last executing test programs:

25m6.884405808s ago: executing program 32 (id=1236):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5000000010000100"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000300012800b00010065727370616e000020000280040012000500160002000000060018"], 0x50}}, 0x4080)

24m15.695375312s ago: executing program 33 (id=1649):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000700)='./file1\x00', 0x1008400, &(0x7f00000006c0)=ANY=[], 0x85, 0x676, &(0x7f0000000800)="$eJzs3c1vHGcdB/DvbNZONpTUbZM2RZUSNRIgIhI7Vgrm0oAQyqFCVTlwthInsbJJi+0it0LUvF97yB9QDr5xQEjcI8qFC9x69bESgksvmNOimZ1db/y6bhOvHT6favw8M888z/ye387s7EujDfB/6/rFNB+myPWLbyyX62ur0+211el7vXqS40kaSbNbpPhPp9P5OLmW7pKXy431cMVOx3kwP/PWJ5+tfdpda9ZLtX9jt37DWamXnE9yrC4f13g39hrvxF7DFf0Zlgm70EscjNpYkk7lXw+6W37yt2f6LQNa2/Xe88wHjoCie9/cYiI5WV/o5euA7l2xe88+0lZGHQAAAAAcgGfXs57lnBp1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU1L//X9RLo1c/n6L3+//j9bbU9cPl3P52f/ik4gAAAAAAAACAA3RuPetZzqneeqeovvN/tVo5Xf39Ut7NYuaykEtZzmyWspSFTCWZGBhofHl2aWlhqt+z938GbO15ZdueV/YI9Hhdth7HrAEAAAAAAADgqfPLXN/4/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6DIjnWLarldK8+kUYzyYkk4+V+K8k/evWj7OGoAwAAAIAvoDPkfs+uZz3LOdXvV1Tv+V+s3vefyLu5n6XMZyntzOVm9VlA911/Y211ur22On2vXLaO+91/7yvcasR0P3vY/shnqz1auZX5asul3MjbKYqbaVQ9S2d78Wwf1y/KmIrXu8aGjOxmXZYz/7Aut/hgX5PdyT4/TJmoMjLWz8hkHVuZjed2z8Q+H53NR5pKox/s6U1H2jSJR3L++pDHO1mX5Xx+u1POR2JzJq4MnH0v7p7z5Gt//sOP77Tv371za/Hi4ZnScI7VZfd5pbU1E9MDmXjpac7EFpNVJs7016/nB/lRLuZ83sxC5vPTzGYpczmf71e12fp8LgYu+R0yde2RtTf3imS8PkO7D9ajMWWPmF6t+p7KfH6Yt3Mzc3mt+u9KpvKtXM3VzAw8wmeGeKZt7HDVd768bfAXvl5XWkl+V5eV2829Jv6ElXl9biCvg8+5E1Xb4JaNLD2/j/tRL0t/3D2U5lfqSnmMX9Xl4bA5E1MDmXhh90z8vnpaWWzfv7twZ/ad4Q73/Id1pbyOfnOo7hLl+fJ8+WBVa4+eHWXbC3XbWLVs5Gu8/sal26+xpe1Mv617pa7seKWO16/hto50pWp7adu26art7EDb5tdb7f7roafhyx+Ap9bJb5wcb/2z9ffWR61ft+603jjxvePfPv7KeMb+Ovad5uSxrzZeKf6Uj/Lzjff/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA57f43vt3Z9vtuYVNlU6n88EOTUe50vs5swM86MvPJKOa8niSw5H5/3Y6nXpLcRji2b3SKR1P53N2/0uS4XZuJtmu6dzokzDiJybgibu8dO+dy4vvvf/N+Xuzt+duz92fuXp1ZnLm6mvTl2/Nt+cmu39HHSXwJGzc9EcdCQAAAAAAAAAAADCsg/jnBDsf/cRBThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4oq5fTPNhikxNXpos19dWp9vl0qtv7NlM0khS/CwpPk6upbtkYmC4YqfjPJifeeuTz9Y+3Rir2du/sVu/4azUS84nOVaXj2u8G194vKI/wzJhF3qJg1H7XwAAAP//DJEGHw==")
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="04030b00c800ce5dd37d19965fc01aff701b650101000000000000000000be0fd2b9228fdd729d2e844f66b0148e71729157fb7c50a2989575f160fc528c56d6af7f52ea46"], 0xe)
setxattr(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB='osx.'], 0x0, 0x0, 0x0)
rename(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00')

24m12.435539826s ago: executing program 34 (id=1671):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000080)=0x2)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f00000000c0))
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000002, 0x8012, r0, 0x0)

23m44.530402382s ago: executing program 35 (id=1898):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000340)={{0x80, 0xfc}, 'port1\x00', 0x0, 0x60004, 0x0, 0xffffffff, 0x6da, 0x0, 0x0, 0x0, 0x1, 0x6})
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000001e00)={{0x80, 0x80}, 'port1\x00', 0x3d, 0x0, 0x7ffb, 0x1, 0x10001, 0x6935, 0x5, 0x0, 0x3, 0x9})
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r0, 0xc0a85352, &(0x7f0000000200)={{0x80, 0x9}, 'port0\x00', 0x89, 0x90010, 0x4, 0x8, 0x0, 0x0, 0x200000, 0x0, 0x4875c99660ff2b2d})

20m10.08928499s ago: executing program 36 (id=3945):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000106a053103000000000001090224000100008000090400101c0300010009210000000122f80409058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_connect(0x2, 0x36, &(0x7f0000000380)={{0x12, 0x1, 0x110, 0x7f, 0x17, 0xdd, 0x40, 0x5d1, 0x9001, 0x9b7a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x40, 0x8, 0x1, [{{0x9, 0x4, 0x14, 0x1, 0x1, 0x3f, 0x37, 0x9f, 0x3, [@uac_as={[@format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0x6, 0xc55, 0x40}]}], [{{0x9, 0x5, 0xc, 0xc, 0x10, 0x3, 0x4, 0x79}}]}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)

18m49.822277849s ago: executing program 37 (id=4659):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r2, 0x4068aea3, &(0x7f0000000100)={0xbe, 0x0, 0x1})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0x4b564d04, 0x0, 0x436}]})

18m23.516056185s ago: executing program 38 (id=4819):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
open(&(0x7f0000000200)='./file1\x00', 0x4a07e, 0xdc)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup\x00', 0x42, 0x81)

17m52.812608222s ago: executing program 39 (id=5002):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x1a1000a, &(0x7f00000003c0)=ANY=[], 0x21, 0x1507, &(0x7f0000003040)="$eJzs3Au4TtX2MPAx5pyLTdKb5D7HHIs3bUyXJLkkySVJkiNJbgkhSZKQ3G9JSELuSe4huYXkfr/lniRJkiQkJJnf45zO1zmn8//39f/3fZ7vv8fvedbzzvGud8w15h5773ettZ93f9NhSOW6VSrUZmb4b8G/PXQHgBQA6A8A1wFABAAlspTIcmV/Bo3d/3sHEX+uh6Zf7QrE1ST9T9uk/2mb9D9tk/6nbdL/tE36n7ZJ/9M26b8Qadn2GTmvly3tbnL/Py2T9///QY4WHvvFxsI3dvwDKdL/tE36n7ZJ/9M26X/aJv1P26T/aZv0P22T/guRlv3X7x3L3w7+J2xX+/tPCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIUTacCH8ygDA38dXuy4hhBBCCCGEEEL8eUL6q12BEEIIIYQQQggh/u9DUKDBQATpID2kQAbICNdAJrgWMsN1kIDrIQvcAFnhRsgG2SEH5IRckBvygAUCBwwx5IV8kISbID/cDKlQAApCIfBQGIpAUSgGt0BxuBVKwG1QEm6HUlAaykBZuAPKwZ1QHu6CCnA3VIRKUBmqwD1QFe6FanAfVIf7oQY8ADXhQagFf4Ha8BDUgYehLjwC9eBRqA8NoCE0gsb/pfwXoAu8CF2hG3SHHtATekFv6AN9oR/0h5dgALwMA+EVGASDYQi8CkPhNRgGr8NwGAEj4Q0YBaNhDIyFcTAeJsCbMBHegknwNkyGKTAVpsF0mAEz4R2YBbNhDrwLc+E9mAfzYQEshEXwPiyGJbAUPoBl8CEshxWwElbBalgDa2EdrIcNsBE2wWbYAlthG2yHj2AH7IRdsBv2wF7YBx/DfvgEDsCncBA++4P55/8lvyMCAipUaNBgOkyHKZiCGTEjZsJMmBkzYwITmAWzYFbMitkwG+bAHJgLc2EezIOEhIyMeTEvJjGJ+TE/pmIqFsSC6NFjESyCxfAWLI7FsQSWwJJYEkthaSyNZbEslsNyWB7LYwWsgBWxIlbGyngP3oP3YjWshtWxOtbAGlgTa2ItrIW1sTbWwTpYF+tiPayH9bE+NsSG2BgbYxNsgk2xKTbH5tgCW2ArbIWtsTW2wTbYFttiO2yH7bE9dsAO2BE7YSd8AV/AF/FF7IYVVQ/siT2xN/bGvtgP++FLOABfxpfxFRyEg3EIvoqv4ms4DM/hcByBI3EkllOjcQyORVbjcQJOwIk4ESfhJJyMU3AKTsPpOANn4kychbNxNr6Lc/E9fA/n43xciItwES7GJbgUl+IyPI/LcQWuxFW4GtfgalyH63EdbsRNuBG34BbchtvwI/wId+JO3I27cS8aAPwYP8FPcBAexIN4CA/hYTyMR/AIHsWjeAyP4XE8jifwBJ7Ek3gKT+MZPI1n8Syew/N4AS/gRbyIl/C5XF/V2VtgwyBQVxhlVDqVTqWoFJVRZVSZVCaVWWVWCZVQWVQWlVVlVdlUNpVD5VC5VC6VR+VRpEixilVelVclVVLlV/lVqkpVBVVB5ZVXRVQRVUwVU8VVcVVC3aZKqttVKVVaNfNlVVlVTjX35dVdqoKqoCqqSqqyqqKqqKqqqqqmqqnqqrqqoWqomupBVUv1wL74kLrSmbpqMNZTQ7C+aqAaqkbqNXxMNVHDsKlqppqrJ9QIHI6tVBPfWj2l2qgx2FY9o8bis6q9Go8d1POqo+qkOqsXVBfV1HdV3dRk7KF6qmnYW/VRfVU/NQsrqSsdq6xeUYPUYDVEvaoW4mtqmHpdDVcj1Ej1hhqlRqsxaqwap8arCepNNVG9pSapt9VkNUVNVdPUdDVDzVTvqFlqtpqj3lVz1XtqnpqvFqiFapF6Xy1WS9RS9YFapj5Uy9UKtVKtUqvVGrVWrVPr1Qa1UW1Sm9UWtVVtU9vVR2qH2ql2qd1qj9qr9qmP1X71iTqgPlUH1WfqkPpcHVZfqCPqS3VUfaWOqa/VcfWNOqG+VSfVd+qUOq3OqO/VWfWDOqfOqwvqR3VR/aQuqZ/VZRUUaNRKa210pNPp9DpFZ9AZ9TU6k75WZ9bX6YS+XmfRN+is+kadTWfXOXROnUvn1nm01aSdZh3rvDqfTuqbdH59s07VBXRBXUh7XVgX0UV1MX2LLq5v1SX0bbqkvl2X0qV1GV1W36HL6Tt1eX2XrqDv1hV1JV1ZV9H36Kr6Xl1N36er6/t1Df2Arqkf1LX0X3Rt/ZCuox/WdfUjup5+VNfXDXRD3Ug31o/pJvpx3VQ30831E7qFbqlb6Sd1a/2UbqOf1m31M7qdfla318/pDvp53VF30p31z/qyDrqr7qa76x66p+6le+s+uq/up/vrl/QA/bIeqF/Rg/RgPUS/qofq1/Qw/boerkfokfoNPUqP1mP0WD1Oj9cT9Jt6on5LT9Jv68l6ip6qp+npeobu+8tMc/4P8t/6N/kD/3r0bXq7/kjv0Dv1Lr1b79F79T69T+/X+/UBfUAf1Af1IX1IH9aH9RF9RB/VR/UxfUwf18f1CX1Cn9Qn9Sl9Wv+ov9dn9Q/6nD6vz+sf9UV9UV/65WsABo0y2hgTmXQmvUkxGUxGc43JZK41mc11JmGuN1nMDSarudFkM9lNDpPT5DK5TR5jDRln2MQmr8lnkuYm/OWEwhQ0hYw3hU0RU/SP5Jv85maTagr8U/7v1dfYNDZNTBPT1DQ1zU1z08K0MK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1X0910Nz1NL9Pb9DF9TT/T37xkBpgBZqAZaAaZQWaIGWKGmqFmmBlmhpvhZqQZaUaZUWaMGWPGmXFmgplgJpqJZpKZZCabyWaqmWqmm+lmpplpZplZZo6ZY+aauWaemWcWmAVmkVlkFpvFZqlZapaZZWa5WWFWmFVmlVlj1ph1Zp3ZYDaYTWaT2WK2mOVmu9ludpgdZpfZZfaYPWaf2Wf2m/3mgDlgDpqD5pA5ZA6bw+aIOWKOmqPmmDlmjpvj5oQ5YU6ak+aUOWXOmDPmrDlrzplz5oK5YC6ai+aSuWQum8tXTvsiFanIRCZKF6WLUqKUKGOUMcoUZYoyR5mjRJSIskRZoqzRjVG2KHuUI8oZ5YpyR3kiG1HkIo7iKG+UL0pGN0X5o5uj1KhAVDAqFPmocFQkKhoVi26Jike3RiWi26KS0e1Rqah0VCYqG90RlYvujMpHd0UVorujilGlqHJUJbonqhrdG1WL7ouqR/dHNaIHoprRg1Gt6C9R7eihqE70cFQ3eiSqFz0a1Y8aRA2jRlHjP3X+EM5lf9x3td1sd9vD9rS9bG/bx/a1/Wx/+5IdYF+2A+0rdpAdbIfYV+1Q+5odZl+3w+0IO9K+YUfZ0XaMHWvH2fF2gn3TTrRv2Un2bTvZTrFT7TQ73c6wM+07dpadbefYd+1c+56dZ+fbBXahXWTft4vtErvUfmCX2Q/tcrvCrrSr7Gq7xq616+x6u8FutJvsZrvFbrXb7Hb7kd1hd9pddrfdY/faffZju99+Yg/YT+1B+5k9ZD+3h+0X9oj90h61X9lj9mt73H5jT9hv7Un7nT1lT9sz9nt71v5gz9nz9oL90V60P9lL9md72YYrJ/dX3t7JkKF0lI5SKIUyUkbKRJkoM2WmBCUoC2WhrJSVslE2ykE5KBflojyUh65gYspLeSlJScpP+SmVUqkgFSRPnopQESpGxag4FacSVIJKUkkqRaWoDJWhO+gOupPupLvoLrqb7qZKVImqUBWqSlWpGlWj6lSdalANqkk1qRbVotpUm+pQHapLdake1aP6VJ8aUkNqTI2pCTWhptSUmlNzakEtqBW1otbUmtpQG2pLbakdtaP21J46UAfqSB2pM3WmLtSFulJX6k7dqSf1pN7Um/pSX+pP/WkADaCBNJAG0SAaQkNoKA2lYTSMhtMIGklv0CgaTWNoLI2j8TSBJtBEmkiTaBJNpsk0labSdJpOM2kmzaJZNIfm0FyaS/NoHi2gBbSIFtFiWkxLaSkto2W0nJbTSlpJq2k1raW1tJ7W00baSJtpM22lrbSdttMO2kG7aBftoT20j/bRftpPB+gAHaSDdIgOBQSgI3SEjtJROkbH6DgdpxN0gk7SSTpFp+gMnaGzdJbO0Tm6QBfoIv1El+hnukyBUlwGl9Fd4zK5a11md5371ziHy+lyudwuj7Mum8v+TzE551JdAVfw75eYrqhLTbnyWMh5V9gVcUVdKVfalXFl3R2unLvTlf9NXNXd66q5+1x1d7+r4u75p7iGe8DVdI+4Wu5RV9s1cHVcI1fXPeLquUddfdfANXSNXAvX0rVyT7rW7inXxj39m3ixW+LWuw1uo9vk9rtP3AX3ozvuvnEX3U+uq+vm+ruX3AD3shvoXnGD3ODfxCPdG26UG+3GuLFunBv/m3iqm+amuxlupnvHzXKzfxMvcu+7uW6pm+fmuwVu4V/jKzUtdR+4Ze5Dt9ytcCvdKrfarXFr3br/Xesqt8VtddvcPvex2+F2ul1ut9vj9v41vrKOA+5Td9B95o65r91h94U74k64o+6rv8ZX1nfCfetOuu/cKXfanXHfu7PuB3fOnb+y/nBl7d+7n91lFxwwsmLNhiNOx+k5hTNwRr6GM/G1nJmv4wRfz1n4Bs7KN3I2zs45OCfn4tychy0TO2aOOS/n4yTfxPn5Zk7lAlyQC7HnwlyEi3IxvoWL861cgm/jknw7l+LSXIbL8h1cju/k8nwXV+C7uSJX4spche/hqnwvV+P7uDrfzzX4Aa7JD3It/gvX5oe4Dj/MdfkRrsePcn1uwA25ETfmx7gJP85NuRk35ye4BbfkVvwkt+anuA0/zW35GW7Hz3J7fo478PPckTtxZ36Bu/CL3JW7cXfuwT25F/fmPtyX+3F/fokH8Ms8kF/hQTyYh/CrPJRf42H8Og/nETyS3+BRPJrH8Fgex+N5Ar/JE/ktnsRv82SewlN5Gk/nGTyT3+FZPJvn8Ls8l9/jeTyfF/BCXsTv82Jewkv5A17GH/JyXsEreRWv5jW8ltfxet7AG3kTb+YtvJW38Xb+iHfwTt7Fu3kP7+V9/DHv5wy//MB9xof4cz7MX/AR/pKP8ld8jL/m4/wNn+Bv+SR/x6f4NJ/h7/ks/8Dn+Dxf4B/5Iv/El/hnvsyBIcZYxTo2cRSni9PHKXGGOGN8TZwpvjbOHF8XJ+Lr4yzxDXHW+MY4W5w9zhHnjHPFueM8sY0pdjHHcZw3zhcn45vi/PHNcWpcIC4YF4p9XDguEheNi8W3xMXjW+MS8W1xyfj2uFRcOn7k/rLxHXG5+M64fHxXXCG+O64YV4orx1Xie+Kq8b1xtfi+uHp8f1w8fiCuGT8Ywy+fV6kTPxzXjR+J68WPxvXjBnHDuFHcOH4sbhI/HjeNm8XN4yfiFnHLuFX8ZNw6fipuEz/9u/u7xz3innGvuFccwn16QXJhclHy/eTi5JLk0uQHyWXJD5PLkyuSK5OrkquTa5Jrk+uS65MbkhuTm5Kbk1uSW5PbkiFUSQ8evfLaGx/5dD69T/EZfEZ/jc/kr/WZ/XU+4a/3WfwNPqu/0Wfz2X0On9Pn8rl9Hm89eefZxz6vz+eT/iaf39/sU30BX9AX8t4X9kV8I9/YN/ZN/OO+qW/mm/sn/BO+pW/pn/RP+qd8G/+0b+uf8e38s769f84/55/3HX0n39m/4Lv4F31X38139919T9/T9/a9fV/f1/f3/f0AP8AP9AP9ID/ID/FD/FA/1A/zw/xwP9yP9CP9KD/Kj/Fj/Dg/zk/wE/xEP9FP8pN8BABT/VQ/3U/3M/1MP8vP8nP8HD83da6f5+f5BX6BX+QX+cV+sV/ql/plfplf7pf7lX6lX+1X+7V+rV/v1/uNfqPf7Df7rX6r3+63+x1+h9/ld/k9fo/f5/f5/X6/P+AP+IP+oD/kD/nD/rA/4r/0R/1X/pj/2h/33/gT/lt/0n/nT/nT/oz/3p/1P/hz/ry/4H/0F/1P/pL/2V/2wU9IvJmYmHgrMSnxdmJyYkpiamJaYnpiRmJm4p3ErMTsxJzEu4m5ifcS8xLzEwsSCxOLEu8nFieWJJYmPkgsS3yYWJ5YkViZWJVYnVhjIOTeEYe8IV9IhptC/nBzSA0FQsFQKPhQOBQJRUOxcEsoHm4NJcJtoWS4PZQKpUOZ8GioHxqEhqFRaBweC03C46FpaBaahydCi9AytApPhtbhqdAmPB3ahmdCu/BsaB+eCx3C86Fj6BQ6hxdCl/Bi6Bq6he6hR+gZeoXeoU/oG/qF/uGlMCC8HAaGV8KgMDgMCa+GoeG1MCy8HoaHEWFkeCOMCqPDmDA2jAvjw4TwZpgY3gqTwtthcpgSpoZpYXqYEWaGd8KsMDvMCe+GueG9MC/MDwvCwrAovB8WhyVhafggLAsfhuVhRVgZVoXVYU1YG9aF9WFD2Bg2hc1hS9gatoXt4aOwI+wMu8LusCfsDfvCx2F/+CQcCJ+Gg+GzcCh8Hg6HL8KR8GU4Gr4Kx8LX4Xj4JpwI34aT4btwKpwOZ8L34Wz4IZwL58OF8GO4GH4Kl8LP4fIf/MxapT/zFroQQgghxP9Hev3O/h7/5jkDAOqX8U8hhGt35jz6j/s1AGzO9rdxH5WrRQIAnurW4aG/bxUrdu/e/ZfXLtcQ5ZsPAIl/OcAv8QpoDi2hNTSDYv+2vj6q00X+nfmTtwFk/IecFPg1/nX+z/+D+R97YuTikvGFLP/J/PMBUvP9mnPlKvzv8QpofmU10AyK/wfzZ2/yO/Vn+GICQNN/yMkEAE0z/Gv9ReBxeBpa/9MrhRBCCCGEEEKIv+mjyrT7vevnK9fnucyvOenh1/j3rs+FEEIIIYQQQghx9T3bqfOTj7Vu3aydDGQggzQ2aPmfvOZq/2YSQgghhBBC/Nl+Pen/9bkMV7MgIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBAiDfp/8Z/GrvYahRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiKvtfwUAAP//D5g3fQ==")
r0 = open(&(0x7f0000000040)='./file1\x00', 0x66842, 0x21)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', r1, &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

17m9.453697746s ago: executing program 40 (id=5276):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f00000000c0)={0xc, 0x5, 0x9})
ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000140)={0xe200000000000000, 0x3000, 0xfffffffffffffffd, 0x2, 0x2})

16m26.34086326s ago: executing program 41 (id=5560):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000003040)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f0000003080)={0x2c, r1, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xfffffffb}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x10)

14m51.026740904s ago: executing program 42 (id=6242):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)={0x28, r0, 0x1, 0xfffffffe, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_RETRY_TIMEOUT={0x6, 0x1, 0xfd}]}]}, 0x28}}, 0x0)

14m29.254325852s ago: executing program 43 (id=6389):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x100)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff})
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})
write$P9_RVERSION(r2, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1, 0x8, '9P2000.L'}, 0x15)

12m46.286414242s ago: executing program 44 (id=7233):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="98030000", @ANYRES16=r1, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c090000560333"], 0x398}}, 0x0)

12m42.220919534s ago: executing program 45 (id=7255):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x1}]}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001040)={0x4c, 0xd, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x20, 0x3, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "1e1c"}]}, @NFTA_SET_ELEM_KEY_END={0xc, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "57b8"}]}]}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000)

12m11.180241113s ago: executing program 46 (id=7461):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000005000000000000000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000008c0)=@newqdisc={0x48, 0x24, 0xf0b, 0x70bd2e, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x1c, 0x2, [@TCA_FQ_ORPHAN_MASK={0x6, 0xa, 0x80000000}, @TCA_FQ_RATE_ENABLE, @TCA_FQ_FLOW_PLIMIT={0x8, 0x2, 0x1}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x8004001}, 0x20008000)

11m36.02074601s ago: executing program 47 (id=7706):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x4e26, @dev={0xac, 0x14, 0x14, 0x22}}, 0x10)
connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4620, @empty}, 0x10)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, 0x0, 0x0)

10m59.264584699s ago: executing program 48 (id=7953):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000004700)={'team0\x00', <r2=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r1, @ANYBLOB="050427c67002fcdbdf250100000008000100", @ANYRES32=r2, @ANYBLOB="7400028038000100240001"], 0x90}, 0x1, 0x0, 0x0, 0x90}, 0x20004080)

9m31.145285188s ago: executing program 49 (id=8588):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000480), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0)
recvmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000001e40)=""/174, 0xae}, {&(0x7f0000000840)=""/144, 0x82}], 0x2, &(0x7f0000001fc0)=""/65, 0xfffffffffffffe76}, 0x1}], 0x1, 0x40002122, 0x0)
sendmsg$tipc(r0, &(0x7f0000000100)={&(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x1, {0x1, 0x1, 0x2}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000000)="bf", 0x1}], 0x1, 0x0, 0x0, 0x8008001}, 0x4800)

7m13.40876709s ago: executing program 50 (id=10019):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched_retired(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100), 0xe078}}, 0x0)
recvmmsg(r1, &(0x7f0000000300)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000500)=""/229, 0xe5}, {&(0x7f0000000840)=""/127, 0x7f}, {&(0x7f0000001480)=""/127, 0x7f}, {&(0x7f00000001c0)=""/30, 0x1e}, {&(0x7f00000004c0)=""/7, 0x7}], 0x11}, 0x4}], 0x2, 0x60, 0x0)

6m46.327956854s ago: executing program 51 (id=10210):
socket(0x2, 0xa, 0x300)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r0, &(0x7f00000000c0)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
syz_emit_ethernet(0x52, &(0x7f0000001480)={@local, @multicast, @val={@val={0x88a8, 0x0, 0x0, 0x1}, {0x8100, 0x5, 0x0, 0x4}}, {@ipv6={0x86dd, @tcp={0x7, 0x6, "1ed6e1", 0x14, 0x6, 0x774114d41ec99669, @empty, @remote, {[], {{0x4e21, 0x4e21, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x80, 0x5, 0x0, 0xfffd}}}}}}}, 0x0)

6m13.484967177s ago: executing program 52 (id=10480):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty, 0xffffffff}, 0x1c)
r1 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x20800001, 0x4)
setsockopt$inet6_int(r1, 0x29, 0x4e, &(0x7f0000000000)=0x1, 0x4)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x80, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8000}, 0x1c)

5m44.109526853s ago: executing program 6 (id=10726):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8, &(0x7f0000000580)={[{@jqfmt_vfsv1}, {@heap}, {@nolazytime}, {@noinline_dentry}, {@acl}, {@fault_injection={'fault_injection', 0x3d, 0x1b}}, {@discard}, {@noinline_xattr}, {@errors_continue}, {@alloc_mode_def}, {@noinline_xattr}, {@two_active_logs}, {@fault_type={'fault_type', 0x3d, 0xfffffe}}]}, 0x1, 0x5512, &(0x7f0000005a80)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwCU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG/CSmamuvUDhabNdvv7weSZ982bZ543LAvPTEkA59Zc8uvPpbgelyNiOiKuRWTnpeLIrOXhhYi4ERFTjx2lYv6PiQsRcSUiro+S5zlLxVuf3xreXP3prV+++e7izNUvvv5+crsGJu3FiOhu5+d73TymrTw+KOZrw3YWuyvDIuZvdB8W4zSPe83NLMNe7XBdLYvLrXx9ur3bH8WtTq0+iq32Vja/3csv2B+2DvNkH3hQ28nGjeZmFtv9NIutg7yu/YP8/7aD/iDP0yjyfZSlj8HgMObzzf1mvp/th1ms9wbFfJ43bTT3R3FYxOJyUU87jayOzeN800+2t9u93f1k2Nzpt9NeslqpvlSp3i5Xd9JGc9BcKde6jdsryXyrM1pWHjRr3bVWmrY6zUo97S4k8616vVytJvN3mpvtWi+pVivLlcXy6kJxdit5/d57SaeRzI/iq+3e7qDd6Sdb6U6Sf2IhWaosv7yQ3Kwm76xvJBv3795d33j3gzvv33tl/c3XikV/KyuZX1pcWipXF8tL1YVztP9PiqLHuH84ltKkCwA4e/T/wCScXP+/cz/i5Pv/0P+PxZnqf897/38C+4dj0f8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJxbP8x++UZ2MpePrxbzzxRTzxXjUkRMRcSjfzAdF47knC7yzP7L+tm/1PBtKbIMo2tcLI4rEbFWHL89e9LfAgAAADy9vvr4xmd5t56/zE26IE5TftNm6tqHY8pXiojZuR/HlG1q9PL8mJJl/75nYn9M2bIbWJfGlCy/5TYzrmz/y/SRcOmxUMrD1KmWAwAAnIqjncDpdiEAAACcpk8nXQCTUYrDR5mHz4Kzv7z/84Hg5SMjAAAA4AwqTboAAAAA4Hge/feSrP/3+38AAADwdMt//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB3du7nNnEgigPws8EL+0+LVnvfVvYGZWwJe9xjRAFpggJyIC2kAWogt5QQQYTHIRBxiOSxrUTfJzmTscyPNwgOMyMNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXbqv1ovbq9/XbXN2+3byjAYAAAC4ZFutF/U/s9T/2tz/3tz62fSLiCgj4tLcfRSfzjJHTU718vzN6fPVqxruIuqEw3tMmutLRPxprscfXX8KAAAA8HFtlqt5mq2nP7OhC6JPadGm/PY3U14REdXsIVNaecj7lSms/n6P43+mtHoBa5opLC25jXOlvUn9cz+u2k1PmiI15cWXHYvMNnYAAKBHo7Om31kIAAAAffo3dAEMo4jnrczjVuAkNc323uezHgAAAPAOFUMXAAAAAHSunv/3dP7f3vl/AAAAMIx0/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABd2lbrxWa5mrfN2e3byTMaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAJ/bnHQVCIAzCYO/6zmTuf1hp0NTUpAqEj78xGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDe/+8v/ialxJpl7bSw9jyRrp8bWqbF3bhz9YXz9GgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42J+XFAiBIIiCOeN/J33/w0qCnkGECGh4VFGLBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgi373y/+JqXEmmTttLB2PJGtXja2rxt6DxtGD8fZvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42Ll/3zaqOADg7+58Li0gTEAeghBIDLBQ1y0t3RADKGLgT0CKUqeYuvxoM7RVhcjChjJ3QTAihAQKW3bGDkyt1KVsHTwUiRl0v5JrG6mG0Dsn+Xykd+/r08Xv+85SpO+9ZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACV6bs7cZIdekUcl+du3b++kvW3H+ozWxt3FrOWxVGTSe8PL9dfRP32EgEAAODwSKr6PoRwN91cyvq4l9f/aXVNVvN/92wRV/X8w3V/1Ve1f9Z+/eXei9sD9YpxsjddHU9GJx5NpfPkZjnfnnvsFZ38zufPXpL8A4k/WH9hmub3M/rm5s33unl4pIlsAYD/4njVl8Hq71eKYDwZDVvLCoDDpFMrvKv6P+m1mxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAE6br4ekqjkIIi52dOHP7/vWV3fqtjTuLVTtz48ZG+Co7m+Z/0ymj1fFkdKLxGc2vy1evXVieTEaXmg9eCSG0Nfo75fQvfDTDxSG0cn8E/1MQlx/2vOSzP4IW/ykBAHAgpWXL6vq76eZSdi5aCOHv7x+s/1+vxWHG+v/ex2du1ceq1//DxmY4/wZrFz8fXL567c3xxeXzo/OjT986OXx7eOrs6dNnB/mzkoEnJgAAAOxNt2z1+j9eeHT9/1gtDjPW/198O/yyPlai/t/VzqJf25kAAAAcbs+/+tef0S7no243XFleW7s0LI7br08WxxZS/deOlK1e/ycLbWcFAAAANGG6Hj2w/n+uFocZ1/+f+eGln+rvmYQQjpbr/8dXPpuca246c+3x3wfe+m2vXydue44AAAC062jZ6uv/ab7/P97e8hCHEN54rYjLnwGcqf5P3v/6x/pY9f3/p5qb4lyK+8X9yPt+CJ1+2xkBAABwkD1VtqzY/yPdXPrk52Mfdu3/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjaPwEAAP//m6w/ug==")
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
open_tree(0xffffffffffffff9c, &(0x7f0000007680)='./file0\x00', 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000bc0)='./file1\x00', 0x42, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)

5m41.71973304s ago: executing program 6 (id=10741):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
close(0x3)
r1 = epoll_create1(0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x20000002})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000002c0)={0xa0000013})

5m40.112152847s ago: executing program 6 (id=10746):
unshare(0x2a020400)
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x80)
r2 = openat$cgroup_int(r1, &(0x7f0000000040)='cpu.max\x00', 0x2, 0x0)
sendfile(r2, r2, 0x0, 0x10000a006)

5m39.790707919s ago: executing program 6 (id=10747):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x1800700, &(0x7f0000000340)={[{@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@grpquota}, {@dax_never}, {@max_batch_time={'max_batch_time', 0x3d, 0x8000000000000001}}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
chroot(&(0x7f0000000440)='./file0/../file0/../file0/../file0\x00')
pivot_root(&(0x7f0000000000)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000100)='./file0\x00')

5m39.423136853s ago: executing program 6 (id=10751):
r0 = syz_usb_connect$cdc_ncm(0x2, 0x8f, &(0x7f0000000580)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109027d0002010080000904000001020d0000052406000105240000000d240f0103050000fd0000000406241aff072908241c0101090000142413099f33760bf14377323063f9c8a04d113905241510000905810300020800040904010000020d00000904010102020d0000090582020002e1ad00090503020002"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000000)={0x44, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x20, 0x80, 0x1c, {0xe, 0x2270, 0x0, 0x9, 0x44, 0x8000, 0xfffd, 0xec, 0x4, 0xf, 0xb, 0xfb}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000900)={0x14, 0x0, &(0x7f00000008c0)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)

5m38.998407928s ago: executing program 6 (id=10757):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x49d8, 0x4)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x23, &(0x7f0000000040)=0xc, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0xffffffff, @loopback, 0xbf}, 0x1c)
recvmmsg(r0, &(0x7f0000000140)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000fc0)=""/4110, 0x100e}, 0x7ffffffe}], 0x1, 0x40002000, 0x0)

5m38.422950851s ago: executing program 53 (id=10757):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x49d8, 0x4)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x23, &(0x7f0000000040)=0xc, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0xffffffff, @loopback, 0xbf}, 0x1c)
recvmmsg(r0, &(0x7f0000000140)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000fc0)=""/4110, 0x100e}, 0x7ffffffe}], 0x1, 0x40002000, 0x0)

3m51.85948267s ago: executing program 4 (id=11637):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32=r1, @ANYBLOB="800202000a000200577f0000aabb000020000e80050001008f000000050001000100000004000200050001"], 0x48}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x20000041}, 0x0)
sendmmsg$alg(r2, &(0x7f00000000c0), 0x492492492492627, 0x0)

3m51.707470027s ago: executing program 4 (id=11639):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
write$binfmt_aout(r0, &(0x7f0000000400)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)={0x0, 0x7, 0x9, 0xfffffffd, 0x83, "00000000000000000000ffff00"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x80000)
read$FUSE(r2, &(0x7f0000003f80)={0x2020}, 0x2020)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000003c0)={0x6, 0x4000000, 0x88, 0xffffff3e, 0x3, "a4f0b1641553dbde35be19b597e027c690356b", 0x8, 0x9})

3m51.276092697s ago: executing program 4 (id=11647):
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000740)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYRES64=0x0], 0x4, 0x128a, &(0x7f0000003700)="$eJzs3UtrJEUcAPD/JJPnmkzUdXUXxEIvijBucvDkJcguiAElmgX11GsmOmTyIDMEZhE3njwJfgxRj94E8Qvk4sWzIIjk4nEPYkvSkzWTSbLJ5gXy+126qKp/PVKdhh6q6K03vl5aXGhWF7JW9JVKUV4diPKDFCn6oj8KG/HKnV9/e/69Dz58e3pm5tZsSren3598PaU0/sJPH332/Ys/t67c+WH8x6HYnOjb+mvq981rm9e3/vku6s1Ub6bllVbK0t2VlVZ2t1FL8/XmYjWldxu1rFlL9eVmba2rfKGxsrraTtny/Njo6lqt2UzZcjst1tqpVUqttXbKPsnqy6laraax0eA05r59kOd5RJ4PxGDkeZ6PxGhciSdiLMajEhPxZDwVT8fVeCauxbPxXFzfqXXZ4wYAAAAAAAAAAAAAAAAAAID/l0ec/y85/w8AAAAAAAAAAAAAAAAAAADnb//5/3KE7/8DAAAAAAAAAAAAAAAAAADABXvE9//3nf9/1fl/AAAAAAAAAAAAAAAAAAAAOA/DxWU2peGIpS/X59bnimuRP70Q9WhELW5GJf6OndP/hSJ9+62ZWzfTjol4bel+J/7++lx/d/zkQCUmSgfGT45EREqpO34oRvfGT0Ulrh7c/1TR/7744Xj5pe34L4r4alTil49jJRoxH1HqzH4n/vPJlN58Z2akO/7Gdr1D9Z/zsgAAAMBZqqaHet/fNzqVivLh7vKiqPN+njo1S0f8PrDv/bwcN8qXNWt2Ndv3FrNGo7b2mInBw9sZPF3LPYlSRGSxN2d89I/Z7c6P2c7u7XZG49mT6D/rBo9MDBxd5xRrGuVj/zGPOdTjr05n8Bv7c/JKxEl7//ObPTnDJw5/nETfw5n2dW6zrLFx7JstNvL8XEfY88840r63OHRU1OHPjNI5P5O4OP8t+mWPBAAAAAAAAAAAgJM4cPffSET07Af8tCdnd3t4d3hvy4f3/tUFzBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5lB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8FQAA//9S0cg2")
syz_mount_image$vfat(&(0x7f00000006c0), &(0x7f0000000280)='./bus\x00', 0x0, 0x0, 0x1, 0x0, &(0x7f0000000080))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x37)
chdir(&(0x7f0000001180)='./bus\x00')
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000)

3m50.837848452s ago: executing program 4 (id=11654):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000300)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000280)='./file0/file0\x00', 0x3)

3m50.63645408s ago: executing program 4 (id=11658):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x1000000)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x428})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x0, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

3m50.229784997s ago: executing program 4 (id=11667):
unshare(0x6a040000)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0), 0x800, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSMRU1(r1, 0x80047453, &(0x7f0000000000)=0x69a32cb2)

3m49.982227716s ago: executing program 54 (id=11667):
unshare(0x6a040000)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0), 0x800, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSMRU1(r1, 0x80047453, &(0x7f0000000000)=0x69a32cb2)

2m45.186941598s ago: executing program 9 (id=12401):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, 0x0}], 0x1, 0x63, 0x0, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd8168", 0x7}], 0x1, 0x0, 0x0, 0x11000000}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2m44.870791574s ago: executing program 9 (id=12404):
socket$netlink(0x10, 0x3, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_io_uring_setup(0x8d6, &(0x7f00000001c0)={0x0, 0x0, 0x400, 0x3, 0x379}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x47ba, 0x3e82, 0x60, 0x0, 0x0)

2m44.337509515s ago: executing program 9 (id=12410):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
close(r0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f00000055c0), 0x400023c, 0x300, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000108000)={{0x0, 0x8, 0x100000000, 0xfffffffffffffffc, 0x0, 0x8, 0x9, 0x400, 0x23, 0x4, 0x36a58e4a, 0x9, 0x5, 0x72, 0x1}})

2m43.77121547s ago: executing program 9 (id=12415):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000b80)={0x44, &(0x7f0000000900)=ANY=[@ANYBLOB="0015b3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_ep_write(r0, 0x81, 0x8, &(0x7f0000000080)="00012c615bc20000")
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0)
read$char_usb(r1, 0x0, 0x0)

2m43.061277391s ago: executing program 9 (id=12422):
mkdir(&(0x7f0000001c00)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0)
mount$fuseblk(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x24000, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x2a2389d, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)

2m42.933784411s ago: executing program 9 (id=12424):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r3, r1, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x2e, &(0x7f00000001c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x3, 0x0, 0x20, 0x0, 0x0, 0x0, 0x4, 0x0, @empty, @multicast1}, {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x1, 0x1, 0x2, 0x100, @void}}}}}}}, 0x0)

2m34.738196519s ago: executing program 5 (id=12482):
r0 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r0, &(0x7f0000000140)={0x18, 0x2, {0xffff, @loopback}}, 0x1e)
connect$pptp(r0, &(0x7f0000000080)={0x18, 0x2, {0x0, @rand_addr=0x64010102}}, 0x1e)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000015c0), 0x2300, 0x0)
ioctl$PPPIOCATTCHAN(r1, 0x40047438, &(0x7f0000000040)=0x1)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
close(0x3)

2m34.521733919s ago: executing program 5 (id=12484):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080)=[@in6={0xa, 0x4e24, 0x3, @empty, 0x3}], 0x1c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e23, 0xdb, @empty}}, 0xffb, 0x203, 0xffff18b6, 0x6, 0x330, 0x80000001, 0xdb}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x85, &(0x7f00000012c0)={0x0, @in={{0x2, 0x4c24, @empty}}, 0x6, 0x6}, 0x90)
sendmsg$inet6(r1, &(0x7f0000000540)={&(0x7f0000000000)={0xa, 0x4e24, 0x8004, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7fff}, 0x1c, &(0x7f0000000440)=[{&(0x7f0000000040)="f0", 0x1}], 0x1}, 0x40054)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0x4e24, @loopback}}, 0xabb6, 0x67, 0xa4f, 0xc4, 0x4e, 0xffffff85, 0xa9}, 0x9c)

2m34.393198448s ago: executing program 5 (id=12485):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x28, 0x10, 0x400, 0x70bd25, 0x25dfdbfc, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0xfff1}, {0xe, 0x5}}, [@TCA_STAB={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x2000c801}, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000020a010200000000000000000a0000060900010073797a310000000008000240000000018c000000020a010100000000000000000000000369000600e62807258a6d38caf4cb1d7a776a7a05e57912414e63207c5e61d47bb4016b21bd5593b033b0968722f2f0f4818a1a13fbb43e79d0ae674d071c0164df9d3701cc15211300766b6ebe326ada9e49cca5c2a07460e46e35eabfb48a4cd2cd83790d7e705b010000000900010073797a31000000001c000000090a030000000000000000000a00000208000c4004"], 0xf8}, 0x1, 0x0, 0x0, 0x2000c814}, 0x4000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000004000ffff0900010073797a30000000000900020073797a3100000000140003800800014000000000"], 0x138}, 0x1, 0x0, 0x0, 0x20040855}, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd0002800800"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)

2m34.192059566s ago: executing program 5 (id=12490):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x214802, &(0x7f0000000980)={[{@nojournal_checksum}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}, {@bh}, {@init_itable}]}, 0xff, 0x551, &(0x7f0000000cc0)="$eJzs3d9vU1UcAPDv7Tp+KyMhJPpgFnkQg3Rs8wcmPuCjUSKJvmOzXRaylpK1I2ySCA/y4oshJsZIYvwDfPeR+A/4V5AoCTFk0Qdfam53ywprt9EVNuznk9xyzj23nHt67vdwbs8lDWBojWcvhYhXIuLbJOJwR1kx8sLx1eNWHl6fybYkms3P/koiyfe1j0/yPw+2M8WI376OOFl4rMqx7KW+tDxfrlTShXznRKN6ZaK+tHzqUrU8l86ll6emp8+8Mz31/nvvDqytb57/54dP73505pvjK9//cv/I7STOxqG8rLMd23CjMzMe4/lnMhpnnzhwcgCV7SbJTp8AfRnJ43w0sjHgcIzkUQ/8/30VEU1gSCXiH4ZUex7Qvrcf0H3wC+PBh6s3QOvbX1z9biT2te6NDqwkj90ZJe0vMrYpq+PXP+/czrYY3PcQAJu6cTMiTheL68e/JB//+nd6C8c8WYfxD56fu9n8561u85/Co/lPdJn/HOwSu/3YPP4L9wdQTU/Z/O+DrvPffNFqLMZG8txLrexocvFSJc3Gtpcj4kSM7s3yG63nnFm51+xV1jn/y7as/vZcMD+P+8W9j79nttwob6/Vax7cjHi16/w3edT/SZf+zz6P81us41h657VeZZu3/9lq/hzxRtf+X1vRSjZen5xoXQ8T7ativb9vHfu9V/073f6s/w9s3P6xpHO9tv70dfy079+0V1m/1/+e5PNWek++71q50ViYjNiTfLJ+/9Tae9v59vFZ+08c33j863b974+IL7bY/ltHb/U8dFv9P4BF16z9s0/V/0+fuPfxlz/23/6s/99upU7ke7Yy/m31BLfz2QEAAAAAAMBuU4iIQ5EUSo/ShUKptPp8x9E4UKjU6o2TF2uvR6us9fxDob3SfbjjeYjJ/HnYdn7qifx0RByJiO9G9rfypZlaZXanGw8AAAAAAAAAAAAAAAAAAAC7xMEe//8/88fITp8d8Mz5yW8YXpvG/yB+6QnYlfz7D8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8wvMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAADNT5c+eyrbny8PpMlp+9urQ4X7t6ajatz5eqizOlmdrCldJcrTZXSUsztepmf1+lVrsyORWL1yYaab0xUV9avlCtLV5uXLhULc+lF9LR59IqAAAAAAAAAAAAAAAAAAAAeLHUl5bny5VKuiAh0VeiuDtOQ2LAiZ0emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzX8BAAD//7VBN58=")
open(&(0x7f0000000040)='./bus\x00', 0x400141042, 0x2a)
chown(&(0x7f0000000080)='./file1\x00', 0x0, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x14, 0xd, "ef359f413bb9386ff7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e7376b7a5ff537ed73ac58818d78c660e677df8dc905b90242b7c528a076d2f6a00400", "036c5bc6780820d1cbf7966d61fdcf335263bd9b0abdc2542ded71038259ca171ce1a311ef545032d71e14ef3dc177e9b48b001d00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
unlink(&(0x7f0000000100)='./file1\x00')

2m33.611503074s ago: executing program 5 (id=12495):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x22, &(0x7f0000001680)=0x1, 0x4)
shutdown(r0, 0x1)
bind$inet6(r0, &(0x7f0000000240)={0xa, 0x4e20, 0x9, @ipv4={'\x00', '\xff\xff', @loopback}, 0x5}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000280)='bbr', 0x3)
sendmmsg$inet6(r0, &(0x7f0000000140)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x2, @empty, 0xfffffffe}, 0x1c, &(0x7f0000000b40)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x20080058)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x1, @empty, 0x6}, 0x1c)

2m32.984903569s ago: executing program 5 (id=12503):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x100000e, 0x200000005c831, 0xffffffffffffffff, 0x3000)
mknodat$loop(0xffffffffffffff9c, 0x0, 0x1004, 0x1)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)

2m32.683294082s ago: executing program 55 (id=12503):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x100000e, 0x200000005c831, 0xffffffffffffffff, 0x3000)
mknodat$loop(0xffffffffffffff9c, 0x0, 0x1004, 0x1)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)

2m27.358201172s ago: executing program 56 (id=12424):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r3, r1, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x2e, &(0x7f00000001c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x3, 0x0, 0x20, 0x0, 0x0, 0x0, 0x4, 0x0, @empty, @multicast1}, {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x1, 0x1, 0x2, 0x100, @void}}}}}}}, 0x0)

1m29.579074616s ago: executing program 8 (id=12900):
r0 = epoll_create(0x7)
r1 = epoll_create1(0x0)
r2 = epoll_create(0x7)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000001c0))
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000100))
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x80001000})

1m29.251944228s ago: executing program 8 (id=12902):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f00000011c0)=[{{0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f00000001c0)="91b8a91fd3108691", 0x8}, {0x0}], 0x2}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000140)="f77d2b5dd5f7d74f0748cf3d2cf218d644566a14103b1c7dd35fd2951bd022f10f2dc7f4ce0d8ac5f4abaca4b97b706153756913b7dd48248b5bfb10460019248bf238743fa2aeb5bef21ce832db670920dc5e911ef2ad63e849901d1001d7545517fd18b5d29978f32a5b5c81755cb89cc0490958", 0x75}, {&(0x7f0000000740)="31cef842d9c50636f60fc0cfdac56c75f1687f0c56287423f5eed69f117e766bdbad0c2171ad6227e1173ab6efa2fcb1c420a51a0917861009000000f049c606ccab7cda1f0e3490fbe385ea", 0x4c}, {&(0x7f0000000840)="8d684aa45f4b69499d707f3c8d114132fee1eafdcbbc5a16cb7b2841192b5779f99579e5c788b15b023df831028b9e6b5e9edd619e22626535212de5a998c5b793abdd7336cd8eb19e2fbd9a6ac2ca9c0f138ee10572672999ca4f51c09f9810459bad7e7bc28fc8890224dc01efcc276e62afe52450049c", 0x78}, {&(0x7f0000000a00)="a7c652df859ed2764e960e7f50a64153fba30cbb8e57f06f55dc0ae10dc21fcd48944b17170f070271208ec6eed721805abd1d46290d3fa170a218b0348a277697884eeb0682edd2e557fab3ea869c1920c576a12a3e669d3688", 0x5a}, {&(0x7f0000000e80)="d317b0ddf805c029d66c50f61f6efc90bd02c1c2e324ab02219e3cef175c99254ff1c10c27155c41bd5cee7a3663ed4a127c6c18ebb7a51008a0053ac96edeb5843d7b59b6c02532b26ca1c490d9b8113cbdbe99a123e3d5335c531c1c50b15be67220f38338a1e7c494acc2da3b410cf4cf7129cbb5faa24dd84e800249b234bdb2e91f3af98057ad0674ef0ab9b7666d0e321027fd89ef9f1f1d3f4910a68c9450f7612afb03aadb19afac0e02671e17453928eb33ee4750fc8e27637d06cd105f4bdcebd14d17825477f718939859a9cd7a685b155b9b2bebe0606a0364664ebe5cb3d8086fa70ed878af34a7f23be3774ae80662601883b2703c", 0xfc}], 0x5}}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000440)="9cc844fcb12a57ded285a6853f9a4574ebe46541728c1e7a9359c0240b58852b8f40b2cbd6024df9a266e7b6941b40fbd4c0258c7dcd11eac963c7fae1ab7653154e9541517041dda8f02c4146cd8d90e0b1aa9067be18395b5aa00c8096b42ebe5a79d875fe", 0x66}, {&(0x7f0000000680)="5a1936d5385e89cde108d4462f0a54efe1cb5bf66b9f5d840b99be101b9b0897fe0705dae412e694472799084bec2177cc06a8f988d478bba12e760d5fa00d1c579a3ed6dba5d552d0f3e737e2597d17f2b40d5df9588ecff2824d5a", 0x5c}], 0x2}}], 0x3, 0x2090)

1m28.218865777s ago: executing program 8 (id=12909):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000009c0)="ad56b6c5820fae9d6dcd3292ea54c7be8bbdadbb1632ea5704cae881ef915d374c90c200", 0x24)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000c00)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x40040}], 0x1, 0x8040)
sendmsg$RDMA_NLDEV_CMD_GET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[], 0x38}}, 0x0)
recvmsg(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001240)=""/47, 0x2f}], 0x1}, 0x10002)

1m27.998248555s ago: executing program 8 (id=12910):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file2\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
chdir(&(0x7f0000000140)='./file0\x00')
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14da7e, 0x20)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000240)=0x10)
copy_file_range(r0, 0x0, r0, 0x0, 0xb51, 0x0)

1m27.755879972s ago: executing program 8 (id=12912):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], 0x0, 0x0, 0xfffffffffffffe42, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x63)
fsetxattr(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="6f3a8f"], 0x0, 0x0, 0x2)
write$P9_RLERRORu(r0, &(0x7f0000000100)=ANY=[], 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x2], 0x0, 0x0, 0x1, 0x1}}, 0x40)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x10012, r0, 0x0)

1m26.980956338s ago: executing program 8 (id=12916):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r2, r1, &(0x7f00000000c0)=0x58, 0x5)

1m11.900214349s ago: executing program 57 (id=12916):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r2, r1, &(0x7f00000000c0)=0x58, 0x5)

16.690644362s ago: executing program 7 (id=13298):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=@newtfilter={0x5c, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xb, 0xfff3}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x1, 0x0, 0x0, {{0x7, 0x4, 0x4}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x0, 0x1}, {0x6, 0xf8}}}]}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000b80)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000400)="83", 0x1}], 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000780)={0x0, 0x4, 0x0, [0x806f, 0x0, 0x2d5, 0x6, 0x6], [0x6, 0x7, 0x1, 0x9, 0x8002, 0x4, 0x5, 0x2, 0x0, 0x802, 0x9, 0x200000100, 0x3, 0xfffffffffffffff4, 0x4a, 0x1000000000005, 0x100, 0xd, 0xdd, 0x7, 0x1, 0x2a9, 0x3, 0xc39, 0x8, 0x8, 0x100000000, 0x2, 0xa51, 0x8, 0x401, 0x800000000000003, 0x7, 0xfffffffffffffffa, 0x81, 0x796, 0x5, 0x931, 0x101, 0x3, 0x8001, 0x8000000000000000, 0x7, 0x1, 0x8, 0x8, 0x6aa, 0x102, 0x1, 0x83, 0x538a, 0x9, 0xfffffffffffffff7, 0x4, 0x0, 0x4, 0x10001, 0x8, 0x80008000, 0x8000000000000000, 0x4, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x5bc, 0x1, 0x7fffffff, 0x4, 0x8000, 0xc9, 0x7, 0x6, 0x9, 0x82c, 0x8000, 0xe000000000000, 0xe4, 0x11, 0x0, 0x8, 0x22, 0xffffffffffffffff, 0xb, 0x1, 0x8000000000000000, 0x2000000009, 0x8, 0x0, 0x6, 0x6, 0x7, 0x100000002, 0xe, 0x4, 0x8, 0x7, 0x7, 0x9, 0x1, 0x16d, 0x6, 0x68d, 0xffffffffffff43b0, 0x8, 0x50000000000000, 0xe, 0x0, 0x0, 0x100000003, 0x4, 0x7, 0x406, 0x3, 0x6, 0x5, 0xfffffffffffffffd, 0x3, 0x40, 0x7fffffff, 0x8, 0x3, 0x1]})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x899, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1c, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="dbaa7bc3184d"], 0x0, 0xb, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

15.45132441s ago: executing program 7 (id=13302):
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[], 0x9)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
getdents(r1, &(0x7f00000000c0)=""/62, 0x3e)
getdents64(r1, 0x0, 0x55)

15.015508993s ago: executing program 3 (id=13303):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x2840, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0)={{0x2000, 0x41000, 0x8, 0xc, 0x3, 0xe4, 0x40, 0x9, 0x0, 0x2e, 0xd}, {0x41000, 0x1, 0xf, 0x0, 0x40, 0x5, 0x7d, 0x8, 0x58, 0x1, 0x3, 0x1}, {0x4000, 0x200000, 0xe, 0xe3, 0x3, 0x7, 0xfe, 0x9, 0x1, 0xab, 0x5, 0x81}, {0x6000, 0x10000, 0x3, 0x5c, 0x4, 0x42, 0x9, 0x2, 0x6, 0xa, 0xe}, {0x0, 0x9000, 0xb, 0x3, 0x3, 0x7, 0xab, 0x7f, 0x7, 0x83, 0xf7, 0x83}, {0x1000, 0x1000, 0x0, 0x7, 0xb1, 0x8, 0x1, 0x9d, 0x80, 0xf, 0x1}, {0x40000, 0x8080000, 0x4, 0x5, 0x7, 0x2, 0x5, 0x0, 0x3, 0x82, 0xff, 0x70}, {0xd000, 0x1000, 0xa, 0x15, 0xf, 0x7, 0x1, 0x18, 0x2, 0x3, 0x7, 0x9}, {0xeeef0000, 0x30}, {0x10000, 0x86}, 0x80000031, 0x0, 0x8000000, 0x42024, 0xb, 0x0, 0x3000, [0x6840000000000000, 0xd, 0x5e, 0xff]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)

14.275695569s ago: executing program 3 (id=13304):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
set_mempolicy(0x3, &(0x7f0000000240)=0xbbb, 0x9)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10)

9.113336318s ago: executing program 7 (id=13311):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000200)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x28, 0x0, 0x0, 0xfefff038}, {0x6}]}, 0x10)
sendmmsg$unix(r2, &(0x7f00000023c0)=[{{0x0, 0x0, &(0x7f0000002340)=[{&(0x7f0000000200)="6880d9df", 0x4}], 0x1, 0x0, 0x0, 0x20000800}}], 0x52b, 0x2900)

6.351250035s ago: executing program 3 (id=13318):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ff8000/0x2000)=nil, 0x0}, 0x68)
socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x10, 0x4, &(0x7f0000000040)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x4004045)
r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x970, 0x1f480, 0x0, 0x399})
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e21, 0x7, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xa}, 0x1c)
io_uring_enter(r0, 0x8ae, 0x6933, 0x17, 0x0, 0xeffd)

5.534343924s ago: executing program 0 (id=13320):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0xfffffffe)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r1, &(0x7f0000000300)=[{&(0x7f0000005b00)="e079d403b85c7f4f8e1d3b9b5f2f6ca48f5b62a62b42b82a76610750e2dea49f733a82dcd979a114b4ef4c70ba9f0fa5898b1b63927af9d8f67b030f2dbc7ed839a0f583c07e5b30d944641c679e67b41c717f8d002920400c1695d714fad6f9962b4d0cdc4887b388103cf01ebbf622055e3dee21214e6cbbca03fcea74bc825ae8a3f430377e9c283a236ca5c05e73c8dd5bd7fbd4a4432376b22964f0da05d37b27b517d555739a96e2441f671d7c3f56dca1f8fb51a1a8349312ab7f8b758e25a246eca31857bf754bb7da79c7c1392bbf66f27c48b9bc58995e6ce476116149ca9deb4afddc206304c51c3b253641ef27b92e236304a0a4a5fc401b0e6bfb196e4ebc74f6a7e08c7fa0bf9769db4dc73a04b7", 0x115}], 0x1)
r2 = accept4$unix(r0, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f0000001680)=[{{0x0, 0x0, &(0x7f0000003380)=[{0x0}, {&(0x7f0000000040)=""/40, 0x28}], 0x2}}], 0x1, 0x2, 0x0)

4.86980128s ago: executing program 0 (id=13322):
r0 = landlock_create_ruleset(&(0x7f00000001c0)={0xa019, 0x1, 0x3}, 0x18, 0x0)
landlock_restrict_self(r0, 0x1)
r1 = landlock_create_ruleset(&(0x7f00000000c0)={0x3564}, 0x18, 0x0)
landlock_restrict_self(r1, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r3, &(0x7f0000003000)=@file={0x1}, 0x6e)
connect$unix(r2, &(0x7f0000000640)=@file={0x1}, 0x6e)

4.727059464s ago: executing program 7 (id=13323):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x8020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000780)='.\x00', 0x8000, &(0x7f0000000200)={0x8c, 0x0, 0x80000}, 0x20)
r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
mount(0x0, &(0x7f0000000140)='.\x00', 0x0, 0x9419a0, 0x0)

4.689905179s ago: executing program 3 (id=13324):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x2, 0x4, 0x1, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000940)={{r1}, &(0x7f0000000800), &(0x7f0000000840)='%ps    \x00'}, 0x20)
sendmsg$unix(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

4.125821025s ago: executing program 0 (id=13325):
syz_mount_image$hfsplus(&(0x7f0000000180), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x11, 0x6c7, &(0x7f0000000a80)="$eJzs3U1oHPfdB/DvrFYv64CsJI7jBwLRk0BaampbFkrrXuyWUlwIJbjQnkUsx8Ky48pKcXKolbbQaw+9FtKDe2lPLaVQKBjSc3sLvYmeAoVecnJy6JSZnZVWyq5erFiS28/HjOb/MvOf3/zmbVdYTID/WZdPp/0gnVw+/drdqr52f3Zp7f7szW65tZRkPEkraXdnKW4lxQfJpXSn/F/V2AxXDNvOLxYvXPnw47WPurV2NsarfnSGB9jezV6sNlOmk4w0833YNN4bjzbe+EaxWM9MlbCXe4mDwzaapNzkByc3egYpR/oqQ6934MlRdJ+bfbrX/1RyLMlE74G22u1sHXyEO9rTvWj18cUBAAAAR8bxh/eSu5k87DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgSdK8/79oplavPJ2i9/7/sb537I8dcrjDbR/ZRK/woHUQwQAAAAAAAADA4/Xiw/zmSllO9uplkdb3RppKp5m/nTtZaCdncjfzWclKljOTZKpvoLG78ysryzN5qa6d+LQsyzzVXTPLm9Y8P3DN87sMuLPfPQYAAAAAAACA/yoX58br+Y9zOZOHHQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPQrkpHurJ5O9MpTabWTTCQZq5ZbTf7WKz/JHhx2AAAAAHAAjj/Mw9zNZK9eFvV3/pP19/6JvJ1bWcliVrKUhVytfxfQ/dbfWrs/u7R2f/ZmNX123K//a6P8+8kdw6hHTPd3D4O3fKpeopNrWaxbzuSNvJWlXE2rXrNyqhfP4Ljeq2IqLnaVZcZ3k6Crzbza858386Nhqs7I6HpGzlWxFd08Pr19JvqPziNsaSat9d/8nBi+pXav0Mv5xW23Uvy7LLulY72W5Klv75zz0T3tzL5szcT5vrPv5PY5T77wh99+//rSrRvXi9XTR+c0GuTFwc3j/+gdoV4mulazkNm+TDy/60xcu3PEMzFUe1OtlefWy5fzrXw3pzOd17Ocxfww81nJQqbzzbo035zP1c+p7TN1aVPt9Z1iGmuOy8iWmP7/eHe+XUwv1etOZjHfyVu5moW8Wv87n5l8JXOZy4W+I/zcLu60rQFX/R+HB//yF5tCJ8nPmvnRUOX16b689t9zp+q+/pZWyubJ8swenkfb3xt7Nh5Z1ZH4Sd81ePjWMzGR9adEL7pnexkYHZiJX9W3lTtLt24sX5+/vWXcYnXw9l7J5t0/OjeS6nx5Zv0esfnsqPqeHdg3U/edWO9rbe37dWe9b6crdaz5DPfZkc7Xfc8n+WUTbdVXqe7hVd+pvvWqz1sTdd+nZVl2P28BcOQd+9Kxsc4/O3/tvN/5aed657WJb4x/dfyFsYz+ZfRr7XMjr7ReKH6X9/Oj7PwNHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2NGdd969Mb+0tLC8pVCW5b0hXY+lkHayqeXPf+pbpn7XWJLdD1gtfamV1C3tNIW9BXbv0XbnvUdNwt+bY3IgCf9cChNDz5+thU/KsjzwCHvvatvz6mXjqOR5v4XeK7L2stah3I6AA3R25ebts3feeffLizfn31x4c+HWhbm5C+cuzL06e/ba4tLEYYcHPEb1s77+nHPYkQAAAAAAAAAAAAC7tbs/zinWW9p7/CsC/7MQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2K/Lp9N+kCIz586cq+pr92eXqqlX3ljykyStJMV0UnyQXEp3ylTfcMWw7awmVz78eO2jbq3dTPXyrf3vxWozZTrJSDMfYGJQY3lv2HhFPc7t4ePtUtFMI+stl/Y1HnxO/hMAAP//dfAMcQ==")
mknod$loop(&(0x7f0000000500)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, 0x1)
creat(&(0x7f0000000040)='./bus\x00', 0x122dfb579e447c7a)
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000200)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x3, 0x0, 0x0, 0x4, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000007700000c00002000", "036c47c678082004cb59d654cb9b1b165263bdbcef549ba197fce47ddfdd753abd950100172a00ffffff00f7ffffff000000f3e7f20000000200000000000600", "b7326736181c208220fffff2ff00000000000000000e00", [0x4]})
unlink(&(0x7f0000000080)='./file1\x00')

3.88111468s ago: executing program 3 (id=13327):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x1, @private}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
syz_usb_connect(0x5, 0x0, 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000b00)={0x2020}, 0x2020)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
write$vga_arbiter(0xffffffffffffffff, 0x0, 0x0)

3.157674954s ago: executing program 1 (id=13328):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r1, 0x40045402, &(0x7f0000000140)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000180)={{0x1, 0x1, 0x400}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f00000000c0)={0x7, 0x9dc5, 0x0, 0x0, 0xf})
ioctl$int_in(r1, 0x5452, &(0x7f0000002480)=0x3)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2)
close_range(r0, 0xffffffffffffffff, 0x0)

3.114816853s ago: executing program 7 (id=13329):
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100), 0x4)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket(0xa, 0x5, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000280)={'nat\x00', 0x0, 0x0, 0x0, [0x44, 0xfffffffeffffffff, 0x2, 0x3a8e5b6e, 0xc, 0x8000000010000000]}, &(0x7f0000000200)=0x78)

3.109375408s ago: executing program 0 (id=13330):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x476c, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0x12, &(0x7f0000000080)=0xfffffffc, 0x4)
setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000000)=0x9, 0x4)
recvmmsg(r0, &(0x7f0000000940)=[{{0x0, 0x0, 0x0}}], 0x1, 0x45833af92e4b38ff, 0x0)

2.882678111s ago: executing program 2 (id=13331):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x8082)
syz_open_dev$sg(&(0x7f0000000280), 0x0, 0x103401)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={&(0x7f0000001100)="8a27a701efc234b93a917fce1ff57b120daaeb98ec76c7631e01e4685eeb4c064a832b317581fe46e7258e4182ca00b9e3eef02aa9f845220a1ddd8ec35765b5e3c8140f4170d729a1d2f4fa8a6db34ff944515d656174c5f221911337708c7ecedfd4fcd8227c7d077cc2c3fb86843600d7ac3f52ce76bbe137079dc3526624f3332e062365a9f4dc4204b2614cbfe3f717aa6a5be641d71727787ee182dd447773d4067bcd8aa8e02f8a131bbf75595d4ad9c5848267e0ce0785f453f17c755c2ea5af724be8aca678515b3c2ea9f7c2ca23b026c8d5efa72ce44e1b2c0a389e46c89cad1fddc932a20ac5038b8c5eda61a1ac38ddbe61c916807c5946542eb568e67151da46bb0afc7596f317811c82235bdb786bac6ea4995bac4d01b8527fb313a847f00b96d473be1be36136f55114b6bc112381a7a6b38dd8881701163f47a592347f8e71501941e88bd6431dd7cf2572c2d717179a6220b482840ba62438dca46bf252d81821666ea16af96586f914b06725e52ada4f854db2c2dfb98adc726d73b9060c827e214cad3ac00de0b01ab626ecc5d0a6ebc1d8bce2ab936e4f528a3319fb6879c2ffe41e0e85b9b5da8e2b7aad1717b63829c8b5f20892d667fb4244f4c7747e92254fc5110a8d36b7c56d3380cef38c97d64998659444c952de30ca8e9c6e91075eaffcdc31505bc844a01c94e0a30889b7a5a41d1bf09bc733bde394e381c7366e7887d6b79088ffd5d835ef74f928ae562efbc3abc9b3b83014f29e75e575a9d907d96b0977fcfe552676a16d7dc8b2b084724b7f108d8743584ec6d43d56e2ad2e46591bc3d29e953c23ac0f39e10976ac7d9fc7cd447ed11434f69052a91a303fa9fe9719510fd0c91a335671d9fc8ac459ed7143e8b12a8931656ccd4f69910818b37bc2a87b061c66b8db112a5f0de4a312efa3d5f4bf5c27fd1667a29be54b456f31a5d8bfacb7eca7dfee890ad63655aa8c539889d7674df72b1f9379fc244e3a29086983a74e11baafa8ac862fe8a12c36fec064bde8d2dc75aa35904a379557498b5b74bd3a170c65b39609863f32da21a9c330cec06da63cc1d3929dd2641a77793a748cb73f4a74b2894c2ac269034c14bf2daf47241e9b1a717909925da4bb6e93d76956dcc88d1c1259f7f534e4a3a7bdc59b0246536b9f1fd278b30ffeaa5a712f337b350d279e54d75f07749b88d02bb910e61669681a3556a06ac4ffbb49f1a05a4980e16534eb04c67e41615116cc65b818b925c92ae598186d2690e3c2589f6d3cacb20d1281dc41191f19cabb094d0d3a9cf52a2c2a6c4898bbe62fc773fb6782333e15b0c9c34f68cf511656ddb46417aa3f7ff70fef7877a14e10124dac393f8d3221056e19c7afe72df4b4e4dcf11a0718c73227cdd2dc23623916aedb1be4d498ad1b96f668061a41eab7daaefef0531274de7695eea44eb793d684515b496e85bdf3fafc5a53c46cad4ee036b7d1ac07bff344ae9bf0d4749182cc849be2c8f21127b148c2a1f8f1e885c1710833e479361e247109f4d16634ff700265b79727f67329d6771cd12bee4521a5ec1710198feed4c34fe7de2b2c10d0009245d68a6390c88b859b2e6fc86f0222b54de7f6c7dadec40ca0e94ad94e15218b2eb927a392dc951c8ab9a5a0714a9cf7bc0381f063f52e0a88733bdd9d599f8a31e7ab2e0b36a018c63783b4744544109b79c490becbfa03f866676a6866ae7d7f4a00b159f49ab4d2651292f8c478366ba4f900706f0021df6262f09c2febf857d2e329f29234b276ef12050f0b6e3742e1eaff50b67b42ae764ce6c2778665eb983200fde94ccc434fdb0b2b605cb8a84099a4506cf621a98dee7516d28884c98c5bb06b7974973d1c0a7252e78a6d6ebf3d9d47b8fc8057f9427c44f97eab1f3f4a2ccc28aab03bcef20ff72f3ec2d35dd4e8ca05c6a8dc3749a429b9ae5d2c6184cb183bff86b9eb2a40eb3e7f48b76371a4d50ad21ee23fe9de5b476b7991157413d934d5ba41848cf29713b024d28225c6c36554492b88630012a17e182dca2a1f453a54367e24fb0c08566985a09b4fc66362d60bdcc5f3cda614a08d907ddff97cc39279445ab77e37cd1fc637a5142a96f10d08da6249d5eb9831b4e21eb10c814db01a41f92d1dfaea3d25944dfd0f545edacc6e5c1fd9790a72f16b81f79bc91305e411ff8ca2c476db9e102b182a10ec62c46d925fed58d8999b45db619f136933a509d781a25af3c3a28ce1538ed7394c51bb9f5620212e026e42066c58333e21029b99e4fa56f2f86fff31b429a362164ffff262c893498a8730591bc7e2c760196d48e497855f717f0933217710c7d7ef5a2d7cad0c70da6210aa7599561dcc7417d4276e9fcd4f9e5d0b4b92374b3dc98ba8b98b62997868bbf97999f099dc711a5677a922b78d9528475919f3098a3b14aa500cdc08e9ae5c2afee08eefe772394c8d62cfc8c9ed758745bad841d032628f34059459594e805e48a6072b0d97c28003ba1f8790eeb7630e1502b058398d7dd6ca7799746e0c407b0845f577a004f211941fbe1a0e6a3012b666c417fe4a796af40973f45ae910dc711faba1342a7f2457b2d00e05403fdbd20e148b13086bc71ed245eb1b756f0b46200becc240cda5652c906644502d06bd0eaf80cf78e77fa772dd57e3073232b112ef2e5a9edafd8e28ef0233c7cafe6c34d9e80aa75cbefb690de33a0b65e38cf1845f140c65a0ce9496de48224d48bd52529e246d5a506c671e796fdea83818bbe2fc78987eb7b1baa15c4cc68fe2439fb742b9a964fba063d015baf7ad127255f28f44263eea3c4b5c50a012cecfd3ea610ecab1222ae9a93a415b03e99a1feeadfb12b7ef81cb18447d2bd0a6240b0b5b7539202680155b9da0bdb8e283545057e6d65d8989df21e01f14095c06de6b1c005466f7bfb7a8c04bab8b4a2a8e79f83d5c5902f7a1c2283a2bfffd3a72632cb37b9773540ff0e385f123f14c5d20bf2ecc0d3589c208106a8068737f5fa5fbd85a1f60a71f709e81d2c648c8d0d0149392cf058a441d4d7c670f1f5c429e74b49becfdc85666c28a480e296911d6687ef2e129ff18ee2cb06f1c5ff3bac63dd51ab46285c2fd9605204e8fa67bfb735539bd5255a75e608d78a1", 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2.720830755s ago: executing program 1 (id=13332):
clock_nanosleep(0x1700, 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@resgid={'resgid', 0x3d, 0xee00}}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x60242, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000540)=[{0x0}], 0x1)
gettid()
timer_create(0x0, 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000200)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f00000002c0), &(0x7f0000001400)=ANY=[], 0x835, 0x1)

2.491935229s ago: executing program 2 (id=13333):
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=@deltfilter={0x24, 0x2d, 0x200, 0x70bd26, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x8, 0x3}, {0x0, 0xfff2}, {0x9, 0xd}}}, 0x24}}, 0x4000)
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000800)=@newtfilter={0x90, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0xfffa}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x58, 0x2, [@TCA_FLOWER_ACT={0x54, 0x3, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3b, 0x200, 0x0, 0x100, 0x7}, 0x42}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x6, 0x3}}]}, 0x90}, 0x1, 0x0, 0x0, 0x10}, 0x24000000)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2.248500405s ago: executing program 1 (id=13334):
socket(0x10, 0x803, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/mdstat\x00', 0x1800, 0x0)
r0 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x0, 0x40000333}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000100)=[{0x0}, {0x0}], 0x2})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb45, 0x100000000009, 0xa, 0x0, 0x3}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x20, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40}}, 0x20}}, 0x8000)

2.009551624s ago: executing program 2 (id=13335):
socket$phonet(0x23, 0x2, 0x1)
r0 = syz_io_uring_setup(0x6440, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x40, 0x0, 0x3, 0x1, 0x0, 0x7ff})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

1.635439053s ago: executing program 2 (id=13336):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x1, 0x1, 0x86, 0x10, 0x20f4, 0xe05a, 0x6c6d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x69, 0x2, 0x0, 0xff, 0x5a, 0xa3}}]}}]}}, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x402)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x400000007, 0xfffffffffffffffd, 0x4, 0xffff, 0x4, 0x4002004c3, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffd], 0x30000, 0x2011c0})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x1000000, 0x2000, &(0x7f0000000000/0x2000)=nil})

1.040869203s ago: executing program 0 (id=13337):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0xfffffffd}}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x10000002}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x200, 0xfffffffd}}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x42}, 0x10)
sendmsg$tipc(r2, &(0x7f0000002340)={&(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{}, 0x4}}, 0x10, 0x0}, 0x0)

930.118004ms ago: executing program 1 (id=13338):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(r0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x1c, &(0x7f0000000240)=[@in6={0xa, 0x4e21, 0x383, @dev={0xfe, 0x80, '\x00', 0x3c}, 0x4}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
setsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000180)=@assoc_value={r2, 0x2}, 0x8)

874.261808ms ago: executing program 2 (id=13339):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @host}, 0x10)
listen(r0, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="1b", 0x1}], 0x1}}], 0x1, 0x24008094)
r2 = accept4$unix(r0, 0x0, 0x0, 0x0)
recvfrom$unix(r2, &(0x7f0000000480)=""/287, 0x11f, 0x10002, 0x0, 0x0)

693.738119ms ago: executing program 0 (id=13340):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f00000001c0)='\\', 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f00000000c0), 0x12)

527.41415ms ago: executing program 3 (id=13341):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$EVIOCSFF(r1, 0x40304580, &(0x7f0000000040)={0x52, 0x2000, 0x0, {0x2, 0xa}, {0x1}, @const={0x0, {0xfbff, 0x8, 0x4, 0x81}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4808000010001fff3a4ee9bfd5c3a3696c40af0b", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x3}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

448.363828ms ago: executing program 2 (id=13342):
socket$l2tp(0x2, 0x2, 0x73)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x2000c844)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000400)={0x18, 0x0, {0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 'lo\x00'}}, 0x1e)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="300000001000010025bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000080004000024000008001b"], 0x30}, 0x1, 0x0, 0x0, 0x810}, 0x0)
connect$pppoe(r1, &(0x7f0000000040)={0x18, 0x0, {0x0, @remote, 'team_slave_0\x00'}}, 0x1e)

440.634832ms ago: executing program 1 (id=13343):
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5334, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=ANY=[@ANYBLOB="580000000206030000000000000000000300000705000100070000000900020073797a31000000000c00078008001240000000050500050002000000050004000100000011000300686173683a69702c706f727400"], 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x20004000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070088000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)

106.928483ms ago: executing program 1 (id=13344):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000000c0)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000040)={@host})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000000)={&(0x7f0000000540)={{@host=0x10}, {@host=0x10, 0x800}, 0x400, "d49e0b1f09a3e05cb898141464441748655937bb34d22f02362479246bb6372d891a3b5dafa58a6abc5a678d6874fc8fb5f8a529c6e30103484f2667c174fb6cda19ea0a9301bc3238eb816e9c3882f243bcd4bd7115b26dacf5923f060498d471cb4f789562fcda119739dd1a5b0e4e1a4a64dbd7b398bd4e7a247d81f968f2e945f293fc3860bf11f0424193fce743067d27f0ac187b44b128a4999547f73d8c35d3c2bd8b51bbc9a31123f773be89e109cc71b8ec29a539083c0cba15b0899c7181ba154c28b3c4e2ebe360ac44f942a703b9a3a37fbbefe9ae0de04a32336a6eba07b2fb6ad426d56e17291bb1a9d1fcdaa939378bab6dd2eac37b369ef163c9e0fc8039352c24d8147fcc2e2559b47066abd21a3a5f83f239a2227d17d4ca90f60ed9acc243ed38818e3883a985106b54dc157b67022525a74e8f9cb99852760359278d5d22294a70433ba4cec5147fbb09b1d0008ba76257f1c5af6b8d6bf3bcfd5a468a566a4e98fe5f264f2663b72cb421c90d8b7883ddfb5749b27a3e146f9d8538706fea61b07c6e064446337439b9d5a5dc82f6c63c57d6ba0e709b7c1b15fa8367f8e6df2cf59b0b30740ef47c5cccffce5911569591ce4ab62275964cd147e87a30cc6e71f7e40e161997cdbadcfbfb6c54e0289ac137508b7b5339414e4ab7afcc420148e37d49b664cc07c8178a3b50f566c5bdd3aa9217ef909805972bd63ee1d729b282cd866c183744b20da3227f9d43843236b571c8d3237408c266e08d0699ebd30e0820362664ab323b15d3ae9896d6120aae6ef9085f53a2b39cc31238b031476c86e6b16d7703fcbacc7269ce8622eab1cfdf82a364209ec4ac912db924bb76bc35ddf8d0e7a3aff0d08a48c07be47303b59653d9409f14dc59ac33cae5e010466f54d86772e43e3680863bb9bf10c971f16a731e601d7fcdbb91d7146e7834d89059ad522d70398c2bacf113ed791e32f933dfa23f5d6d11bfc9d9e0f04a34b0eddd99d16cd9712485e0a5c9aaf1ebf3f14d00005f8960b6145cbb7d4522692ebe1f9491f87a29ed67c5fb60f5e69bde2a758742999fc986a2dbf6199977e9b446691bf9f95d0abd84557c77ea13356c977d0f098ab9fec85acbd6447f2e6893e2fa6a0a7b272dab66e69b7def48f8b3583a53a0941fb3e4367fa8d56e05ee3b265f17ca0439fcdcea276f7f0a9bf4c2a324d7143658007cf4019e8da69ba1b7dff4383714cbcb71dfe6f1b1ac5d5e99394cb2c360ddb1889d92cd36f8fc72ac865f1c6445957b2a57c1af59ef8d2e9fe328ec2bde763d65c4dea965042f540515bf2f879d1b26309ebc1d7f76c569fa88fbe61845e96e93d3b6025b6285777e59495943596c128fdacc545263ce458bf99f57d7e5dc77f65cf650902b5b6d5af9359334759843365bf0dfb244817a40e8cc9030"}, 0x418, 0x1})
r1 = syz_io_uring_setup(0x110, &(0x7f00000008c0)={0x0, 0xfad8, 0x800, 0x1, 0x3}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f0000000940)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x133d, 0x0, 0x8, 0x0, 0x0)

0s ago: executing program 7 (id=13345):
syz_mount_image$f2fs(&(0x7f0000000100), &(0x7f0000000040)='./bus\x00', 0x2000410, &(0x7f0000000340)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ec0000000000000000a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06adb7b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02040000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f6505003cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096746a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd970140495fde085", @ANYRESOCT=0x0], 0x1, 0x555e, &(0x7f0000005f80)="$eJzs3EtvG1UUAOA7TpPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKKhJ48R9fJ80PjPX12fusUaRzkzkADy15tPff03CxXAmhDATQjifhHw/KbbcSgwvhBAuhRBK/9iSYvzvgbkQwtkQwsVR8pgzKd768srw8vIvb/323Q+nT5376tsfp1c1MG0vhhC6m3F/pxtj1orxTjFeG7bz2L0+LGJ8o3u3OM5i3Gmu5xl2auN5tTxea8X52eZ2fxQ3OrX6KLbaG/n4Zi+esD9sjfPkH7hT28qPG831PLb7WR5be3Fdu3vxb9tefxDzNIp8H+fpw2AwjnG8uduM9WzezWO9NyjGY96s0dwdxWERi9OFetZp5OtYP8o3/Wh7u93b3k2Hza1+O+uly5XqS5XqjXJ1K2s0B83r5Vq3ceN6utDqjKaVB81ad6WVZa1Os1LPuovpQqteL1er6cLN5nq71kur1cq1ytXy8mKxdyV9/fb7aaeRLoziq+3e9ly70083sq00fmIxXapce3kxvVxN311dS9feuXVrde29D29+cPuV1TdfKybdt6x0Yenq0lK5erW8VF18cI1zx13/6AQHrH9wlPo/KxZ9iPqTQ10NcEguMIBDu6//D/p/4OFdPOC8x73/D5Ps/0ctlf7/wf1v6ej9/5H634fs/ydW/wTufzxq9cOR6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5aP81+/Ua+Mx+PzxXjF4qh54rjJIRQCiH8+R9mwty+nDNFntn/mT/7rzV8n4Q8w+gcp4vtbAhhpdj+ePa4vwUAAAB4cn3zyaUvYrceX+anvSBOUrxpUzr/0YTyJSGE2fmfJ5StNHp5fkLJ8uv7VNidULb8BtYzE0oWb7mdmlS2A5kZh08v3BvMC0piKJ3ocgAAgBMxsy+cbBcCAADASfp82gtgOpIwfpQ5fhac/+f9vUebZ/a9BwAAADyGkmkvAAAAADh2ef/v9/8AAADgyRZ//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiLnbvJWRqI4wD8b/uWDz8iMe69ijs4hkdw6VI4gJfgCHgFL8AZcOcRDDW0E5IqJMZObSTPk3TKtOQ3M9DNTJMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAMX2rD5svn95+HppzbobJMxoAAADgllN92LQfVl39ebr+Ml16nepFRJQR8fvMfRlVzHqZVcqpb36/aepf+vA1ok24tDFPx7OIeJeO6tXYvwIAAAA8ruNuv+5m612xmrpD/Evdok354n2mvCIi6tX3TGnlpXiTKax9vp/iY6a0dgFrkSmsW3J7un1vlquRvqp3SiNZbNs/sa2V47QLAABMqT8TuDMLAQAA4AF8mLoDTKO4Ftf3jPPulF4ILns1AAAA4D9UTN0BAAAAYHTt/H/4/n9NM/b+fz/s/wcAAAB/rdv/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDGd6sPmuNuv793f/mHOuRkm34gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Mn+vKNACIRBGOxd35nM/Q8rDRoam1SB8PE3BgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/vzkgIhEARRMGf876Tvf1hJ0DOIEAENjypq0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf9Ltf/k9MjTPJ3Glj6XgkWbtqbF019h40jh6Mt38DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzv38xtFFQcA/Ls7O0tBibWaHqoGEw96kXZBkKMeNI0H/wSTpmyxuogCByGNphc9mZ5J1OjRGBNNvfE/cKYJF7xx6KEmnjXzqww/lA2pM0v7+SRv3nd2J+993+yG8O2bFgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKttvx4vdMk6yw3QRV6/d3Flbzvqt+/rM9Y1bc1nL4s6jJvr6rb1PfrK9VD85Nls7+bL5ZAAAADgYkqq+j4jb6eZi1nen8/o/ra7Jav4fjhZxVc/fX/dv7axNlW/NVfX/77/deX53oulinmzQldXRcOHBVHr/0xIn3jOPvKKX3/n8Zy9J/oF031t/bjvN72fnmxs33unn4aEmsgUAHsfxqi+D6v9DWT9oMzEADoxerfCu6v9kut2cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJqwvR5PVXEnIuZ6d+PM1s7a8sP66xu35qp2+tq1jfqY2RBpRKysjoZpg2uZdJeuXP14aTQaXmw+OBYR7c1eBh+McU3Ef19Tfj2jvVX8e9CZjDRaDbrl5zMp+exlUH339n7klv5BAgBgH0qORlmPp2VdfzvdXMxe68xE/P3jvfX/q7U4xqz/73x4+mZ9xnr9P2hqmRPv2+8izn86f+nK1ddXzy+dG54bfvLGicGbg5NnTp06M5/dq4X5legOF9pOFAAAgCdYv2z1+r878+D+/5FaHGPW/599P/iiPlei/n+ou5t+bWcCAABwEPV3o2df/uvPTv2tqaLr9Pvx+dLlyxcHxXH3/ERxbDzlx3CobPX6P5lpOysAAACgCdvrnXv2/8/W4hhz///pn174pT5mEhGHIy5ExPD48oXR2eaWM9Ga+EXlfKJ+2ysFAACgLYfLVuz/9/L9/zR//r+7+8hDNyJee6WIq791NU79n7z71c/1uerP/59sbokTqTtb3I+8n43ozbadEQAAAPvZVNmyYv+PdHPxo1+PvN/3/D8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA0/4JAAD//880Myg=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0x0)
fallocate(r0, 0x0, 0x700, 0x1000009)
write$P9_RRENAMEAT(r1, &(0x7f00000001c0)={0x7, 0x4b, 0x2}, 0x7)

kernel console output (not intermixed with test programs):

o (device loop7): force zstd compression, level 3
[ 1415.210582][ T2758] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1415.615604][ T5908] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1416.779120][T10375] loop1: detected capacity change from 0 to 131072
[ 1416.788658][T10375] F2FS-fs (loop1): Wrong CP boundary, start(512) end(1536) blocks(0)
[ 1416.797060][T10375] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1416.834275][T10375] F2FS-fs (loop1): invalid crc value
[ 1416.953464][T10375] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1416.970124][T10375] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1416.977316][T10375] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[ 1417.044162][T10348] syz.9.10965: attempt to access beyond end of device
[ 1417.044162][T10348] loop9: rw=8388608, sector=184, nr_sectors = 8 limit=64
[ 1417.059273][T10348] NILFS (loop9): I/O error reading meta-data file (ino=6, block-offset=0)
[ 1417.077395][T10348] overlayfs: failed to resolve './bus': -2
[ 1417.162242][T10385] loop7: detected capacity change from 0 to 128
[ 1417.213039][T10385] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[ 1417.225515][T10385] hpfs: filesystem error: improperly stopped
[ 1417.231643][T10385] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[ 1417.239926][T10385] hpfs: You really don't want any checks? You are crazy...
[ 1417.247977][T10385] hpfs: hpfs_map_sector(): read error
[ 1417.253626][T10385] hpfs: code page support is disabled
[ 1417.259551][T10385] hpfs: hpfs_map_4sectors(): unaligned read
[ 1417.303865][T10385] hpfs: hpfs_map_4sectors(): unaligned read
[ 1417.309791][T10385] hpfs: filesystem error: unable to find root dir
[ 1418.574087][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1419.407946][T10404] loop7: detected capacity change from 0 to 32768
[ 1419.486677][T10404] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.10977 (10404)
[ 1419.566456][T10404] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1419.578792][T10404] BTRFS info (device loop7): using crc32c checksum algorithm
[ 1419.966886][T10404] BTRFS info (device loop7): setting nodatasum
[ 1420.038045][T10404] BTRFS info (device loop7): enabling ssd optimizations
[ 1420.084118][T10404] BTRFS info (device loop7): enabling free space tree
[ 1420.470219][T10495] netlink: 'syz.1.11002': attribute type 9 has an invalid length.
[ 1420.498239][ T2758] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1420.510541][T10495] netlink: 'syz.1.11002': attribute type 11 has an invalid length.
[ 1420.529251][T10495] netlink: 'syz.1.11002': attribute type 12 has an invalid length.
[ 1420.554130][T10495] netlink: 210020 bytes leftover after parsing attributes in process `syz.1.11002'.
[ 1420.884813][T10507] kvm: requested 1676 ns i8254 timer period limited to 200000 ns
[ 1422.324362][T10562] loop7: detected capacity change from 0 to 128
[ 1422.365460][T10562] EXT4-fs: Ignoring removed nobh option
[ 1422.406235][T10562] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1422.434897][T10562] ext4 filesystem being mounted at /354/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1422.470224][T10566] netlink: 24 bytes leftover after parsing attributes in process `syz.9.11025'.
[ 1422.630675][ T2758] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1422.919758][T10560] loop4: detected capacity change from 0 to 32768
[ 1422.944742][T10560] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.11023 (10560)
[ 1423.012805][T10560] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1423.056348][T10560] BTRFS info (device loop4): using sha256 checksum algorithm
[ 1423.153301][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.159821][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.414751][T10560] BTRFS info (device loop4): enabling ssd optimizations
[ 1423.421739][T10560] BTRFS info (device loop4): turning on async discard
[ 1423.513387][T10560] BTRFS info (device loop4): enabling free space tree
[ 1423.612655][   T30] audit: type=1326 audit(1771268506.689:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10599 comm="syz.1.11031" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5e1239bf79 code=0x0
[ 1423.870480][ T9516] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1423.948103][T10609] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1423.972142][T10609] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1424.026234][T10609] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1424.033893][T10609] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1424.403352][T10614] loop4: detected capacity change from 0 to 512
[ 1424.466709][T10614] EXT4-fs: Ignoring removed bh option
[ 1424.493784][T10614] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[ 1424.553198][T10614] EXT4-fs error (device loop4): ext4_iget_extra_inode:5025: inode #15: comm syz.4.11034: corrupted in-inode xattr: e_value size too large
[ 1424.577138][T10614] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1424.584506][    C1] EXT4-fs (loop4): error count since last fsck: 1
[ 1424.600116][    C1] EXT4-fs (loop4): initial error at time 1771268507: ext4_iget_extra_inode:5025: inode 15
[ 1424.610184][    C1] EXT4-fs (loop4): last error at time 1771268507: ext4_iget_extra_inode:5025: inode 15
[ 1424.620379][T10614] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.11034: couldn't read orphan inode 15 (err -117)
[ 1424.669468][T10614] loop4: lost filesystem error report for type 5 error -117
[ 1424.704903][T10614] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1424.953778][ T9516] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1425.133509][T10631] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1425.161318][T10631] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1425.178463][T10627] loop1: detected capacity change from 0 to 4096
[ 1425.186209][T10633] loop4: detected capacity change from 0 to 512
[ 1425.213449][T10627] ntfs3(loop1): ino=3, Correct links count -> 2.
[ 1425.247124][T10633] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1425.309139][T10633] EXT4-fs warning (device loop4): dx_probe:861: inode #2: comm syz.4.11043: dx entry: limit 0 != root limit 125
[ 1425.335092][T10633] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.11043: Corrupt directory, running e2fsck is recommended
[ 1425.400296][T10633] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[ 1425.425570][T10631] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1425.435772][T10633] EXT4-fs error (device loop4): ext4_iget_extra_inode:5025: inode #15: comm syz.4.11043: corrupted in-inode xattr: invalid ea_ino
[ 1425.437772][T10631] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1425.494583][   T30] audit: type=1800 audit(1771268508.569:589): pid=10627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.11042" name="file1" dev="loop1" ino=33 res=0 errno=0
[ 1425.515831][T10633] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1425.524606][    C0] EXT4-fs (loop4): error count since last fsck: 1
[ 1425.540293][    C0] EXT4-fs (loop4): initial error at time 1771268508: ext4_iget_extra_inode:5025: inode 15
[ 1425.550330][    C0] EXT4-fs (loop4): last error at time 1771268508: ext4_iget_extra_inode:5025: inode 15
[ 1425.561620][T10633] EXT4-fs (loop4): Remounting filesystem read-only
[ 1425.576567][T10633] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1425.686609][T10626] loop7: detected capacity change from 0 to 32768
[ 1425.717845][ T9516] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1425.729504][T10626] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1425.795049][T18263] usb 2-1: new full-speed USB device number 44 using dummy_hcd
[ 1425.923625][T10626] XFS (loop7): Ending clean mount
[ 1425.968668][T10626] XFS (loop7): Quotacheck needed: Please wait.
[ 1425.988989][T18263] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1425.998743][T18263] usb 2-1: not running at top speed; connect to a high speed hub
[ 1426.010569][T18263] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1426.022078][T18263] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1426.032398][T18263] usb 2-1: config 1 has no interface number 1
[ 1426.038976][T18263] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1426.092701][T18263] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4
[ 1426.117831][T18263] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1426.127832][T18263] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1426.149337][T18263] usb 2-1: Product: syz
[ 1426.155917][T10626] XFS (loop7): Quotacheck: Done.
[ 1426.164376][T18263] usb 2-1: Manufacturer: syz
[ 1426.172864][T18263] usb 2-1: SerialNumber: syz
[ 1426.309666][ T2758] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1426.335313][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1426.411911][T18263] hub 2-1:1.0: Invalid hub with more than one config or interface
[ 1426.433813][T18263] hub 2-1:1.0: probe with driver hub failed with error -22
[ 1426.502097][T18263] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor
[ 1426.773353][T18263] usb 2-1: USB disconnect, device number 44
[ 1427.701305][T10676] loop7: detected capacity change from 0 to 32768
[ 1427.768859][T10676] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1427.777160][T10676] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1427.895252][T10676] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[ 1428.013570][T17414] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1428.034060][T17414] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1428.331585][T17414] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 297ms
[ 1428.415644][T17414] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1428.421111][T10676] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1428.592934][T10698] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1428.605117][T10698] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1429.111012][   T30] audit: type=1800 audit(1771268512.188:590): pid=10676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.11058" name="bus" dev="loop7" ino=9378 res=0 errno=0
[ 1429.138377][T10676] Invalid ELF header magic: != ELF
[ 1429.367779][T10707] loop1: detected capacity change from 0 to 2048
[ 1429.497120][T10707] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1429.586229][T10707] ext4 filesystem being mounted at /155/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1429.716959][T10707] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[ 1429.833767][ T7543] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1430.422617][T10740] loop7: detected capacity change from 0 to 8192
[ 1431.735939][T10788] loop1: detected capacity change from 0 to 4096
[ 1431.848370][T10788] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1432.282096][ T7543] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1432.532768][T10821] netlink: 48 bytes leftover after parsing attributes in process `syz.7.11104'.
[ 1432.618053][T10825] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11105'.
[ 1433.135795][T20292] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[ 1433.298079][T20292] usb 5-1: config 128 has an invalid interface number: 148 but max is 0
[ 1433.315534][T20292] usb 5-1: config 128 has no interface number 0
[ 1433.334797][T20292] usb 5-1: config 128 interface 148 altsetting 9 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1433.356500][T20292] usb 5-1: config 128 interface 148 altsetting 9 endpoint 0x5 has an invalid bInterval 129, changing to 11
[ 1433.394613][T20292] usb 5-1: config 128 interface 148 has no altsetting 0
[ 1433.418119][T20292] usb 5-1: New USB device found, idVendor=0cf3, idProduct=e019, bcdDevice=fb.4f
[ 1433.438965][T20292] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1433.470300][T20292] usb 5-1: Product: syz
[ 1433.490553][T20292] usb 5-1: Manufacturer: syz
[ 1433.511203][T20292] usb 5-1: SerialNumber: syz
[ 1433.770128][T20292] usb 5-1: USB disconnect, device number 23
[ 1434.162254][T10874] ip6gre1: entered promiscuous mode
[ 1434.180164][T10874] ip6gre1: entered allmulticast mode
[ 1434.235638][T17414] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[ 1434.395650][T17414] usb 5-1: Using ep0 maxpacket: 8
[ 1434.424709][T17414] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[ 1434.444243][T17414] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1434.462771][T17414] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1434.483203][T17414] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 16
[ 1434.513959][T17414] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1434.545255][T17414] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1434.556737][T17414] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1434.778765][T17414] usb 5-1: usb_control_msg returned -32
[ 1434.794984][T17414] usbtmc 5-1:16.0: can't read capabilities
[ 1435.385213][T10920] netlink: 27 bytes leftover after parsing attributes in process `syz.0.11131'.
[ 1435.418348][T31305] usb 5-1: USB disconnect, device number 24
[ 1436.911676][T10949] loop4: detected capacity change from 0 to 32768
[ 1436.981008][T10949] (syz.4.11138,10949,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1437.067614][T10949] (syz.4.11138,10949,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1437.196296][T10949] JBD2: Ignoring recovery information on journal
[ 1437.347099][T10949] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[ 1437.401330][T10958] loop1: detected capacity change from 0 to 32768
[ 1437.525716][T10958] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[ 1437.642858][T10958] XFS (loop1): Ending clean mount
[ 1437.786182][   T30] audit: type=1800 audit(1771268520.847:591): pid=10958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.11142" name="file1" dev="loop1" ino=4422 res=0 errno=0
[ 1438.252592][ T9516] ocfs2: Unmounting device (7,4) on (node local)
[ 1438.662614][T10955] loop7: detected capacity change from 0 to 40427
[ 1438.762252][T10955] F2FS-fs (loop7): build fault injection rate: 174
[ 1438.795026][T10955] F2FS-fs (loop7): build fault injection type: 0x3bfe8c
[ 1438.853341][T10955] F2FS-fs (loop7): invalid crc value
[ 1439.180841][ T7543] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[ 1439.250384][T10955] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1441.268328][T11084] netlink: 20 bytes leftover after parsing attributes in process `syz.1.11174'.
[ 1441.712958][T11103] netlink: 104 bytes leftover after parsing attributes in process `syz.4.11181'.
[ 1441.771240][T11103] netlink: 104 bytes leftover after parsing attributes in process `syz.4.11181'.
[ 1441.989915][T11116] ip6_tunnel: non-ECT from fe80:0000:0000:0000:0000:0000:0000:00bb with DS=0x1f
[ 1442.049430][T11106] syzkaller0: entered promiscuous mode
[ 1442.057936][T11106] syzkaller0: entered allmulticast mode
[ 1442.336574][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1442.466549][ T5910] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[ 1442.665178][T11122] overlayfs: failed to get inode (-116)
[ 1442.682621][T11122] overlayfs: failed to get inode (-116)
[ 1442.817547][ T5910] usb 5-1: Using ep0 maxpacket: 16
[ 1442.867419][ T5910] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1442.886510][ T5910] usb 5-1: config 1 has no interface number 1
[ 1442.986860][ T5910] usb 5-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1443.008827][ T5910] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[ 1443.081593][ T5910] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1443.121144][ T5910] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1443.132186][ T5910] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1443.146887][ T5910] usb 5-1: Product: syz
[ 1443.151089][ T5910] usb 5-1: Manufacturer: syz
[ 1443.155693][ T5910] usb 5-1: SerialNumber: syz
[ 1443.590444][   T30] audit: type=1800 audit(1771268526.667:592): pid=11128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.11190" name="file1" dev="overlay" ino=938 res=0 errno=0
[ 1443.662431][ T5910] usb 5-1: 2:1 : format type 0 is detected, processed as PCM
[ 1444.550687][ T5910] usb 5-1: current rate 1851689 is different from the runtime rate 9338507
[ 1444.971107][ T5910] usb 5-1: USB disconnect, device number 25
[ 1445.741331][T11145] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1445.819209][T11145] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1446.596750][T11154] loop4: detected capacity change from 0 to 512
[ 1446.610383][T11154] EXT4-fs: Ignoring removed orlov option
[ 1446.687001][T11154] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1446.807677][T11154] EXT4-fs error (device loop4): ext4_iget_extra_inode:5025: inode #15: comm syz.4.11201: corrupted in-inode xattr: e_value size too large
[ 1446.827212][T11154] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1446.828040][T11154] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.11201: couldn't read orphan inode 15 (err -117)
[ 1446.837352][    C1] EXT4-fs (loop4): error count since last fsck: 1
[ 1446.837380][    C1] EXT4-fs (loop4): initial error at time 1771268529: ext4_iget_extra_inode:5025: inode 15
[ 1446.837412][    C1] EXT4-fs (loop4): last error at time 1771268529: ext4_iget_extra_inode:5025: inode 15
[ 1446.877854][T11154] loop4: lost filesystem error report for type 5 error -117
[ 1446.880969][T11154] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1446.993473][T11154] EXT4-fs error (device loop4): ext4_map_blocks:776: inode #2: block 12: comm syz.4.11201: lblock 3 mapped to illegal pblock 12 (length 1)
[ 1447.206076][   T30] audit: type=1326 audit(1771268530.266:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11155 comm="syz.0.11203" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc9d099bf79 code=0x0
[ 1447.210806][ T9516] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1447.719650][T31300] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[ 1447.925865][T31300] usb 5-1: Using ep0 maxpacket: 8
[ 1447.985146][T31300] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1447.994132][T31300] usb 5-1: config 4 interface 0 has no altsetting 0
[ 1448.141041][T31300] usb 5-1: string descriptor 0 read error: -22
[ 1448.147775][T31300] usb 5-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[ 1448.156808][T31300] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1448.245388][T31300] usb 5-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[ 1448.256616][T31300] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1448.296826][T31300] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[ 1448.304128][T31300] usb 5-1: media controller created
[ 1448.317361][T31300] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1450.152570][T18263] usb 5-1: USB disconnect, device number 26
[ 1453.105123][T11164] netlink: 76 bytes leftover after parsing attributes in process `syz.9.11202'.
[ 1454.373068][T11186] syz.1.11209 (11186): drop_caches: 2
[ 1454.757873][T11242] loop4: detected capacity change from 0 to 512
[ 1454.773807][T11242] EXT4-fs: Ignoring removed bh option
[ 1454.790821][T11242] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1454.804542][T11242] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[ 1454.825678][T11242] EXT4-fs (loop4): 1 truncate cleaned up
[ 1454.850169][T11242] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1455.149965][T11254] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11238'.
[ 1455.250867][T11254] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11238'.
[ 1455.262118][T11247] loop7: detected capacity change from 0 to 32768
[ 1455.313564][T11247] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.11235 (11247)
[ 1455.377071][T11247] BTRFS info (device loop7): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1455.398962][T11247] BTRFS info (device loop7): using sha256 checksum algorithm
[ 1455.549460][T11247] BTRFS info (device loop7): rebuilding free space tree
[ 1455.590024][ T9516] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1455.685576][T11247] BTRFS info (device loop7): disabling free space tree
[ 1455.746244][T17414] IPVS: starting estimator thread 0...
[ 1455.758213][T11247] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1455.864028][T11247] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1455.874301][T11281] IPVS: using max 35 ests per chain, 84000 per kthread
[ 1455.911764][   T30] audit: type=1326 audit(1771268538.985:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11282 comm="syz.1.11243" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5e1239bf79 code=0x0
[ 1455.963582][T11247] BTRFS info (device loop7): turning off barriers
[ 1456.001141][T11247] BTRFS info (device loop7): force clearing of disk cache
[ 1456.074056][   T30] audit: type=1800 audit(1771268539.145:595): pid=11247 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.11235" name="bus" dev="loop7" ino=263 res=0 errno=0
[ 1456.146403][   T30] audit: type=1800 audit(1771268539.165:596): pid=11247 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.11235" name="file1" dev="loop7" ino=260 res=0 errno=0
[ 1456.270149][ T2758] BTRFS info (device loop7): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1456.522636][ T7936] IPVS: stop unused estimator thread 0...
[ 1456.959351][T11285] loop4: detected capacity change from 0 to 40427
[ 1456.982505][T11285] F2FS-fs (loop4): invalid crc value
[ 1457.174410][T11311] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11251'.
[ 1457.235807][T11285] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1457.266747][T11285] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1457.631442][  T173] kworker/u8:5: attempt to access beyond end of device
[ 1457.631442][  T173] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1457.654036][  T173] CPU: 0 UID: 0 PID: 173 Comm: kworker/u8:5 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1457.654066][  T173] Tainted: [L]=SOFTLOCKUP
[ 1457.654073][  T173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1457.654084][  T173] Workqueue: writeback wb_workfn (flush-7:4)
[ 1457.654115][  T173] Call Trace:
[ 1457.654122][  T173]  <TASK>
[ 1457.654130][  T173]  dump_stack_lvl+0xe8/0x150
[ 1457.654157][  T173]  f2fs_handle_critical_error+0x37c/0x540
[ 1457.654188][  T173]  f2fs_write_end_io+0xcdb/0xff0
[ 1457.654226][  T173]  __submit_merged_bio+0x256/0x700
[ 1457.654256][  T173]  __submit_merged_write_cond+0x3c9/0x4e0
[ 1457.654286][  T173]  ? __pfx___submit_merged_write_cond+0x10/0x10
[ 1457.654333][  T173]  f2fs_write_data_pages+0x2975/0x35e0
[ 1457.654395][  T173]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1457.654466][  T173]  ? __lock_acquire+0x6b5/0x2cf0
[ 1457.654495][  T173]  ? __lock_acquire+0x6b5/0x2cf0
[ 1457.654534][  T173]  ? unwind_next_frame+0xa5/0x23c0
[ 1457.654577][  T173]  ? unwind_next_frame+0xa5/0x23c0
[ 1457.654608][  T173]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1457.654633][  T173]  do_writepages+0x32e/0x550
[ 1457.654665][  T173]  ? reacquire_held_locks+0x104/0x190
[ 1457.654686][  T173]  ? writeback_sb_inodes+0x477/0x1a20
[ 1457.654714][  T173]  __writeback_single_inode+0x133/0x11a0
[ 1457.654736][  T173]  ? do_raw_spin_unlock+0xf5/0x210
[ 1457.654760][  T173]  writeback_sb_inodes+0x992/0x1a20
[ 1457.654816][  T173]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1457.654834][  T173]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1457.654894][  T173]  ? rcu_is_watching+0x15/0xb0
[ 1457.654928][  T173]  wb_writeback+0x456/0xb70
[ 1457.654952][  T173]  ? queue_io+0x2c1/0x4a0
[ 1457.654982][  T173]  ? __pfx_wb_writeback+0x10/0x10
[ 1457.655000][  T173]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1457.655036][  T173]  wb_workfn+0x414/0xf50
[ 1457.655058][  T173]  ? look_up_lock_class+0x57/0x110
[ 1457.655095][  T173]  ? __pfx_wb_workfn+0x10/0x10
[ 1457.655121][  T173]  ? do_raw_spin_unlock+0xf5/0x210
[ 1457.655143][  T173]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1457.655184][  T173]  ? process_one_work+0x87c/0x1650
[ 1457.655204][  T173]  process_one_work+0x949/0x1650
[ 1457.655250][  T173]  ? __pfx_process_one_work+0x10/0x10
[ 1457.655269][  T173]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1457.655306][  T173]  worker_thread+0xb46/0x1140
[ 1457.655357][  T173]  kthread+0x388/0x470
[ 1457.655375][  T173]  ? __pfx_worker_thread+0x10/0x10
[ 1457.655394][  T173]  ? __pfx_kthread+0x10/0x10
[ 1457.655414][  T173]  ret_from_fork+0x51e/0xb90
[ 1457.655439][  T173]  ? __pfx_ret_from_fork+0x10/0x10
[ 1457.655458][  T173]  ? __switch_to+0xc7d/0x1450
[ 1457.655488][  T173]  ? __pfx_kthread+0x10/0x10
[ 1457.655507][  T173]  ret_from_fork_asm+0x1a/0x30
[ 1457.655543][  T173]  </TASK>
[ 1457.656851][  T173] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[ 1457.970478][T11285] VFS:Filesystem freeze failed
[ 1458.146048][T11339] netlink: 'syz.1.11262': attribute type 1 has an invalid length.
[ 1458.431074][T11344] bond2: (slave geneve2): making interface the new active one
[ 1458.489225][T11344] bond2: (slave geneve2): Enslaving as an active interface with an up link
[ 1458.545299][ T7938] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20004 - 0
[ 1458.598011][ T7938] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20004 - 0
[ 1458.613918][ T7938] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20004 - 0
[ 1458.647558][ T7938] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20004 - 0
[ 1460.130756][T11403] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11286'.
[ 1460.330741][T11413] netlink: 8 bytes leftover after parsing attributes in process `syz.9.11288'.
[ 1460.423834][T11417] netlink: 8 bytes leftover after parsing attributes in process `syz.9.11288'.
[ 1460.519967][T11413] syz_tun: refused to change device tx_queue_len
[ 1460.532135][T11417] syz_tun: refused to change device tx_queue_len
[ 1460.686850][T11424] batadv_slave_1: entered promiscuous mode
[ 1460.710328][T11424] batadv_slave_1: left promiscuous mode
[ 1461.718523][T20292] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[ 1461.893402][T20292] usb 5-1: Using ep0 maxpacket: 16
[ 1461.919997][T20292] usb 5-1: config 1 has an invalid interface number: 105 but max is 0
[ 1461.937549][T20292] usb 5-1: config 1 has no interface number 0
[ 1461.954394][T20292] usb 5-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[ 1461.969243][T20292] usb 5-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[ 1461.981849][T20292] usb 5-1: config 1 interface 105 has no altsetting 0
[ 1461.995583][T20292] usb 5-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[ 1462.005840][T20292] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1462.014067][T20292] usb 5-1: Product: syz
[ 1462.022660][T20292] usb 5-1: Manufacturer: syz
[ 1462.027339][T20292] usb 5-1: SerialNumber: syz
[ 1462.050174][T11450] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1462.057736][T11450] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1462.476141][T11450] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1462.485650][T11450] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1462.903395][T20292] aqc111 5-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -32
[ 1462.937958][T20292] aqc111 5-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -32
[ 1463.038884][T20292] aqc111 5-1:1.105 eth16: register 'aqc111' at usb-dummy_hcd.4-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, f8:29:70:c6:36:f5
[ 1463.205611][T20292] usb 5-1: USB disconnect, device number 27
[ 1463.220670][T20292] aqc111 5-1:1.105 eth16: unregister 'aqc111' usb-dummy_hcd.4-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[ 1463.235511][T11497] loop7: detected capacity change from 0 to 32768
[ 1463.270824][T11497] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.11322 (11497)
[ 1463.389205][T20292] aqc111 5-1:1.105 eth16 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[ 1463.423696][T20292] aqc111 5-1:1.105 eth16 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[ 1463.436367][T11497] BTRFS info (device loop7): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9
[ 1463.464872][T20292] aqc111 5-1:1.105 eth16 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[ 1463.465222][T11497] BTRFS info (device loop7): using crc32c checksum algorithm
[ 1463.581683][T11497] BTRFS info (device loop7): enabling ssd optimizations
[ 1463.598890][T11497] BTRFS info (device loop7): turning on async discard
[ 1463.605702][T11497] BTRFS info (device loop7): enabling free space tree
[ 1463.943978][ T2758] BTRFS info (device loop7): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9
[ 1464.410620][T11543] netlink: 'syz.4.11333': attribute type 10 has an invalid length.
[ 1464.575299][T11543] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1465.336893][T11575] loop1: detected capacity change from 0 to 4096
[ 1466.553547][T11624] loop4: detected capacity change from 0 to 128
[ 1466.623344][T11626] netlink: 'syz.7.11356': attribute type 4 has an invalid length.
[ 1466.632932][T11624] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1466.736596][T11624] ext4 filesystem being mounted at /93/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1466.831640][T11624] EXT4-fs (loop4): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1467.000094][ T9516] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1467.250069][T11638] loop1: detected capacity change from 0 to 4096
[ 1467.264526][T11643] netlink: 'syz.0.11362': attribute type 83 has an invalid length.
[ 1468.941329][T11682] gfs2: path_lookup on @ returned error -2
[ 1469.005951][T11683] netlink: 60 bytes leftover after parsing attributes in process `syz.4.11380'.
[ 1469.781774][T11708] binder: 11707:11708 ioctl c0306201 0 returned -14
[ 1469.789589][T20292] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[ 1469.961060][T20292] usb 5-1: Using ep0 maxpacket: 8
[ 1469.968739][T20292] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1469.984101][T20292] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1469.993984][T20292] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1470.004941][T20292] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1470.018596][T20292] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1470.039075][T20292] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1470.082008][T11717] overlayfs: failed to clone upperpath
[ 1470.179610][ T5832] Bluetooth: hci5: command 0xfc11 tx timeout
[ 1470.181958][ T8518] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[ 1470.292988][T20292] usb 5-1: GET_CAPABILITIES returned 0
[ 1470.298545][T20292] usbtmc 5-1:16.0: can't read capabilities
[ 1470.361758][T11721] IPv6: addrconf: prefix option has invalid lifetime
[ 1470.513182][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1470.535616][T20292] usb 5-1: USB disconnect, device number 28
[ 1470.753806][T11731] input: syz0 as /devices/virtual/input/input98
[ 1471.423218][   T30] audit: type=1326 audit(1771268554.494:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11749 comm="syz.7.11411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8417f9bf79 code=0x7fc00000
[ 1472.230383][   T30] audit: type=1326 audit(1771268555.294:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11749 comm="syz.7.11411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8417f95d97 code=0x7fc00000
[ 1472.624703][T11767] loop4: detected capacity change from 0 to 32768
[ 1472.661650][T11767] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1472.735448][T11767] XFS (loop4): Ending clean mount
[ 1472.763571][T11767] XFS (loop4): Quotacheck needed: Please wait.
[ 1472.928613][T11767] XFS (loop4): Quotacheck: Done.
[ 1472.990770][ T9516] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1473.977416][T11817] loop4: detected capacity change from 0 to 256
[ 1474.000530][T11817] exfat: Deprecated parameter 'utf8'
[ 1474.021804][T11817] exfat: Deprecated parameter 'utf8'
[ 1474.052178][T11817] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x72bddf51, utbl_chksum : 0xe619d30d)
[ 1474.067194][   T30] audit: type=1326 audit(1771268557.134:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11816 comm="syz.9.11434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37d119bf79 code=0x7fc00000
[ 1474.149909][   T30] audit: type=1326 audit(1771268557.134:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11816 comm="syz.9.11434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f37d119bf79 code=0x7fc00000
[ 1474.226638][   T30] audit: type=1326 audit(1771268557.134:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11816 comm="syz.9.11434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37d119bf79 code=0x7fc00000
[ 1475.620227][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1476.820636][ T5832] Bluetooth: hci5: command 0x1003 tx timeout
[ 1476.831816][ T8518] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1477.087501][T11863] xt_hashlimit: size too large, truncated to 1048576
[ 1477.857954][T11891] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1478.804949][T11916] bond1: (slave lo): Releasing backup interface
[ 1478.834534][T11916] bond1: (slave lo): last VLAN challenged slave left bond - VLAN blocking is removed
[ 1478.876200][T11916] bridge_slave_0: left allmulticast mode
[ 1478.899656][T11916] bridge_slave_0: left promiscuous mode
[ 1478.917500][T11916] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1478.939254][T11916] bridge_slave_1: left allmulticast mode
[ 1478.963635][T11916] bridge_slave_1: left promiscuous mode
[ 1478.981508][T11916] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1479.031546][T11916] bond0: (slave bond_slave_0): Releasing backup interface
[ 1479.052143][T11916] bond0: (slave bond_slave_1): Releasing backup interface
[ 1479.075463][T11916] team0: Port device team_slave_0 removed
[ 1479.105862][T11916] team0: Port device team_slave_1 removed
[ 1479.122465][T11916] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1479.172656][T11916] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1479.192042][T11916] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1479.423325][T11926] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11480'.
[ 1479.460852][T11926] hsr_slave_1 (unregistering): left promiscuous mode
[ 1479.579712][T11931] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1479.602625][T11931] overlayfs: failed lookup in lower (newroot/1182, name='file2', err=-40): overlapping layers
[ 1479.617313][T11931] overlayfs: failed to look up (file2) for ino (-40)
[ 1479.647267][T11937] syz_tun: entered allmulticast mode
[ 1479.676157][T11937] syz_tun: left allmulticast mode
[ 1479.976844][T11952] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.11492'.
[ 1480.056918][T11941] loop4: detected capacity change from 0 to 32768
[ 1480.086262][T11941] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1480.094600][T11941] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1480.158251][T11941] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 1480.168008][ T5910] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1480.175061][ T5910] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1480.238238][ T5910] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 63ms
[ 1480.246743][ T5910] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1480.252147][T11941] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1480.548131][T11941] gfs2: fsid=syz:syz.0: found 1 quota changes
[ 1481.179406][T11988] loop4: detected capacity change from 0 to 1024
[ 1481.226601][T11988] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1481.317680][T11997] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11509'.
[ 1481.341907][ T9516] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1481.557218][T11979] Process accounting resumed
[ 1481.735238][T12018] loop7: detected capacity change from 0 to 512
[ 1481.797473][T12018] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1481.831997][T12018] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1481.852224][T12018] ext4 filesystem being mounted at /438/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1482.034341][ T2758] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1482.214470][T12035] overlayfs: failed to clone upperpath
[ 1483.764963][T12070] netlink: 'syz.0.11537': attribute type 1 has an invalid length.
[ 1483.984208][T12070] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1484.078685][T12073] bond2: (slave syz_tun): making interface the new active one
[ 1484.156012][T12073] bond2: (slave syz_tun): Enslaving as an active interface with an up link
[ 1484.504177][T12087] netlink: 'syz.0.11543': attribute type 1 has an invalid length.
[ 1484.579723][T12059] loop4: detected capacity change from 0 to 262144
[ 1484.590782][T12087] bond3: entered promiscuous mode
[ 1484.597539][T12087] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1484.600342][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.611378][T12059] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.11532 (12059)
[ 1484.625024][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1484.656381][T12059] BTRFS info (device loop4): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[ 1484.666977][T12059] BTRFS info (device loop4): using xxhash64 checksum algorithm
[ 1484.781016][T12059] BTRFS info (device loop4): deleted orphan free space tree entries
[ 1484.789394][T12059] BTRFS info (device loop4): checking UUID tree
[ 1484.802542][T12059] BTRFS info (device loop4): enabling ssd optimizations
[ 1484.809607][T12059] BTRFS info (device loop4): using spread ssd allocation scheme
[ 1484.817396][T12059] BTRFS info (device loop4): turning on async discard
[ 1484.824513][T12059] BTRFS info (device loop4): enabling free space tree
[ 1484.952669][T12089] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1484.959729][T12089] bond3: (slave vcan0): The slave device specified does not support setting the MAC address
[ 1484.979646][T12114] fuse: Bad value for 'fd'
[ 1485.021093][T12089] bond3: (slave vcan0): Setting fail_over_mac to active for active-backup mode
[ 1485.089401][T12089] bond3: (slave vcan0): making interface the new active one
[ 1485.130889][T12089] vcan0: entered promiscuous mode
[ 1485.149347][T12089] bond3: (slave vcan0): Enslaving as an active interface with an up link
[ 1485.154011][T12116] loop7: detected capacity change from 0 to 64
[ 1485.248779][   T30] audit: type=1800 audit(1771268568.302:602): pid=12116 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.11547" name="file1" dev="loop7" ino=22 res=0 errno=0
[ 1485.353777][ T9516] BTRFS info (device loop4): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[ 1485.483081][T12125] overlayfs: failed to clone upperpath
[ 1485.721606][T12137] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11549'.
[ 1485.882770][T12135] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0
[ 1486.137131][T12149] infiniband: Added to hash: ib_dev=ffff8880684e4000 (0)() ndev=ffff8880562cc000 (29)(bond0)
[ 1486.198589][T12149] smbdirect: ib_dev[syz1]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[ 1486.222079][T12149] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[ 1486.246056][T12154] netlink: 14 bytes leftover after parsing attributes in process `syz.1.11560'.
[ 1486.295038][T12149] smbdirect: ib_dev[syz1]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[ 1486.342717][  T173] infiniband: netdevice_event(NETDEV_UNREGISTER) ib_dev=ffff8880684e4000 (6)(syz1) start
[ 1486.397028][T12154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1486.416007][T12149] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 1486.453616][T12154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1486.672776][T12154] bond0 (unregistering): (slave team0): Releasing backup interface
[ 1486.740372][T12154] bond0 (unregistering): Released all slaves
[ 1486.827276][T18263] syz1: Port: 1 Link DOWN
[ 1486.881398][T12160] netlink: 48 bytes leftover after parsing attributes in process `syz.7.11564'.
[ 1486.917859][T12149] infiniband: after enable_device_and_get(): netdev bond0 is no longer registered.
[ 1486.930930][  T173] smbdirect: ib_dev[syz1] removed
[ 1487.007642][  T173] infiniband: Removed from hash: ib_dev=ffff8880684e4000 (0)(syz1) ndev=ffff8880562cc000 (4)(bond0)
[ 1487.066151][  T173] infiniband: netdevice_event(NETDEV_UNREGISTER) ib_dev=ffff8880684e4000 (0)(syz1) end
[ 1488.049102][T12185] bridge0: port 3(erspan0) entered blocking state
[ 1488.057161][T12185] bridge0: port 3(erspan0) entered disabled state
[ 1488.065346][T12185] erspan0: entered allmulticast mode
[ 1488.073459][T12185] erspan0: entered promiscuous mode
[ 1488.079867][T12185] bridge0: port 3(erspan0) entered blocking state
[ 1488.086507][T12185] bridge0: port 3(erspan0) entered forwarding state
[ 1488.116391][T12187] erspan0: left allmulticast mode
[ 1488.121916][T12187] erspan0: left promiscuous mode
[ 1488.142725][T12187] bridge0: port 3(erspan0) entered disabled state
[ 1488.683901][T12206] loop7: detected capacity change from 0 to 512
[ 1488.721773][T12206] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1488.761144][T12206] EXT4-fs (loop7): 1 truncate cleaned up
[ 1488.857756][T12206] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1488.995235][T12206] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1489.762542][T12231] netlink: 4 bytes leftover after parsing attributes in process `syz.9.11594'.
[ 1489.863921][T12231] team1: entered promiscuous mode
[ 1489.869131][T12231] team1: entered allmulticast mode
[ 1489.875872][T12231] 8021q: adding VLAN 0 to HW filter on device team1
[ 1490.925023][T12257] overlayfs: failed to clone upperpath
[ 1491.075809][T12259] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1491.093092][T12259] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1492.497329][T12314] netlink: 212348 bytes leftover after parsing attributes in process `syz.0.11628'.
[ 1492.528390][T12314] netlink: Conntrack attr type has unexpected length (type=2, length=0, expected=2)
[ 1492.624793][T12318] sock: sock_timestamping_bind_phc: sock not bind to device
[ 1492.810986][    C0] PF_CAN: dropped non conform CAN skbuff: dev type 280, len 16
[ 1492.922695][T12330] sctp: [Deprecated]: syz.9.11634 (pid 12330) Use of int in max_burst socket option deprecated.
[ 1492.922695][T12330] Use struct sctp_assoc_value instead
[ 1493.054510][T12300] netlink: 'syz.7.11622': attribute type 32 has an invalid length.
[ 1493.060998][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880687c9000: rx timeout, send abort
[ 1493.088273][T12334] netlink: 'syz.9.11636': attribute type 7 has an invalid length.
[ 1493.175981][T12334] netlink: 'syz.9.11636': attribute type 7 has an invalid length.
[ 1493.570762][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880687c9000: abort rx timeout. Force session deactivation
[ 1493.653239][T12361] netlink: 'syz.1.11643': attribute type 1 has an invalid length.
[ 1493.816379][T12366] gretap1: entered allmulticast mode
[ 1493.832295][T12370] netlink: 'syz.0.11646': attribute type 3 has an invalid length.
[ 1493.874769][T12366] bond0: (slave gretap1): making interface the new active one
[ 1493.897276][T12366] bond0: (slave gretap1): Enslaving as an active interface with an up link
[ 1493.960331][T12369] loop4: detected capacity change from 0 to 8192
[ 1494.139460][T12380] netlink: 23 bytes leftover after parsing attributes in process `syz.7.11652'.
[ 1494.736594][T12411] fuse: Bad value for 'fd'
[ 1495.078832][T12417] netlink: 12 bytes leftover after parsing attributes in process `syz.9.11670'.
[ 1495.289008][ T5832] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1495.326654][ T5832] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1495.338115][ T5832] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1495.347945][ T5832] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1495.363402][ T5832] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1495.994711][T12441] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1496.002851][T12441] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1496.086901][T12441] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1496.099838][T12441] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1496.251851][ T7936] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 2816 - 0
[ 1496.266697][ T7936] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1496.284617][T12452] netlink: 'syz.7.11685': attribute type 1 has an invalid length.
[ 1496.296053][ T7936] netdevsim netdevsim1 netdevsim0: unset [1, 1] type 2 family 0 port 20004 - 0
[ 1496.356386][T12452] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1496.382690][ T7936] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 2816 - 0
[ 1496.394897][ T7936] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1496.422661][ T7936] netdevsim netdevsim1 netdevsim1: unset [1, 1] type 2 family 0 port 20004 - 0
[ 1496.439578][ T7936] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 2816 - 0
[ 1496.452375][ T7936] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1496.462520][ T7936] netdevsim netdevsim1 netdevsim2: unset [1, 1] type 2 family 0 port 20004 - 0
[ 1496.471691][ T7936] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 2816 - 0
[ 1496.481505][ T7936] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1496.490741][ T7936] netdevsim netdevsim1 netdevsim3: unset [1, 1] type 2 family 0 port 20004 - 0
[ 1496.517319][T12457] bond1: option tlb_dynamic_lb: unable to set because the bond device is up
[ 1496.798680][T12425] chnl_net:caif_netlink_parms(): no params data found
[ 1496.947828][T12487] bridge_slave_0: left allmulticast mode
[ 1496.968136][T12487] bridge_slave_0: left promiscuous mode
[ 1496.969893][T12491] netlink: 'syz.7.11699': attribute type 10 has an invalid length.
[ 1496.985632][T12490] overlayfs: failed to clone upperpath
[ 1496.987155][T12487] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1497.012291][T12491] netlink: 2 bytes leftover after parsing attributes in process `syz.7.11699'.
[ 1497.030013][T12487] bridge_slave_1: left allmulticast mode
[ 1497.062386][T12487] bridge_slave_1: left promiscuous mode
[ 1497.068244][T12487] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1497.098127][T12487] bond0: (slave bond_slave_0): Releasing backup interface
[ 1497.139627][T12487] bond0: (slave bond_slave_1): Releasing backup interface
[ 1497.181738][T12487] team0: Port device team_slave_0 removed
[ 1497.206397][T12487] team0: Port device team_slave_1 removed
[ 1497.218696][T12487] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1497.388804][T12491] team0: entered promiscuous mode
[ 1497.395129][T12491] bridge0: port 1(team0) entered blocking state
[ 1497.401839][T12491] bridge0: port 1(team0) entered disabled state
[ 1497.409057][T12491] team0: entered allmulticast mode
[ 1497.418533][T12491] bridge0: port 1(team0) entered blocking state
[ 1497.425054][T12491] bridge0: port 1(team0) entered forwarding state
[ 1497.437014][ T7940] bridge0: port 1(team0) entered disabled state
[ 1497.473712][ T5832] Bluetooth: hci2: command tx timeout
[ 1497.613953][T12425] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1497.646992][T12425] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1497.694009][T12425] bridge_slave_0: entered allmulticast mode
[ 1497.711619][T12425] bridge_slave_0: entered promiscuous mode
[ 1497.731603][T12425] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1497.739879][T12425] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1497.758469][T12425] bridge_slave_1: entered allmulticast mode
[ 1497.770739][T12425] bridge_slave_1: entered promiscuous mode
[ 1497.946846][T12425] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1498.013956][T12425] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1498.154950][T12425] team0: Port device team_slave_0 added
[ 1498.175662][T12425] team0: Port device team_slave_1 added
[ 1498.288321][T12425] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1498.313954][T12425] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1498.341522][T12425] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1498.372125][T12425] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1498.390187][T12425] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1498.437008][T12425] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1498.548204][T12425] hsr_slave_0: entered promiscuous mode
[ 1498.566032][T12425] hsr_slave_1: entered promiscuous mode
[ 1498.585187][T12425] debugfs: 'hsr0' already exists in 'hsr'
[ 1498.590963][T12425] Cannot create hsr debugfs directory
[ 1499.236505][T12548] overlayfs: failed to clone upperpath
[ 1499.299222][T12552] fuse: Bad value for 'fd'
[ 1499.368861][T12425] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1499.551679][ T5832] Bluetooth: hci2: command tx timeout
[ 1500.026663][T12425] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1500.357899][T12425] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1500.831475][T12425] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1500.940550][T12596] geneve3: entered promiscuous mode
[ 1501.305724][T12606] netlink: 'syz.9.11734': attribute type 12 has an invalid length.
[ 1501.622974][ T5832] Bluetooth: hci2: command tx timeout
[ 1501.831390][T12425] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1501.883263][T12425] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1501.927091][T12425] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1501.980661][T12425] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1502.271218][T12425] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1502.410897][T12425] 8021q: adding VLAN 0 to HW filter on device team0
[ 1502.499950][ T7940] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1502.507227][ T7940] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1502.568053][ T7940] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1502.575337][ T7940] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1502.894538][T12641] geneve0: entered promiscuous mode
[ 1503.175827][T12425] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1503.251079][T12670] fuse: Bad value for 'fd'
[ 1503.523754][T12683] netlink: 76 bytes leftover after parsing attributes in process `syz.0.11759'.
[ 1503.720712][ T5832] Bluetooth: hci2: command tx timeout
[ 1503.876575][T12689] netlink: 'syz.1.11761': attribute type 10 has an invalid length.
[ 1503.906389][T12425] veth0_vlan: entered promiscuous mode
[ 1503.979486][T12425] veth1_vlan: entered promiscuous mode
[ 1504.148739][T12425] veth0_macvtap: entered promiscuous mode
[ 1504.185851][T12425] veth1_macvtap: entered promiscuous mode
[ 1504.287829][T12425] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1504.336241][T12425] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1504.422591][   T36] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1504.515648][   T36] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1504.737248][   T36] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1504.778820][   T36] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1505.016050][T12714] netlink: 'wÞ£ÿ': attribute type 30 has an invalid length.
[ 1505.140629][T12720] netlink: 4 bytes leftover after parsing attributes in process `syz.9.11774'.
[ 1505.169753][T21701] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1505.211258][T21701] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1505.289494][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1505.299823][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1505.435031][T12727] netlink: 104 bytes leftover after parsing attributes in process `syz.9.11777'.
[ 1505.496698][T12731] syzkaller1: entered promiscuous mode
[ 1505.521112][T12731] syzkaller1: entered allmulticast mode
[ 1507.896821][T12805] netlink: 'syz.5.11807': attribute type 9 has an invalid length.
[ 1507.924950][T12805] netlink: 16166 bytes leftover after parsing attributes in process `syz.5.11807'.
[ 1508.076560][T18263] IPVS: starting estimator thread 0...
[ 1508.219454][T12812] IPVS: using max 29 ests per chain, 69600 per kthread
[ 1508.529619][T12829] netlink: 20 bytes leftover after parsing attributes in process `syz.5.11817'.
[ 1508.700855][T12833] loop5: detected capacity change from 0 to 128
[ 1508.779841][T12833] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[ 1508.860269][T12833] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1508.925434][T12840] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1508.932780][T12833] ext2 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1508.981150][T12833] EXT4-fs (loop5): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1509.049553][T12425] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1509.368350][T12848] fuse: Bad value for 'fd'
[ 1510.307220][T12884] netlink: 7 bytes leftover after parsing attributes in process `syz.1.11837'.
[ 1510.408360][T12892] tipc: Started in network mode
[ 1510.413496][T12892] tipc: Node identity 7f000001, cluster identity 4711
[ 1510.421616][T12892] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1510.463499][T12892] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1510.563534][T12897] overlayfs: failed to clone upperpath
[ 1511.081058][T12924] netlink: 'syz.1.11855': attribute type 6 has an invalid length.
[ 1511.536088][T31299] tipc: Node number set to 2130706433
[ 1513.115438][T12979] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1513.165129][T12979] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1514.257658][T13009] fuse: Bad value for 'fd'
[ 1516.111267][T13076] loop5: detected capacity change from 0 to 128
[ 1516.123146][T13078] netlink: 212348 bytes leftover after parsing attributes in process `syz.9.11923'.
[ 1516.216824][   T30] audit: type=1800 audit(1771268599.289:603): pid=13076 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.11922" name="bus" dev="loop5" ino=1049044 res=0 errno=0
[ 1516.466301][ T7940] Bluetooth: hci5: Frame reassembly failed (-84)
[ 1516.558608][T13088] team0 (unregistering): Failed to send port change of device team_slave_0 via netlink (err -105)
[ 1516.601479][T13088] team0 (unregistering): Port device team_slave_0 removed
[ 1516.622501][T13088] team0 (unregistering): Failed to send options change via netlink (err -105)
[ 1516.664806][T13088] team0 (unregistering): Failed to send port change of device team_slave_1 via netlink (err -105)
[ 1516.690748][T13088] team0 (unregistering): Port device team_slave_1 removed
[ 1517.529619][   T30] audit: type=1326 audit(1771268600.599:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.0.11947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d099bf79 code=0x7ffc0000
[ 1517.603169][   T30] audit: type=1326 audit(1771268600.599:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.0.11947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d099bf79 code=0x7ffc0000
[ 1517.654660][   T30] audit: type=1326 audit(1771268600.629:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.0.11947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9d099bf79 code=0x7ffc0000
[ 1517.683035][   T30] audit: type=1326 audit(1771268600.629:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.0.11947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d099bf79 code=0x7ffc0000
[ 1517.706912][   T30] audit: type=1326 audit(1771268600.629:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.0.11947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d099bf79 code=0x7ffc0000
[ 1517.729526][T31305] usb 6-1: new high-speed USB device number 58 using dummy_hcd
[ 1517.730334][   T30] audit: type=1326 audit(1771268600.629:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.0.11947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9d099bf79 code=0x7ffc0000
[ 1517.762648][   T30] audit: type=1326 audit(1771268600.629:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.0.11947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d099bf79 code=0x7ffc0000
[ 1517.786693][   T30] audit: type=1326 audit(1771268600.629:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.0.11947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d099bf79 code=0x7ffc0000
[ 1517.817338][   T30] audit: type=1326 audit(1771268600.629:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.0.11947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9d099bf79 code=0x7ffc0000
[ 1518.020179][T31305] usb 6-1: config index 0 descriptor too short (expected 28277, got 36)
[ 1518.049051][T31305] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1518.077847][T31305] usb 6-1: config 0 has no interfaces?
[ 1518.100377][T31305] usb 6-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1518.123480][T31305] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1518.150901][T31305] usb 6-1: config 0 descriptor??
[ 1518.467681][T30416] usb 6-1: USB disconnect, device number 58
[ 1518.507571][ T5832] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1518.509921][ T8518] Bluetooth: hci5: command 0x1003 tx timeout
[ 1518.786258][T13153] overlayfs: failed to clone upperpath
[ 1519.854994][T13186] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11968'.
[ 1520.545475][T13215] overlayfs: failed to clone upperpath
[ 1520.674464][T13219] overlayfs: failed to clone upperpath
[ 1520.839595][T13222] fuse: Bad value for 'fd'
[ 1521.083798][T13208] Invalid ELF header magic: != ELF
[ 1522.380580][T13240] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11989'.
[ 1522.390316][T13240] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11989'.
[ 1522.558756][T13240] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11989'.
[ 1522.593848][T13240] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11989'.
[ 1522.815249][T13258] infiniband: Added to hash: ib_dev=ffff8880565b8000 (0)() ndev=ffff888066bd0000 (31)(bond0)
[ 1522.976461][T13261] netlink: 14 bytes leftover after parsing attributes in process `syz.5.11993'.
[ 1522.994588][T13258] smbdirect: ib_dev[syz1]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[ 1523.012795][T13258] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[ 1523.040988][T13258] smbdirect: ib_dev[syz1]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[ 1523.069767][T13258] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 1523.182308][   T13] infiniband: netdevice_event(NETDEV_UNREGISTER) ib_dev=ffff8880565b8000 (7)(syz1) start
[ 1523.195628][T13261] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1523.258797][T13261] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1523.491973][T13261] bond0 (unregistering): Released all slaves
[ 1523.548970][T17414] syz1: Port: 1 Link DOWN
[ 1523.567263][   T13] smbdirect: ib_dev[syz1] removed
[ 1523.583195][T13258] infiniband: after enable_device_and_get(): netdev bond0 is no longer registered.
[ 1523.669586][   T13] infiniband: Removed from hash: ib_dev=ffff8880565b8000 (0)(syz1) ndev=ffff888066bd0000 (3)(bond0)
[ 1523.755520][   T13] infiniband: netdevice_event(NETDEV_UNREGISTER) ib_dev=ffff8880565b8000 (0)(syz1) end
[ 1524.772655][T13329] VFS: Mount too revealing
[ 1524.788080][T13337] netlink: 'syz.1.12029': attribute type 1 has an invalid length.
[ 1524.838608][T13337] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1524.860512][T13340] bond3: (slave macvlan0): Enslaving as an active interface with a down link
[ 1525.401976][T13344] infiniband: Added to hash: ib_dev=ffff888051110000 (0)() ndev=ffff88802a4cc000 (33)(bond0)
[ 1525.434491][T13344] smbdirect: ib_dev[syz1]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[ 1525.455620][T13347] netlink: 14 bytes leftover after parsing attributes in process `syz.9.12031'.
[ 1525.465120][T13344] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[ 1525.520989][T13344] smbdirect: ib_dev[syz1]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[ 1525.545033][T13347] bond0 (unregistering): left promiscuous mode
[ 1525.558117][T13347] bond_slave_0: left promiscuous mode
[ 1525.570309][T13347] bond_slave_1: left promiscuous mode
[ 1525.583732][T13344] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 1525.676216][ T7936] infiniband: netdevice_event(NETDEV_UNREGISTER) ib_dev=ffff888051110000 (7)(syz1) start
[ 1525.699213][T13347] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1525.819425][T13347] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1525.840593][T13356] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12035'.
[ 1525.874203][T13347] bond0 (unregistering): (slave bridge0): Releasing backup interface
[ 1525.954534][T13347] bridge0: port 4(syz_tun) entered disabled state
[ 1525.961953][T13347] bridge0: port 3(vlan2) entered disabled state
[ 1525.968555][T13347] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1525.976570][T13347] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1526.007347][T13347] bond0 (unregistering): Released all slaves
[ 1526.043993][T31305] syz1: Port: 1 Link DOWN
[ 1526.103598][ T7936] smbdirect: ib_dev[syz1] removed
[ 1526.115575][T13344] infiniband: after enable_device_and_get(): netdev bond0 is no longer registered.
[ 1526.184697][ T7936] infiniband: Removed from hash: ib_dev=ffff888051110000 (0)(syz1) ndev=ffff88802a4cc000 (3)(bond0)
[ 1526.216938][ T7936] infiniband: netdevice_event(NETDEV_UNREGISTER) ib_dev=ffff888051110000 (0)(syz1) end
[ 1526.569114][T13361] loop5: detected capacity change from 0 to 32768
[ 1526.603168][T13371] netlink: 'syz.1.12043': attribute type 12 has an invalid length.
[ 1526.611355][T13371] netlink: 'syz.1.12043': attribute type 29 has an invalid length.
[ 1526.643226][T13371] netlink: 148 bytes leftover after parsing attributes in process `syz.1.12043'.
[ 1526.643315][T13361] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1526.693334][T13371] netlink: 'syz.1.12043': attribute type 3 has an invalid length.
[ 1526.747241][T13361] XFS (loop5): Ending clean mount
[ 1526.796924][T12425] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1527.891492][T13418] xt_hashlimit: size too large, truncated to 1048576
[ 1527.961529][T13424] overlayfs: failed to clone upperpath
[ 1528.101171][T13427] loop5: detected capacity change from 0 to 256
[ 1529.130153][T13457] overlayfs: failed to clone upperpath
[ 1529.505444][T13472] sctp: [Deprecated]: syz.1.12076 (pid 13472) Use of int in max_burst socket option.
[ 1529.505444][T13472] Use struct sctp_assoc_value instead
[ 1529.632583][T13459] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1529.719140][T13459] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1530.608864][ T7940] netdevsim netdevsim9 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1530.638805][ T7940] netdevsim netdevsim9 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1530.674482][ T7940] netdevsim netdevsim9 netdevsim0: unset [1, 1] type 2 family 0 port 256 - 0
[ 1530.707876][ T7940] netdevsim netdevsim9 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1530.745236][ T7940] netdevsim netdevsim9 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1530.775380][ T7940] netdevsim netdevsim9 netdevsim1: unset [1, 1] type 2 family 0 port 256 - 0
[ 1530.835905][ T7940] netdevsim netdevsim9 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1530.844902][ T7940] netdevsim netdevsim9 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1530.867997][T13492] netlink: 'syz.9.12084': attribute type 15 has an invalid length.
[ 1530.902710][ T7940] netdevsim netdevsim9 netdevsim2: unset [1, 1] type 2 family 0 port 256 - 0
[ 1530.905991][T13492] netlink: 24 bytes leftover after parsing attributes in process `syz.9.12084'.
[ 1530.956174][   T36] Bluetooth: (null): Invalid header checksum
[ 1530.973488][ T7940] netdevsim netdevsim9 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1531.003385][ T7940] netdevsim netdevsim9 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1531.033692][ T7940] netdevsim netdevsim9 netdevsim3: unset [1, 1] type 2 family 0 port 256 - 0
[ 1531.073540][ T7936] Bluetooth: (null): Too short H5 packet
[ 1531.083692][ T7936] Bluetooth: (null): Invalid header checksum
[ 1531.846442][T13520] tipc: Failed to remove unknown binding: 66,3,3/2130706433:3115955585/3115955586
[ 1535.411471][T13601] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12128'.
[ 1535.525475][T13604] netlink: 16 bytes leftover after parsing attributes in process `syz.1.12128'.
[ 1535.916658][ T6158] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1535.925580][ T6158] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1535.982545][ T6158] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1536.009143][ T6158] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1536.046623][ T6158] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1536.109182][ T6158] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1536.136553][ T6158] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1536.160333][ T6158] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1537.708762][   T30] kauditd_printk_skb: 7 callbacks suppressed
[ 1537.708779][   T30] audit: type=1326 audit(1771268620.777:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13662 comm="syz.7.12154" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8417f9bf79 code=0x0
[ 1537.776428][T13666] overlayfs: failed to clone upperpath
[ 1538.794855][T13692] netlink: 'syz.1.12166': attribute type 13 has an invalid length.
[ 1539.818511][T13697] netlink: 28 bytes leftover after parsing attributes in process `syz.1.12168'.
[ 1539.851888][T13697] geneve0: entered promiscuous mode
[ 1540.975567][T13745] tipc: Started in network mode
[ 1540.981771][T13745] tipc: Node identity 7f000001, cluster identity 4711
[ 1540.994143][T13745] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[ 1541.048519][T13745] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1542.788462][T14348] netlink: 'syz.9.12206': attribute type 27 has an invalid length.
[ 1543.240401][T14366] netlink: 'syz.9.12213': attribute type 2 has an invalid length.
[ 1544.455127][T14385] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1544.472097][T14385] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1545.180209][T14411] fuse: Bad value for 'fd'
[ 1545.577546][ T5908] tipc: Node number set to 2886997057
[ 1546.033205][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.039861][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.191573][T14418] loop5: detected capacity change from 0 to 32768
[ 1546.251643][T14418] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1546.359470][T14418] XFS (loop5): Ending clean mount
[ 1546.408336][   T30] audit: type=1800 audit(1771268629.476:621): pid=14418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.12235" name="bus" dev="loop5" ino=6153 res=0 errno=0
[ 1546.626560][T12425] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1546.904463][T14441] netlink: 28 bytes leftover after parsing attributes in process `syz.9.12244'.
[ 1546.922355][T14441] geneve0: entered promiscuous mode
[ 1547.105073][T14459] netlink: 20 bytes leftover after parsing attributes in process `syz.5.12246'.
[ 1547.122676][T14459] geneve2: entered promiscuous mode
[ 1548.563944][T14499] team0 (unregistering): Failed to send port change of device team_slave_1 via netlink (err -105)
[ 1548.605726][T14499] team0 (unregistering): Port device team_slave_1 removed
[ 1549.007182][T14516] netlink: 4 bytes leftover after parsing attributes in process `syz.9.12271'.
[ 1549.246175][T14496] netlink: 28 bytes leftover after parsing attributes in process `syz.5.12264'.
[ 1549.287431][T14496] geneve0: entered promiscuous mode
[ 1549.585388][T14528] lo: Caught tx_queue_len zero misconfig
[ 1551.397340][T14560] overlayfs: failed to clone upperpath
[ 1551.671264][T14571] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1551.733214][T14571] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1551.959399][T14585] loop5: detected capacity change from 0 to 2048
[ 1552.022124][T14585] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1552.309445][T12425] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1552.523716][T14605] netlink: 8 bytes leftover after parsing attributes in process `syz.7.12308'.
[ 1552.584660][T14609] loop5: detected capacity change from 0 to 256
[ 1552.948474][   T30] audit: type=1800 audit(1771268892.001:622): pid=14609 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.12306" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop5" ino=1049060 res=0 errno=0
[ 1553.020094][T14612] fuse: Bad value for 'fd'
[ 1553.202061][T14618] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12313'.
[ 1553.239346][T14618] netlink: 'syz.0.12313': attribute type 11 has an invalid length.
[ 1553.254680][T14618] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12313'.
[ 1553.284677][T14618] netlink: 'syz.0.12313': attribute type 11 has an invalid length.
[ 1554.269044][T14664] netlink: 16 bytes leftover after parsing attributes in process `syz.5.12329'.
[ 1554.284850][T14662] gretap2: entered promiscuous mode
[ 1554.608739][T14676] fuse: Bad value for 'fd'
[ 1554.867115][T14691] overlayfs: failed to clone upperpath
[ 1555.471067][T14685] loop5: detected capacity change from 0 to 32768
[ 1555.521343][T14685] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1555.546803][T14685] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1555.587824][T14685] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[ 1555.645962][   T24] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1555.653030][   T24] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1555.803615][   T24] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 150ms
[ 1555.813018][   T24] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1555.820343][T14685] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1556.211059][T14731] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1557.940936][T14793] netlink: 'syz.7.12378': attribute type 1 has an invalid length.
[ 1558.280730][T14795] bond2: (slave bridge1): making interface the new active one
[ 1558.319747][T14795] bond2: (slave bridge1): Enslaving as an active interface with an up link
[ 1558.875558][T14808] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12387'.
[ 1558.904880][T14808] netlink: 'syz.1.12387': attribute type 32 has an invalid length.
[ 1558.938989][T14808] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12387'.
[ 1559.152864][T14808] netlink: 'syz.1.12387': attribute type 32 has an invalid length.
[ 1559.218639][T14813] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1559.228772][T14813] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1559.262360][T14815] overlayfs: failed to clone upperpath
[ 1559.343931][T14822] overlayfs: failed to clone lowerpath
[ 1561.111042][T14870] netlink: 'syz.7.12414': attribute type 15 has an invalid length.
[ 1561.162674][T14870] netlink: 24 bytes leftover after parsing attributes in process `syz.7.12414'.
[ 1561.287998][T14874] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1561.299236][T14874] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1561.476029][   T30] audit: type=1326 audit(1771268900.545:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14880 comm="syz.1.12418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1239bf79 code=0x7ffc0000
[ 1561.506305][   T30] audit: type=1326 audit(1771268900.545:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14880 comm="syz.1.12418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1239bf79 code=0x7ffc0000
[ 1561.529400][   T30] audit: type=1326 audit(1771268900.565:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14880 comm="syz.1.12418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f5e1239bf79 code=0x7ffc0000
[ 1561.580886][   T30] audit: type=1326 audit(1771268900.565:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14880 comm="syz.1.12418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1239bf79 code=0x7ffc0000
[ 1561.668013][   T30] audit: type=1326 audit(1771268900.565:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14880 comm="syz.1.12418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7f5e1239bf79 code=0x7ffc0000
[ 1561.691848][   T30] audit: type=1326 audit(1771268900.565:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14880 comm="syz.1.12418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1239bf79 code=0x7ffc0000
[ 1561.741466][   T30] audit: type=1326 audit(1771268900.565:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14880 comm="syz.1.12418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=267 compat=0 ip=0x7f5e1239bf79 code=0x7ffc0000
[ 1561.791365][   T30] audit: type=1326 audit(1771268900.565:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14880 comm="syz.1.12418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1239bf79 code=0x7ffc0000
[ 1561.821591][   T30] audit: type=1326 audit(1771268900.565:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14880 comm="syz.1.12418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e1239bf79 code=0x7ffc0000
[ 1562.474616][ T5908] usb 10-1: USB disconnect, device number 24
[ 1562.807324][T14911] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12429'.
[ 1563.010026][T14917] netlink: 207952 bytes leftover after parsing attributes in process `syz.1.12431'.
[ 1563.148015][T14922] netlink: 'syz.0.12432': attribute type 15 has an invalid length.
[ 1563.183737][T14922] netlink: 24 bytes leftover after parsing attributes in process `syz.0.12432'.
[ 1564.573836][T14940] loop5: detected capacity change from 0 to 32768
[ 1564.592687][T14940] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.12439 (14940)
[ 1564.634959][T14940] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1564.657157][T14940] BTRFS info (device loop5): using sha256 checksum algorithm
[ 1564.767941][T14940] BTRFS info (device loop5): enabling ssd optimizations
[ 1564.790558][T14940] BTRFS info (device loop5): turning on async discard
[ 1564.801386][T14940] BTRFS info (device loop5): enabling free space tree
[ 1565.514324][T12425] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1566.270491][T14980] 9p: Bad value for 'wfdno'
[ 1566.503520][T14988] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1567.295462][T14986] loop5: detected capacity change from 0 to 32768
[ 1567.326259][T14986] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.12449 (14986)
[ 1567.464877][T14986] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1567.509560][T14986] BTRFS info (device loop5): using sha256 checksum algorithm
[ 1567.655031][T14986] BTRFS info (device loop5): rebuilding free space tree
[ 1567.728954][T14986] BTRFS info (device loop5): disabling free space tree
[ 1567.739925][T14986] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1567.749951][T14986] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1567.770151][T14986] BTRFS info (device loop5): setting nodatasum
[ 1567.787311][T14986] BTRFS info (device loop5): setting nodatacow
[ 1567.818613][T14986] BTRFS info (device loop5): turning off barriers
[ 1567.851735][T14986] BTRFS info (device loop5): force clearing of disk cache
[ 1568.170289][T12425] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1569.823098][T15077] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12478'.
[ 1569.869392][T15077] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12478'.
[ 1570.529316][T15089] netlink: 'syz.0.12483': attribute type 10 has an invalid length.
[ 1570.569421][T15089] netlink: 'syz.0.12483': attribute type 10 has an invalid length.
[ 1570.605416][T15089] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 1570.745042][T15095] netlink: 212344 bytes leftover after parsing attributes in process `syz.5.12485'.
[ 1570.923636][T15102] loop5: detected capacity change from 0 to 1024
[ 1570.967777][T15102] EXT4-fs: Ignoring removed bh option
[ 1571.018045][T15102] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[ 1571.241377][T15102] loop5: detected capacity change from 1024 to 64
[ 1571.244121][T15111] EXT4-fs warning (device loop5): ext4_evict_inode:275: xattr delete (err -12)
[ 1571.803511][T15127] netlink: 104 bytes leftover after parsing attributes in process `syz.7.12500'.
[ 1571.833524][T12425] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[ 1571.878398][T15104] kmmpd-loop5: attempt to access beyond end of device
[ 1571.878398][T15104] loop5: rw=8402945, sector=128, nr_sectors = 2 limit=64
[ 1571.905515][T15104] buffer_io_error: 19 callbacks suppressed
[ 1571.905534][T15104] Buffer I/O error on dev loop5, logical block 64, lost sync page write
[ 1572.235213][   T13] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1572.498240][   T13] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1572.658920][ T8518] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1572.681686][ T8518] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1572.682376][T15148] overlayfs: failed to clone upperpath
[ 1572.694906][ T8518] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1572.704202][ T8518] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1572.712341][ T8518] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1572.774397][   T13] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1572.973249][   T13] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1573.450978][   T13] bridge_slave_1: left allmulticast mode
[ 1573.464431][   T13] bridge_slave_1: left promiscuous mode
[ 1573.476165][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1573.503110][   T13] bridge_slave_0: left allmulticast mode
[ 1573.525462][   T13] bridge_slave_0: left promiscuous mode
[ 1573.538369][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1574.245749][T15145] chnl_net:caif_netlink_parms(): no params data found
[ 1574.483791][T15207] overlayfs: failed to clone upperpath
[ 1574.741227][T15214] netlink: 136 bytes leftover after parsing attributes in process `syz.0.12531'.
[ 1574.751142][T15214] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[ 1574.825211][ T5832] Bluetooth: hci2: command tx timeout
[ 1574.925227][T15145] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1574.932533][T15145] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1574.958400][T15145] bridge_slave_0: entered allmulticast mode
[ 1574.974248][T15145] bridge_slave_0: entered promiscuous mode
[ 1575.015931][T15145] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1575.036771][T15145] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1575.062843][T15145] bridge_slave_1: entered allmulticast mode
[ 1575.082248][T15145] bridge_slave_1: entered promiscuous mode
[ 1575.401348][T15145] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1575.452340][T15145] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1575.504624][   T13] hsr_slave_0: left promiscuous mode
[ 1575.513330][   T13] hsr_slave_1: left promiscuous mode
[ 1575.528735][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1575.543051][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1575.565685][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1575.582087][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1575.611260][   T13] veth1_macvtap: left promiscuous mode
[ 1575.623501][   T13] veth0_macvtap: left promiscuous mode
[ 1575.635607][   T13] veth1_vlan: left promiscuous mode
[ 1575.651258][   T13] veth0_vlan: left promiscuous mode
[ 1575.955979][T15228] overlayfs: failed to clone upperpath
[ 1576.090596][T15234] overlayfs: failed to clone upperpath
[ 1576.399787][   T13] team0 (unregistering): Port device team_slave_1 removed
[ 1576.444410][   T13] team0 (unregistering): Port device team_slave_0 removed
[ 1576.886685][T15145] team0: Port device team_slave_0 added
[ 1576.903942][ T5832] Bluetooth: hci2: command tx timeout
[ 1577.072805][T15145] team0: Port device team_slave_1 added
[ 1577.213460][T15145] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1577.239781][T15145] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1577.327470][T15145] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1577.359066][T15145] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1577.388667][T15145] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1577.467779][T15145] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1577.671220][T15145] hsr_slave_0: entered promiscuous mode
[ 1577.708523][T15255] overlayfs: failed to clone upperpath
[ 1577.725697][T15145] hsr_slave_1: entered promiscuous mode
[ 1577.732648][T15145] debugfs: 'hsr0' already exists in 'hsr'
[ 1577.786998][T15145] Cannot create hsr debugfs directory
[ 1577.846347][   T13] IPVS: stop unused estimator thread 0...
[ 1577.904223][T15262] 9p: Bad value for 'rfdno'
[ 1577.963053][T15259] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12549'.
[ 1578.121574][ T8518] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1578.140012][ T8518] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1578.152509][ T8518] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1578.161144][ T8518] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1578.167310][ T7940] bond3: (slave macvlan0): link status definitely up, 10000 Mbps full duplex
[ 1578.186369][ T8518] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1578.263284][ T7940] bond3: (slave macvlan0): making interface the new active one
[ 1578.289965][ T7940] bond3: active interface up!
[ 1578.973122][ T8518] Bluetooth: hci2: command tx timeout
[ 1579.424249][T15305] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12562'.
[ 1579.631722][T15305] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12562'.
[ 1580.131661][T15315] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12566'.
[ 1580.177646][T15268] chnl_net:caif_netlink_parms(): no params data found
[ 1580.262548][ T8518] Bluetooth: hci5: command tx timeout
[ 1580.392430][T15326] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12569'.
[ 1580.401418][T15326] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12569'.
[ 1581.051693][ T8518] Bluetooth: hci2: command tx timeout
[ 1581.355902][T15268] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1581.372026][T15268] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1581.379432][T15268] bridge_slave_0: entered allmulticast mode
[ 1581.424087][T15268] bridge_slave_0: entered promiscuous mode
[ 1581.464780][T15268] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1581.492553][T15268] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1581.517957][T15268] bridge_slave_1: entered allmulticast mode
[ 1581.543759][T15268] bridge_slave_1: entered promiscuous mode
[ 1581.768391][T15268] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1581.885842][T15268] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1582.027549][T15268] team0: Port device team_slave_0 added
[ 1582.107033][T15145] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1582.200785][T15268] team0: Port device team_slave_1 added
[ 1582.255265][T15145] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1582.332806][ T8518] Bluetooth: hci5: command tx timeout
[ 1582.407528][T15268] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1582.414931][T15268] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1582.441118][T15268] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1582.454009][T15145] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1582.493295][T15378] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12583'.
[ 1582.517075][T15268] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1582.547231][T15268] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1582.625853][T15268] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1582.647567][T15145] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1582.716514][T15378] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12583'.
[ 1582.974620][T15268] hsr_slave_0: entered promiscuous mode
[ 1582.992147][T15268] hsr_slave_1: entered promiscuous mode
[ 1583.005511][T15268] debugfs: 'hsr0' already exists in 'hsr'
[ 1583.019356][T15268] Cannot create hsr debugfs directory
[ 1583.649938][T15145] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1583.786994][T15145] 8021q: adding VLAN 0 to HW filter on device team0
[ 1583.888620][ T6158] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1583.895839][ T6158] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1583.966791][T21701] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1583.974064][T21701] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1584.410487][ T8518] Bluetooth: hci5: command tx timeout
[ 1585.856924][T15449] team0: left allmulticast mode
[ 1585.880454][T15449] bridge0: port 1(team0) entered disabled state
[ 1585.925454][T15449] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1585.999957][T15455] team0: Mode changed to "broadcast"
[ 1586.014399][T15268] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1586.073693][T15268] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1586.163584][T15145] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1586.183479][T15268] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1586.229938][T15268] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1586.491220][ T5832] Bluetooth: hci5: command tx timeout
[ 1586.557301][T15145] veth0_vlan: entered promiscuous mode
[ 1586.567119][T15477] netlink: 8 bytes leftover after parsing attributes in process `syz.7.12598'.
[ 1586.606389][T15477] netlink: 8 bytes leftover after parsing attributes in process `syz.7.12598'.
[ 1586.662683][T15145] veth1_vlan: entered promiscuous mode
[ 1586.794490][T15268] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1586.885238][T15145] veth0_macvtap: entered promiscuous mode
[ 1586.934903][T15145] veth1_macvtap: entered promiscuous mode
[ 1586.966202][T15268] 8021q: adding VLAN 0 to HW filter on device team0
[ 1587.027444][ T7940] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1587.034782][ T7940] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1587.123899][ T6158] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1587.131164][ T6158] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1587.217119][T15145] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1587.265639][T15145] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1587.476798][T21701] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1587.514885][T21701] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1587.610249][T21701] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1587.694089][T21701] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1588.142049][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1588.192218][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1588.399822][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1588.467426][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1588.543383][T15268] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1590.073089][T15268] veth0_vlan: entered promiscuous mode
[ 1590.110168][T15268] veth1_vlan: entered promiscuous mode
[ 1590.223514][T15268] veth0_macvtap: entered promiscuous mode
[ 1590.269207][T15268] veth1_macvtap: entered promiscuous mode
[ 1590.359813][T15268] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1590.440756][T15268] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1590.515345][   T36] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1590.556769][   T36] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1590.598193][ T7940] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1590.637085][ T7940] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1590.988816][ T6157] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1591.037358][ T6157] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1591.169370][ T6157] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1591.208471][ T6157] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1591.685101][T15587] overlayfs: failed to clone lowerpath
[ 1592.836856][T15588] loop8: detected capacity change from 0 to 32768
[ 1592.862280][T15588] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.12548 (15588)
[ 1592.946547][T15588] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1592.995285][T15588] BTRFS info (device loop8): using sha256 checksum algorithm
[ 1593.187886][T15588] BTRFS info (device loop8): enabling ssd optimizations
[ 1593.201196][T15588] BTRFS info (device loop8): turning on async discard
[ 1593.224680][T15588] BTRFS info (device loop8): enabling free space tree
[ 1593.664714][T15268] BTRFS info (device loop8): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1593.681014][T15664] netlink: 'syz.1.12642': attribute type 10 has an invalid length.
[ 1596.206364][   T10] usb 9-1: new high-speed USB device number 42 using dummy_hcd
[ 1596.377491][   T10] usb 9-1: Using ep0 maxpacket: 16
[ 1596.398151][   T10] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1596.453776][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1596.483640][   T10] usb 9-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1596.520860][   T10] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1596.565521][   T10] usb 9-1: Product: syz
[ 1596.569741][   T10] usb 9-1: Manufacturer: syz
[ 1596.594007][   T10] usb 9-1: SerialNumber: syz
[ 1596.608843][   T10] usb 9-1: config 0 descriptor??
[ 1596.651975][   T10] em28xx 9-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1596.671724][   T10] em28xx 9-1:0.0: Audio interface 0 found (Vendor Class)
[ 1596.749954][T15718] loop2: detected capacity change from 0 to 32768
[ 1596.790768][T15718] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1596.881319][T15718] XFS (loop2): Ending clean mount
[ 1597.027125][T15145] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1597.272878][   T10] em28xx 9-1:0.0: unknown em28xx chip ID (0)
[ 1597.281075][   T10] em28xx 9-1:0.0: Config register raw data: 0x73
[ 1597.327383][   T10] em28xx 9-1:0.0: I2S Audio (3 sample rate(s))
[ 1597.345907][   T10] em28xx 9-1:0.0: No AC97 audio processor
[ 1597.694533][T15768] loop2: detected capacity change from 0 to 128
[ 1597.838484][T15771] syz.2.12672: attempt to access beyond end of device
[ 1597.838484][T15771] loop2: rw=1, sector=145, nr_sectors = 16 limit=128
[ 1597.892386][   T10] usb 9-1: USB disconnect, device number 42
[ 1597.923672][T15771] syz.2.12672: attempt to access beyond end of device
[ 1597.923672][T15771] loop2: rw=1, sector=169, nr_sectors = 8 limit=128
[ 1597.990947][T15771] syz.2.12672: attempt to access beyond end of device
[ 1597.990947][T15771] loop2: rw=1, sector=185, nr_sectors = 8 limit=128
[ 1598.052906][T15771] syz.2.12672: attempt to access beyond end of device
[ 1598.052906][T15771] loop2: rw=1, sector=201, nr_sectors = 8 limit=128
[ 1598.081944][T15775] overlayfs: failed to clone upperpath
[ 1598.109379][T15771] syz.2.12672: attempt to access beyond end of device
[ 1598.109379][T15771] loop2: rw=1, sector=217, nr_sectors = 8 limit=128
[ 1598.151861][T15771] syz.2.12672: attempt to access beyond end of device
[ 1598.151861][T15771] loop2: rw=1, sector=233, nr_sectors = 8 limit=128
[ 1598.239422][T15771] syz.2.12672: attempt to access beyond end of device
[ 1598.239422][T15771] loop2: rw=1, sector=249, nr_sectors = 8 limit=128
[ 1598.609702][   T36] kworker/u8:2: attempt to access beyond end of device
[ 1598.609702][   T36] loop2: rw=1, sector=265, nr_sectors = 8 limit=128
[ 1598.658459][   T36] kworker/u8:2: attempt to access beyond end of device
[ 1598.658459][   T36] loop2: rw=1, sector=281, nr_sectors = 8 limit=128
[ 1598.697440][   T36] kworker/u8:2: attempt to access beyond end of device
[ 1598.697440][   T36] loop2: rw=1, sector=297, nr_sectors = 8 limit=128
[ 1599.866722][T15825] overlayfs: failed to clone lowerpath
[ 1600.199788][   T30] audit: type=1326 audit(1771268939.284:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15828 comm="syz.1.12691" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5e1239bf79 code=0x0
[ 1603.168267][T15903] netlink: 28 bytes leftover after parsing attributes in process `syz.8.12708'.
[ 1604.007028][T15927] sock: sock_set_timeout: `syz.8.12716' (pid 15927) tries to set negative timeout
[ 1605.021226][T15956] netlink: 'syz.8.12724': attribute type 1 has an invalid length.
[ 1605.029184][T15956] netlink: 'syz.8.12724': attribute type 1 has an invalid length.
[ 1605.111717][T15956] netlink: 64471 bytes leftover after parsing attributes in process `syz.8.12724'.
[ 1605.486897][T15973] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1606.230088][T15989] kvm: Disabled LAPIC found during irq injection
[ 1607.455606][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.463126][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1608.099740][ T6158] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1608.550885][ T6158] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1608.812358][ T6158] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1609.026387][T15800] Set syz1 is full, maxelem 65536 reached
[ 1609.225093][ T6158] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1609.378015][T16052] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.12747'.
[ 1609.403386][T16055] loop8: detected capacity change from 0 to 1024
[ 1609.699455][T16066] netlink: 24 bytes leftover after parsing attributes in process `syz.7.12750'.
[ 1609.782447][T16067] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12749'.
[ 1609.928459][ T8518] Bluetooth: hci5: command 0x0406 tx timeout
[ 1610.897134][   T30] audit: type=1326 audit(1771268949.990:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16088 comm="syz.8.12756" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7faf9459bf79 code=0x0
[ 1610.930988][T16098] overlayfs: failed to clone upperpath
[ 1616.985912][T16202] netlink: 'syz.8.12794': attribute type 1 has an invalid length.
[ 1617.003206][T16202] netlink: 'syz.8.12794': attribute type 4 has an invalid length.
[ 1617.027376][T16202] netlink: 9462 bytes leftover after parsing attributes in process `syz.8.12794'.
[ 1618.355775][T16213] netlink: 52 bytes leftover after parsing attributes in process `syz.8.12799'.
[ 1618.472522][T16214] netlink: 52 bytes leftover after parsing attributes in process `syz.8.12799'.
[ 1623.353459][ T6158] bridge_slave_1: left allmulticast mode
[ 1623.359605][ T6158] bridge_slave_1: left promiscuous mode
[ 1623.411317][ T6158] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1623.443790][ T6158] bridge_slave_0: left allmulticast mode
[ 1623.449536][ T6158] bridge_slave_0: left promiscuous mode
[ 1623.460717][T16219] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12800'.
[ 1623.469975][ T6158] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1623.810134][ T6158] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1623.824985][ T6158] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1623.837745][ T6158] bond0 (unregistering): (slave wlan1): Releasing backup interface
[ 1623.859730][ T6158] bond0 (unregistering): Released all slaves
[ 1623.890981][T16213] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1623.898527][T16213] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1624.271892][T16226] overlayfs: failed to clone lowerpath
[ 1624.327564][T16226] overlayfs: failed to clone lowerpath
[ 1624.889539][ T6158] hsr_slave_0: left promiscuous mode
[ 1624.969159][ T6158] hsr_slave_1: left promiscuous mode
[ 1624.978989][ T6158] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1624.995500][ T6158] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1625.043325][ T6158] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1625.069672][ T6158] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1625.184111][ T6158] veth1_macvtap: left promiscuous mode
[ 1625.207967][ T6158] veth0_macvtap: left promiscuous mode
[ 1625.225760][T16265] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12817'.
[ 1625.229776][ T6158] veth1_vlan: left promiscuous mode
[ 1625.255783][ T6158] veth0_vlan: left promiscuous mode
[ 1625.275812][T16265] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12817'.
[ 1625.468941][T16276] netlink: 548 bytes leftover after parsing attributes in process `syz.0.12820'.
[ 1625.820187][   T30] audit: type=1800 audit(1771268964.897:634): pid=16269 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.12819" name="file1" dev="tmpfs" ino=3042 res=0 errno=0
[ 1626.321366][ T6158] team0 (unregistering): Port device team_slave_1 removed
[ 1626.375644][ T6158] team0 (unregistering): Port device team_slave_0 removed
[ 1627.050669][T16273] netlink: 'syz.0.12820': attribute type 29 has an invalid length.
[ 1627.847090][   T30] audit: type=1804 audit(1771268966.908:635): pid=16323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.12836" name="/newroot/19/file0" dev="tmpfs" ino=115 res=1 errno=0
[ 1629.915467][T16377] netlink: 'syz.2.12853': attribute type 11 has an invalid length.
[ 1631.076469][T16409] netlink: 14 bytes leftover after parsing attributes in process `syz.0.12865'.
[ 1631.115291][ T5908] hid-generic 0000:0000:0000.004D: unknown main item tag 0x0
[ 1631.157993][T16409] bond0: (slave dummy0): Releasing backup interface
[ 1631.170260][ T5908] hid-generic 0000:0000:0000.004D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1632.624501][T16431] loop2: detected capacity change from 0 to 32768
[ 1632.751159][T16431] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.12870 (16431)
[ 1633.039719][T16431] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1633.051426][T16431] BTRFS info (device loop2): using sha256 checksum algorithm
[ 1633.272627][T16431] BTRFS info (device loop2): enabling ssd optimizations
[ 1633.306528][T16431] BTRFS info (device loop2): turning on async discard
[ 1633.323946][T16431] BTRFS info (device loop2): enabling free space tree
[ 1633.660612][T15145] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1634.118633][T16503] netlink: 'syz.8.12887': attribute type 1 has an invalid length.
[ 1634.618603][T16508] bond1: (slave ip6gretap1): making interface the new active one
[ 1634.682922][T16508] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[ 1634.760208][T16508] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[ 1634.802297][T16508] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[ 1635.069559][ T5908] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[ 1635.264662][ T5908] usb 3-1: Using ep0 maxpacket: 32
[ 1635.303335][ T5908] usb 3-1: config 0 has an invalid interface number: 132 but max is 0
[ 1635.355122][ T5908] usb 3-1: config 0 has no interface number 0
[ 1635.361353][   T30] audit: type=1800 audit(1771268974.462:636): pid=16536 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.12898" name="nullb0" dev="tmpfs" ino=3129 res=0 errno=0
[ 1635.383567][ T5908] usb 3-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1635.454920][ T5908] usb 3-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[ 1635.474569][ T5908] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1635.513852][ T5908] usb 3-1: Product: syz
[ 1635.565181][ T5908] usb 3-1: Manufacturer: syz
[ 1635.569835][ T5908] usb 3-1: SerialNumber: syz
[ 1635.650998][ T5908] usb 3-1: config 0 descriptor??
[ 1635.677653][ T5908] em28xx 3-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[ 1635.712673][ T5908] em28xx 3-1:0.132: Video interface 132 found:
[ 1636.078573][ T5908] em28xx 3-1:0.132: unknown em28xx chip ID (0)
[ 1636.391755][   T30] audit: type=1326 audit(1771268975.492:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16560 comm="syz.0.12906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d099bf79 code=0x7fc00000
[ 1636.452079][   T30] audit: type=1326 audit(1771268975.523:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16560 comm="syz.0.12906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc9d099bf79 code=0x7fc00000
[ 1636.504508][ T5908] em28xx 3-1:0.132: reading from i2c device at 0xa0 failed: couldn't get the received message from the bridge (error=-5)
[ 1636.547909][ T5908] em28xx 3-1:0.132: board has no eeprom
[ 1636.558078][   T30] audit: type=1326 audit(1771268975.523:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16560 comm="syz.0.12906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d099bf79 code=0x7fc00000
[ 1636.624364][   T30] audit: type=1326 audit(1771268975.523:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16560 comm="syz.0.12906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d099bf79 code=0x7fc00000
[ 1636.673899][ T5908] em28xx 3-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[ 1636.682151][ T5908] em28xx 3-1:0.132: analog set to bulk mode.
[ 1636.715922][T18263] em28xx 3-1:0.132: Registering V4L2 extension
[ 1636.736718][   T30] audit: type=1326 audit(1771268975.523:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16560 comm="syz.0.12906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d099bf79 code=0x7fc00000
[ 1636.820566][ T5908] usb 3-1: USB disconnect, device number 34
[ 1636.847696][   T30] audit: type=1326 audit(1771268975.523:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16560 comm="syz.0.12906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d099bf79 code=0x7fc00000
[ 1636.857002][ T5908] em28xx 3-1:0.132: Disconnecting em28xx
[ 1636.981433][   T30] audit: type=1326 audit(1771268975.523:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16560 comm="syz.0.12906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d099bf79 code=0x7fc00000
[ 1637.075712][   T30] audit: type=1326 audit(1771268975.523:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16560 comm="syz.0.12906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d099bf79 code=0x7fc00000
[ 1637.174300][   T30] audit: type=1326 audit(1771268975.523:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16560 comm="syz.0.12906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9d099bf79 code=0x7fc00000
[ 1637.219654][T18263] em28xx 3-1:0.132: Config register raw data: 0xffffffed
[ 1637.245955][T18263] em28xx 3-1:0.132: AC97 chip type couldn't be determined
[ 1637.275031][T18263] em28xx 3-1:0.132: No AC97 audio processor
[ 1637.456562][T18263] usb 3-1: Decoder not found
[ 1637.522933][T18263] em28xx 3-1:0.132: failed to create media graph
[ 1637.570205][T18263] em28xx 3-1:0.132: V4L2 device video103 deregistered
[ 1637.719141][T18263] em28xx 3-1:0.132: Remote control support is not available for this card.
[ 1638.116894][ T5908] em28xx 3-1:0.132: Closing input extension
[ 1638.281914][ T5908] em28xx 3-1:0.132: Freeing device
[ 1638.992523][T16592] loop2: detected capacity change from 0 to 32768
[ 1639.186764][T16592] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1639.458847][T16592] XFS (loop2): Ending clean mount
[ 1640.302691][T15145] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1640.339374][T16647] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12926'.
[ 1642.418792][T16680] netlink: 344 bytes leftover after parsing attributes in process `syz.1.12933'.
[ 1644.041736][T16721] 9p: Bad value for 'rfdno'
[ 1644.147686][T16698] loop2: detected capacity change from 0 to 32768
[ 1644.181968][T16698] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[ 1644.218622][T16698] JBD2: Ignoring recovery information on journal
[ 1644.331516][T16698] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[ 1644.958807][T15145] ocfs2: Unmounting device (7,2) on (node local)
[ 1645.638822][T16726] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12948'.
[ 1646.174031][T16793] pimreg: entered allmulticast mode
[ 1646.272274][T16791] pimreg: left allmulticast mode
[ 1648.647400][T16866] netlink: 24 bytes leftover after parsing attributes in process `syz.0.12988'.
[ 1648.776809][T16864] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[ 1648.804284][T16864] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[ 1648.856709][T16864] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[ 1648.891856][T16864] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[ 1648.924765][T16864] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[ 1648.949076][T16864] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[ 1648.984864][T16864] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[ 1649.000656][T16864] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[ 1649.015846][T16864] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[ 1649.031033][T16864] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[ 1649.195199][T16874] tipc: Failed to remove unknown binding: 66,1,1/0:2495211719/2495211721
[ 1649.225646][T16874] tipc: Failed to remove unknown binding: 66,1,1/0:2495211719/2495211721
[ 1650.601673][T16894] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1650.621403][T16894] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1650.788943][T16913] netlink: 4 bytes leftover after parsing attributes in process `syz.7.13005'.
[ 1651.337627][T16926] netlink: 'syz.1.13011': attribute type 1 has an invalid length.
[ 1651.486048][T16926] bond4: entered promiscuous mode
[ 1651.525235][T16926] bond4: entered allmulticast mode
[ 1651.564696][T16926] 8021q: adding VLAN 0 to HW filter on device bond4
[ 1651.734427][T16928] erspan2: entered allmulticast mode
[ 1651.869083][T16928] bond4: (slave erspan2): making interface the new active one
[ 1651.885556][T16928] erspan2: entered promiscuous mode
[ 1651.921664][T16928] bond4: (slave erspan2): Enslaving as an active interface with an up link
[ 1652.331900][T16947] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1652.410579][ T5832] Bluetooth: hci2: hcon ffff888034cb4000 sent 1 < count 32780
[ 1652.433505][T16951] Bluetooth: hci0: unsupported parameter 32780
[ 1652.481500][T16951] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[ 1654.415775][ T8518] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1654.437270][ T8518] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1654.449219][ T8518] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1654.459979][ T8518] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1654.467949][ T8518] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1655.139885][T17015] Invalid ELF header magic: != ELF
[ 1655.511718][T17005] chnl_net:caif_netlink_parms(): no params data found
[ 1655.748177][T17005] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1655.755928][T17005] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1655.765307][T17005] bridge_slave_0: entered allmulticast mode
[ 1655.774087][T17005] bridge_slave_0: entered promiscuous mode
[ 1655.783849][T17005] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1655.791467][T17005] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1655.799158][T17005] bridge_slave_1: entered allmulticast mode
[ 1655.808153][T17005] bridge_slave_1: entered promiscuous mode
[ 1655.853837][T17005] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1655.935982][T17005] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1656.053366][T17005] team0: Port device team_slave_0 added
[ 1656.082769][T17005] team0: Port device team_slave_1 added
[ 1656.117860][T17049] loop2: detected capacity change from 0 to 512
[ 1656.139672][T17049] EXT4-fs: Ignoring removed i_version option
[ 1656.165529][T17049] EXT4-fs: Ignoring removed bh option
[ 1656.213963][T17005] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1656.234757][T17005] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1656.274366][T17005] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1656.276461][T17049] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1656.288187][T17005] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1656.308022][T17005] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1656.335409][T17005] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1656.409298][T17049] ext4 filesystem being mounted at /64/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1656.415849][T17005] hsr_slave_0: entered promiscuous mode
[ 1656.433003][T17005] hsr_slave_1: entered promiscuous mode
[ 1656.442066][T17005] debugfs: 'hsr0' already exists in 'hsr'
[ 1656.448514][T17005] Cannot create hsr debugfs directory
[ 1656.537392][ T5832] Bluetooth: hci6: command tx timeout
[ 1656.755319][T15145] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1656.982733][T17068] overlayfs: failed to clone upperpath
[ 1657.466600][T17089] overlayfs: failed to clone upperpath
[ 1657.744540][T17097] netlink: 212344 bytes leftover after parsing attributes in process `syz.7.13066'.
[ 1657.765166][T17095] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13067'.
[ 1657.922856][T31305] IPVS: starting estimator thread 0...
[ 1658.083261][T17104] IPVS: using max 39 ests per chain, 93600 per kthread
[ 1658.614231][ T5832] Bluetooth: hci6: command tx timeout
[ 1659.226902][T17005] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1659.276781][T17005] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1659.327941][T17005] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1659.403030][T17005] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1659.811028][T17005] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1659.978380][T17005] 8021q: adding VLAN 0 to HW filter on device team0
[ 1660.047582][ T7939] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1660.054965][ T7939] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1660.135807][ T1046] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1660.143027][ T1046] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1660.692526][ T5832] Bluetooth: hci6: command tx timeout
[ 1662.770909][ T5832] Bluetooth: hci6: command tx timeout
[ 1662.807285][T17005] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1663.980315][T17005] veth0_vlan: entered promiscuous mode
[ 1664.637539][T17254] netlink: 52 bytes leftover after parsing attributes in process `syz.1.13108'.
[ 1664.924478][T17005] veth1_vlan: entered promiscuous mode
[ 1665.619253][T17005] veth0_macvtap: entered promiscuous mode
[ 1665.976499][T17267] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13111'.
[ 1666.083073][T17005] veth1_macvtap: entered promiscuous mode
[ 1666.193535][T17005] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1666.257814][T17005] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1666.406713][T21701] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1666.429039][T21701] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1666.474872][T21701] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1667.103472][T21701] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1667.528738][T21701] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1667.547363][T21701] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1667.660880][ T6158] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1667.696896][ T6158] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1668.854226][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1668.860796][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1669.078764][T17351] all: renamed from bond_slave_0 (while UP)
[ 1673.729971][T17448] netlink: 'syz.3.13163': attribute type 15 has an invalid length.
[ 1675.373685][T17469] netlink: 12 bytes leftover after parsing attributes in process `syz.7.13169'.
[ 1677.855672][   T13] netdevsim netdevsim7 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1677.913368][   T13] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1677.972061][   T13] netdevsim netdevsim7 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1678.051088][   T13] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1678.155504][   T13] netdevsim netdevsim7 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1678.210248][   T13] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1678.268644][   T13] netdevsim netdevsim7 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1678.312619][T17497] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13176'.
[ 1678.341423][   T13] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1678.921000][T17510] fuse: Bad value for 'fd'
[ 1682.124331][T17579] overlayfs: failed to resolve './file0': -2
[ 1689.948994][T17667] 9p: Bad value for 'wfdno'
[ 1690.223404][T17676] netlink: 24 bytes leftover after parsing attributes in process `syz.2.13220'.
[ 1692.810739][T17711] netlink: 20 bytes leftover after parsing attributes in process `syz.2.13234'.
[ 1695.528043][   T24] kernel write not supported for file bpf-prog (pid: 24 comm: kworker/1:0)
[ 1696.514347][ T5832] Bluetooth: hci2: command 0x0406 tx timeout
[ 1696.772075][T17766] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13250'.
[ 1697.669070][T17779] bridge_slave_0: left allmulticast mode
[ 1697.729733][T17779] bridge_slave_0: left promiscuous mode
[ 1697.803777][T17779] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1698.025705][T17788] netlink: 'syz.7.13255': attribute type 1 has an invalid length.
[ 1698.043538][T17779] bridge_slave_1: left allmulticast mode
[ 1698.070748][T17779] bridge_slave_1: left promiscuous mode
[ 1698.131450][T17779] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1698.318719][T17779] bond0: (slave bond_slave_0): Releasing backup interface
[ 1698.484932][T17779] bond0: (slave bond_slave_1): Releasing backup interface
[ 1698.774044][T17779] team0: Port device team_slave_0 removed
[ 1698.876156][T17779] team0: Port device team_slave_1 removed
[ 1698.904119][T17779] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1698.946056][T17779] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1699.011854][T17779] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1699.056627][T17779] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1699.185165][T17779] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1699.309917][T17788] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[ 1701.250041][T17833] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13265'.
[ 1701.633035][ T5832] Bluetooth: hci5: command 0x0406 tx timeout
[ 1702.117355][T17859] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1702.225876][T17859] overlayfs: failed to set xattr on upper
[ 1702.246846][T17859] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1702.280929][T17859] overlayfs: ...falling back to index=off.
[ 1702.345785][T17859] overlayfs: ...falling back to uuid=null.
[ 1702.415890][T17859] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[ 1702.536062][T17868] overlayfs: failed to clone upperpath
[ 1702.646286][T17872] overlayfs: failed to clone upperpath
[ 1704.357995][T17904] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13287'.
[ 1715.413450][T17985] overlayfs: failed to clone upperpath
[ 1716.082487][T17996] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13310'.
[ 1716.641749][T18003] overlayfs: failed to clone upperpath
[ 1717.748094][T18012] overlayfs: failed to clone upperpath
[ 1721.888714][T18040] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13326'.
[ 1724.605239][   T30] kauditd_printk_skb: 23 callbacks suppressed
[ 1724.605257][   T30] audit: type=1326 audit(1771269063.757:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18078 comm="syz.0.13340" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc9d099bf79 code=0x0
[ 1724.895009][T18087] netlink: 2028 bytes leftover after parsing attributes in process `syz.3.13341'.
[ 1724.948150][T18087] netlink: 24 bytes leftover after parsing attributes in process `syz.3.13341'.
[ 1725.145353][   T31] INFO: task syz.9.8638:3003 blocked for more than 143 seconds.
[ 1725.184820][   T31]       Tainted: G             L      syzkaller #0
[ 1725.217146][   T31]       Blocked by coredump.
[ 1725.247058][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1725.304305][   T31] task:syz.9.8638      state:D stack:26152 pid:3003  tgid:3003  ppid:26342  task_flags:0x40044c flags:0x00080003
[ 1725.387516][   T31] Call Trace:
[ 1725.417865][   T31]  <TASK>
[ 1725.433675][   T31]  __schedule+0x1585/0x5340
[ 1725.463523][   T31]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1725.491493][   T31]  ? __pfx___schedule+0x10/0x10
[ 1725.516038][   T31]  ? schedule+0x90/0x360
[ 1725.528115][   T31]  schedule+0x164/0x360
[ 1725.544337][   T31]  wb_wait_for_completion+0x3e8/0x790
[ 1725.565174][   T31]  ? __pfx_wb_wait_for_completion+0x10/0x10
[ 1725.592976][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1725.625520][   T31]  sync_inodes_sb+0x1de/0xbd0
[ 1725.660723][   T31]  ? __pfx_sync_inodes_sb+0x10/0x10
[ 1725.689517][   T31]  ? __pfx___writeback_inodes_sb_nr+0x10/0x10
[ 1725.716174][   T31]  ? __dentry_kill+0x4d4/0x5e0
[ 1725.741999][   T31]  ? get_nr_dirty_inodes+0x1c4/0x210
[ 1725.765676][   T31]  sync_filesystem+0x17a/0x230
[ 1725.791642][   T31]  generic_shutdown_super+0x77/0x2d0
[ 1725.813885][   T31]  kill_block_super+0x44/0x90
[ 1725.832526][   T31]  deactivate_locked_super+0xbc/0x130
[ 1725.854193][   T31]  cleanup_mnt+0x437/0x4d0
[ 1725.867078][   T31]  task_work_run+0x1d9/0x270
[ 1725.882814][   T31]  ? __pfx_task_work_run+0x10/0x10
[ 1725.904434][   T31]  ? kmem_cache_free+0x187/0x630
[ 1725.917921][   T31]  ? do_exit+0x696/0x2320
[ 1725.934591][   T31]  do_exit+0x69b/0x2320
[ 1725.958596][   T31]  ? __pfx_do_exit+0x10/0x10
[ 1725.974289][   T31]  do_group_exit+0x21b/0x2d0
[ 1725.988667][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1726.004991][   T31]  get_signal+0x1284/0x1330
[ 1726.026001][   T31]  arch_do_signal_or_restart+0xbc/0x830
[ 1726.041368][   T31]  ? __pfx_get_timespec64+0x10/0x10
[ 1726.057139][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1726.071188][   T31]  ? __se_sys_clock_nanosleep+0x35b/0x3b0
[ 1726.083438][   T31]  exit_to_user_mode_loop+0x86/0x480
[ 1726.094396][   T31]  ? rcu_is_watching+0x15/0xb0
[ 1726.106873][   T31]  do_syscall_64+0x32d/0xf80
[ 1726.116558][   T31]  ? trace_irq_disable+0x3b/0x150
[ 1726.127592][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1726.141574][   T31]  ? clear_bhb_loop+0x40/0x90
[ 1726.158360][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1726.174673][   T31] RIP: ffff:0xfffffffa
[ 1726.189703][   T31] RSP: 7973:0000000000000000 EFLAGS: 00000fd6 ORIG_RAX: 0000000000000000
[ 1726.223815][   T31] RAX: 0000000000000003 RBX: 0000000000000005 RCX: 0000000000000000
[ 1726.249872][   T31] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000004
[ 1726.275855][   T31] RBP: 0000000040000000 R08: cf9d780a350b4549 R09: c7e58b697db8ef3d
[ 1726.304022][   T31] R10: d68d02d45a22dc24 R11: 19b4d49ef33da9ed R12: 39cb75b6fa6cb3d1
[ 1726.336102][   T31] R13: a8d7b5dbf29d588f R14: 9b8908dcbb4f02b4 R15: 107b9d1451766018
[ 1726.359162][   T31]  </TASK>
[ 1726.371767][   T31] 
[ 1726.371767][   T31] Showing all locks held in the system:
[ 1726.483371][   T31] 1 lock held by khungtaskd/31:
[ 1726.488321][   T31]  #0: ffffffff8e7602e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1726.499238][   T31] 5 locks held by kworker/u8:4/58:
[ 1726.504387][   T31] 3 locks held by kworker/u8:7/1046:
[ 1726.513110][   T31]  #0: ffff888033033148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x855/0x1650
[ 1726.524858][   T31]  #1: ffffc90004ac7c40 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_one_work+0x87c/0x1650
[ 1726.537985][   T31]  #2: ffffffff8fbd0088 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0x11e/0x14c0
[ 1726.592090][   T31] 2 locks held by getty/5588:
[ 1726.606584][   T31]  #0: ffff8880339bd0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1726.633360][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x45c/0x13c0
[ 1726.678464][   T31] 2 locks held by segctord/27994:
[ 1726.702577][   T31] 2 locks held by syz.9.8638/3003:
[ 1726.721671][   T31]  #0: ffff888062e4e0e0 (&type->s_umount_key#79){++++}-{4:4}, at: deactivate_super+0xa9/0xe0
[ 1726.772521][   T31]  #1: ffff888026d74820 (&bdi->wb_switch_rwsem){+.+.}-{4:4}, at: sync_inodes_sb+0x1c2/0xbd0
[ 1726.791954][   T31] 2 locks held by kworker/u8:9/7936:
[ 1726.797282][   T31]  #0: ffff88801c6cc148 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x855/0x1650
[ 1726.858908][   T31]  #1: ffffc90004857c40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x87c/0x1650
[ 1726.898413][   T31] 5 locks held by kworker/u8:10/7937:
[ 1726.918206][   T31]  #0: ffff88801c2ae948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x855/0x1650
[ 1726.956102][   T31]  #1: ffffc90004a87c40 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x87c/0x1650
[ 1726.994792][   T31]  #2: ffffffff8fbc1270 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf4/0x800
[ 1727.029209][   T31]  #3: ffffffff8fbd0088 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0xe5/0xa00
[ 1727.068038][   T31]  #4: ffffffff8e766578 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x38d/0x770
[ 1727.107547][   T31] 2 locks held by syz.8.12916/16603:
[ 1727.124684][   T31]  #0: ffff88807e5ae420 (sb_writers#3){.+.+}-{0:0}, at: direct_splice_actor+0x49/0x160
[ 1727.158396][   T31]  #1: ffff888062e4e0e0 (&type->s_umount_key#79){++++}-{4:4}, at: super_lock+0x2d6/0x3d0
[ 1727.187081][   T31] 1 lock held by syz.7.13345/18092:
[ 1727.199462][   T31] 
[ 1727.205563][   T31] =============================================
[ 1727.205563][   T31] 
[ 1727.254281][   T31] NMI backtrace for cpu 1
[ 1727.254303][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1727.254326][   T31] Tainted: [L]=SOFTLOCKUP
[ 1727.254332][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1727.254342][   T31] Call Trace:
[ 1727.254350][   T31]  <TASK>
[ 1727.254360][   T31]  dump_stack_lvl+0xe8/0x150
[ 1727.254384][   T31]  nmi_cpu_backtrace+0x274/0x2d0
[ 1727.254400][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1727.254421][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1727.254440][   T31]  sys_info+0x135/0x170
[ 1727.254460][   T31]  watchdog+0xfd9/0x1030
[ 1727.254481][   T31]  ? watchdog+0x21a/0x1030
[ 1727.254504][   T31]  kthread+0x388/0x470
[ 1727.254521][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1727.254535][   T31]  ? __pfx_kthread+0x10/0x10
[ 1727.254553][   T31]  ret_from_fork+0x51e/0xb90
[ 1727.254577][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1727.254594][   T31]  ? __switch_to+0xc7d/0x1450
[ 1727.254615][   T31]  ? __pfx_kthread+0x10/0x10
[ 1727.254632][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1727.254662][   T31]  </TASK>
[ 1727.254668][   T31] Sending NMI from CPU 1 to CPUs 0:
[ 1727.376152][    C0] NMI backtrace for cpu 0
[ 1727.376174][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1727.376197][    C0] Tainted: [L]=SOFTLOCKUP
[ 1727.376203][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1727.376213][    C0] RIP: 0010:check_preemption_disabled+0x3/0xe0
[ 1727.376244][    C0] Code: 27 8c 48 c7 c6 60 f7 27 8c eb 1c 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 55 41 57 <41> 56 53 65 8b 05 57 c3 6c 07 65 8b 0d 4c c3 6c 07 f7 c1 ff ff ff
[ 1727.376258][    C0] RSP: 0018:ffffc900001469f8 EFLAGS: 00000283
[ 1727.376273][    C0] RAX: 0000000000000000 RBX: ffffffff90a55a01 RCX: 0000000080000101
[ 1727.376285][    C0] RDX: ffffc90000146c01 RSI: ffffffff8c27f760 RDI: ffffffff8c27f720
[ 1727.376298][    C0] RBP: dffffc0000000000 R08: ffffc90000146c50 R09: 0000000000000000
[ 1727.376309][    C0] R10: ffffc90000146c18 R11: fffff52000028d85 R12: ffffc90000146c60
[ 1727.376321][    C0] R13: ffffffff81769a45 R14: ffffffff8e7602e0 R15: ffffffff81769a45
[ 1727.376334][    C0] FS:  0000000000000000(0000) GS:ffff888125455000(0000) knlGS:0000000000000000
[ 1727.376347][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1727.376358][    C0] CR2: 00007f840ef33000 CR3: 000000003546a000 CR4: 00000000003526f0
[ 1727.376372][    C0] Call Trace:
[ 1727.376378][    C0]  <TASK>
[ 1727.376385][    C0]  ? unwind_next_frame+0xa5/0x23c0
[ 1727.376411][    C0]  rcu_is_watching+0x15/0xb0
[ 1727.376434][    C0]  ? unwind_next_frame+0xa5/0x23c0
[ 1727.376456][    C0]  lock_release+0x4b/0x3d0
[ 1727.376476][    C0]  ? deref_stack_reg+0x19f/0x230
[ 1727.376500][    C0]  ? unwind_next_frame+0xa5/0x23c0
[ 1727.376522][    C0]  unwind_next_frame+0x1aaa/0x23c0
[ 1727.376548][    C0]  ? unwind_next_frame+0xa5/0x23c0
[ 1727.376571][    C0]  ? arch_stack_walk+0xe3/0x150
[ 1727.376588][    C0]  __unwind_start+0x5b8/0x760
[ 1727.376604][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1727.376622][    C0]  arch_stack_walk+0xe3/0x150
[ 1727.376639][    C0]  ? stack_trace_save+0xa9/0x100
[ 1727.376657][    C0]  stack_trace_save+0xa9/0x100
[ 1727.376673][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 1727.376692][    C0]  ? unwind_next_frame+0xa5/0x23c0
[ 1727.376715][    C0]  ? ret_from_fork_asm+0x1a/0x30
[ 1727.376730][    C0]  kasan_save_track+0x3e/0x80
[ 1727.376772][    C0]  __kasan_slab_alloc+0x6c/0x80
[ 1727.376790][    C0]  kmem_cache_alloc_node_noprof+0x384/0x690
[ 1727.376808][    C0]  ? __alloc_skb+0x1d0/0x7d0
[ 1727.376824][    C0]  ? kmem_cache_alloc_node_noprof+0x23e/0x690
[ 1727.376842][    C0]  __alloc_skb+0x1d0/0x7d0
[ 1727.376861][    C0]  synproxy_send_client_synack_ipv6+0x16f/0xcb0
[ 1727.376888][    C0]  ? __pfx_synproxy_send_client_synack_ipv6+0x10/0x10
[ 1727.376906][    C0]  ? nft_synproxy_dump+0x150/0x270
[ 1727.376927][    C0]  ? synproxy_pernet+0x45/0x270
[ 1727.376950][    C0]  nft_synproxy_eval_v6+0x34a/0x4e0
[ 1727.376973][    C0]  ? __pfx_nft_synproxy_eval_v6+0x10/0x10
[ 1727.376995][    C0]  ? nf_ip_checksum+0x13c/0x510
[ 1727.377023][    C0]  nft_synproxy_do_eval+0x3ce/0x580
[ 1727.377047][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[ 1727.377071][    C0]  ? __lock_acquire+0x6b5/0x2cf0
[ 1727.377093][    C0]  nft_do_chain+0x45e/0x1990
[ 1727.377112][    C0]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1727.377133][    C0]  ? ip6t_do_table+0x137d/0x1560
[ 1727.377156][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[ 1727.377186][    C0]  ? nf_nat_ipv6_fn+0xf3/0x2f0
[ 1727.377210][    C0]  ? __pfx_nf_nat_ipv6_fn+0x10/0x10
[ 1727.377236][    C0]  nft_do_chain_inet+0x29d/0x380
[ 1727.377256][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 1727.377275][    C0]  ? nf_nat_ipv6_local_in+0x157/0x660
[ 1727.377300][    C0]  ? __pfx_nf_nat_ipv6_local_in+0x10/0x10
[ 1727.377325][    C0]  ? lock_acquire+0xf0/0x2e0
[ 1727.377344][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 1727.377364][    C0]  nf_hook_slow+0xc5/0x220
[ 1727.377383][    C0]  NF_HOOK+0x21f/0x3c0
[ 1727.377404][    C0]  ? __pfx_ip6_input_finish+0x10/0x10
[ 1727.377424][    C0]  ? NF_HOOK+0x9e/0x3c0
[ 1727.377443][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[ 1727.377463][    C0]  ? __pfx_ip6_input_finish+0x10/0x10
[ 1727.377489][    C0]  ip6_input+0x16a/0x270
[ 1727.377508][    C0]  ? ip6_input+0x23/0x270
[ 1727.377529][    C0]  NF_HOOK+0x336/0x3c0
[ 1727.377547][    C0]  ? skb_orphan+0xaf/0xd0
[ 1727.377567][    C0]  ? __pfx_ip6_rcv_finish+0x10/0x10
[ 1727.377586][    C0]  ? NF_HOOK+0x9e/0x3c0
[ 1727.377604][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[ 1727.377624][    C0]  ? __pfx_ip6_rcv_finish+0x10/0x10
[ 1727.377649][    C0]  ? process_backlog+0x3eb/0x1950
[ 1727.377665][    C0]  process_backlog+0x7dd/0x1950
[ 1727.377691][    C0]  __napi_poll+0xae/0x340
[ 1727.377705][    C0]  ? skb_defer_free_flush+0x233/0x260
[ 1727.377722][    C0]  net_rx_action+0x627/0xf70
[ 1727.377745][    C0]  ? __pfx_net_rx_action+0x10/0x10
[ 1727.377760][    C0]  ? kvm_sched_clock_read+0x11/0x20
[ 1727.377784][    C0]  ? __pfx_sched_clock_cpu+0x10/0x10
[ 1727.377808][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[ 1727.377834][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[ 1727.377855][    C0]  handle_softirqs+0x22a/0x870
[ 1727.377878][    C0]  ? run_ksoftirqd+0x36/0x60
[ 1727.377902][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[ 1727.377924][    C0]  run_ksoftirqd+0x36/0x60
[ 1727.377944][    C0]  smpboot_thread_fn+0x541/0xa50
[ 1727.377967][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[ 1727.377992][    C0]  kthread+0x388/0x470
[ 1727.378012][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[ 1727.378034][    C0]  ? __pfx_kthread+0x10/0x10
[ 1727.378049][    C0]  ret_from_fork+0x51e/0xb90
[ 1727.378072][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1727.378092][    C0]  ? __switch_to+0xc7d/0x1450
[ 1727.378111][    C0]  ? __pfx_kthread+0x10/0x10
[ 1727.378127][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1727.378149][    C0]  </TASK>
[ 1727.949433][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1727.956342][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1727.967124][   T31] Tainted: [L]=SOFTLOCKUP
[ 1727.971460][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1727.981525][   T31] Call Trace:
[ 1727.984819][   T31]  <TASK>
[ 1727.988039][   T31]  vpanic+0x56c/0xa60
[ 1727.992049][   T31]  ? __pfx___schedule+0x10/0x10
[ 1727.996924][   T31]  ? __pfx_vpanic+0x10/0x10
[ 1728.001458][   T31]  panic+0xc5/0xd0
[ 1728.005193][   T31]  ? __pfx_panic+0x10/0x10
[ 1728.009620][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1728.015011][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[ 1728.021185][   T31]  watchdog+0x1023/0x1030
[ 1728.025537][   T31]  ? watchdog+0x21a/0x1030
[ 1728.029981][   T31]  kthread+0x388/0x470
[ 1728.034066][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1728.038747][   T31]  ? __pfx_kthread+0x10/0x10
[ 1728.043345][   T31]  ret_from_fork+0x51e/0xb90
[ 1728.047958][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1728.053105][   T31]  ? __switch_to+0xc7d/0x1450
[ 1728.057818][   T31]  ? __pfx_kthread+0x10/0x10
[ 1728.062427][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1728.067216][   T31]  </TASK>
[ 1728.070687][   T31] Kernel Offset: disabled
[ 1728.075002][   T31] Rebooting in 86400 seconds..