[ 1433.022543][ T5831]  ? __pfx_device_add+0x10/0x10
[ 1433.022589][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.022639][ T5831]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1433.022703][ T5831]  hci_conn_add_sysfs+0x1a3/0x260
[ 1433.022765][ T5831]  le_conn_complete_evt+0x11cb/0x1f40
[ 1433.022829][ T5831]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1433.022894][ T5831]  hci_le_conn_complete_evt+0x23c/0x3a0
[ 1433.022955][ T5831]  ? skb_pull_data+0x15f/0x1e0
[ 1433.023005][ T5831]  hci_le_meta_evt+0x34a/0x5f0
[ 1433.023060][ T5831]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1433.023119][ T5831]  hci_event_packet+0x682/0x11c0
[ 1433.023170][ T5831]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1433.023227][ T5831]  ? __pfx_hci_event_packet+0x10/0x10
[ 1433.023278][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.023331][ T5831]  ? kcov_remote_start+0x374/0x660
[ 1433.023384][ T5831]  ? lockdep_hardirqs_on+0x78/0x100
[ 1433.023442][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.023503][ T5831]  hci_rx_work+0x451/0xfc0
[ 1433.023566][ T5831]  process_one_work+0xa23/0x19a0
[ 1433.023625][ T5831]  ? __pfx_process_one_work+0x10/0x10
[ 1433.023663][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.023727][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.023785][ T5831]  worker_thread+0x5ef/0xe50
[ 1433.023843][ T5831]  ? kthread+0x13a/0x450
[ 1433.023902][ T5831]  ? __pfx_worker_thread+0x10/0x10
[ 1433.023938][ T5831]  kthread+0x370/0x450
[ 1433.024005][ T5831]  ? __pfx_kthread+0x10/0x10
[ 1433.024070][ T5831]  ret_from_fork+0x754/0xd80
[ 1433.024138][ T5831]  ? __pfx_ret_from_fork+0x10/0x10
[ 1433.024203][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.024252][ T5831]  ? __switch_to+0x7b4/0x1120
[ 1433.024299][ T5831]  ? __pfx_kthread+0x10/0x10
[ 1433.024365][ T5831]  ret_from_fork_asm+0x1a/0x30
[ 1433.024435][ T5831]  </TASK>
[ 1433.463761][ T5831] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1433.478590][ T5831] Bluetooth: hci4: failed to register connection device
[ 1433.505306][ T5831] Oops: general protection fault, probably for non-canonical address 0xdffffc000000004c: 0000 [#1] SMP KASAN NOPTI
[ 1433.517447][ T5831] KASAN: null-ptr-deref in range [0x0000000000000260-0x0000000000000267]
[ 1433.525917][ T5831] CPU: 0 UID: 0 PID: 5831 Comm: kworker/u9:4 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1433.537085][ T5831] Tainted: [L]=SOFTLOCKUP
[ 1433.541595][ T5831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1433.551730][ T5831] Workqueue: hci4 hci_rx_work
[ 1433.556477][ T5831] RIP: 0010:kasan_byte_accessible+0x15/0x30
[ 1433.562517][ T5831] Code: 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 40 d6 48 b8 00 00 00 00 00 fc ff df 48 c1 ef 03 48 01 c7 <0f> b6 07 3c 07 0f 96 c0 e9 d9 1d 9c fe 66 66 2e 0f 1f 84 00 00 00
[ 1433.582605][ T5831] RSP: 0018:ffffc900034f7748 EFLAGS: 00010282
[ 1433.588755][ T5831] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 1433.596762][ T5831] RDX: 0000000000000000 RSI: ffffffff89563d21 RDI: dffffc000000004c
[ 1433.604768][ T5831] RBP: 0000000000000260 R08: 0000000000000001 R09: 0000000000000000
[ 1433.612764][ T5831] R10: ffffc900034f7838 R11: 0000000000000000 R12: ffffffff89563d21
[ 1433.620959][ T5831] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000
[ 1433.628966][ T5831] FS:  0000000000000000(0000) GS:ffff888124343000(0000) knlGS:0000000000000000
[ 1433.638155][ T5831] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1433.644816][ T5831] CR2: 0000001b2fa0aff8 CR3: 0000000030ca1000 CR4: 0000000000350ef0
[ 1433.652816][ T5831] Call Trace:
[ 1433.656109][ T5831]  <TASK>
[ 1433.659050][ T5831]  __kasan_check_byte+0x13/0x50
[ 1433.663974][ T5831]  lock_acquire+0x148/0x380
[ 1433.668526][ T5831]  ? do_raw_read_unlock+0x3f/0x70
[ 1433.673589][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.679413][ T5831]  lock_sock_nested+0x41/0xf0
[ 1433.684245][ T5831]  ? l2cap_sock_new_connection_cb+0x4c/0x260
[ 1433.690301][ T5831]  l2cap_sock_new_connection_cb+0x4c/0x260
[ 1433.696181][ T5831]  l2cap_connect_cfm+0x4e2/0x1050
[ 1433.701276][ T5831]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 1433.706812][ T5831]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 1433.712407][ T5831]  le_conn_complete_evt+0x195c/0x1f40
[ 1433.717964][ T5831]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1433.723753][ T5831]  hci_le_conn_complete_evt+0x23c/0x3a0
[ 1433.729355][ T5831]  ? skb_pull_data+0x15f/0x1e0
[ 1433.734160][ T5831]  hci_le_meta_evt+0x34a/0x5f0
[ 1433.738981][ T5831]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1433.745287][ T5831]  hci_event_packet+0x682/0x11c0
[ 1433.750456][ T5831]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1433.755793][ T5831]  ? __pfx_hci_event_packet+0x10/0x10
[ 1433.761213][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.766985][ T5831]  ? kcov_remote_start+0x374/0x660
[ 1433.772141][ T5831]  ? lockdep_hardirqs_on+0x78/0x100
[ 1433.777739][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.783433][ T5831]  hci_rx_work+0x451/0xfc0
[ 1433.787910][ T5831]  process_one_work+0xa23/0x19a0
[ 1433.792894][ T5831]  ? __pfx_process_one_work+0x10/0x10
[ 1433.798297][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.803984][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.809927][ T5831]  worker_thread+0x5ef/0xe50
[ 1433.814647][ T5831]  ? kthread+0x13a/0x450
[ 1433.819125][ T5831]  ? __pfx_worker_thread+0x10/0x10
[ 1433.824267][ T5831]  kthread+0x370/0x450
[ 1433.828392][ T5831]  ? __pfx_kthread+0x10/0x10
[ 1433.833033][ T5831]  ret_from_fork+0x754/0xd80
[ 1433.837720][ T5831]  ? __pfx_ret_from_fork+0x10/0x10
[ 1433.842883][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.848642][ T5831]  ? __switch_to+0x7b4/0x1120
[ 1433.853472][ T5831]  ? __pfx_kthread+0x10/0x10
[ 1433.858116][ T5831]  ret_from_fork_asm+0x1a/0x30
[ 1433.862927][ T5831]  </TASK>
[ 1433.865955][ T5831] Modules linked in:
[ 1433.871620][ T5831] ---[ end trace 0000000000000000 ]---
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1433.972093][ T5831] RIP: 0010:kasan_byte_accessible+0x15/0x30
[ 1433.979682][ T5831] Code: 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 40 d6 48 b8 00 00 00 00 00 fc ff df 48 c1 ef 03 48 01 c7 <0f> b6 07 3c 07 0f 96 c0 e9 d9 1d 9c fe 66 66 2e 0f 1f 84 00 00 00
[ 1434.002807][T15035] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1434.002878][ T5831] RSP: 0018:ffffc900034f7748 EFLAGS: 00010282
[ 1434.015506][T15035] ext4 filesystem being mounted at /56/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1434.034544][ T5831] 
[ 1434.036934][ T5831] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 1434.046952][ T5831] RDX: 0000000000000000 RSI: ffffffff89563d21 RDI: dffffc000000004c
[ 1434.056219][ T5831] RBP: 0000000000000260 R08: 0000000000000001 R09: 0000000000000000
[ 1434.065463][ T5831] R10: ffffc900034f7838 R11: 0000000000000000 R12: ffffffff89563d21
[ 1434.075309][ T5831] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000
[ 1434.089049][ T5831] FS:  0000000000000000(0000) GS:ffff888124343000(0000) knlGS:0000000000000000
[ 1434.099373][ T5831] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1434.106556][ T5831] CR2: 0000001b31efdff8 CR3: 0000000079fd6000 CR4: 0000000000350ef0
[ 1434.117047][ T5831] Kernel panic - not syncing: Fatal exception
[ 1434.123554][ T5831] Kernel Offset: disabled
[ 1434.127939][ T5831] Rebooting in 86400 seconds..