last executing test programs:

11m47.684999702s ago: executing program 32 (id=340):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=@bridge_getlink={0x34, 0x12, 0x104fc4407ba7bf0b, 0x70bd26, 0x25dfdbfd, {0x7, 0x0, 0x0, 0x0, 0x201, 0x10000}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x4}}}]}, 0x34}}, 0x24008800)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000100)='highspeed', 0x9)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000000)=[@mss, @mss={0x2, 0x9}, @window={0x3, 0x7}, @sack_perm, @window={0x3, 0x3, 0x401}, @window], 0x6)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)
read$FUSE(r5, &(0x7f0000001d00)={0x2020}, 0x2020)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f00000001c0), 0x4)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r7 = syz_genetlink_get_family_id$gtp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$GTP_CMD_ECHOREQ(r6, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000780)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r7], 0x4c}, 0x1, 0x0, 0x0, 0xc000400}, 0x4000)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12)
connect$can_bcm(r3, &(0x7f0000000080), 0x10)
sendmsg$can_bcm(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)={0x5, 0x0, 0x0, {}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "f8ca44dfaa00"}}, 0x48}, 0x1, 0x0, 0x0, 0x48850}, 0x0)
sendmsg$can_bcm(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)={0x5, 0x15, 0xfffffffe, {0x0, 0x2710}, {0x0, 0x2710}, {}, 0x1, @can={{0x2}, 0x2, 0x3, 0x0, 0x0, "61bcf34b016813cf"}}, 0x48}, 0x1, 0x0, 0x0, 0x6686ae64641a9d97}, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
getpid()
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r8, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x8}, 0x4040800)

11m13.548971711s ago: executing program 4 (id=412):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000052e8e510b1134200c4dc0102030109021b00010000000009044400012eafb200090581b402"], 0x0)

11m10.446428176s ago: executing program 4 (id=417):
syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xb7, 0x3d, 0x60, 0x40, 0xac8, 0xc301, 0xb498, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x99, 0x0, 0x0, 0x7c, 0xd3, 0x6b}}]}}]}}, 0x0)

11m8.122868575s ago: executing program 4 (id=422):
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r4, 0x4008af00, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
r5 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
ptrace(0x11, r5)
madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf)
madvise(&(0x7f000020b000/0x11000)=nil, 0x11000, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB="000000850000f9aa3e31418564c9de53b11f3b1e83bd3394eb7bef66d482e883a72e33cedf4fd3601291782fe52526c1fef4492ba9a6bbaa613cc9aacc52939895d46c72fcf709ebddcf19ebb1d450efdf5911bfb951e9a29d62545454c9f3e429d5f9e0e1e6c4a92e45000000003b0a53f658bf13377fd80e7f2d275762548de13d1a8774ef9694298ad99da258a64cd1f710f0e8a60284d13ce9637f525bbfe31ee8a21305"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000002100050125bd7000000000000200000000", @ANYRES32=0x0, @ANYRES16, @ANYBLOB="b7836f1c1b5be19805e133cc73fc5944bcec8171ae276f8474276c3617"], 0x28}, 0x1, 0x0, 0x0, 0x4008055}, 0x0)
process_vm_readv(r1, &(0x7f0000000d00), 0x0, &(0x7f0000000140)=[{&(0x7f00000014c0)=""/4096, 0x1000}, {&(0x7f0000000780)=""/197, 0xc5}, {&(0x7f0000000ec0)=""/237, 0xbbb9fd7f22b740c8}, {&(0x7f00000001c0)=""/57, 0x39}, {&(0x7f00000003c0)=""/13, 0xd}], 0x5, 0x0)
socket$inet6(0xa, 0x2, 0x0)

11m6.86505118s ago: executing program 4 (id=426):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000))
unshare(0x24060400)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x92, 0x5, 0x6, 0x4}, 0x3a, [0x8000, 0x2c95a, 0xf, 0x8, 0x80, 0xfffffff8, 0x1, 0x80000000, 0x20000006, 0x4d, 0x8, 0x4, 0x8, 0x5, 0xffff2d37, 0x4, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x5, 0x3c5b, 0x1, 0x24, 0xd, 0x7, 0x0, 0x800, 0x4, 0x4, 0x7, 0x3, 0x8, 0x10, 0x40000000, 0xfffffffe, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x40017, 0x0, 0x7, 0x5, 0x3e, 0x3, 0x6, 0xffff, 0x0, 0x9, 0x4, 0x8008, 0x400, 0x40080, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0xd, 0x5, 0xfffffff3, 0x129432e6, 0x40c8, 0xf9, 0xdf9, 0x82c0, 0x6c7, 0x8, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x105, 0xea4, 0x0, 0x2, 0x7, 0x7fff, 0x1c001, 0x3fe, 0x403, 0x200006, 0x4, 0xff, 0x5, 0x1000005, 0x5f31, 0x2d, 0x4e2, 0x5, 0x4, 0xb, 0x2000004, 0x9, 0x80000001, 0x9, 0x6, 0x47, 0x8200, 0x1, 0xfe000000, 0x8, 0xffffffff, 0x4, 0x2, 0x3, 0x51, 0x9, 0x1, 0x3, 0x3, 0x81, 0x48c93690, 0x42, 0x9], [0x7, 0x407, 0x7, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0xa2, 0x8000, 0x0, 0x400, 0xb, 0x5, 0x5, 0x5, 0x4000000, 0x1eb, 0x3, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0xfffffffe, 0x3, 0x20000008, 0x4, 0x6d01, 0x2, 0x38, 0x800083, 0x200, 0x80, 0x3, 0x8000004, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x4005, 0x6, 0x8, 0xca, 0x1ff, 0x3, 0x7ff, 0xbe, 0x4, 0x7, 0xe, 0x0, 0x5, 0x1c, 0x5, 0x4, 0x8, 0x80a2ed, 0x4, 0x3c484551], [0x9, 0xbb33, 0x5, 0xb, 0x5, 0xa, 0x5, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0xbe9, 0x2, 0x101, 0x10000, 0x2000004, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x6, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0xffffffd9, 0xfffff000, 0x10010000, 0x9, 0x7e, 0x9, 0x9602, 0x40008, 0xaf, 0x5, 0x6, 0x7, 0x6, 0x5, 0x8, 0x30f1d693, 0xa1f, 0xf3c, 0x7, 0x1, 0x6c1b, 0xffffffff, 0x4, 0x1, 0xb1e, 0xd7, 0x201, 0xffff3441, 0x4]}, 0x45c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x5, &(0x7f0000000040)=0x29)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, {0x4}}, '\x00'})
setsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000240)=0x1, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x20080000, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x0, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
prlimit64(r4, 0x2, &(0x7f0000000080)={0x0, 0x3}, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000001c0))
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000040)=0xc)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000580)=0x10)
pselect6(0x40, &(0x7f0000000100)={0x2, 0x5, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x7fff}, &(0x7f0000000540)={0x1f, 0x4000000000000, 0x0, 0x0, 0x0, 0x7, 0x0, 0x100000000}, 0x0, 0x0, 0x0)

11m4.791305255s ago: executing program 4 (id=429):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
syz_open_dev$tty1(0xc, 0x4, 0x1)
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
eventfd2(0x0, 0x0)
r4 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r5 = fanotify_init(0xf00, 0x0)
fanotify_mark(r5, 0x541, 0x40001019, r4, 0x0)
fanotify_mark(r5, 0x105, 0x9975, r4, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(crc32c-generic)\x00'}, 0x58)
r7 = accept4(r6, 0x0, 0x0, 0x800)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_EEE_GET(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x14, r8, 0x200, 0x70bd2b, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x20000040}, 0x4008000)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r9, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r9, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r9, &(0x7f0000000340)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0x2}, 0x1c)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000140)={&(0x7f00004c5000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f00000006c0)=""/4088, 0xff8, 0x1, 0x0}, &(0x7f0000000000)=0x40)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)

11m0.432261886s ago: executing program 4 (id=437):
r0 = getpgid(0x0)
syz_open_procfs(r0, &(0x7f0000000180)='setgroups\x00')
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0xd, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x2172, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(0xffffffffffffffff, 0xc03864bc, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f00000003c0), 0x0, 0x0, 0x0, 0x8000000000009})
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x83, 0x0, &(0x7f0000000080))
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000440), &(0x7f0000000100)=0x8)
socket$inet6_tcp(0xa, 0x1, 0x0)
close(0xffffffffffffffff)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0xb, 0x1, 0x4, 0x0, 0x7})
syz_io_uring_setup(0x234, &(0x7f0000000580)={0x0, 0x95f5, 0x10100, 0x0, 0x89}, 0x0, 0x0)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000000c0)={0x200000, 0x200000})

10m44.781753101s ago: executing program 33 (id=437):
r0 = getpgid(0x0)
syz_open_procfs(r0, &(0x7f0000000180)='setgroups\x00')
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0xd, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x2172, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(0xffffffffffffffff, 0xc03864bc, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f00000003c0), 0x0, 0x0, 0x0, 0x8000000000009})
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x83, 0x0, &(0x7f0000000080))
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000440), &(0x7f0000000100)=0x8)
socket$inet6_tcp(0xa, 0x1, 0x0)
close(0xffffffffffffffff)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0xb, 0x1, 0x4, 0x0, 0x7})
syz_io_uring_setup(0x234, &(0x7f0000000580)={0x0, 0x95f5, 0x10100, 0x0, 0x89}, 0x0, 0x0)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000000c0)={0x200000, 0x200000})

8m43.655012877s ago: executing program 3 (id=816):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="2c385a7af3a25bef9aab35", 0xb)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3", 0x8}], 0x1}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)

8m43.487059087s ago: executing program 3 (id=818):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000280)='./file0\x00', 0x200841a, &(0x7f0000000f40)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0193acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417bb7f527c0bfebec112d57fc69fabb9b31ef97b2147930ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c8426803000000005c000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a3332978da70e9050417087c5ae034a735e8b448dd97014043159cbaacebfc912cf05f608e6214c04099fa311b747c37af702d134fb8eec487cfaea91150d1980464ff31cf86e3f3b950b204f6f67810c0826e4e5467c1588de9816bc627fb4662ac5fc8e38f19ec065550e5f9b16f72a91144a2e52ba9f2c6a7e2afbabc533ac731bb7ec51b8c585c2749469da331006ca4d49e136189d21ae50455834b2e75efd81c9d6352e5a814cf002f294475dab27a10d87516e405eff30", @ANYRESOCT], 0x1, 0x553b, &(0x7f00000024c0)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcP28cRRQA8Hd7t5c/gDAGuTCgIFFAQ+xLSEgJBcii4CMgWc45GC4EEhckskBuoEKu0yAoEUICmS7fIXUspQldChdGogbt3u5lkxhyiszuEv9+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafedeCkp4m52mBnH5Wu39jZWsn7ngT5zY+v2fNayuPOoib55++CTb7eXqycn5ionX9WfDAAAAIdDt6zvI+JOur2U9clMXv+n5TVZzf/9M+O4rOcfrPt39jaOFl+aL+v/3369+8JkopnxPNmgq2uj4eLDqfT+oyW23rOPvKKX3/n8dy/d/A1J3t98fjfN72fn25s33+3n4ZE6sgUAHsfJsi+C8uehrB80mRgAh0avUniX9X93ptmcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuxlPlXEnIuZ79+LMzt7Gyn79ja3b82U7e/36VnXMbIg0IlbXRsO0xrW03ZWr1z5ZHo2Gl+sPTkREc7MXwYdTXBPx79cUH89obhX/HHTakUajQVK8P23J5yCD8rN38CM39A0JAIAnVlq0rK6/k24vZa91ZiP++uH++v+1ShxT1v93Pzp7qzpXtf4f1LbC9ltYv/jZwpWr195Yu7h8YXhh+OmbpwZvDU6fO3Pm3EJ2rxYXViMZLjadJgAAAP9j/aJV6/9k9uH9/+OVOKas/z//bvBlda6u+n9f9zb9ms4EAADgMOpPoude+fOPzj5XdPr9+GJ5ff3yYHycnJ8aH2tN9zEdKVq1/u/ONp0VAAAAUIfdzc59+//nK3FMuf//9I8v/lwdsxsRxyIuRcTw5Mql0fn6ltNqdfyhcj5Rv+mVAgAA0JRjRavu/6f58//J5JGHJCJef3Ucl//rapr6v/ve1z9V56o+/3+6viW2UjI3vh95PxfRm2s6IwAAAJ5kR4uWFfu/p9tLH/9y/IO+5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6vZ3AAAA//+pzDYD")
mkdir(&(0x7f0000000000)='./file0\x00', 0x14b)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x42)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc4}})

8m40.807043617s ago: executing program 3 (id=824):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000280)={{0x0, 0x4, 0x0, 0x9}, 'syz1\x00', 0x9})
ioctl$UI_SET_FFBIT(r0, 0x4004556b, 0x51)
ioctl$UI_DEV_CREATE(r0, 0x5501)
r1 = syz_open_dev$evdev(&(0x7f0000000100), 0x72, 0x0)
ioctl$EVIOCSFF(r1, 0x40304580, &(0x7f0000000500)={0x51, 0x2, 0x78c, {0x12}, {0xff, 0x47}, @period={0x59, 0x8001, 0x2, 0x5, 0x4f4, {0x80, 0xe, 0xfff}, 0x0, 0x0}})

8m38.58269862s ago: executing program 3 (id=832):
syz_mount_image$erofs(&(0x7f0000000040), &(0x7f0000000000)='./file2\x00', 0x20404a, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1e1, &(0x7f0000000640)="$eJzslr1u01AUx//XtpwEBSExsjAQCRhwbAcQC4gsTAxIQCIGhoiYKGCIlGQgkVDgCViYkBgY2HkBJFj7EFXaqUu6deni6vpe27eRnaT56tDzk3r6t318fD6s44AgiAvL/t7ROEA+1EWUkJPnD/TER1P8d/OHn/8/fVL/9vr3Tm5sFdJiBsHizzcA/Kvq6Mf3nr67JP+/gBbrl9BwW+o6GCypeTI1qT0wvJL6naI73N+y3rZ9z3rT8Ztc2Nw43LjcVKbzm3xlaCr5MeV6bzB83/B9r7tBMa9/k6qGh0p+6rwsiGxtpX8ONDhSV8DwXOoHyEW9ES1R6r9mJPH1mfWbWGP9tWLKJZ7KGeJcvZw5KhPAcokBLA74EytVii/yld3kO5QhdIQimuh6In/Xt1QFf9Hn+MDYelfZas1cZhZ/H4t7ojPBSByHPlcyAgajBR9hYpluJPsp+MVwU9lPYpX8CD81fITl3mB4p/2h0fJa3kfXrdy379r2PbccLiJhZ+y/QrifLiXxU79JHJOZ+NTo97uOsPGxK2zaxtXC/afh1g1xzIdrTsXNK5rJPwNGPMg/qvOjzFIIgiC2ynWw40BiREJ+TaD81n12jjkSBEEQBEEQBEEQBLEaJwEAAP//63FC3Q==")
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
ptrace$getregset(0x4205, r0, 0x2, &(0x7f0000000080)={&(0x7f0000000000)=""/120, 0x78})
ptrace$getregset(0x4204, r0, 0x2, &(0x7f0000000740)={0x0})

8m37.315026626s ago: executing program 3 (id=835):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r1, r3, 0x25, 0x2, @val=@tracing={0x0, 0x10}}, 0x20)
syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[], 0x0)

8m36.502993194s ago: executing program 3 (id=840):
unshare(0x6020400)
r0 = epoll_create1(0x0)
r1 = syz_open_dev$vcsn(&(0x7f0000000300), 0x1, 0x60000)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)={0xa0000001})
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$VT_DISALLOCATE(r2, 0x5608)

8m35.994388895s ago: executing program 34 (id=840):
unshare(0x6020400)
r0 = epoll_create1(0x0)
r1 = syz_open_dev$vcsn(&(0x7f0000000300), 0x1, 0x60000)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)={0xa0000001})
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$VT_DISALLOCATE(r2, 0x5608)

8m20.224973348s ago: executing program 2 (id=880):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de7e001009058b1e20"], 0x0)
close(0x3)
syz_usb_control_io(r1, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x111}}, 0x20)

8m18.108184175s ago: executing program 2 (id=891):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="4dc07f947163300c", 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$inet(r1, &(0x7f0000003340)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000002c0)="af8d195ac29a2a0fe48238e1543d21ee817644e51046a895ff2b7e18d764b6e016752938c9d661e72f7cc56a70a2967587d23dfbef4857038e1cf33269f981efe0dc9d60409b63866620856ebf18d3dc1efe26620cef44f9311cc7b4fb0aee4581ccb941afd07c76517b7cee360ef44217cf70bfb7f34b8cef568000e6a94f0e3a2a35edbe8739bc4203acd8179229f375ff9c71210818738eabb1988fa217f608427624c073807576e4dfbc6cae39f311d1aacfd5a6ee473edeb094", 0xbc}], 0x1}}], 0x1, 0x44008890)
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000400)={0x0}, 0x1, 0x0, 0x0, 0x4010}, 0x4)

8m17.823076502s ago: executing program 2 (id=894):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)=@newlink={0x38, 0x10, 0x439, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, 0x9801}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20048001}, 0x4000004)
sendto$packet(r0, &(0x7f0000000640)="e8b77052a9", 0x28, 0x40, &(0x7f0000000200)={0x11, 0x86dd, r3, 0x1, 0x0, 0x6, @local}, 0x14)

8m17.631138223s ago: executing program 2 (id=895):
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4000040)
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000240)='./file1\x00', 0x0, &(0x7f00000000c0)=ANY=[], 0x1, 0x1513, &(0x7f0000002d00)="$eJzs3Au4TlW3OPAx5pxLm9Cb5D7HHIs3uUySJJeERJIkSZJbQpIkSUhscktCEnJPcg/JLST3+y33kHySJAkJSeb/0df3d77Td0595+sc5zl7/J5nPXuOvd4x1lh77Od911rPs/c37QdWrlulYm1mhn8J/vVLKgCkAEAfALgGACIAKJGlRBbAIZBeY+q/dhDx53poypXuQFxJMv+0Teaftsn80zaZf9om80/bZP5pm8w/bZP5C5GWbZma81rZ0u72P/f8H+T5//868vn/f8jhIqO+WFfk+g7/RIrMP22T+adtMv+0Teaftsn80zaZ//9xEUCF/2S3zD9tk/kLkZZd6efPsl3Z7Ur//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPxtfaX7EkIIIYQQQgghxJ8nXHWlOxBCCCGEEEIIIcR/PwQFGgxEkA6ughRIDxngasgImSAzXAMJuBaywHWQFa6HbJAdckBOyAW5IQ9YIHDAEENeyAdJuAHyw41QAApCISgMHopAUbgJisHNUBxugRJwK5SE26AUlIYyUBZuh3JwB5SHClAR7oRKcBdUhipwN1SFe6Aa3AvV4T6oAfdDTXgAasGDUBsegjrwMNSFR6AePAr1oQE0hEbQ+L+U/yJ0hpegC3SFVOgG3eFl6AE9oRf0hj7wCvSFV6EfvAb9YQAMhNdhELwBg+FNGAJDYRi8BcNhBIyEUTAaxsBYeBvGwTswHt6FCTARJsFkmAJTYRq8B9NhBsyE92EWfACzYQ7MhXkwHz6EBbAQFsFHsBg+hiWwFJbBclgBK2EVrIY1sBbWwXrYABthE2yGLfAJbIVtsB12wE7YBbvhU9gDe2EffAb74fN/Mv/sv8vvgICAChUaNJgO02EKpmAGzIAZMSNmxsyYwARmwSyYFbNiNsyGOTAH5sJcmAfzICEhI2NezItJTGJ+zI8FsAAWwkLo0WNRLIrF8GYsjsWxBJbAklgSS2FpLI1lsSyWw3JYHstjRayIlbASVsbKeDfejfdgNayG1REBoAbWxJpYC2thbayNdbAO1sW6WA/rYX2sjw2xITbGxtgEm2BTbIrNsTm2wBbYEltiK2yFrbE1tsE22BbbYjtsh+2xPXbAjtgRX8QX8SV8CbtiJdUNu2N37IE9sBf2xt74CvbFV/FVfA374wAciK/j6/gGDsYzOASH4jAchuXUCByJo5DVGByLY3EcjsPxOB4n4ESciJNxCk7FaTgNp+MMnIHv4yz8AD/AOTgH5+F8nI8LcCEuwkW4GM/iElyKy3A5rsCVuAJX4xpcjetwPa7DjbgRN+Nm/AQ/wW24DXfgDtyFu/BT/BT34l7sj/txPx7AA3gQD+IhPISH8TAewSN4FI/iMTyGx/E4nsCTeApP4mk8jWfwLJ7Dc3gez+MFfD7XV3V2FVzbH9QlRhmVTqVTKSpFZVAZVEaVUWVWmVVCJVQWlUVlVVlVNpVN5VA5VC6VS+VReRQpUqxilVflVUmVVPlVflVAFVCFVCHllVdFVVFVTBVTxVVxVULdqkqq21QpVVo182VVWVVONfflVQVVUVVUldRdqrKqoqqoqqqqqqaqqeqquqqhaqia6gFVS3XDXviQujSZumoA1lMDsb5qoBqqRuoNfEw1UYOxqWqmmqsn1FAcgi1VE99KPa1aq5HYRj2rRuFzqp0ag+3VC6qD6qg6qRdVZ9XUd0n361ugmow9VE/VS/VWmeAudWlildVrqr8aoAaq19U8fEMNVm+qIWqoGqbeUsPVCDVSjVKj1Rg1Vr2txql31Hj1rpqgJqpJarKaoqaqaeo9NV3NUDPV+2qW+kDNVnPUXDVPzVcfqgVqoVqkPlKL1cdqiVqqlqnlaoVaqVap1WqNWqvWqfVqg9qoNqnNaov6RG1V29R2tUPtVLvUbvWp2qP2qn3qM7Vffa4OqL+og+oLdUh9qQ6rr9QR9bU6qr5Rx9S36rj6Tp1QJ9Up9b06rX5QZ9RZdU79qM6rn9QF9bO6qIICjVpprY2OdDp9lU7R6XUGfbXOqDPpzPoandDX6iz6Op1VX6+z6ew6h86pc+ncOo+2mrTTrGOdV+fTSX2Dzq9v1AV0QV1IF9ZeF9FF9U26mL5ZF9e36BL6Vl1S36ZL6dK6jC6rb9fl9B26vK6gK+o7dSV9l66sq+i7dVV9j66m79XV9X26hr5f19QP6Fr6QV1bP6Tr6Id1Xf2Irqcf1fV1A91QN9KN9WO6iX5cN9XNdHP9hG6hn9Qt9VO6lX5at9bP6Db6Wd1WP6fb6ed1e/2C7qA76k76Z31RB91Fd9Wpupvurl/WPXRP3Uv31n30K7qvflX306/p/nqAHqhf14P0G3qwflMP0UP1MP2WHq5H6JF6lB6tx+ix+m09Tr+jx+t39QQ9UU/Sk/UUPVX3+rXSzD+Q/84/yO/3y9E36y36E71Vb9Pb9Q69U+/Su/VuvUfv0fv0Pr1f79cH9AF9UB/Uh/QhfVgf1kf0EX1UH9XH9DF9XB/XJ/RJ/aP+Xp/WP+gz+qw+q3/U5/V5feHXnwEYNMpoY0xk0pmrTIpJbzKYq01Gk8lkNteYhLnWZDHXmazmepPNZDc5TE6Ty+Q2eYw1ZJxhE5u8Jp9JmhtMfnOjKWAKmkKmsPGmiClqbvqX83+vv8amsWlimpimpqlpbpqbFqaFaWlamlamlWltWps2po1pa9qadqadaW/amw6mg+lkOpnOprPpYrqYVJNqupuXTQ/T0/QyvU0f84rpa/qafqaf6W/6m4FmoBlkBpnBZrAZYoaYYWaYGW6Gm5FmpBltRpuxZqwZZ8aZ8Wa8mWAmmElmkplipphpZpqZbqabmWammWVmmdlmtplr5pr5Zr5ZYBaYRWaRWWwWmyVmqVlqlpvlZqVZaVab1WatWWvWm/Vmo9lolpgtZovZaraa7Wa72Wl2mt1mt9lj9ph9Zp/Zb/abA+aAOWgOmkPmkDlsDpsj5og5ao6aY+aYOW6OmxPmhDllTpnT5rQ5Y86Yc+acOW/OmwvmgrloLl667ItUpCITmShdlC5KiVKiDFGGKGOUMcocZY4SUSLKEmWJskbXR9mi7FGOKGeUK8odpYKNKHIRR3GUN8oXJaMbovzRjVGBqGBUKCoc+ahIVDS6KSoW3RwVj26JSkS3RiWj26JSUemoTFQ2uj0qF90RlY8qRBWjO6NK0V1R5ahKdHdUNbonqhbdG1WP7otqRPdHNaMHolrRg1Ht6KGoTvRwVDd6JKoXPRrVjxpEDaNGUeM/tX4IZ7I/7rvYrjbVdrPd7cu2h+1pe9neto99xfa1r9p+9jXb3w6wA+3rdpB9ww62b9ohdqgdZt+yw+0IO9KOsqPtGDvWvm3H2XfsePuunWAn2kl2sp1ip9pp9j073c6wM+37dpb9wM62c+xcO8/Otx/aBXahXWQ/sovtx3aJXWqX2eV2hV1pV9nVdo1da9fZ9XaD3Wg32c12i/3EbrXb7Ha7w+60u+xu+6ndY/faffYzu99+bg/Yv9iD9gt7yH5pD9uv7BH7tT1qv7HH7Lf2uP3OnrAn7Sn7vT1tf7Bn7Fl7zv5oz9uf7AX7s71ow6WL+0sf72TIUDpKRymUQhkoA2WkjJSZMlOCEpSFslBWykrZKBvloByUi3JRHspDlzAx5aW8lKQk5af8VIAKUCEqRJ48FaWiVIyKUXEqTiWoBJWkklSKSlEZKkO30+10B91BFagC3Ul30l10F1WhKlSVqlI1qkbVqTrVoBpUk2pSLapFtak21aE6VJfqUj2qR/WpPjWkhtSYGlMTakJNqSk1p+bUglpQS2pJragVtabW1IbaUFtqS+2oHbWn9tSBOlAn6kSdqTN1oS6USqnUnbpTD+pBvagX9aE+1Jf6Uj/qR/2pPw2kgTSIBtFgGkxDaCgNo7doOI2gkTSKRtMYGktjaRyNo/E0nibQBJpEk2gKTaFpNI2m03SaSTNpFs2i2TSb5tJcmk/zaQEtoEW0iBbTYlpCS2gZLaMVtIJW0SpaQ2toHa2jDbSBNtEm2kJbaCttpe20nXbSTtpNu2kP7aF9tI/20346QAfoIB2kQ3SIDtNhOkJH6CgdpWN0jI7TcTpBJ+gUnaLTdJrO0Bk6R+foPP1EF+hnukiBUpyCDO5ql9FlcpndNS7FpXcZ3F8vmC7FOVxOl8vldnmcddlc9r+LyTlXwBV0hVxh510RV9Td9Ju4lCvtyriy7nZXzt3hyv8mrurucdXcva66u89VcXf/XVzD3e9qukdcLfeoq+0auDqukavrHnH13KOuvmvgGrpGroV70rV0T7lW7mnX2j3zm3iBW+jWuLVunVvv9ri97pz70R1137jz7ifXxXV1fdwrrq971fVzr7n+bsBv4mHuLTfcjXAj3Sg32o35TTzJTXZT3FQ3zb3nprsZv4nnuw/dLLfIzXZz3Fw375f4Uk+L3EdusfvYLXFL3TK33K1wK90qt/r/97rcbXSb3Ga3233qtrptbrvb4Xa6Xb/El85jn/vM7XefuyPua3fQfeEOuWPusPvql/jS+R1z37rj7jt3wp10p9z37rT7wZ1xZ385/0vn/r372V10wQEjK9ZsOOJ0fBWncHrOwFdzRs7EmfkaTvC1nIWv46x8PWfj7JyDc3Iuzs152DKxY+aY83I+TvINnJ9v5AJckAtxYfZchIvyTVyMb+bifAuX4Fu5JN/Gpbg0l+GyfDuX4zu4PFfginwnVwqBK3MVvpur8j1cje/l6nwf1+D7uSY/wLX4Qa7ND3Edfpjr8iNcjx/l+tyAG3IjbsyPcRN+nJtyM27OT3ALfpJb8lPcip/m1vwMt+FnuS0/x+34eW7PL3AH7sid+EXuzC9xF+7KqdyNu/PL3IN7ci/uzX34Fe7Lr3I/fo378wAeyK/zIH6DB/ObPISH8jB+i4fzCB7Jo3g0j+Gx/DaP43d4PL/LE3giT+LJPIWn8jR+j6fzDJ7J7/Ms/oBn8xyey/N4Pn/IC3ghL+KPeDF/zEt4KS/j5byCV/IqXs1reC2v4/W8gTfyJt7MW/gT3srbeDvv4J28i3fzp7yH9/I+/oz38+d8gP/CB/kLPsRf8mH+io/w13yUv+Fj/C0f5+/4BJ/kU/w9n+Yf+Ayf5XP8I5/nn/gC/8wXOTDEGKtYxyaO4nTxVXFKnD7OEF8dZ4wzxZnja+JEfG2cJb4uzhpfH2eLs8c54pxxrjh3nCe2McUu5jiO88b54mR8Q5w/vjEuEBeMC8WFYx8XiYvGN8XF4pvj4vEtcYn41rhkfFtcKi4dP3Jf2fj2uFx8R1w+rhBXjO+MK8V3xZXjKvHdcdX4nrhafG9cPb4vLh7fH9eMH4hrxQ/GteOH4jrxw3Hd+JG4XvxoXD9uEDeMG8WN48fiJvHjcdO4Wdw8fiJuET8Zt4yfilvFT8et42d+d39q3C3uHr8cvxyHcK+em5yXnJ/8MLkguTC5KPlRcnHy4+SS5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTmZAhVrgKPXnntjY98On+VT/HpfQZ/tc/oM/nM/hqf8Nf6LP46n9Vf77P57D6Hz+lz+dw+j7eevPPsY5/X5/NJf4PP72/0BXxBX8gX9t4X8UV9I9/YN/ZN/OO+qW/mm/sn/BP+Sf+kf8o/5Z/2rf0zvo1/1rf1z/l2/nn/vH/Bd/AdfSf/ou/sX/JdfFef6lN9d9/d9/A9fC/fy/fxfXxf39f38/18f9/fD/QD/SA/yA/2g/0QP8QP88P8cD/cj/Qj/Wg/2o/1Y/04P86P9+P9BD/BT/KT/BQ/xU/z0/x0P93P9DP9rAKz/Gw/28/1c/18P98v8Av8Ir/IL/aL/RK/xC/zy/wKv8Kv8qv8Gr/Gr/Pr/Aa/wW/ym/wWv8Vv9Vv9dr/d7/Q7/W6/2+/xe/w+v8/v9/v9AX/AH/QH/SH/pT/sv/JH/Nf+qP/GH/Pf+uP+O3/Cn/Sn/Pf+tP/Bn/Fn/Tn/oz/vf/IX/M/+og9+bOLtxLjEO4nxiXcTExITE5MSkxNTElMT0xLvJaYnZiRmJt5PzEp8kJidmJOYm5iXmJ/4MLEgsTCxKPFRYnHi48SSxNLEssTyxIrEykQIubfGIW/IF5LhhpA/3BgKhIKhUCgcfCgSioabQrFwcygebgklwq2hZLgtlAqlQ5nwaKgfGoSGoVFoHB4LTcLjoWloFpqHJ0KL8GRoGZ4KrcLToXV4JrQJz4a24bnQLjwf2ocXQofQMXQKL4bO4aXQJXQNqaFb6B5eDj1Cz9Ar9A59wiuhb3g19Auvhf5hQBgYXg+DwhthcHgzDAlDw7DwVhgeRoSRYVQYHcaEseHtMC68E8aHd8OEMDFMCpPDlDA1TAvvhelhRpgZ3g+zwgdhdpgT5oZ5YX74MCwIC8Oi8FFYHD4OS8LSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvCJ2Fr2Ba2hx1hZ9gVdodPw56wN+wLn4X94fNwIPwlHAxfhEPhy3A4fBWOhK/D0fBNOBa+DcfDd+FEOBlOhe/D6fBDOBPOhnPhx3A+/BQuhJ/DRfmbNSGEEEKIP0T/zv5u/+B76QBA/bruDgCZtuU8/O9rbsj213VPlatFAgCe7tr+ob9tlSqlpqb++tolGqJ8cwAg8ff1/xYvhebwJLSCZlDsH/bXU3U8z79TP3krQIZ/k5MCl+PL9W/+D+o/9sSwBSXjc1n+k/pzAArku5yTHi7Hl+sX/w/qZ2/yO/2n/2IsQNN/k5MRLseX6xeFx+EZaPV3r/wDAxZCCCGEEEIIkSb0VGXa/t7986X781zmcs5VcDn+vftzIYQQQgghhBBCXHnPdez01GOtWjVr+8cW+OtzgX8u609b1Nq299lLh78yR5fFf3mBAPC/oA1Z/PHFFX5jEkIIIYQQQvzpLl/0X+lOhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKItOt/4t+JXelzFEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIa60/xcAAP//daA1bQ==")
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, &(0x7f0000000100)={@desc={0x1, 0x0, @desc3}})

8m17.071070406s ago: executing program 2 (id=900):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x2800c1e, &(0x7f0000000000)={[{@test_dummy_encryption}, {@usrjquota}]}, 0xff, 0x249, &(0x7f0000000500)="$eJzs3T9oJGUcBuB3ZneNuVvk1EYQ/4CIaCCcnWBzNgoHchwiggoRERslEWKCXWJlY6G1SiqbIHZGS0kTbBTBKmqK2AgaLAwWWqzsTiIx2aBx484l8zwwOzM7881vhpn3m2VhmACNdSnJlSStJFNJOkmKgyvcWw2X9mZXJjdmkl7vqV+KwXrVfGW/3cUky0keSbJeFnmlnSyuPbf92+YTD7y90Ln/w7VnJ8d6kHt2tree3P3g2lufXH148atvfrpW5Eq6fzuu01cM+a5dJLf9H8VuEEW77j3g37j+xsff9nN/e5L7BvnvpEx18t6Zv2m9k4feP67tuz9/fec49xU4fb1ep38PXO4BjVMm6aYop5NU02U5PV39hv+udaF8dW7+9amX5xZmX6q7pwJOSzfZevyziU8vHsr/j60q/8A5Vf0ptfX09dXv+xO7rZM2Bc6ku6pR//4/9cLSgzlh/oGzT/6hueQfmkv+obnkH5pL/qG55B+aS/6hueQfmkv+4ZybOH7RwfwDAM3Sm6j7CWSgLnX3PwAAAAAAAAAAAAAAAAAAwFErkxsz+8O4an7xXrLzWJL2sPqtwfuIk5sHnxd+Lfqr/aWomo3k+XtG3MCIPqr56etbfqi3/pd311t/aTZZfjPJ5Xb76PVX7F1//92t/7C88+KIBU7o8Lt7H31mvPUP+2O13vpXN5PP+/3P5WH9T5k7BuPh/U+3f/5GrP/a7yNuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLH5MwAA//8lhG1E")
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file1\x00', 0x2000000, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3813009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000680)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
mount$overlay(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x2000000, &(0x7f0000000440)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

8m16.438975655s ago: executing program 2 (id=903):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x59)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x3, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000300), 0xc008, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
setresuid(0xee01, 0xee00, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x208004, 0x21fffc, 0xc, 0x0, 0x2, 0xfffffffe})
umount2(&(0x7f00000002c0)='./file0\x00', 0x9)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

8m15.778287374s ago: executing program 35 (id=903):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x59)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x3, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000300), 0xc008, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
setresuid(0xee01, 0xee00, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x208004, 0x21fffc, 0xc, 0x0, 0x2, 0xfffffffe})
umount2(&(0x7f00000002c0)='./file0\x00', 0x9)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

7m45.7542682s ago: executing program 6 (id=1003):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x8}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route_sched(r0, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=@newtaction={0x68, 0x30, 0x1, 0x4000000, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x10000000, 0x0, 0x4}, 0x3, r2}}]}, {0x4, 0xa}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x68}}, 0x0)

7m44.831173235s ago: executing program 6 (id=1005):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60201, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000)=@x86={0xa0, 0xfd, 0x5, 0x0, 0x3, 0x3, 0xb, 0x1, 0xf8, 0x19, 0x7, 0x3, 0x0, 0x9d, 0x1, 0x7, 0x6, 0x40, 0x0, '\x00', 0x4, 0xcaa})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000300)={[0xea, 0x55e, 0x5, 0x4, 0xfffffffffffffffd, 0x7, 0x9, 0x7, 0x5, 0x80, 0x8, 0x794, 0xa, 0x40, 0xc976, 0x6], 0xa000, 0x20200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

7m44.194705604s ago: executing program 6 (id=1009):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket(0x2, 0x3, 0x100000001)
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x0)
sendmsg$sock(r1, 0x0, 0x80)
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, &(0x7f0000001040)={0x6, 0x4, {0x3, @struct={0x40, 0x7}, 0x0, 0x2, 0x9, 0x3, 0x0, 0x4, 0x400, @struct={0x9, 0x2}, 0x4, 0x2, [0x1, 0x2, 0x4, 0xfffffffffffffffe, 0x2, 0x1]}, {0x2, @usage=0xf2, 0x0, 0x3, 0x3, 0x13, 0x7, 0x6, 0x448, @usage=0x4, 0xd, 0x2, [0x10000, 0x4, 0x9c, 0xfffffffffffffff6, 0xe, 0x4800]}, {0x2, @usage=0x2, 0x0, 0xe98, 0x0, 0x4, 0x1, 0x84, 0xeb, @usage=0x8, 0x733b, 0x1, [0x9, 0x1, 0xfffffffffffffffb, 0x3e, 0x6, 0x4]}, {0x4, 0x1, 0x4}})
unshare(0x2040400)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt(r0, 0xff, 0x1, 0x0, 0x0)

7m43.820894276s ago: executing program 6 (id=1010):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000180)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x7}}, {@i_version}, {@noblock_validity}, {@commit={'commit', 0x3d, 0x5}}, {@inlinecrypt}, {@max_batch_time}, {@abort}, {@auto_da_alloc}, {@lazytime}, {@noauto_da_alloc}, {@grpquota}]}, 0xd, 0x5e1, &(0x7f0000001200)="$eJzs3c1vVFUbAPDnTD9oKe/bQoyKC2liDCSGlhYwxLiArSENfsSNGystiBRoaI0WTSgJbkyMG2NMXLkQ/wslsmWlKxduXBkSooaliWNmem/baWdaOrS92Pv7JUPvvWcO59xOnznnnjnnTgClNVj7pxKxPyKmU0R/ml9M64wscXDheQ/++vhs7ZGiWn39jxQpO5Y/P2U/+7LMPRHx048p9nWsLndm7trF8ampyavZ/vDspenhmblrhy9cGj8/eX7y8uiLoyeOHzt+YuRIW+d1vcmx0zff+6D/07G3vv367zTy3a9jKU7GK9kTl5/HZhmMwfrvJK1O6jux2YUVpCP7O1n+EqfOAivEhuSvX1dEPBX90RFLL15/fPJqoZUDtlQ1RVSBkkriH0oq7wfk1/Yrr4MrhfRKgO1w/9TCAMDq+O9cGBuMnvrYwO4HKZYP66SIaG9krtGeiLh7Z+zmuTtjN2OLxuGA5uZvRMTTzeI/1eN/IHpioB7/lYb4r/ULzmQ/a8dfa7P8lUPF4h+2z0L896wZ/9Ei/t9eFv/vtFn+4NLmu70N8d/b7ikBAAAAAABAad0+FdknfEtzABb2Kovzf6LJ/J++iDi5CeUPrthf/fl/5d4mFAM0cf9UxMtN5/9W8tm/Ax3Z1v/q8wG60rkLU5NHIuL/EXEounbV9kfWKOPwZ/u+apU2mM3/yx+18u9mcwGzetzr3NWYZ2J8dvxRzxuIuH8j4pmm83/TYvufmrT/tfeD6YcsY9/zt860Sls//oGtUv0m4mDT9n/prhVp7ftzDNf7A8N5r2C1Zz/6/PtW5bcb/24xAY+u1v7vXjv+B9Ly+/XMbLyMo3Od1VZp7fb/u9Mb9VvOdGfHPhyfnb06EtGdTnf0RHfj8dGN1xl2ojwe8nipxf+h55pf/6/V/++NiPkV/3f6s3FNce7Jf/p+a1Uf/X8oTi3+JzbU/m98Y/TWwA+tyn+49v9Yva0/lB0x/gcLvszDtLvxeJNw7GyWtN31BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdoBIReyJVhha3K5WhoYi+iHgidlemrszMvnDuyvuXJ2pp9e//r+Tf9Nu/sJ/y7/8fWLY/umL/aETsjYgvOnrr+0Nnr0xNFH3yAAAAAAAAAAAAAAAAAAAA8Jjoa7H+v+b3jqJrB2y5zqIrABSmSfz/XEQ9gO2n/YfyEv9QXuIfykv8Q3mJfygv8Q/lJf6hvMQ/AAAAAADsKHsP3P4lRcT8S731R013ltZVaM2ArVYpugJAYdziB8rL1B8ory7vAFB6aZ30npaZ1su5lumzj5AZAAAAAAAAAAAAAErn4H7r/6GsrP+H8rL+H8orX/17oOB6ANvPNT4Q66zkb7r+f91cAAAAAAAAAAAAAMBmmpm7dnF8amryqo03N5ZrJ/zqqtXq9dpfweNSn//4Rj4V/nGpz4qNfK3fw+Uq7j0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo9G8AAAD//0JvIXg=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000004200)={0x2020}, 0x2020)

7m43.011722244s ago: executing program 6 (id=1013):
r0 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfad6, 0x0, 0x3, 0x2}, &(0x7f0000000000), &(0x7f0000000280))
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = getpid()
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
io_uring_enter(r0, 0xdb4, 0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r0, 0x18, &(0x7f0000000340)={0x1000000006, r0, 0x6, {0xa98, 0x8}}, 0x1)

7m40.830747785s ago: executing program 6 (id=1019):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000002c0), 0x4000, &(0x7f0000000700)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000ac0)=@filename='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x0)

7m39.555068141s ago: executing program 36 (id=1019):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000002c0), 0x4000, &(0x7f0000000700)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000ac0)=@filename='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x0)

7m7.464887561s ago: executing program 8 (id=1118):
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000080)={{&(0x7f0000ffb000/0x1000)=nil, 0x1000}})

7m4.274336291s ago: executing program 8 (id=1133):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r6, {0x700}, {0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x6, 0x1, 0xb, 0x4, 0x10, 0x4], 0x3, [0xb, 0x101, 0x7fff, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x4, 0x5, 0x7, 0x9, 0x5, 0x2, 0xc, 0x40, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)

7m3.95887437s ago: executing program 8 (id=1134):
sched_setscheduler(0x0, 0x2, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000280)='./file0\x00', 0x3010010, 0x0, 0x1, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0xfffffffffffffffe}}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
chdir(&(0x7f0000000240)='./file0\x00')
execve(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)

7m2.827621778s ago: executing program 8 (id=1136):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_clone(0x200000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x5a)
r1 = accept4(r0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
sendmsg$NFC_CMD_DISABLE_SE(0xffffffffffffffff, 0x0, 0x200080c0)
write(r1, &(0x7f0000000040)="cb", 0xfffffdef)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)

7m0.518360936s ago: executing program 8 (id=1145):
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000180)='./file1\x00')
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, r0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
setpgid(0x0, r0)
openat$dir(0xffffff9c, &(0x7f0000000000)='./file0\x00', 0x1010f6, 0x1)

7m0.139051489s ago: executing program 8 (id=1147):
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000000)={0x1d, r1, 0x0, {0x1, 0xff}, 0xfe}, 0x18)
connect$can_j1939(r0, &(0x7f0000000080)={0x1d, r1, 0x0, {0x0, 0xf0, 0x2}, 0xfe}, 0x18)
sendmsg$can_j1939(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)='.', 0x1a000}}, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0xfd, 0x7fff0003}]})
syz_genetlink_get_family_id$nbd(&(0x7f0000000100), 0xffffffffffffffff)
openat(0xffffffffffffffff, 0x0, 0x6002, 0x1)
close_range(r2, 0xffffffffffffffff, 0x0)

6m44.384291071s ago: executing program 37 (id=1147):
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000000)={0x1d, r1, 0x0, {0x1, 0xff}, 0xfe}, 0x18)
connect$can_j1939(r0, &(0x7f0000000080)={0x1d, r1, 0x0, {0x0, 0xf0, 0x2}, 0xfe}, 0x18)
sendmsg$can_j1939(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)='.', 0x1a000}}, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0xfd, 0x7fff0003}]})
syz_genetlink_get_family_id$nbd(&(0x7f0000000100), 0xffffffffffffffff)
openat(0xffffffffffffffff, 0x0, 0x6002, 0x1)
close_range(r2, 0xffffffffffffffff, 0x0)

1m10.937288676s ago: executing program 7 (id=1906):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x200840, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x5, 0x4433, &(0x7f00000088c0)="$eJzs3c9rXFsdAPDvvYm+pL5X0/fe4gmCAz5QVELyVmoe2KZp06SNlWqLuJlOkmkbnWRKMhEXXcRdwZXgorgoCu6yKlm4rX+CG5d1XdCFG0EoRmbmJp17M0OmJbex5fOB5sw9v2e+c++cu7g9aaZ1b22rsrZVqW1Umit3tj6r/LLZ2F6vR1q+0Yg4zfF5BWXESexPz/WLl39867OIv6z+7fn+/v5+tI1GX9M9r//9rwcrvemBtNCm3W//3k7KzyLi4yPzahuJiJ/+OSKJiAtZ3myWjkfE2eiW3Xrwm9uVE5rNk2f1z6svlh7uzXy6uPt4b/B7TyJ+3/jKd+6u/+PrIzN//9YJDQ8AAAAAAAAAAAAAAAAAwFtu/sb1mz+amo6nSYzuJkef153P0kHPx+6fmK+V/2YBAAAAAAAAAAAAAAAAAADg/9TL5/8ryYd9nv+fy9LzA9rv/6D8OVKehR9en7s0NZ3t/54cKf9ulvXPCyNxrs++78X93y8U2vff//3oOK/rYH4H405Eko71lE9Emk5ORvwx2/j9k+RM2mhutb59p7m9sXpi03hr5ePf3b0/F51sQ/9h4z9b6L/8/f8/OvJtah/fPrmv2DstH/+RgfX+9OtkqPhfzDd7VNK0e3xU/hDvsHz8Rzt5470V3usm7fj/dvT4+M8V+i/r/D8bEZWkPddK7grQXsO08wetV8jLx/8LnbzcpTP7IAed//8pxP9Sof/Tuv7vFH+I6Csf/y928sZyNboLgE780+PP/8uF/k8j/u357/j9H0o+/tnFfjRXpfNJDnv9ny/0X1b8b6bZPM8muW/AbtLNH/T/1ZGXj//YkfKX93/pUOu/K4X2b+r+72Dc9v3fZM99yDeT7v0f/eXjPz6w3rDn/0KhXdnX//Od9R+vKx//M528/Np5ovN32PgvFvovK/6dVcnYQfxfXk/++143/w/Wf0PJx/9L3cy0t8ZO529n/Zccv/6/Wuj/NNZ/7fnvpOWO+q7Ix//9gfXa8f/rEL//1wrtyo9/xJS1/mvLx/+DgfU65//Y8fFfKrQrO/7fKLNzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLfAbJZORJJO5o7TdHIy4mJ2/EmcSZZrq9XlRnPlF1sRc1l+JT5M7jaay7VGdW2juVqv1hqN5krEpaz84xhLthrNVnW9dv/yYV/jyb16bbO1XK+1ImI+y/9qfHDQ1/Jaa712PyKuHJZ9OW1u3r9X26iurm1+f2pqaioWDudwLqn/qlXfaHVH75ZGLB62nUh6Jtcpvno4l/eTnze3NzdqjU7+tZ42jeZKrdHTZikr+12cS1qb2xsrtVa92mjePRjvNJ3P0rmFGz+5cW36SPntpJvOvtlpAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCKns5871FEjHaP0oioJNmLJPuX8+RZ/fPqi6WHezOfLu4+3nverw4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsEv/KBEDURyA34yClh7DKiSdbUQRLYwInkCP4WH0KF7CO1hY2FosC7sTWPIHQmC772sezI83b2AeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsd/fcvTzVTUSK881ZxNfb989h/lDqx/V0/8mKmacrejiO+8fu5rZuyr+nUX5Vjn7bvEv//95fY6L2Pgd7MtynvfGcobl9m3tfP/ciUq4ioi35Zcq5qpbdBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwZQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoq+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF8BAAD///BRHGQ=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x101142, 0xeaff)
write$binfmt_aout(r0, &(0x7f0000000500)=ANY=[], 0x29f)
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f00000000c0)={{r0}, 0x0, 0x0, 0x100000})
write$hidraw(r0, &(0x7f0000000280)="c291", 0x2)

1m10.149835484s ago: executing program 7 (id=1910):
r0 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000004c0)=""/217, 0xd9}], 0x1)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

1m9.862720031s ago: executing program 7 (id=1913):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
eventfd(0x5f0)
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000080), 0x10)
sendmsg$can_bcm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0)
sendmsg$can_bcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYRES32=r0], 0x48}}, 0x0)

1m9.732524828s ago: executing program 7 (id=1915):
syz_mount_image$nilfs2(&(0x7f0000000100), &(0x7f0000000f00)='./file0\x00', 0x32100d2, &(0x7f0000000140)={[{@order_strict}, {@errors_remount_ro}, {@order_relaxed}, {@errors_continue}, {@errors_continue}, {@nobarrier}, {@norecovery}, {@errors_continue}], [], 0x2c}, 0x3, 0xf0e, &(0x7f0000001e80)="$eJzs3UFsHNXdAPA3613biU28Bj4w8BHywfeJwAd2SCI1vQWBqp4Ql95BIaERhqKGHogCCT0gKiGKhDhVHKi4UCqlSK0EqlShntqeWvXGCfVCpSqVgnopUuIqznvr9YuHXY/t2V3v7yf9/fbNm53/f7yWPTOefRuAsdVY/Xr06EIRwrufvvP4K88Uv7m27J7OGgdWvxax1w4htLr6Rba9L+KCK5fPndioLcLh1a+pH5641HnuTAjhQjgQPgvt8NHS8lcfvvfYwY9fn77trbPPvbpDu9+R7wcAAOxGF/+0/PkDf//jQ/NfX9x/PEx1lqfj83bsz8Tj/kPxQDkdLzfC+n7RFd0ms/UmYjSy9Say9ZpZnmZJvla2nVbJepM98k10LdtoPwEAAGAUpfPadigai+v6jcbi4vXz/mu+mJssFl84vXzqzIAKBQAAACr71/nVm26FELsiDg1BDUJsJpprf5AGXosQ2xjnPvdzLYQQYuhiZW5glx4AAACAMZXPF3aDC9s7U1dna+3+8l96tLHx82Eb1P3zL/9o5f/gNb9xAACobrceTab9SsfRaR6DfB7Biex5mz3+b2TbaW6yzrJ5BUdlvsGyOvPv67Aqq3+zr+OglNWfz4c5rMrqz+fpHFZl9U/VXEdVZfVP11xHVWX176m5jqrK6t9bcx1VldU/U3MdVZXVP1tzHVU1wn0bLr+p9kqqKfv+76u5jqrK6h+V22rL6m/3euKQ/IErq3++5jqqKqv/5prrqKqs/ltqrqOqsvpvrbmOQbk7tun7sD8b7z5/zs/pRuUcDwAAAMbdv83/J4QQQgix/dEaghqEEJuN766eJA2+jhgrc4OvQeymOD/oCxAAAADAwKX3BaR3va9EaXyix3izx3irx/hkj/GpHuMAAABACL9949Qdbxdr7/Pf6nx4ad6oNP/SZucxyucj3Gz+rc57ttX8ozJvGQAAAOOl+M5nVx98/P2X5r++uP9419nv1Xi+m+YBbcZrA5/EfrovYDbrF+kc+vj6PI2S9fLrAzeVbe/JLe4oAAAAjLF0/t4ORWOx67y7HRqNxcW18/GF0CpOnV4+eSj20+ez/GGuNXVt+SM11w0AAAD0b+18f+Pz//Q5vgthslh84fTyqTPX+7Od5a1G93WBubXlRfd1gXa2/HDJ8iOxnz6/8/tze1aXL574wfIz273zAAAAMCbOvHz2uaeXl0/+0AMPPPCg82DQv5kAAIDt9uWX77R+dGT2d9ff/782/116//+B2G/Huf3+HFdI9wmk9wHc8H79p9bnmStb78X167Wz9SZiTGV1T3dtJ3TNN5ieN1+Wr71+O5Ml+WayfLNZvnyegma2fsq3L1uez0+Y1pvLlufzMDazHEWW/94AAAAA5ZZeev7FpTMvn3349PNPP3vy2ZMvHDl87NvHjh165FuPLK3e17/UfXc/AAAAMIrWbvoddCUAAAAAAAAAAAAAAAAAAAAwvur4OLFB7yMAAACMu3+eDyFciNHueixKojkENYga4/pHYA6+DiGEEGLsovN5yENQy8jExBDUIIQY2lhZyT9pHgAAAGBnXbl87kR3e4MLxbbm62ytfb25GvOmdvbhv85fi7TapUfXXy/Zu63VMO7q/vmXf7Tyf/Da9uafTg/6/v3XWL+B49Xy3r/0i4Xu/Hc2+8yf7/+T1fIfzPLfH/rLv/J+lv+pavkfyPLv7TP/Dfv/YrX8D8b8C7F/8L5vzN9cy7/+9Z+KbdqPPX3m//9s/58J35i/fP/bfSbMPBTzA8A4agy6gB2SjhLScfRM7Kf9TQc0+d0Pmz3+b2TbaW658vXbTcdBt8d+Ol6azfImm61/JtveTRXrzI3KXSVl9W/X67jTyupv1VxHVWX1T9ZcR1Vl9U/VXEdVZfVP11xHVWX193seOmhl9Y/KdeWy+mdqrqOqsvpna66jqrL6N/t3fFDK6t9Xcx1VldU/V3MdVZXVX/GyWu3K6p+vuY6qyuq/ueY6qiqr/5aa66iqrP5ba65jUO6Kbdn5cDr/nItjqd/O+lMbfC9367UFAAAAGDX/OD/4OQiEEEIIIYYomkNQgxBCCLHtsbIy6CsQDFL3uwGKUbnpHYAt29nZLBh2Xv/x5vUfb15/vkm6h7/I+slEj/Fmj/FWj/HJbDz/eZ3qMX5Ltt2VKI3f2mP8v3qM7+sxfnuP8YUe43f0GL+zx/hdPcYBAAAYD7fF1vkhAAAA7F6v/PKTN399/1OX57++uP94mLxh3vlDsT8V/7f+Ruzn894nrfg//x/H/s9j+/vY/i1b3/0nAAAAsPPS58T4/z8AAADsXulzSp3/AwAAwO41H1vn/wAAALB73Rxb5/8AAACwixXTGy+ObboucG9s+53XDwAYfv8d27tjuz+298T2f2KbjgPui+3/1lQfALB9fva9nxx7u1ib7/9INn4lLk/tDS5cv1JQNNbP5L8ntntj+3991pN/HkC/+ZN9febZqfxzW8wPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOwejdWvR48uFCG8++k7j/908s2/XFt2T2eNA6tfi9hrhxBaneel0bX+r+KKVy6fO9HdXo1tEQ6HIhSd5eGJS51MMyGEC+FA+Cy0w0dLy199+N5jBz9+ffq2t84+9+oOfgvW7R8AAADsRv8JAAD//wfEHO4=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x206e)

1m9.488617513s ago: executing program 7 (id=1917):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0xfffffffffffffffd, 0x2, 0x5, 0x0, 0x4002004c5, 0x1000, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2], 0x8080000, 0x1144})
r3 = syz_open_dev$sg(&(0x7f00000002c0), 0xe6, 0x2602)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x380000f, 0x11, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m6.574827927s ago: executing program 7 (id=1927):
unshare(0x22020600)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000000)=@gcm_128={{0x303}, "bd88818314ff7d84", "25c700", "000400", "ed2249a07868835a"}, 0x28)
ppoll(&(0x7f0000000080)=[{r0, 0x9085}], 0x1, 0x0, 0x0, 0x0)

1m5.86485962s ago: executing program 38 (id=1927):
unshare(0x22020600)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000000)=@gcm_128={{0x303}, "bd88818314ff7d84", "25c700", "000400", "ed2249a07868835a"}, 0x28)
ppoll(&(0x7f0000000080)=[{r0, 0x9085}], 0x1, 0x0, 0x0, 0x0)

17.845234402s ago: executing program 0 (id=2058):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_clone(0x200000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x5a)
r1 = accept4(r0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
sendmsg$NFC_CMD_DISABLE_SE(0xffffffffffffffff, 0x0, 0x200080c0)
write(r1, &(0x7f0000000040)="cb", 0xfffffdef)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)

17.020257992s ago: executing program 5 (id=2060):
syz_mount_image$udf(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f0000000680), 0x1, 0x5c1, &(0x7f00000006c0)="$eJzs3U9onGkdB/Df82YmmWS722m7trtrhQHddeliyR93tyFFqYkBoZjQNB72IMZm2h02f2qSru0isngSvImCXlwRBPEfCl70JHrYmwgeRfC0HrxkRfAklffNTGaSjjaYTNO0nw+088wzv3ne530Phe887/s0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICIT3360vBIOuxZAAAAAL302bkrw6PyPwAAADzSrlr/BwAAAAAAAICjLkUW34gU3/nHZjpWvN9SudxYuXV7fmq6+9cGU/HNvqI+/1MZGR37+MuvvHqh9fq/v3/Qno2ZuauXapOryzfX6uvr9cXa/Erj2upifc8j7Pf7u50rLkBt+Y1bi9evr9dGz4/t+Ph29b2BJ05XJy7MlGZbtfNT09NzHTWl8v999Hu4wwMAAODx1h9ZfC1SvPjtn6cnIyKL/Wfh+/x20GuDUc3zd3ES81PTxYksNRZWNvIPZ1tBuLozE/e3MvIDyOL78v2Ik/lc+yV6AAAA9q4cWXwiUrz2l830VET0tXLwS8XGgPcfoPoAJtlFPs+zEVGLI5DZAQAA4JANRBZ/ihTv/7oax/PM3Mr/wxEXD3tyAAAAwIEoRRavRop/TmymanE/QEScm5+arl3+XO0zK9dXO2pnU3NF/ag/H/AguTcBAACAh0AlsniyWPHfTCcOezIAAABATwxGFm9Gincm3yz2lYtiX/rjE+P9Y2OdO8yduc84ee35iDi1x2fyy829BmfTbErZwZ8XAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj5dKyuLzkeK7v6wU72sRUcobf71797DnBgAAAByQlMW3IsWVy5spRcTt6nsDT5yuTlyYKc32RV/kfamzfmbu6qXa5OryzbX6+np9sTa/0ri2uljf6+Eqlxsrt27PT0335GTua7DH8x+sTK7evLPWuPH6RtfPhyqXvri+sbZwrfvHMRi1iKyz51wx4fmp6WLSS42FleKrs2mvMwYAAICIcsribqR44fkfpe3cWU15Bi1tvenbrv3hxXY2rezOn8XvBk8VvxtstY9PjJdHP9rZ7hpZzxWBOg+403Md3aXyvaX5MVPKYiNS/P6bzxRzSTEU92Tm2Kr7Q6S4uHq2WZf1R3X7pPJmPuL1xlJ9OK+djBS/WmrVRlE70Kw91a4dyWt/m4+7sLO20qx9ul07mtf+O1K8vta99gPt2rG89kuR4ifv1Fq1Q3ntsWbt6Xbt+WurS4vdLiUAAAAAAAAAj69yyuKPkeLLL9VSa228tLX+fO/6/1fazwK8vXug/7Lmv9/1/2pH39vNdf2BSPGR3z3TnOdQUdRt/X8mUjx74mzrfIq199ZtBSeKv9vr/+9HirXXdtb2N2tPtmtH9nxhAQAA4CGS5/8PRoqvv/ub7Vvumxm4+bZ7/n+utGugHuX/Ex19+THX77z1xsLSUn1NQ0NDY7ux/38LAQDgUZfn/+9FispP/7y93t3M/81Hz9v5/19fbef/id0D9Sj/n+zom2juRVguRVQ2lm+Wz0RU1u+89bHG8sKN+o36ysj4+IXRl8fGh18p97cW99utfV8rAAAAOKry/H8lUvzs7z/e3u9uL+v/Q7sH6lH+P9XRlx+zvei371MHAACAx0ae/38QKd597hfb+9LvzP/t1J7n/9Zz9i9+eOt1+9eBHuX/pzv6qs3jDh7MqQMAAAAAAAAAAAAAAAAAAMBDo5yyeCFSPP+3Umpu+L+n/f8Wdw/Uo+f/T3f0LcaD+f//9n1RAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEdSFlk0IsWHzmymT+YdX4g41vkKAAAAHHn/CQAA//8EVx+e")
userfaultfd(0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0x34}, [@ldst={0x6, 0x0, 0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x48)
mknodat(0xffffffffffffff9c, 0x0, 0x1000, 0x103)

14.831013212s ago: executing program 5 (id=2062):
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x208008de, &(0x7f0000001b80)=ANY=[], 0x1, 0x1503, &(0x7f0000000580)="$eJzs3AuYj1XXMPC99t43Y5L+TXIY9trr5p8G2yRJDgk5JEmSJDklJCZJEhJDTklDEnKcJIchJIdpTBrn8yHnpMkjTZKE5BT2d+np/Tzv0/O+fe9X3+e93lm/69qXvdz/tf7rnjXX3Pf9v66Z73uOqtu8Xq2mRCT+FPj7P8lCiBghxDAhxA1CiEAIUTGuYtyV4/kUJP+5N2F/rUfTrnUH7Fri+eduPP/cjeefu/H8czeef+7G88/deP65G8+fsdxs+5yiN/LKvYs//8/N+Pr/P0hOuclfbyx3c6//QgrPP3fj+eduPP/cjeefu/H8czee//98Nf+TYzz/3I3nz1hudq0/f+Z1bde1/v5jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZY7nPNXaSHEv+2vdV+MMcYYY4wxxhj76/i817oDxhhjjDHGGGOM/b8HQgoltAhEHpFXxIh8IlZcJ/KL60UBcYOIiBtFnLhJFBQ3i0KisCgiiop4UUwUF0agsIJEKEqIkiIqbhGlxK0iQZQWZURZ4UQ5kShuE+XF7aKCuENUFHeKSuIuUVlUEVVFNXG3qC7uETVETVFL3Ctqizqirqgn7hP1xf2igXhANBQPikbiIdFYPCyaiEdEU/GoaCYeE83F46KFeEK0FK1Ea9FGtP2/yn9Z9BWviH6iv0gWA8RA8aoYJAaLIWKoGCZeE8PF62KEeEOkiJFilHhTjBZviTHibTFWjBPjxTtigpgoJonJYoqYKlLFu2KaeE9MF++LGWKmmCVmizQxR8wVH4h5Yr5YID4UC8VHYpFYLJaIpSJdfCwyxDKRKT4Ry8WnIkusECvFKrFarBFrxTqxXmwQG8UmsVlsEVvFNrFdfCZ2iJ1il9gt9oi9Yp/4XOwXX4gD4kuRLb76L+af/af8XiBAgAQJGjTkgTwQAzEQC7GQH/JDASgAEYhAHMRBQSgIhaAQFIEiEA/xUByKAwICAUEJKAFRiEIpKAUJkABloAw4cJAIiVAebocKUAEqQkWoBJWgMlSBKlANqkF1qA41oAbUglpQG2pDXagL98F9cD80gAbQEBpCI2gEjaExNIEm0BSaQjNoBs2hObSAFtASWkJraA1toS20g3bQHtpDR+gInaATdIbOkARJ0BW6QjfoBt2hO/SAHtATekIv6A294WV4GV6BV6A/1JYDYCAMhEEwCIbAUBgKr8FweB1ehzcgBUbCKHgT3oS3YAycgbEwDsbDeKguJ8IkmAwkp0IqpMI0mAbTYTrMgJkwE2ZDGsyBuTAX5sF8mA8fwkL4CD6CxbAYlkI6pEMGLINMyITlcBayYAWshFWwGtbAalgH62EdbIRNsBG2wBbYBtvgM/gMdsJO2A27YS/shc/hc/gCvoAUyIZsOAgH4RAcgsNwGHIgB47AETgKR+EYHIPjcBxOwEk4BSfhNJyGM3AWzsE5uAAX4CK8GP9ts72lN6QIeYWWWuaReWSMjJGxMlbml/llAVlARmRExsk4WVAWlIVkIVlEFpHxMl4Wl8UlSpQkQ1lClogRQshSspRMkAmyjCwjnXQyUSbK8rK8rCAryIryTllJ3iUryyqyg6smq8nqsqOrIWvKWrKWrC3ryLqynqwn68v6soFsIBvKhrKRbCQby4dlEzkAhsCj8spkmsuR0EKOgpaylWwt28i34EnZTo6B9rKD7CifluNgLHSW7VySfFZ2lZOgm3xeToYXZA85FXrKl2Qv2Vv2kS/LvrK96yf7yxkwQA6Us2GQHCyHyKFyHtSRVyZWV74hU+RIOUq+KZfCW3KMfFuOlePkePmOnCAnyklyspwip8pU+a6cJt+T0+X7coacKWfJ2TJNzpFz5QdynpwvF8gP5UL5kVwkF8slcqlMlx/LDLlMZspP5HL5qcySK+RKuUqulmvkWrlOrpcb5Ea5SW6WW+RWuU1ul5/JHXKn3CV3yz1yr9wnP5f75RfygPxSZsuv5EH5N3lIfi0Py29kjvxWHpHfyaPye3lM/iCPyx/lCXlSnpI/ydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaDyqLwqRuVTseo6lV9drwqoG1RE3aji1E2qoLpZFVKFVRFVVMWrYqq4MgqVVaRCVUKVVFF1iyqlblUJqrQqo8oqp8qpRHWbKq9uVxXUHaqiulNVUnepyqqKqqqqqbtVdXWPqqFqqlrqXlVb1VF1VT11n6qv7lcN1AOqoXpQNVIPqcbqYdVEPaKaqkdVM/WYaq4eVy3UE6qlaqVaqzaqrXpStVNPqfaqg+qonlad1DOqs+qiktSzqqt6TnVTz6vu6gXVQ72oeqqXVC/VW/VRl9Rl5VU/1V8lqwFqoHpVDVKD1RA1VA1Tr6nh6nU1Qr2hUtRINUq9qUart9QY9bYaq8ap8eodNUFNVJPUZDVFTVWp6l01Tb2npqv31Qw1U81Ss1WamqOG/FZpwT/lD/jtqvuP+e/9i/wRv777NrVdfaZ2qJ1ql9qt9qi9ap/ap/ar/eqAOqCyVbY6qA6qQ+qQOqwOqxyVo46oI+qoOqqOqWPquDquTqiT6rz6SZ1WP6sz6qw6q86rC+qCuvjb10Bo0FIrrXWg8+i8Okbn07H6Op1fX68L6Bt0RN+o4/RNuqC+WRfShXURXVTH62K6uDYatdWkQ11Cl9RRfYsupW/VCbq0LqPLaqfL6UR925/O/6P+2uq2up1up9vr9rqj7qg76U66s+6sk3SS7qq76m66m+6uu+seuofuqXvqXrqX7qP76L66r+6n++lknawH6lf1ID1YD9FD9TD9mh6uh+sReoRO0Sl6lB6lR+vReoweo8fqsXq8Hq8n6Al6kp6kp+gpOlWn6ml6mp6up+sZeoaepWfpNJ2m5+q5ep6epxfoBXqhXqgX6UV6iV6i03W6ztAZOlNn6uV6uc7SK/QKvUqv0mv0Gr1Or9Mb9Aa9SW/SW/QWnaW36+16h96hd+ldeo/eo/fpfXq/3q8P6AM6W2frg/qgPqQP6cP6sM7ROfqIPqKP6qP6mD424Lg+rk/oE/qUPqVP69P6jD6jz+lz+oK+oC/qi/qyvnzlti+QgQx0oIM8QZ4gJogJYoPYIH+QPygQFAgiQSSIC+KCgsHNQaGgcFAkKBrEB8WC4oEJMLABBWFQIigZRINbglLBrUFCUDooE5QNXFAuSAxuC8oHtwcVgjuCisGdQaXgrqByUCWoGlQL7g6qB/cENYKaQa3g3qB2UCeoG9QL7gvqB/cHDYIHgobBg0Gj4KGgcfBw0CR4JGgaPBo0Cx4LmgePBy2CJ4KWQaugddAmaPuX1vf+TOGnXD/T3ySbAWagedUMMoPNEDPUDDOvmeHmdTPCvGFSzEgzyrxpRpu3zBjzthlrxpnx5h0zwUw0k8xkM8VMNanmXTPNvGemm/fNDDPTzDKzTZqZY+aaD8w8M98sMB+aheYjs8gsNkvMUpNuPjYZZpnJNJ+Y5eZTk2VWmJVmlVlt1py/UQiz3mwwG80ms9lsMVvNNrPdfGZ2mJ1ml9lt9pi9Zp/53Ow3X5gD5kuTbb4yB83fzCHztTlsvjE55ltzxHxnjprvzTHzgzlufjQnzElzyvxkTpufzRlz1pwz580F84u5aC6Zy8Zfubm/cnlHjRrzYB6MwRiMxVjMj/mxABbACEYwDuOwIBbEQlgIi2ARjMd4LI7F8QpCwhJYAqMYxVJYChMwActgGXToMBETsTyWxwpYAStiRayElbAyVsaqWBXvxrvxHrwHa2JNvBfvxTpYB+thPayP9bEBNsCG2BAbYSNsjI2xCTbBptgUm2EzbI7NsQW2wJbYEltja2yLbbEdtsP22B47YkfshJ2wM3bGJEzCrtgVu2E37I7dsQf2wJ7YE3thL+yDfbAv9sV+2A+TMRkH4kAchINwCA7BYTgMh+NwHIEjMAVTcBSOwtE4GsfgGByL43A8voMTcCJOwsk4BadiKqbiNJyG03E6zsAZOAtnYRqm4Vyci/NwHi7ABbgQF+IiXIRLcAmmYzpmYAZmYiYux+WYhVm4ElfialyNa3Etrsf1uBE34mbcjFtxK27H7bgDd+Au3IV7cA/uw324H/fjATyA2ZiNB/EgHsJDeBgPYw7m4BE8gkfxKB7DY3gcj+MJPIGn8BSextN4Bs/gOTyHF/AXvIiX8DJ6jLFSxNrrbH57vS1gb7AxNp/9x7iILWrjbTFb3BpbyBb+dzFaaxNsaVvGlrXOlrOJ9rbfxZVtFVvVVrN32+r2Hlvjd3F9e79tYB+wDe2Dtp6977c4769xI/uQbWwft03sE7apbWWb2Ta2uX3ctrBP2Ja2lW1t29hO9hnb2XaxSfZZ29U+97s4wy6z6+0Gu9FusvvtF/acPW+P2u/tBfuL7Wf722H2NTvcvm5H2Ddsih35u3i8fcdOsBPtJDvZTrFTfxfPsrNtmp1j59oP7Dw7/3dxuv3YLrSZdpFdbJfYpb/GV3rKtJ/Y5fZTm2VX2JV2lV1t19i1dt3/7nWV3WK32m12n/3c7rA77S672+6xe3+Nr5zHAfulzbZf2SP2O3vIfm0P22M2x377a3zl/I7ZH+xx+6M9YU/aU/Yne9r+bM/Ys7+e/5Vz/8lespett4KAJCnSFFAeyksxlI9i6TrKT9dTAbqBInQjxdFNVJBupkJUmIpQUYqnYlScDCFZIgqpBJWkKN1CpehWSqDSVIbKkqNylEi3UXm6nSrQHVSR7qRKdBdVpipUlarR3VSd7qEaVJNq0b1Um+pQXapH91F9up8a0APUkB6kRvQQNaaHqQk9Qk3pUWpGj1Fzepxa0BPUklpRa2pDbelJakdPUXvqQB3paepEz1Bn6kJJ9Cx1peeoGz1P3ekF6kEvUk96iXpRb+pDL1NfeoX6UX9KpgE0kF6lQTSYhtBQGkav0XB6nUbQG5RCI2kUvUmj6S0aQ2/TWBpH4+kdmkATaRJNpik0lVLpXTqb3qXIlXu9GTSTZtFsSqM5NJc+oHk0nxbQh7SQPqJFtJiW0FJKp48pg5ZRJn1Cy+lTyqIVtJJW0WpaQ2tpHa2nDbSRNtFm2kJbaRttp89oB+2kXbSb9tBe2kef0376gg7Ql5RNX9FB+hsdoq/pMH1DOfQtHaHv6Ch9T8foBzpOP9IJOkmn6Cc6TT/TGTpL5+g8XaBf6CJdosvkSYQQylCFOgzCPGHeMCbMF8aG14X5w+vDAuENYSS8MYwLbwoLhjeHhcLCYZGwaBgfFguLhybE0IYUhmGJsGQYDW8JS4W3hglh6bBMWDZ0YbkwMbwtLB/eHlYI7wgrhneGlcK7wsphlfDxB6uFd4fVw3vCGmHNsFZ4b1g7rBPWDeuF94X1w/vDBuEDYcPwwbBC+FDYOHw4bBI+EjYNHw2bhY+FzcPHwxbhE2HLsFXYOmwTtg2fDNuFT4Xtww5hx/DpsFP4TNg57BImhc+GXcPn/vB4cjggHBi+Gr4aev+AWhJdGk2PfhzNiC6LZkY/iS6PfhrNiq6Iroyuiq6Oromuja6Lro9uiG6Mbopujm6Jbo1ui3pfL69w4KRTTrvA5XF5XYzL52LddS6/u94VcDe4iLvRxbmbXEF3syvkCrsirqiLd8VccWccOuvIha6EK+mi7hZXyt3qElxpV8aVdc6Vc4mujWvr2rp27inX3nVwHd3T7mn3jHvGdXFd3LOuq3vOdXPPu+7uBdfDvehedC+5Xq636+Nedn3dK66f6++SXbIb6Aa6QW6QG+KGuGFumBvuhrsRboRLcSlulBvlRrvRbowb48a6sW68G+8muAlukpvkprgpLtWlumlumpvuprsZboab5Wa5NJfm5rq5bp6b5xa4BW5hwkK3yC1yS9wSl+7SXYbLcJku0y13y12Wy3Ir3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt8vtcnvcHrfP7XP73X53wB1w2S7bHXQH3SF3yB1237gc96074r5zR9337pj7wR13P7oT7qQ75X5yp93P7ow768658+6C+8VddJfcZeddauTdyLTIe5HpkfcjMyIzI7MisyNpkTmRuZEPIvMi8yMLIh9GFkY+iiyKLI4siSyNpEc+jmRElkUyI59Elkc+jWRFVkRWRlZFVkfWRLwvtiP0JXxJH/W3+FL+Vp/gS/syvqx3vpxP9Lf58v52X8Hf4Sv6O30lf5ev7Kv4qv4J39K38q19G9/WP+nb+ad8e9/Bd/RP+07+Gd/Zd/FJ/lnf1T/nu/nnfXf/gu/hX/Q9/Uu+l+/t+/iXfV//iu/n+/tkP8AP9K/6QX6wH+KH+mH+NT/cv+5H+Dd8ih/pR/k3/Wj/lh/j3/Zj/Tg/3r/jJ/iJfpKf7Kf4qT7Vv+un+ff8dP++n+Fn+ll+tk/zc/xc/4Gf5+f7Bf5Dv9B/5Bf5xX6JX+rT/cc+wy/zmf4Tv9x/6rP8Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/Wd+h9/pd/ndfo/f6/f5z/1+/4U/4L/02f4rf9D/zR/yX/vD/huf47/1R/x3/qj/3h/zP/jj/kd/wp/0p/xP/rT/2Z/xZ/05f95f8L/4i/6Sv8y/s8YYY4wx9n9E/cHxAf/i/+Rv64qBQojrdxbN+eeamwv9fT9YxneKCCGe7d/z0X9btWsnJyf/9tosJYKSi4UQkav5ecTVeIXoKJ4RSaKDKP8v+xsse1+gP6gfvVOI2KuVfxUr/rn+7f9B/SefHp9RKTwX95/UXyxEQsmrOfnE1fhq/Qr/Qf3C7f6g/3xfpwrR/h9y8our8dX6ieIp8ZxI+nevZIwxxhhjjDHG/m6wrNr9j56frzyfx+urOXnF1fiPns8ZY4wxxhhjjDF27b3Qu0+XJ5OSOnTnzZ/Y1Pjv0QZvePOXba71TybGGGOMMcbYX+3qTf+17oQxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMu9/n/8ObFrfY6MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYtfa/AgAA///mJjhh")
chdir(&(0x7f00000001c0)='./file0\x00')
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
mknod$loop(&(0x7f0000000500)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, 0x1)
open(&(0x7f0000000080)='./file1\x00', 0x101c41, 0xa8)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x175)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x185)
rename(&(0x7f0000006200)='./file1\x00', &(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

14.010113162s ago: executing program 0 (id=2065):
read$usbfs(0xffffffffffffffff, &(0x7f00000015c0)=""/235, 0xeb)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x24020000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x2a05404, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000040)='.\x00', 0x2)

11.396551988s ago: executing program 5 (id=2068):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
ptrace$ARCH_MAP_VDSO_64(0x1e, r1, 0x2, 0x2003)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
splice(r0, 0x0, r3, 0x0, 0xf, 0x8)
pipe2$9p(&(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
tee(r2, r5, 0x4e, 0x0)
write$binfmt_script(r5, &(0x7f0000000800)={'#! ', './file0'}, 0xb)
tee(r4, r3, 0x9, 0x8)
syz_emit_ethernet(0x42, &(0x7f0000000040)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010700", 0xc, 0x11, 0x0, @private1, @mcast2, {[], {0x0, 0xe22, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}}, 0x0)

11.257789966s ago: executing program 0 (id=2070):
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
add_key$keyring(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xffffffffffffffff)
fanotify_init(0x0, 0x0)
r1 = memfd_secret(0x80000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r1, 0x0)
ftruncate(r1, 0x51a9497)
r2 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r2, 0xc018aa3f, 0x0)
readv(r2, &(0x7f00000002c0)=[{&(0x7f0000000400)=""/224, 0x20}], 0x1000000000000108)

10.992409932s ago: executing program 0 (id=2071):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mremap(&(0x7f00007ff000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000580000/0x4000)=nil)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r3, &(0x7f0000000100)={{0x3, @default, 0x5}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r3, 0x0, 0x0)

9.840402551s ago: executing program 0 (id=2072):
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
splice(r1, 0x0, r0, 0x0, 0x401, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000001000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000180)={[{@errors_remount}]}, 0xfe, 0x274, &(0x7f0000000980)="$eJzs3b9rJGUcB+Dv7I/EmBCiNjaKICIaCLEQBBttFAISRERQISJiJYkQkzZrZWNhr5LKJoid0VJswjX3B+TuUuSaa8IVF+7grthjdnaPzWaT7GV3Z46b54HdmXf3fed9F+bzzgQyMwGU1lxEvBcR1YiYj4h6RCTdFV7JXnPt4vbU3kpEs/nJ7aRVLytnOu2mI6IREe9E1Drfbe5+cXh3/8PXf96ov/bH7udTef2+bkeHBx8d/778099Lb21W2p/NtJfdv2OUkj6f1ZKI58fR2RMiqRU9Agbz17U09y9ExKut/Nej0o7sL+sT/9fjzd/6t5s4znecwDg0m/X0GNhoAqVTaZ0DJ5WFiMjWK5WFhewc/no1ie/W1n+Y/3ZtY/WbomcqYASSRvZ378EH/07+M92T/1vVLP8DeXvMIwXGIs3/px/v3EjXj6tFjwbIxUvZIs3//Fdbb4T8Q+nIP5SX/EN5yT88Bc7L7uTZX8k/lJf8Q3kNmv9GjmMCRqTeWemf4OGP//fa/0F4+SECeZttvTv/h/LqyX8h1+MCxejOPwBQLs3Jgi9ABgpT9PwDAAAAAAAAAAAAAAAAAACctj21t9J55dXnlV8jjt6PiNrJ/rPHFlRbzyOOeKb1/uydJK32SJI1G8qXQ7Yf1p8jvvp6+ZznPfQze3O0/T+uqy+PZ7s/niyeeW+7rdWIRlp5sVY7vf8n7f3vQmdu/7kLGta/HqyDUUl6yu9+lm//vR7sFNv/0n7Ef+n8s9hv/qvEi61l//lnpvsWy5f0/f0hNwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBuHgYAAP//LMRxVQ==")
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x9)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x5, 0x0, 0x2f)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
setxattr$system_posix_acl(0x0, 0x0, &(0x7f0000000100)=ANY=[], 0x2c, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x20080, 0x51)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000080)={0x8})
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
socket$unix(0x1, 0x1, 0x0)
link(&(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1acd060, 0x0, 0xfc, 0x0, &(0x7f00000000c0))

9.69438992s ago: executing program 5 (id=2074):
socket(0x1, 0x5, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
close(r4)

7.531029859s ago: executing program 5 (id=2075):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002040)='environ\x00')
readv(r0, &(0x7f00000001c0)=[{&(0x7f0000000000)=""/195, 0xc3}], 0x1)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x400, 0x0)
ioctl$TIOCGSID(r1, 0x5429, 0x0)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000080)={0x7f, 0x80fc, 0x7ffe, 0x7fff, 0x3db, 0x5})
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/mdstat\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300), 0x0)
ppoll(&(0x7f0000000140)=[{r2, 0x2000}], 0x1, 0x0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14010801000000000000000000000000030000020800094000000000080004400000000c6000018006000340000100002c00018014000300fc02000000000000000000000000000014000400fc0000000000000000000000000000011400018008000100ac14140808000200640101001400018008000100ac1414aa08000200e000000108000440000000800600074000040000440001800c00028005000100110000000c000280050001005300000014000180080001007f00000108000200000000000c000280050001000600000006000340000100000c00018006000340000100002400038014000180080001000000000108000200ac1e01010c000280050001003a0000000c000a800800014000000000"], 0x114}, 0x1, 0x0, 0x0, 0x40}, 0x484)
r3 = dup2(r0, r1)
ioctl$KVM_GET_CLOCK(r3, 0x8030ae7c, &(0x7f00000002c0))
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000500)={0x14, 0x3, 0x2, 0x801, 0x0, 0x0, {0x1, 0x0, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x2008880}, 0x0)
mkdir(&(0x7f0000000840)='./file0\x00', 0x145)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='noswap,huge=w'])

7.481196912s ago: executing program 0 (id=2077):
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x9)
socket(0x10, 0x803, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32=r1, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r2, @ANYRES32=r2], 0x44}}, 0x2000800)

5.141901052s ago: executing program 1 (id=2082):
socket$inet_udp(0x2, 0x2, 0x0)
pipe2$9p(&(0x7f0000000600), 0x4080)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$kcm(0x21, 0x0, 0x2)
sched_setattr(0x0, 0x0, 0x0)
open$dir(0x0, 0x1, 0x19d)
r1 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r1, 0x4020565a, &(0x7f0000000100)={0x3, 0x980900})
r2 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, 0x0)
r3 = epoll_create(0xff)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000000)={0x80000002})
ioctl$VIDIOC_QUERYMENU(r2, 0xc008561c, &(0x7f00000001c0)={0x980900, 0xffffffef, @value=0x9})

4.922978475s ago: executing program 1 (id=2083):
syz_io_uring_setup(0x0, &(0x7f0000002e80)={0x0, 0xcee3, 0x4000, 0x2, 0x35f}, &(0x7f0000002f00), 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000500)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket(0xa, 0x3, 0xff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)

3.439863344s ago: executing program 9 (id=2085):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x1)
io_setup(0x5, &(0x7f0000000300)=<r1=>0x0)
r2 = eventfd2(0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000fed000/0x13000)=nil, &(0x7f0000ff5000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000fe9000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
ioctl$TIOCSPTLCK(0xffffffffffffffff, 0x40045431, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r3 = io_uring_setup(0x4ff1, &(0x7f0000000040)={0x0, 0x835c, 0xf000, 0x20000a, 0x20002f3})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0x9, 0xe}, {0xe, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x400c1}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)
io_submit(r1, 0x1, &(0x7f0000000280)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1, r2}])
shutdown(r0, 0x0)

3.377037568s ago: executing program 1 (id=2086):
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x3ab5f6d68bd1273a)
open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x60009c0e, 0x10100}, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0xfffffffc}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000100000000000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bca2000000000000a6020000f8ffffffb703000018000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r0}, &(0x7f0000000280), &(0x7f0000000340)=r1}, 0x20)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r1, r3, 0x25, 0x0, @val=@iter={0x0}}, 0x20)
syz_emit_ethernet(0x4a, &(0x7f0000000b00)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x9, 0x6, '\x00', 0x14, 0x6, 0xff, @dev={0xfe, 0x80, '\x00', 0x39}, @local, {[], {{0x4e22, 0x4e24, 0x41424344, 0x41424344, 0x1, 0x0, 0x5, 0xc2, 0x7, 0x0, 0x3}}}}}}}, 0x0)

2.991048521s ago: executing program 1 (id=2087):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x3, 0x0, 0x5})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e21, 0x5, @loopback, 0x4}, 0x1c)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x3048001, &(0x7f0000000600)={[{@noinit_itable}, {@errors_remount}]}, 0x41, 0x4d0, &(0x7f0000000640)="$eJzs3VFrHFsdAPD/TLL3pr25bq7Xh3sL1mIradHuJo1tgw9tBdGnglrfY0w2IWSTDcmmbUKRFD+AIKKCTz75IvgBBOlHEKGg76JFEW31wQd1ZWdna5rsplvc7HqT3w9O55w5s/n/z8LO7NmZzgRwal2IiDsRMRIRVyKimK9P8zLXbOy1tnvx/NFCsyTRaNz7SxJJvq79t5J8+U7rJTEWEV//SsS3kk6Rd1fnq9XKZt4q19c2yls7u1dX1uaXK8uV9ZmZ6RuzN2evz071Ppi0e9dERNz60rMffPenX771y889+N3cny5/u5nWeN6/fxz91Bp6IXsv2kYjYvM4gg3JaDZCAAA+Ct6PiI9HxKez7//FGMm+zQEAAAAnSeP2ePwziWgAAAAAJ1aaXQObpKX88tnxSNNSqXUN7yfibFqtbdU/u1TbXl9s9U9EIV1aqVam8muFJ6KQNNvT+TW27fa1A+2ZiHgvIr5fPJO1Swu16uKwf/wAAACAU+KdA/P/vxdb8/8DNoaSHAAAANA/E8NOAAAAADh25v8AAABw8pn/AwAAwIn21bt3m6XRfv714v2d7dXa/auLla3V0tr2QmmhtrlRWq7VlrN79q297u9Va7WNz8f69sNyvbJVL2/t7M6t1bbX63MrrzwCGwAAABig9z715LdJROx94UxWmj4cdlLAQKRvsvEfji8PYPBGhp0AMDSjR/QlA8wDGLzCsBMAhu51x/qPdev4Vf9zAQAAjsfkh4fP/xeHnRQwEG90/h8AOBGOOv8PnGwFVwDCqdf1/H6u6807Dp3/v91lw0bjjZMCAAD6ajwrSVrKzwWOR5qWShHvZo8FKCRLK9XKVD4/+E2x8HazPZ29MvH/gwAAAAAAAAAAAAAAAAAAAAAAAACgR41GEg0AAADgRItI/5hkd/OPmCxeGj/4+8BbyT+K2TIiHvz43g8fztfrm9PN9X99ub7+o3z9tWH8ggEAAACnxLPen8TXnqe35/EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0E8vnj9aaJdBxv3zFyNiolP80RjLlmNRiIizf0tidN/rkogY6UP8vccR8UGn+EkzrZjIs+gU/8zA4yd9iAi0PWnuf+50+vylcSFbdv78j+blf9V9/5e+3P+NdNn/vNtjjHNPf17uGv9xxLnRzvufdvwki3Y4/sUe43/zG7u7+5pv7+9r/CRisuPxJ3klVrm+tlHe2tm9urI2v1xZrqzPzEzfmL05e312qry0Uq3k/3aM/71P/uLfR43/bJf4Ey/H3/n9v9Tj+P/19OHz91vVQqf4ly92Pv5+0CV+mh/7PpPXm/2T7fpeq77f+Z/9+vxR41/sMv6x14z/co/jv/K17/y+x00BgAHY2tldna9WK5sqKkOovBX/F2moHKoMe88EAAD023+/9A87EwAAAAAAAAAAAAAAAAAAADi9BnE7sYMx94YzVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAI/0nAAD//1Sb0+w=")
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40015}, 0x44080)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x2, 0x2, 0x0, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0xb3, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.990642091s ago: executing program 9 (id=2088):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @broadcast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x4d, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001740)=@newqdisc={0x838, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdf8, {0x0, 0x0, 0x0, r5, {0x10}, {}, {0xa, 0x3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x80c, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x1, 0x1, 0x9, 0x8000, 0x3, 0x5, 0x5, 0xb762, 0x6, 0x7, 0x8, 0xf, 0x2, 0x80000001, 0x400, 0x7fc, 0xffff8000, 0x6, 0x401, 0x9, 0xb89, 0xffffe4f5, 0xd6, 0x4, 0xffff, 0x7, 0x0, 0x2, 0x101, 0x1, 0xfffffffc, 0x4, 0x1, 0x1, 0x9, 0xc, 0x20001000, 0x4, 0x2, 0x7, 0x4, 0x99, 0x9, 0x5, 0x6, 0x7, 0xfffffff7, 0x1, 0x2, 0x9, 0x9, 0x44, 0x8, 0x8, 0x1, 0x4, 0x7ff, 0x8, 0x7, 0x80000001, 0x400, 0x8, 0xfffffa72, 0xcd, 0xffffff80, 0x80000000, 0xc, 0x4, 0x65, 0x91, 0x659, 0x9, 0xf, 0x9, 0xc28, 0x9, 0x7, 0x3, 0x401, 0x3, 0x2, 0xfffffffa, 0x1, 0x10001, 0x3, 0x1, 0x4, 0x8, 0x8, 0x7, 0x1, 0x1, 0x1, 0x7, 0x40, 0x7, 0x12, 0x8000, 0x1, 0x4dc, 0x80, 0x3, 0x7fffffff, 0xff, 0x9, 0xa7, 0xf, 0x2, 0x0, 0x3, 0x1000, 0x4, 0x401, 0x7, 0x80000000, 0xffff, 0x6, 0x5, 0x4, 0xffffffff, 0x80000000, 0x1966f9ab, 0x200, 0x20200, 0xed5, 0xfffffc00, 0x6, 0x4, 0x8, 0x485e, 0xa85, 0x80100040, 0x2, 0x7, 0x7, 0x102, 0x2d5421e8, 0x7, 0x10000, 0xffffffff, 0x6, 0x80000000, 0xf04, 0x0, 0x2, 0x5, 0xfffffc00, 0x5, 0x8d, 0x4, 0x401, 0x4, 0x9, 0x3, 0xfffffffb, 0x1, 0x0, 0x0, 0x2, 0x5, 0x8, 0x3, 0x0, 0x800, 0x2, 0x8, 0x7ff, 0x1, 0x9, 0x6, 0x5, 0x5, 0x4d15, 0x1ff, 0xfffff060, 0x3, 0x469, 0x3, 0x0, 0x200, 0x10000005, 0x7, 0x1, 0x8, 0x42ba, 0x4, 0x9, 0x3, 0x8, 0x8, 0x53, 0x6, 0x4, 0x400, 0x8000, 0x0, 0x2c310b18, 0xfff, 0x0, 0x3, 0xcd34, 0x9, 0x81, 0xdf3, 0x2, 0x7, 0x8, 0xfff, 0x1ff, 0x8000, 0x3, 0x8, 0x3, 0x9, 0x9a6, 0xe4cb, 0x402, 0x1, 0x1ff, 0x3e, 0x9b4, 0x1, 0x8, 0x0, 0x8, 0x0, 0x9, 0x0, 0x4, 0x10, 0x901, 0x5, 0x2, 0x7b, 0xfffffeff, 0x106, 0x6, 0xc, 0x1000, 0x9, 0x9, 0xe6, 0xab, 0x400, 0x7fffffff, 0xed, 0x7ff, 0xd83, 0x68, 0x80000001, 0x4, 0x1, 0x6, 0x200, 0x2]}, @TCA_TBF_PTAB={0x404, 0x3, [0x8, 0x4, 0x0, 0x400, 0x0, 0x3, 0x5, 0x10000, 0x7, 0x4, 0x81, 0x0, 0x8, 0x0, 0x9, 0x5, 0xc0000, 0x8001, 0x1, 0x2000, 0x1, 0x8da5, 0x1, 0x4, 0x2, 0x6, 0x58, 0x7, 0x6f, 0x8, 0x3, 0x4, 0x9, 0x1000, 0x4, 0x9, 0x6, 0x80000001, 0x3, 0x1, 0xd4, 0x100, 0xa, 0xfff, 0x8, 0x9, 0x7, 0x7fffffff, 0xf4b3, 0x1, 0x0, 0x8, 0x8, 0x6, 0xd815, 0xfffffff9, 0x2, 0x401, 0x9, 0x36, 0xf, 0x74, 0xbbc, 0x9, 0x0, 0x6, 0x8, 0x5, 0x6, 0xb, 0x5, 0x5, 0x4e3, 0x200, 0x0, 0x9, 0x8001, 0x2, 0x1000, 0x7fffffff, 0x46a3, 0x6, 0x2, 0x1dd50645, 0x401, 0x5, 0x101, 0xbf, 0x0, 0x9, 0x3, 0x65, 0xffffff13, 0x2, 0x30, 0x1a3f, 0x2, 0x389c, 0x4, 0x3, 0x3ff, 0x4, 0x4, 0x6, 0xf3bb, 0x1ff, 0x8, 0xf, 0xb, 0x401, 0x4, 0x1000, 0x1, 0x8, 0x1, 0x7ff, 0x7fff, 0x8, 0xd, 0x3ff, 0x4, 0x1, 0xffff, 0x7fff, 0x2, 0x9, 0x1, 0xfff, 0x0, 0xfffffffe, 0x4, 0x0, 0x101, 0x78f0, 0xf, 0x7, 0x0, 0x3, 0xf1c7, 0x100, 0x3, 0x4, 0xfffffffe, 0xffffff7f, 0x3, 0x8, 0x6, 0x6, 0x3, 0xa, 0xd0, 0x200, 0x0, 0x400, 0x9, 0x6, 0x132f, 0xaba3, 0x1, 0x3, 0x1, 0x5, 0x6f788000, 0xc, 0x1ff, 0x40, 0x8, 0x3, 0x2, 0x1, 0x0, 0x71, 0xb13, 0x4, 0xbc5, 0x0, 0x7, 0xffff, 0x100, 0x7b58, 0x1, 0x807, 0x1ff, 0x3, 0x400, 0x80000000, 0x1040, 0x3, 0xfffffffa, 0x9a5, 0x8, 0x5, 0x1, 0x9, 0x3, 0x9, 0x7, 0x3, 0x1, 0x101, 0x2, 0x6, 0x598f, 0x5, 0x8e, 0x0, 0xa, 0x9, 0x1000, 0x8, 0xd00f, 0x2, 0x1, 0x6, 0x2a, 0x7, 0x100, 0x24e, 0xbd, 0x2, 0x2800000, 0x807, 0x0, 0x401, 0x6, 0x2, 0x9, 0x7039, 0x4, 0x1, 0x9, 0x1, 0xb18, 0x2, 0xfffffffe, 0x26e, 0x6, 0x5c, 0x8, 0x100, 0x3ff, 0x1, 0x0, 0xb, 0x10000, 0x8, 0x6, 0x2, 0x6, 0x7, 0x2, 0x7ff, 0x1, 0x4, 0x8001, 0x3]}]}}]}, 0x838}, 0x1, 0x0, 0x0, 0x40098}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r7, &(0x7f0000000200)="2478546ca4fa3b0bfe4ddf30cc5a", 0xe, 0x4000050, &(0x7f00000001c0)={0x11, 0xf7, r6, 0x1, 0xd8, 0x6, @multicast}, 0x14)

2.780874384s ago: executing program 9 (id=2089):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x40, 0x0, 0xd0060)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket(0x2, 0x80805, 0x0)
r1 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r1, 0xc040565f, &(0x7f0000000940)={0xa, 0x100, 0x3, {0x8000, 0x6f2, 0x6, 0x2}})
ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000180)={0x2, @win={{0xc78e, 0xffffcaca, 0x5, 0x7}, 0x8, 0x5, 0x0, 0xfffffeff, 0x0, 0x5}})

2.66610948s ago: executing program 5 (id=2090):
setsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x3, 0x0, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001980)={0x18, 0x3, &(0x7f00000013c0)=@framed, &(0x7f0000001400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$OBJ_PIN_PROG(0x11, &(0x7f0000000240)=@generic={&(0x7f0000000000)='./file0\x00', r2}, 0x18)

2.478383232s ago: executing program 9 (id=2091):
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGSKNS(r0, 0x894c, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x19, 0x4, 0x8, 0x5}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r4, r2}, 0x14)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r3}, &(0x7f0000000380), &(0x7f0000000580)=r4}, 0x20)
syz_emit_ethernet(0x46, &(0x7f00000009c0)={@remote, @empty, @val={@void, {0x8100, 0x6, 0x0, 0x4}}, {@arp={0x806, @ether_ipv6={0x1, 0x86dd, 0x6, 0x10, 0x8, @broadcast, @private0={0xfc, 0x0, '\x00', 0x1}, @multicast, @remote}}}}, 0x0)

2.111076164s ago: executing program 1 (id=2092):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x40, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x40, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x3, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x5, 0x8}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x0, 0x1, {0x73, 0x4, 0x3}}}}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000880)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newqdisc={0x48, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xffffbddc, {0x0, 0x0, 0x0, r4, {0xffff}, {}, {0x2, 0x1}}, [@qdisc_kind_options=@q_cbq={{0x8}, {0x1c, 0x2, [@TCA_CBS_PARMS={0x18, 0x1, {0x81, '\x00', 0xfffff000, 0x31, 0x3, 0x581}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40098}, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r7, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r6, 0xc}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000180)="27030200590214000600002fb96d", 0xe}], 0x1}, 0x4)

2.042615198s ago: executing program 9 (id=2093):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000180)=0x10000000005)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x400000000001, 0x0, 0x1, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPVS_CMD_ZERO(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x18, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x4}]}, 0x18}}, 0x0)

379.093007ms ago: executing program 9 (id=2094):
syz_mount_image$ext4(&(0x7f0000000600)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@nodioread_nolock}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@mblk_io_submit}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x2e}, 0x84, 0x450, &(0x7f0000000dc0)="$eJzs289vFFUcAPDvzLYgv2xF/MEPtYrGxh8tLagcvGg04WJiogc81lIIslBDayKESDUGj4a/QD2a+Bd40otRTxqvejcmxHARPZgxszsDS7tbd7tbtrCfTzLtezNv973vzLzdN/N2AhhYY/mfJGJ7RPwaESP17M0Fxur/rl29MPv31QuzSWTZG38mtXJ/Xb0wWxYtX7etyIynEenHSextUu/CufOnZqrVubNFfnLx9LuTC+fOP3vy9MyJuRNzZ6YPHz50cOqF56ef60mcO/K27vlgft/uI29dfm326OW3f/gqb+/2YntjHHWjXdc5FmM378sGT3T97hvLjoZ0MtTHhtCRSkTkh2u41v9HohI3Dt5IvPpRXxsHrKssy7LNK9ZWysRSBtzBkuh3C4D+KL/o8+vfcrmFw4++u/JS/QIoj/tasdS3DEValBledn3bS2MRcXTpn8/yJZrehwAA6K1v8vHPM83Gf2nc31Du7mJuaDQi7omInRFxb0Tsioj7ImplH4iIBzusf2xZfuX45+ctawqsTfn478Vibuvm8V85+ovRSpHbUYt/ODl+sjp3oNgn4zG8Oc9PrVLHt6/88mmrbY3jv3zJ6y/HgkU7/hhadoPu2MziTDcxN7ryYcSeoWbxJ9fnrvL/uyNizxreP99nJ5/6cl+r7f8f/yp6MM+UfRHxZP34L8Wy+EvJ6vOTk3dFde7AZHlWrPTjT5deb1V/V/H3QH78tzY9/6/HP5o0ztcudF7Hpd8+aXlNs9bzf1PyZi29qVj3/szi4tmpiE3J0sr10zdeW+bL8nn84/ub9/+dEf9+Xrxub0TkJ/FDEfFwRDxStP3RiHgsIvavEv/3Lz/+ztrjX195/Mc6Ov6dJyqnvvu6Vf3tHf9DtdR4saadz792G9jNvgMAAIDbRVr7DXySTlxPp+nERP03/Ltia1qdX1h8+vj8e2eO1X8rPxrDaXmna6ThfuhUcW+4zE8vyx+s3TfOsizbUstPzM5X12tOHWjPthb9P/d7pd+tA9ZdR/NorZ5oA25LnteEwaX/w+DS/2Fw6f8wuJr1/4sR1/rQFOAW8/0Pg0v/h8Gl/8Pg0v9hIHXzXP9qiZ1H1uud77REZWM0o+NEpBuiGWtLpBujGfXE5ohot/DFuFUN6/cnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQG/8FwAA//8Hl+jb")
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x1)
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000))
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000006cc0)=[{}], 0x1, 0x0, 0x0)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f00000001c0)=0xe, 0x4)
r2 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xb3d)
ioctl$TCXONC(r2, 0x540a, 0x2)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
ioctl$BLKFLSBUF(r3, 0x1261, 0x0)

0s ago: executing program 1 (id=2095):
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r4, 0x4008af00, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
r5 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
ptrace(0x11, r5)
madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf)
madvise(&(0x7f000020b000/0x11000)=nil, 0x11000, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB="000000850000f9aa3e31418564c9de53b11f3b1e83bd3394eb7bef66d482e883a72e33cedf4fd3601291782fe52526c1fef4492ba9a6bbaa613cc9aacc52939895d46c72fcf709ebddcf19ebb1d450efdf5911bfb951e9a29d62545454c9f3e429d5f9e0e1e6c4a92e45000000003b0a53f658bf13377fd80e7f2d275762548de13d1a8774ef9694298ad99da258a64cd1f7"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000002100050125bd7000000000000200000000", @ANYRES32=0x0, @ANYRES16, @ANYBLOB="b7836f1c1b5be19805e133cc73fc5944bcec8171ae276f8474276c3617"], 0x28}, 0x1, 0x0, 0x0, 0x4008055}, 0x0)
process_vm_readv(r1, &(0x7f0000000d00), 0x0, &(0x7f0000000140)=[{&(0x7f00000014c0)=""/4096, 0x1000}, {&(0x7f0000000780)=""/197, 0xc5}, {&(0x7f0000000ec0)=""/237, 0xbbb9fd7f22b740c8}, {&(0x7f00000001c0)=""/57, 0x39}, {&(0x7f00000003c0)=""/13, 0xd}], 0x5, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'sit0\x00'})

kernel console output (not intermixed with test programs):

ce team_slave_1 added
[  635.203007][    T9] usb 6-1: Using ep0 maxpacket: 32
[  635.225702][    T9] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 255
[  635.255564][    T9] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  635.294349][    T9] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  635.315226][    T9] usb 6-1: Product: syz
[  635.319530][    T9] usb 6-1: Manufacturer: syz
[  635.326155][    T9] usb 6-1: SerialNumber: syz
[  635.352068][    T9] usb 6-1: config 0 descriptor??
[  635.399168][T10268] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  635.427248][T10131] batman_adv: batadv0: Adding interface: batadv_slave_0
[  635.452483][T10131] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  635.527523][T10131] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  635.598453][T10237] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  635.655962][T10237] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  635.671467][T10131] batman_adv: batadv0: Adding interface: batadv_slave_1
[  635.681990][T10131] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  635.711715][T10131] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  635.785846][T10237] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  635.930576][T10237] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  636.142141][T10131] hsr_slave_0: entered promiscuous mode
[  636.196995][T10131] hsr_slave_1: entered promiscuous mode
[  636.225674][T10131] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  636.246750][T10131] Cannot create hsr debugfs directory
[  636.812775][T10309] loop0: detected capacity change from 0 to 512
[  636.884094][T10309] EXT4-fs: Ignoring removed oldalloc option
[  636.951642][T10309] EXT4-fs (loop0): 1 truncate cleaned up
[  636.990560][T10309] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  636.994734][T10131] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  637.017552][T10131] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  637.031388][T10131] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  637.049476][T10131] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  637.301711][T10131] 8021q: adding VLAN 0 to HW filter on device bond0
[  637.357746][T10131] 8021q: adding VLAN 0 to HW filter on device team0
[  637.412150][ T1086] bridge0: port 1(bridge_slave_0) entered blocking state
[  637.419618][ T1086] bridge0: port 1(bridge_slave_0) entered forwarding state
[  637.463511][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  637.489327][ T1086] bridge0: port 2(bridge_slave_1) entered blocking state
[  637.496993][ T1086] bridge0: port 2(bridge_slave_1) entered forwarding state
[  637.561510][T10330] netlink: 12 bytes leftover after parsing attributes in process `syz.6.947'.
[  637.746427][    T9] usb 6-1: USB disconnect, device number 15
[  638.025267][T10343] loop0: detected capacity change from 0 to 128
[  638.105408][T10343] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  638.165962][T10343] ext4 filesystem being mounted at /256/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  638.566341][T10131] 8021q: adding VLAN 0 to HW filter on device batadv0
[  638.855824][ T5770] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  639.726355][T10392] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  640.591573][T10395] loop6: detected capacity change from 0 to 1024
[  640.609905][T10395] hfsplus: bad catalog file entry
[  640.615651][T10395] hfsplus: failed to load root directory
[  641.041823][T10405] loop6: detected capacity change from 0 to 8192
[  641.090082][T10397] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  641.169745][T10131] veth0_vlan: entered promiscuous mode
[  641.298548][T10131] veth1_vlan: entered promiscuous mode
[  641.305779][ T7430] I/O error, dev loop6, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  641.429254][T10372] loop5: detected capacity change from 0 to 40427
[  641.460330][T10372] F2FS-fs (loop5): build fault injection attr: rate: 174, type: 0x7ffff
[  641.697080][T10131] veth0_macvtap: entered promiscuous mode
[  641.730061][T10131] veth1_macvtap: entered promiscuous mode
[  641.787419][T10131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  641.834808][T10131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  641.845649][T10131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  641.858872][T10131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  641.869013][T10131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  641.879781][T10131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  641.891914][T10131] batman_adv: batadv0: Interface activated: batadv_slave_0
[  641.987285][T10131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  642.035596][T10131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  642.087453][T10131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  642.115111][T10131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  642.138478][T10131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  642.173563][T10131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  642.214648][T10131] batman_adv: batadv0: Interface activated: batadv_slave_1
[  642.270244][T10131] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  642.290968][T10131] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  642.310836][T10131] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  642.325548][T10131] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  643.094336][T10446] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  643.980377][T10452] loop0: detected capacity change from 0 to 8192
[  644.002539][T10452] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  644.033242][T10452] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  644.047042][T10452] REISERFS (device loop0): using ordered data mode
[  644.064602][T10452] reiserfs: using flush barriers
[  644.086177][T10452] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  644.123675][T10452] REISERFS (device loop0): checking transaction log (loop0)
[  644.133040][T10452] REISERFS (device loop0): Using r5 hash to sort names
[  644.140532][T10452] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  644.459425][T10460] netlink: 4 bytes leftover after parsing attributes in process `syz.0.973'.
[  644.753210][T10412] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  644.939148][  T256] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  645.014723][  T256] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  645.127456][T10470] loop5: detected capacity change from 0 to 512
[  645.196882][ T1115] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  645.253867][ T1115] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  645.267229][T10470] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  645.734802][ T8135] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  646.925118][T10505] unsupported nlmsg_type 40
[  647.053238][T10509] loop0: detected capacity change from 0 to 1024
[  647.091681][T10509] hfsplus: bad catalog file entry
[  647.097116][T10509] hfsplus: failed to load root directory
[  647.937260][T10529] loop7: detected capacity change from 0 to 16
[  647.949124][T10527] tipc: Started in network mode
[  647.963462][T10527] tipc: Node identity 8a94205ac9ad, cluster identity 4711
[  647.971484][T10527] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  648.022365][T10529] erofs: (device loop7): mounted with root inode @ nid 36.
[  648.035321][T10532] syzkaller0: MTU too low for tipc bearer
[  648.072113][T10532] tipc: Disabling bearer <eth:syzkaller0>
[  648.322544][T10513] loop5: detected capacity change from 0 to 32768
[  648.447723][T10513] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  648.657223][T10513] XFS (loop5): Ending clean mount
[  648.704606][T10513] XFS (loop5): Quotacheck needed: Please wait.
[  648.773180][    T9] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  648.828019][T10513] XFS (loop5): Quotacheck: Done.
[  648.997067][    T9] usb 8-1: Using ep0 maxpacket: 32
[  649.034074][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  649.071755][T10559] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  649.093402][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  649.114859][ T8135] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  649.139858][    T9] usb 8-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  649.148523][T10562] vxcan1: entered promiscuous mode
[  649.149892][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  649.166189][    T9] usb 8-1: config 0 descriptor??
[  649.174573][    T9] hub 8-1:0.0: USB hub found
[  649.412316][    T9] hub 8-1:0.0: 1 port detected
[  651.385291][T10580] loop0: detected capacity change from 0 to 131072
[  651.471433][T10580] F2FS-fs (loop0): Found nat_bits in checkpoint
[  651.511127][    T9] hub 8-1:0.0: activate --> -90
[  651.540218][T10580] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  651.598482][    T9] hub 8-1:0.0: hub_ext_port_status failed (err = -71)
[  651.642882][   T28] audit: type=1804 audit(1770443349.983:224): pid=10580 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.997" name="/newroot/270/file0/bus" dev="loop0" ino=10 res=1 errno=0
[  651.677369][ T5856] usb 8-1: Failed to suspend device, error -71
[  651.684417][    T9] usb 8-1: USB disconnect, device number 2
[  651.978334][T10615] loop5: detected capacity change from 0 to 1024
[  651.992229][T10615] hfsplus: bad catalog file entry
[  651.997538][T10615] hfsplus: failed to load root directory
[  652.421489][T10619] loop5: detected capacity change from 0 to 8192
[  654.258920][T10645] loop7: detected capacity change from 0 to 1024
[  654.290525][T10645] hfsplus: bad catalog file entry
[  654.296353][T10645] hfsplus: failed to load root directory
[  654.964489][T10654] block device autoloading is deprecated and will be removed.
[  655.206217][T10659] loop6: detected capacity change from 0 to 1024
[  655.243218][T10659] EXT4-fs: Ignoring removed i_version option
[  655.263489][T10659] EXT4-fs: inline encryption not supported
[  655.345896][T10659] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  655.445496][T10667] loop7: detected capacity change from 0 to 1024
[  655.543709][T10667] hfsplus: bad catalog file entry
[  655.549209][T10667] hfsplus: failed to load root directory
[  655.848103][ T9787] Quota error (device loop6): do_check_range: Getting block 262149 out of range 1-5
[  655.966892][T10673] loop7: detected capacity change from 0 to 8192
[  656.038571][ T9787] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[  656.127817][ T9787] EXT4-fs error (device loop6): ext4_acquire_dquot:6949: comm syz-executor: Failed to acquire dquot type 0
[  656.658146][T10681] loop7: detected capacity change from 0 to 1024
[  656.730969][T10681] hfsplus: bad catalog file entry
[  656.736928][T10681] hfsplus: failed to load root directory
[  657.812499][ T9787] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  658.283934][ T2966] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  658.747177][ T2966] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  659.378307][ T2966] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  659.413828][T10686] loop7: detected capacity change from 0 to 32768
[  659.571235][T10686] XFS (loop7): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  659.985962][ T2966] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  660.008519][T10686] XFS (loop7): Ending clean mount
[  660.053250][T10686] XFS (loop7): Quotacheck needed: Please wait.
[  660.298102][T10686] XFS (loop7): Quotacheck: Done.
[  661.058873][T10131] XFS (loop7): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  661.265246][ T5085] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  661.323056][ T5085] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  661.333435][ T5085] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  661.344814][ T5085] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  661.354671][ T5085] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  661.362157][ T5085] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  661.888490][ T2966] tipc: Left network mode
[  662.810261][T10720] loop5: detected capacity change from 0 to 40427
[  662.823888][T10760] loop0: detected capacity change from 0 to 4096
[  662.872521][T10720] F2FS-fs (loop5): build fault injection attr: rate: 771, type: 0x7ffff
[  662.895137][T10760] EXT4-fs (loop0): Test dummy encryption mode enabled
[  662.938787][T10720] F2FS-fs (loop5): invalid crc value
[  662.950459][T10760] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  662.991294][T10720] F2FS-fs (loop5): Found nat_bits in checkpoint
[  663.208896][T10764] netlink: 14 bytes leftover after parsing attributes in process `syz.7.1025'.
[  663.256206][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  663.272217][T10720] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  663.424609][ T5085] Bluetooth: hci3: command tx timeout
[  663.584040][T10764] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  663.625147][T10764] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  663.658814][T10764] bond0 (unregistering): Released all slaves
[  664.860476][T10735] chnl_net:caif_netlink_parms(): no params data found
[  665.065017][T10779] loop7: detected capacity change from 0 to 32768
[  665.092572][T10779] BTRFS error: device /dev/loop7 already registered with a higher generation, found 8 expect 10
[  665.308371][ T5085] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  665.513007][ T5085] Bluetooth: hci3: command tx timeout
[  665.995992][ T7430] BTRFS error: device /dev/loop7 already registered with a higher generation, found 8 expect 10
[  666.398287][T10735] bridge0: port 1(bridge_slave_0) entered blocking state
[  666.424984][T10735] bridge0: port 1(bridge_slave_0) entered disabled state
[  666.471549][T10735] bridge_slave_0: entered allmulticast mode
[  666.489859][T10735] bridge_slave_0: entered promiscuous mode
[  666.536113][T10735] bridge0: port 2(bridge_slave_1) entered blocking state
[  666.563031][T10735] bridge0: port 2(bridge_slave_1) entered disabled state
[  666.571060][T10735] bridge_slave_1: entered allmulticast mode
[  666.636238][T10735] bridge_slave_1: entered promiscuous mode
[  666.769184][ T2966] hsr_slave_0: left promiscuous mode
[  666.795791][ T2966] hsr_slave_1: left promiscuous mode
[  666.854026][ T2966] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  666.894612][ T2966] batman_adv: batadv0: Removing interface: batadv_slave_0
[  666.937774][ T2966] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  666.973075][ T2966] batman_adv: batadv0: Removing interface: batadv_slave_1
[  667.006719][ T2966] bridge_slave_1: left allmulticast mode
[  667.012566][ T2966] bridge_slave_1: left promiscuous mode
[  667.048232][ T2966] bridge0: port 2(bridge_slave_1) entered disabled state
[  667.091085][ T2966] bridge_slave_0: left allmulticast mode
[  667.132865][ T2966] bridge_slave_0: left promiscuous mode
[  667.139049][ T2966] bridge0: port 1(bridge_slave_0) entered disabled state
[  667.180606][T10836] 9pnet_fd: Insufficient options for proto=fd
[  667.258970][ T2966] veth1_macvtap: left promiscuous mode
[  667.267161][ T2966] veth0_macvtap: left promiscuous mode
[  667.284031][ T2966] veth1_vlan: left promiscuous mode
[  667.306753][ T2966] veth0_vlan: left promiscuous mode
[  667.583615][ T5085] Bluetooth: hci3: command tx timeout
[  667.855605][T10840] loop5: detected capacity change from 0 to 40427
[  667.869416][T10840] F2FS-fs (loop5): build fault injection attr: rate: 771, type: 0x7ffff
[  667.889858][T10840] F2FS-fs (loop5): invalid crc value
[  667.919899][T10840] F2FS-fs (loop5): Found nat_bits in checkpoint
[  668.159690][T10840] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  668.523830][ T8135] syz-executor: attempt to access beyond end of device
[  668.523830][ T8135] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  668.538230][ T8135] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  669.477867][ T2966] team0 (unregistering): Port device team_slave_1 removed
[  669.584152][ T2966] team0 (unregistering): Port device team_slave_0 removed
[  669.664237][ T5085] Bluetooth: hci3: command tx timeout
[  669.678086][ T2966] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  669.757498][ T2966] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  670.409966][ T2966] bond0 (unregistering): Released all slaves
[  670.591297][T10834] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1037'.
[  670.612127][T10842] netlink: 'syz.7.1040': attribute type 1 has an invalid length.
[  670.781703][T10735] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  670.885667][T10735] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  671.084672][T10735] team0: Port device team_slave_0 added
[  671.096684][T10735] team0: Port device team_slave_1 added
[  671.220936][T10735] batman_adv: batadv0: Adding interface: batadv_slave_0
[  671.252063][T10735] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  671.306672][T10735] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  671.361034][T10735] batman_adv: batadv0: Adding interface: batadv_slave_1
[  671.468590][T10735] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  671.499427][T10735] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  671.698463][T10735] hsr_slave_0: entered promiscuous mode
[  671.718523][T10735] hsr_slave_1: entered promiscuous mode
[  671.744164][T10884] loop5: detected capacity change from 0 to 1024
[  671.753186][T10735] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  671.773088][T10735] Cannot create hsr debugfs directory
[  671.788558][T10884] hfsplus: bad catalog file entry
[  671.794006][T10884] hfsplus: failed to load root directory
[  671.832738][T10883] Illegal XDP return value 1608765481 on prog  (id 55) dev syz_tun, expect packet loss!
[  672.177077][T10891] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  672.812940][T10735] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  672.866811][T10735] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  672.952494][T10735] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  672.988072][T10735] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  673.256920][T10924] loop5: detected capacity change from 0 to 1024
[  673.270978][T10924] hfsplus: bad catalog file entry
[  673.276376][T10924] hfsplus: failed to load root directory
[  674.749244][T10924] loop5: detected capacity change from 0 to 8192
[  674.981264][T10735] 8021q: adding VLAN 0 to HW filter on device bond0
[  675.077488][T10735] 8021q: adding VLAN 0 to HW filter on device team0
[  675.167818][T10629] bridge0: port 1(bridge_slave_0) entered blocking state
[  675.175250][T10629] bridge0: port 1(bridge_slave_0) entered forwarding state
[  675.239375][T10629] bridge0: port 2(bridge_slave_1) entered blocking state
[  675.246829][T10629] bridge0: port 2(bridge_slave_1) entered forwarding state
[  675.887283][T10943] binder: 10942:10943 unknown command 0
[  675.917549][T10943] binder: 10942:10943 ioctl c0306201 200000000080 returned -22
[  676.458847][T10735] 8021q: adding VLAN 0 to HW filter on device batadv0
[  676.646529][T10953] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1064'.
[  677.175324][T10962] loop0: detected capacity change from 0 to 256
[  677.281904][T10962] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  677.811861][T10735] veth0_vlan: entered promiscuous mode
[  677.856578][T10735] veth1_vlan: entered promiscuous mode
[  677.949208][T10735] veth0_macvtap: entered promiscuous mode
[  678.006232][T10735] veth1_macvtap: entered promiscuous mode
[  678.124466][T10735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  678.135701][T10735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  678.147746][T10735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  678.159668][T10735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  678.170952][T10735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  678.182147][T10735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  678.194865][T10735] batman_adv: batadv0: Interface activated: batadv_slave_0
[  678.217501][T10735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  678.255021][T10735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  678.270901][T10735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  678.282294][T10735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  678.292728][T10735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  678.306564][T10735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  678.327561][T10735] batman_adv: batadv0: Interface activated: batadv_slave_1
[  678.348242][T10735] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  678.387781][T10735] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  678.406918][T10735] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  678.422495][T10735] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  678.763717][  T256] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  678.792165][T10990] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1070'.
[  678.802409][  T256] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  678.914305][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  678.963914][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  680.700854][T11029] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1077'.
[  682.051256][T11047] bridge_slave_0: left allmulticast mode
[  682.083865][T11047] bridge_slave_0: left promiscuous mode
[  682.090444][T11047] bridge0: port 1(bridge_slave_0) entered disabled state
[  682.147303][T11047] bridge_slave_1: left allmulticast mode
[  682.154472][T11047] bridge_slave_1: left promiscuous mode
[  682.179629][T11047] bridge0: port 2(bridge_slave_1) entered disabled state
[  682.357043][T11047] team0: Port device team_slave_0 removed
[  682.443384][T11047] team0: Port device team_slave_1 removed
[  682.450339][T11047] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  682.497685][T11047] batman_adv: batadv0: Removing interface: batadv_slave_0
[  682.511327][T11047] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  682.525104][T11047] batman_adv: batadv0: Removing interface: batadv_slave_1
[  682.583629][T11051] team0: Mode changed to "activebackup"
[  683.229867][T11081] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1087'.
[  684.098243][   T23] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  684.232597][T11090] syzkaller1: entered promiscuous mode
[  684.253526][T11090] syzkaller1: entered allmulticast mode
[  684.314310][   T23] usb 8-1: Using ep0 maxpacket: 8
[  684.351496][   T23] usb 8-1: too many configurations: 23, using maximum allowed: 8
[  684.438269][   T23] usb 8-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[  684.458169][   T23] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  684.493141][   T23] usb 8-1: Product: syz
[  684.497384][   T23] usb 8-1: Manufacturer: syz
[  684.523044][   T23] usb 8-1: SerialNumber: syz
[  684.541137][   T23] usb 8-1: config 0 descriptor??
[  684.553371][T11095] 
[  684.928864][   T23] usb 8-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[  685.991290][T11104] loop5: detected capacity change from 0 to 131072
[  686.021306][T11104] F2FS-fs (loop5): Found nat_bits in checkpoint
[  686.049844][T11116] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  686.095988][T11104] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  686.134401][T11116] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  686.159435][T11116] bond0 (unregistering): Released all slaves
[  686.245556][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  686.252055][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  686.268653][   T28] audit: type=1804 audit(1770443384.633:225): pid=11104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.1092" name="/newroot/167/file0/bus" dev="loop5" ino=10 res=1 errno=0
[  686.821599][   T23] usb 8-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  686.853492][   T23] dvbdev: DVB: registering new adapter (Terratec H7)
[  686.875531][   T23] usb 8-1: media controller created
[  687.022258][   T23] usb read operation failed. (-71)
[  687.043877][   T23] dvb_usb_az6007: probe of 8-1:0.0 failed with error -5
[  687.083398][   T23] usb 8-1: USB disconnect, device number 3
[  687.948699][T11166] loop7: detected capacity change from 0 to 1024
[  687.961169][T11166] hfsplus: bad catalog file entry
[  687.966557][T11166] hfsplus: failed to load root directory
[  688.073300][ T7430] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  688.512609][T11174] loop7: detected capacity change from 0 to 8192
[  689.128848][T11185] binder: 11184:11185 unknown command 0
[  689.153022][T11185] binder: 11184:11185 ioctl c0306201 200000000080 returned -22
[  689.883128][T11195] VFS: Lookup of 'file0' in fuse fuse would have caused loop
[  690.778767][T11204] netlink: 76 bytes leftover after parsing attributes in process `syz.5.1113'.
[  692.581815][T11249] loop7: detected capacity change from 0 to 1024
[  692.654966][T11249] hfsplus: bad catalog file entry
[  692.660711][T11249] hfsplus: failed to load root directory
[  692.740826][ T7430] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  693.251102][T11264] loop7: detected capacity change from 0 to 8192
[  693.335728][ T7430] I/O error, dev loop7, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  697.826828][T11340] kvm: MONITOR instruction emulated as NOP!
[  698.831120][ T5085] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  699.181499][T11372] tipc: Started in network mode
[  699.214483][T11372] tipc: Node identity 4, cluster identity 4711
[  699.220715][T11372] tipc: Node number set to 4
[  699.770471][T11382] ip6t_REJECT: ECHOREPLY is not supported
[  699.871538][T11374] loop7: detected capacity change from 0 to 8192
[  700.960215][T11410] loop7: detected capacity change from 0 to 512
[  700.992123][T11410] EXT4-fs: Ignoring removed i_version option
[  701.023868][T11410] EXT4-fs: Ignoring removed oldalloc option
[  701.124186][T11410] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  701.477741][T10131] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  701.699292][T11423] loop7: detected capacity change from 0 to 2048
[  701.739355][T11423] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  703.288743][T11438] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  703.856062][T11458] kvm: emulating exchange as write
[  704.887008][T11469] loop7: detected capacity change from 0 to 64
[  704.964896][T11469] input: syz0 as /devices/virtual/input/input28
[  705.098561][ T7430] udevd[7430]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[  706.572379][T11502] loop5: detected capacity change from 0 to 8192
[  708.140949][T11525] loop7: detected capacity change from 0 to 512
[  708.157293][T11525] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  708.211897][T11525] EXT4-fs (loop7): external journal device major/minor numbers have changed
[  708.690480][T11525] EXT4-fs (loop7): failed to open journal device unknown-block(0,8195) -6
[  709.349833][T11554] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  710.159419][T11568] syzkaller0: entered promiscuous mode
[  710.165565][T11568] syzkaller0: entered allmulticast mode
[  710.391022][T11575] netlink: 'syz.0.1192': attribute type 1 has an invalid length.
[  710.400546][T11575] netlink: 193500 bytes leftover after parsing attributes in process `syz.0.1192'.
[  710.423094][  T787] usb 8-1: new full-speed USB device number 4 using dummy_hcd
[  710.440718][T11577] loop5: detected capacity change from 0 to 1024
[  710.491887][T11577] hfsplus: bad catalog file entry
[  710.507744][T11577] hfsplus: failed to load root directory
[  710.626631][  T787] usb 8-1: config 0 has an invalid interface number: 2 but max is 0
[  710.642902][  T787] usb 8-1: config 0 has no interface number 0
[  710.658973][  T787] usb 8-1: config 0 interface 2 altsetting 2 endpoint 0x6 has invalid maxpacket 512, setting to 64
[  710.691213][  T787] usb 8-1: config 0 interface 2 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  710.733025][  T787] usb 8-1: config 0 interface 2 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  710.755803][  T787] usb 8-1: config 0 interface 2 has no altsetting 0
[  710.782597][  T787] usb 8-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[  710.818044][  T787] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  710.842849][  T787] usb 8-1: Product: syz
[  710.847452][  T787] usb 8-1: Manufacturer: syz
[  710.881381][  T787] usb 8-1: SerialNumber: syz
[  710.895887][  T787] usb 8-1: config 0 descriptor??
[  710.902196][T11567] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  711.627278][T11589] loop5: detected capacity change from 0 to 8192
[  711.690712][ T7662] I/O error, dev loop5, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  713.226020][  T787] usb 8-1: Quirk or no altest; falling back to MIDI 1.0
[  714.694430][T11614] bridge1: entered promiscuous mode
[  714.732942][T11614] bridge1: entered allmulticast mode
[  714.787080][T11614] team0: Port device bridge1 added
[  714.842150][  T787] snd-usb-audio: probe of 8-1:0.2 failed with error -12
[  714.845716][T11615] bridge0: port 4(team0) entered blocking state
[  714.853174][T11618] loop7: detected capacity change from 0 to 512
[  714.899126][T11615] bridge0: port 4(team0) entered disabled state
[  714.899148][T11618] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  714.947972][T11615] team0: entered allmulticast mode
[  714.952004][  T787] usb 8-1: USB disconnect, device number 4
[  714.984096][T11615] team_slave_0: entered allmulticast mode
[  715.039616][T11615] team_slave_1: entered allmulticast mode
[  715.050482][ T7804] udevd[7804]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  715.114022][T11615] team0: entered promiscuous mode
[  715.139476][T11615] team_slave_0: entered promiscuous mode
[  715.172439][T11615] team_slave_1: entered promiscuous mode
[  715.265228][T11615] bridge0: port 4(team0) entered blocking state
[  715.277184][T11615] bridge0: port 4(team0) entered forwarding state
[  715.357954][T11617] geneve2: entered promiscuous mode
[  715.403151][T11617] geneve2: entered allmulticast mode
[  715.893854][ T5775] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  715.909007][ T5775] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  715.928993][ T5775] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  715.960713][ T5775] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  715.979269][ T5775] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  715.991706][ T5775] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  716.257695][  T256] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  716.557936][  T256] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  716.861964][  T256] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  717.686310][  T256] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  718.168148][ T5775] Bluetooth: hci3: command tx timeout
[  719.275823][T11627] chnl_net:caif_netlink_parms(): no params data found
[  719.723720][ T5955] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  719.813275][T11682] binder: 11681:11682 ioctl c0306201 2000000003c0 returned -14
[  719.955077][ T5955] usb 8-1: Using ep0 maxpacket: 32
[  720.043322][ T5955] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  720.114690][ T5955] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  720.164024][ T5955] usb 8-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  720.226273][ T5955] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  720.233306][ T5775] Bluetooth: hci3: command tx timeout
[  720.250704][ T5955] usb 8-1: config 0 descriptor??
[  720.271469][ T5955] hub 8-1:0.0: bad descriptor, ignoring hub
[  720.310982][ T5955] hub: probe of 8-1:0.0 failed with error -5
[  720.333652][ T5955] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  720.791300][T11627] bridge0: port 1(bridge_slave_0) entered blocking state
[  720.800061][T11627] bridge0: port 1(bridge_slave_0) entered disabled state
[  720.827926][T11627] bridge_slave_0: entered allmulticast mode
[  720.853796][T11627] bridge_slave_0: entered promiscuous mode
[  720.931634][T11627] bridge0: port 2(bridge_slave_1) entered blocking state
[  720.990091][T11627] bridge0: port 2(bridge_slave_1) entered disabled state
[  721.063989][T11627] bridge_slave_1: entered allmulticast mode
[  721.259642][T11627] bridge_slave_1: entered promiscuous mode
[  722.118185][T11627] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  722.200730][T11627] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  722.303087][ T5775] Bluetooth: hci3: command tx timeout
[  722.488456][   T23] usb 8-1: USB disconnect, device number 5
[  722.779816][T11627] team0: Port device team_slave_0 added
[  723.263081][T11724] loop7: detected capacity change from 0 to 8192
[  724.147184][T11725] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1217'.
[  724.388765][ T5775] Bluetooth: hci3: command tx timeout
[  725.349582][T11627] team0: Port device team_slave_1 added
[  725.373570][    T8] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  725.500721][  T256] hsr_slave_0: left promiscuous mode
[  725.549694][  T256] hsr_slave_1: left promiscuous mode
[  725.557399][T11743] loop5: detected capacity change from 0 to 1024
[  725.570705][  T256] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  725.605266][  T256] batman_adv: batadv0: Removing interface: batadv_slave_0
[  725.606159][    T8] usb 8-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  725.629884][T11743] hfsplus: bad catalog file entry
[  725.639448][  T256] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  725.641347][T11743] hfsplus: failed to load root directory
[  725.660200][    T8] usb 8-1: config 220 has 1 interface, different from the descriptor's value: 3
[  725.668001][  T256] batman_adv: batadv0: Removing interface: batadv_slave_1
[  725.689724][    T8] usb 8-1: config 220 interface 0 has no altsetting 0
[  725.723645][  T256] bridge_slave_1: left allmulticast mode
[  725.738509][    T8] usb 8-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  725.748085][  T256] bridge_slave_1: left promiscuous mode
[  725.748297][  T256] bridge0: port 2(bridge_slave_1) entered disabled state
[  725.770145][    T8] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  725.799673][    T8] usb 8-1: Product: syz
[  725.809749][    T8] usb 8-1: Manufacturer: syz
[  725.822072][    T8] usb 8-1: SerialNumber: syz
[  725.822500][  T256] bridge_slave_0: left allmulticast mode
[  725.850956][  T256] bridge_slave_0: left promiscuous mode
[  725.873081][  T256] bridge0: port 1(bridge_slave_0) entered disabled state
[  725.968932][  T256] veth1_macvtap: left promiscuous mode
[  725.974986][  T256] veth0_macvtap: left promiscuous mode
[  725.981060][  T256] veth1_vlan: left promiscuous mode
[  726.006734][  T256] veth0_vlan: left promiscuous mode
[  726.279906][    T8] usb 8-1: Found UVC 0.00 device syz (8086:0b07)
[  726.291062][    T8] usb 8-1: No valid video chain found.
[  726.300091][    T8] usb 8-1: USB disconnect, device number 6
[  727.195663][T11757] loop5: detected capacity change from 0 to 8192
[  727.319161][ T7430] I/O error, dev loop5, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  729.025553][ T5775] Bluetooth: hci2: command tx timeout
[  730.351313][  T256] team0 (unregistering): Port device team_slave_1 removed
[  730.431202][  T256] team0 (unregistering): Port device team_slave_0 removed
[  730.515140][  T256] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  730.598024][  T256] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  731.236520][  T256] bond0 (unregistering): Released all slaves
[  731.401517][T11627] batman_adv: batadv0: Adding interface: batadv_slave_0
[  731.409376][T11627] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  731.453415][T11627] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  731.586283][T11627] batman_adv: batadv0: Adding interface: batadv_slave_1
[  731.621107][T11627] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  731.708694][T11627] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  733.316867][T11799] loop7: detected capacity change from 0 to 1024
[  733.404553][T11799] EXT4-fs: Ignoring removed orlov option
[  733.517728][T11627] hsr_slave_0: entered promiscuous mode
[  733.577749][T11627] hsr_slave_1: entered promiscuous mode
[  733.610317][T11627] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  733.622260][T11627] Cannot create hsr debugfs directory
[  733.643132][T11799] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  734.315816][   T28] audit: type=1800 audit(1770443432.683:226): pid=11799 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1235" name="bus" dev="loop7" ino=18 res=0 errno=0
[  734.464433][T11799] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4047: comm syz.7.1235: Allocating blocks 385-513 which overlap fs metadata
[  734.482437][T11799] EXT4-fs (loop7): pa ffff8880782c0ae0: logic 16, phys. 129, len 24
[  734.494137][T11799] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5388: group 0, free 0, pa_free 8
[  734.708688][T10131] Trying to write to read-only block-device loop7
[  734.748643][T11819] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1238'.
[  734.784595][T10131] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  734.866152][T11819] tipc: Enabled bearer <eth:gre0>, priority 10
[  735.162702][T11825] loop7: detected capacity change from 0 to 1024
[  735.239845][ T7430] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  737.455458][T11627] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  737.492261][T11627] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  737.523045][T11627] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  737.582676][T11627] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  738.212472][T11856] loop7: detected capacity change from 0 to 8192
[  738.452692][ T7430] I/O error, dev loop7, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  738.529302][T11627] 8021q: adding VLAN 0 to HW filter on device bond0
[  738.669124][T11627] 8021q: adding VLAN 0 to HW filter on device team0
[  738.749093][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  738.756545][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  738.856998][ T1086] bridge0: port 2(bridge_slave_1) entered blocking state
[  738.864739][ T1086] bridge0: port 2(bridge_slave_1) entered forwarding state
[  739.046333][T11627] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  740.317439][T11887] tmpfs: Bad value for 'huge'
[  741.428527][T11627] 8021q: adding VLAN 0 to HW filter on device batadv0
[  744.816259][T11627] veth0_vlan: entered promiscuous mode
[  744.880666][T11627] veth1_vlan: entered promiscuous mode
[  745.031703][T11627] veth0_macvtap: entered promiscuous mode
[  745.084953][T11627] veth1_macvtap: entered promiscuous mode
[  745.130659][T11931] loop5: detected capacity change from 0 to 1024
[  745.146702][T11627] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  745.204927][T11627] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  745.233119][T11627] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  745.262889][T11627] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  745.284544][T11627] batman_adv: batadv0: Interface activated: batadv_slave_0
[  745.860481][T11627] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  745.903023][T11627] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  745.919560][T11627] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  745.930973][T11627] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  745.944339][T11627] batman_adv: batadv0: Interface activated: batadv_slave_1
[  745.977147][T11627] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  746.058354][T11627] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  746.100666][T11627] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  746.141092][T11627] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  747.745950][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  747.753193][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  748.638035][ T1115] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  748.767637][ T1115] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  748.907574][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  748.950543][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  750.173676][ T5775] Bluetooth: hci2: command 0x0406 tx timeout
[  750.584002][T11967] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  751.657783][T11982] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  751.666345][T11982] IPv6: NLM_F_CREATE should be set when creating new route
[  751.722134][T11982] lo: entered allmulticast mode
[  751.827115][T11982] tunl0: entered allmulticast mode
[  751.899834][T11982] gre0: entered allmulticast mode
[  752.126190][T11982] gretap0: entered allmulticast mode
[  752.233313][T11982] erspan0: entered allmulticast mode
[  752.323304][T11982] ip_vti0: entered allmulticast mode
[  752.384370][T11982] ip6_vti0: entered allmulticast mode
[  752.463450][T11982] sit0: entered allmulticast mode
[  752.635418][T11982] ip6tnl0: entered allmulticast mode
[  752.746550][T11982] ip6gre0: entered allmulticast mode
[  752.830538][T11982] syz_tun: entered allmulticast mode
[  752.895698][T11982] ip6gretap0: entered allmulticast mode
[  752.958589][T11982] bridge0: port 2(bridge_slave_1) entered disabled state
[  752.966204][T11982] bridge0: port 1(bridge_slave_0) entered disabled state
[  753.037168][T11982] bridge0: entered allmulticast mode
[  753.109716][T11982] vcan0: entered allmulticast mode
[  753.134265][T11982] bond0: entered allmulticast mode
[  753.139771][T11982] bond_slave_0: entered allmulticast mode
[  753.146906][T11982] bond_slave_1: entered allmulticast mode
[  753.199303][T11982] team0: entered allmulticast mode
[  753.208169][T11982] team_slave_0: entered allmulticast mode
[  753.222120][T11982] team_slave_1: entered allmulticast mode
[  753.275907][T11982] dummy0: entered allmulticast mode
[  753.307521][T11982] nlmon0: entered allmulticast mode
[  753.323447][T11982] caif0: entered allmulticast mode
[  753.341409][T11982] batadv0: entered allmulticast mode
[  753.376091][T11982] vxcan0: entered allmulticast mode
[  753.397421][T11982] vxcan1: entered allmulticast mode
[  753.432280][T11982] veth0: entered allmulticast mode
[  753.468487][T11982] veth1: entered allmulticast mode
[  753.505761][T11982] wg0: entered allmulticast mode
[  753.541108][T11982] wg1: entered allmulticast mode
[  753.579980][T11982] wg2: entered allmulticast mode
[  753.612335][T11982] veth0_to_bridge: entered allmulticast mode
[  753.696669][T11982] veth1_to_bridge: entered allmulticast mode
[  753.772449][T11982] veth0_to_bond: entered allmulticast mode
[  753.825652][T11982] veth1_to_bond: entered allmulticast mode
[  753.892278][T11982] veth0_to_team: entered allmulticast mode
[  753.913827][T11982] veth1_to_team: entered allmulticast mode
[  753.971382][T11982] veth0_to_batadv: entered allmulticast mode
[  753.988271][T11982] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  753.997065][T11982] batadv_slave_0: entered allmulticast mode
[  754.021931][T11982] veth1_to_batadv: entered allmulticast mode
[  754.033548][T11982] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  754.047134][T11982] batadv_slave_1: entered allmulticast mode
[  754.108591][T11982] xfrm0: entered allmulticast mode
[  754.162500][T11982] veth0_to_hsr: entered allmulticast mode
[  754.266953][T11982] hsr_slave_0: entered allmulticast mode
[  754.331260][T11982] veth1_to_hsr: entered allmulticast mode
[  754.384416][T11982] hsr_slave_1: entered allmulticast mode
[  754.432620][T11982] hsr0: entered allmulticast mode
[  754.536215][T11982] veth1_virt_wifi: entered allmulticast mode
[  754.583158][T11982] veth0_virt_wifi: entered allmulticast mode
[  754.607403][T11982] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  754.646103][T11982] veth1_vlan: entered allmulticast mode
[  754.694466][T11982] veth0_vlan: entered allmulticast mode
[  754.763938][T11982] vlan0: entered allmulticast mode
[  754.866208][T11982] macvlan0: entered allmulticast mode
[  754.905393][T11982] macvlan1: entered allmulticast mode
[  754.923703][T11982] ipvlan0: entered allmulticast mode
[  754.929157][T11982] ipvlan1: entered allmulticast mode
[  754.978059][T11982] veth1_macvtap: entered allmulticast mode
[  755.015791][T11982] veth0_macvtap: entered allmulticast mode
[  755.046158][T11982] macvtap0: entered allmulticast mode
[  755.126942][T11982] macsec0: entered allmulticast mode
[  755.159435][T11982] geneve0: entered allmulticast mode
[  755.181911][T11982] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  755.191755][T11982] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  755.201181][T11982] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  755.210614][T11982] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  755.220419][T11982] geneve1: entered allmulticast mode
[  755.242697][T11982] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[  755.261867][T11982] netdevsim netdevsim5 netdevsim1: entered allmulticast mode
[  755.285015][T11982] netdevsim netdevsim5 netdevsim2: entered allmulticast mode
[  755.304766][T11982] netdevsim netdevsim5 netdevsim3: entered allmulticast mode
[  755.337399][T11982] mac80211_hwsim hwsim12 wlan0: entered allmulticast mode
[  755.363772][T11982] mac80211_hwsim hwsim13 wlan1: entered allmulticast mode
[  755.377192][T11982] syztnl0: entered allmulticast mode
[  755.393216][T11982] syztnl1: entered allmulticast mode
[  755.399888][T11982] ip6tnl1: entered allmulticast mode
[  755.414501][T11982] gre1: entered allmulticast mode
[  755.430239][T11982] sit1: entered allmulticast mode
[  755.453572][T11991] netlink: 'syz.0.1261': attribute type 4 has an invalid length.
[  755.497751][T11982] syz.5.1260 (11982) used greatest stack depth: 19912 bytes left
[  756.637400][T12029] netlink: 72 bytes leftover after parsing attributes in process `syz.7.1265'.
[  757.522923][T12039] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  759.676519][T12059] __vm_enough_memory: pid: 12059, comm: syz.7.1273, not enough memory for the allocation
[  761.215576][ T5085] Bluetooth: hci1: unexpected event for opcode 0x2043
[  761.502096][T12073] loop9: detected capacity change from 0 to 1024
[  761.552968][T12073] hfsplus: bad catalog file entry
[  761.568922][T12073] hfsplus: failed to load root directory
[  762.419668][T12082] loop9: detected capacity change from 0 to 8192
[  765.270115][ T5085] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  765.281105][ T5085] Bluetooth: hci1: Injecting HCI hardware error event
[  765.306896][ T5085] Bluetooth: hci1: hardware error 0x00
[  767.343163][ T5085] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  769.088232][T12138] syzkaller0: entered promiscuous mode
[  769.110798][T12138] syzkaller0: entered allmulticast mode
[  769.137127][T12135] syz.0.1284 (12135) used greatest stack depth: 17864 bytes left
[  771.548877][T12163] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  771.866797][T12166] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  774.537946][T12177] tipc: Started in network mode
[  774.552844][T12177] tipc: Node identity 123a384c658c, cluster identity 4711
[  774.570928][T12177] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  774.591704][T12182] syzkaller0: entered promiscuous mode
[  774.611908][T12182] syzkaller0: entered allmulticast mode
[  774.750308][T12182] tipc: Resetting bearer <eth:syzkaller0>
[  774.789836][T12173] tipc: Resetting bearer <eth:syzkaller0>
[  774.877251][T12173] tipc: Disabling bearer <eth:syzkaller0>
[  778.323162][T12226] netlink: 52 bytes leftover after parsing attributes in process `syz.9.1301'.
[  778.364442][T12226] bridge0: port 2(bridge_slave_1) entered disabled state
[  778.372407][T12226] bridge0: port 1(bridge_slave_0) entered disabled state
[  778.409263][T12227] netlink: 76 bytes leftover after parsing attributes in process `syz.9.1301'.
[  778.450928][T12227] bridge0: port 2(bridge_slave_1) entered blocking state
[  778.458701][T12227] bridge0: port 2(bridge_slave_1) entered forwarding state
[  778.468234][T12227] bridge0: port 1(bridge_slave_0) entered blocking state
[  778.475582][T12227] bridge0: port 1(bridge_slave_0) entered forwarding state
[  778.496922][T12227] netlink: 52 bytes leftover after parsing attributes in process `syz.9.1301'.
[  778.529251][T12227] bridge0: port 2(bridge_slave_1) entered disabled state
[  778.536937][T12227] bridge0: port 1(bridge_slave_0) entered disabled state
[  779.081736][T12244] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  780.913981][ T5085] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  780.923532][ T5085] Bluetooth: hci3: Injecting HCI hardware error event
[  780.934120][ T5775] Bluetooth: hci3: hardware error 0x00
[  783.264797][T12271] loop5: detected capacity change from 0 to 1024
[  783.881020][T12271] hfsplus: bad catalog file entry
[  783.886709][T12271] hfsplus: failed to load root directory
[  784.619667][ T5775] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  785.794470][T12289] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  786.380460][T12298] tipc: Started in network mode
[  786.393024][T12298] tipc: Node identity 229cbbbd1a59, cluster identity 4711
[  786.430387][T12298] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  786.481602][T12299] syzkaller0: entered promiscuous mode
[  786.499303][T12299] syzkaller0: entered allmulticast mode
[  786.659988][T12299] tipc: Resetting bearer <eth:syzkaller0>
[  786.730132][T12297] tipc: Resetting bearer <eth:syzkaller0>
[  786.818340][T12297] tipc: Disabling bearer <eth:syzkaller0>
[  787.440857][T12326] syzkaller0: entered promiscuous mode
[  787.446808][T12326] syzkaller0: entered allmulticast mode
[  787.519458][T12328] netlink: 180 bytes leftover after parsing attributes in process `syz.5.1319'.
[  791.526416][T12360] syzkaller0: entered promiscuous mode
[  791.560753][T12360] syzkaller0: entered allmulticast mode
[  791.574736][T12359] tipc: Started in network mode
[  791.609093][T12359] tipc: Node identity 9676018eaeed, cluster identity 4711
[  791.635417][T12359] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  791.764903][T12363] syzkaller0: entered promiscuous mode
[  791.774979][T12363] syzkaller0: entered allmulticast mode
[  791.817266][T12363] tipc: Resetting bearer <eth:syzkaller0>
[  792.163783][T12355] tipc: Resetting bearer <eth:syzkaller0>
[  792.692899][T12390] gfs2: not a GFS2 filesystem
[  792.984720][T12355] tipc: Disabling bearer <eth:syzkaller0>
[  793.168784][ T5824] tipc: Node number set to 949682574
[  795.363253][T12405] loop5: detected capacity change from 0 to 32768
[  795.405672][T12405] BTRFS error: device /dev/loop5 already registered with a higher generation, found 8 expect 10
[  796.450178][ T7430] BTRFS error: device /dev/loop5 already registered with a higher generation, found 8 expect 10
[  796.647392][T12411] loop7: detected capacity change from 0 to 1024
[  797.946916][T12427] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  799.069416][T12432] ieee802154 phy0 wpan0: encryption failed: -22
[  804.263192][T12454] Bluetooth: hci0: invalid length 0, exp 2 for type 12
[  804.312982][T12457] netlink: 'syz.9.1352': attribute type 10 has an invalid length.
[  804.368580][T12457] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  804.655635][T12458] 8021q: adding VLAN 0 to HW filter on device bond1
[  804.760565][T12460] bond_slave_0: entered promiscuous mode
[  804.767405][T12460] bond_slave_1: entered promiscuous mode
[  804.773397][T12460] syz_tun: entered promiscuous mode
[  804.865256][T12467] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  805.488363][T12460] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  805.547486][T12460] bond1: (slave macvlan2): unknown ethtool speed (30000) for port 1 (set it to 0)
[  805.595469][T12460] bond1: (slave macvlan2): speed changed to 0 on port 1
[  805.615191][T12460] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[  808.464566][T12491] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1349'.
[  808.858658][T12494] loop7: detected capacity change from 0 to 1024
[  809.110805][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  809.117655][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  809.157858][ T7430] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  816.179419][T12539] loop5: detected capacity change from 0 to 2048
[  816.243012][T12542] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  818.079212][T12537] use of bytesused == 0 is deprecated and will be removed in the future,
[  818.088359][T12537] use the actual size instead.
[  818.115078][T12537] NILFS error (device loop5): nilfs_lookup: deleted inode referenced: 12
[  818.196397][T12537] Remounting filesystem read-only
[  820.387295][T12568] loop5: detected capacity change from 0 to 1024
[  820.604130][T12567] syzkaller0: entered promiscuous mode
[  822.576253][T12567] syzkaller0: entered allmulticast mode
[  825.234209][T12568] hfsplus: bad catalog file entry
[  825.276834][T12568] hfsplus: failed to load root directory
[  830.004328][T12631] syzkaller0: entered promiscuous mode
[  830.026783][T12631] syzkaller0: entered allmulticast mode
[  833.354879][T12650] loop9: detected capacity change from 0 to 8
[  833.787751][T12653] SQUASHFS error: Failed to read block 0x1ec: -5
[  833.795582][T12653] SQUASHFS error: Unable to read metadata cache entry [1ea]
[  833.901659][T12659] gfs2: not a GFS2 filesystem
[  835.515976][T12665] loop7: detected capacity change from 0 to 1024
[  836.393104][ T7430] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  838.098846][ T5775] Bluetooth: hci0: unexpected event for opcode 0x2005
[  840.005685][T12688] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  840.034509][T12688] syzkaller0: entered promiscuous mode
[  840.068638][T12688] syzkaller0: entered allmulticast mode
[  840.312062][T12699] tipc: Resetting bearer <eth:syzkaller0>
[  840.389255][T12686] tipc: Resetting bearer <eth:syzkaller0>
[  840.467601][T12686] tipc: Disabling bearer <eth:syzkaller0>
[  847.793874][T12754] netlink: 'syz.7.1405': attribute type 13 has an invalid length.
[  852.438211][T12754] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  852.448078][T12754] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  852.457847][T12754] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  852.467932][T12754] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  853.213006][T12759] netlink: 'syz.5.1407': attribute type 10 has an invalid length.
[  856.221758][T12806] ALSA: mixer_oss: invalid OSS volume ''
[  856.724063][T12812] vivid-000: =================  START STATUS  =================
[  856.754533][T12812] vivid-000: Test Pattern: 75% Colorbar
[  856.782989][T12812] vivid-000: Fill Percentage of Frame: 100
[  857.849019][T12812] vivid-000: Horizontal Movement: No Movement
[  857.891667][T12812] vivid-000: Vertical Movement: No Movement
[  857.898233][T12812] vivid-000: OSD Text Mode: All
[  857.905877][T12812] vivid-000: Show Border: false
[  857.912952][T12812] vivid-000: Show Square: false
[  857.923336][T12812] vivid-000: Sensor Flipped Horizontally: false
[  857.933932][T12812] vivid-000: Sensor Flipped Vertically: false
[  857.952484][T12812] vivid-000: Insert SAV Code in Image: false
[  857.964422][T12812] vivid-000: Insert EAV Code in Image: false
[  857.973438][T12812] vivid-000: Insert Video Guard Band: false
[  857.982508][T12812] vivid-000: Reduced Framerate: false
[  857.992601][T12812] vivid-000: Enable Capture Cropping: true
[  858.002589][T12812] vivid-000: Enable Capture Composing: true
[  858.011454][T12812] vivid-000: Enable Capture Scaler: true
[  858.020338][T12812] vivid-000: Timestamp Source: End of Frame
[  858.030087][T12812] vivid-000: Colorspace: Rec. 709
[  858.044264][T12812] vivid-000: Transfer Function: Default
[  858.070298][T12812] vivid-000: Y'CbCr Encoding: Default
[  858.083728][T12812] vivid-000: HSV Encoding: Hue 0-179
[  858.208532][T12812] vivid-000: Quantization: Default
[  858.233611][T12812] vivid-000: Apply Alpha To Red Only: false
[  858.239664][T12812] vivid-000: Standard Aspect Ratio: 4x3
[  858.283655][T12812] vivid-000: DV Timings Signal Mode: Current DV Timings
[  858.304272][T12812] vivid-000: DV Timings: 640x480p59 inactive
[  858.332957][T12812] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  858.345091][T12812] vivid-000: Maximum EDID Blocks: 2
[  858.378389][T12812] vivid-000: Limited RGB Range (16-235): true
[  858.393639][T12812] vivid-000: Rx RGB Quantization Range: Automatic
[  858.429211][T12812] vivid-000: Power Present: 0x00000001
[  858.438319][T12812] tpg source WxH: 1280x720 (Y'CbCr)
[  858.466434][T12812] tpg field: 1
[  858.472963][T12812] tpg crop: 1280x720@0x0
[  858.477452][T12812] tpg compose: 1280x720@0x0
[  858.518170][T12812] tpg colorspace: 3
[  858.523692][T12812] tpg transfer function: 0/1
[  858.528445][T12812] tpg Y'CbCr encoding: 0/2
[  858.552940][T12812] tpg quantization: 0/2
[  858.576799][T12812] tpg RGB range: 0/1
[  858.580842][T12812] vivid-000: ==================  END STATUS  ==================
[  861.825804][T12855] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1420'.
[  861.875984][T12863] loop5: detected capacity change from 0 to 1024
[  861.911839][T12855] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  861.925587][T12863] EXT4-fs: Ignoring removed orlov option
[  862.073817][T12863] EXT4-fs (loop5): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  862.215622][T12863] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  864.981908][T11779] IPVS: starting estimator thread 0...
[  865.103148][T12895] IPVS: using max 16 ests per chain, 38400 per kthread
[  865.302146][ T8135] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  865.454675][T12908] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  866.904390][   T28] audit: type=1326 audit(1770443571.419:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12911 comm="syz.7.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7059aeb9 code=0x7ffc0000
[  866.933497][   T28] audit: type=1326 audit(1770443571.419:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12911 comm="syz.7.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7059aeb9 code=0x7ffc0000
[  866.978753][   T28] audit: type=1326 audit(1770443571.419:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12911 comm="syz.7.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f5c7059aeb9 code=0x7ffc0000
[  867.218055][   T28] audit: type=1326 audit(1770443571.429:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12911 comm="syz.7.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7059aeb9 code=0x7ffc0000
[  867.353050][   T28] audit: type=1326 audit(1770443571.429:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12911 comm="syz.7.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7059aeb9 code=0x7ffc0000
[  867.403230][   T28] audit: type=1326 audit(1770443571.439:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12911 comm="syz.7.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f5c7059aeb9 code=0x7ffc0000
[  869.246874][T12935] loop5: detected capacity change from 0 to 128
[  869.329476][T12935] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  869.384770][T12935] hpfs: filesystem error: improperly stopped
[  869.391032][T12935] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  869.400276][T12939] loop9: detected capacity change from 0 to 128
[  869.434685][T12935] hpfs: You really don't want any checks? You are crazy...
[  869.467104][T12935] hpfs: hpfs_map_sector(): read error
[  869.483265][T12941] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  869.496610][T12939] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  869.521441][T12935] hpfs: code page support is disabled
[  869.570590][T12935] hpfs: hpfs_map_4sectors(): unaligned read
[  869.622340][T12939] ext4 filesystem being mounted at /38/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  869.633075][T12935] hpfs: hpfs_map_4sectors(): unaligned read
[  869.743077][T12935] hpfs: filesystem error: unable to find root dir
[  870.143233][T12951] "syz.9.1439" (12951) uses obsolete ecb(arc4) skcipher
[  870.565787][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  870.579009][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  870.808231][T11627] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  883.717625][T13010] loop5: detected capacity change from 0 to 128
[  883.734814][T13010] EXT4-fs (loop5): Test dummy encryption mode enabled
[  883.819267][T13010] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  883.939134][T13010] ext4 filesystem being mounted at /269/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  886.094582][ T8135] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  887.269983][T13037] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  887.306419][T13037] loop5: detected capacity change from 0 to 2048
[  887.434006][T13037] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  892.069022][T13080] xt_TCPMSS: Only works on TCP SYN packets
[  892.630503][T13075] loop5: detected capacity change from 0 to 32768
[  892.838910][T13075] XFS (loop5): DAX unsupported by block device. Turning off DAX.
[  892.853826][T13075] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  893.138105][T13075] XFS (loop5): Torn write (CRC failure) detected at log block 0x40. Truncating head block from 0x50.
[  893.277314][T13075] XFS (loop5): Starting recovery (logdev: internal)
[  893.353103][T13075] XFS (loop5): Ending recovery (logdev: internal)
[  893.363946][T13075] XFS (loop5): Quotacheck needed: Please wait.
[  893.614745][T13075] XFS (loop5): Quotacheck: Done.
[  893.869840][ T8135] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  896.173098][T13127] IPVS: Error connecting to the multicast addr
[  897.023059][T13134] netlink: 36 bytes leftover after parsing attributes in process `syz.9.1468'.
[  900.306687][T13154] netlink: 'syz.9.1472': attribute type 10 has an invalid length.
[  901.526699][T13159] loop7: detected capacity change from 0 to 1024
[  901.655333][T13159] EXT4-fs: inline encryption not supported
[  901.755289][T13159] EXT4-fs: inline encryption not supported
[  901.896006][T13159] EXT4-fs: Ignoring removed nobh option
[  901.974894][T13159] EXT4-fs: Ignoring removed nomblk_io_submit option
[  902.070444][T13159] ext4: Unknown parameter 'nodioread_'
[  904.580216][T13178] loop9: detected capacity change from 0 to 512
[  904.625462][T13178] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  904.734775][T11779] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  904.976878][T13178] EXT4-fs (loop9): 1 truncate cleaned up
[  905.097267][T13178] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  905.213664][T11779] usb 6-1: no configurations
[  905.218351][T11779] usb 6-1: can't read configurations, error -22
[  906.576512][T11779] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  906.623618][T13200] netlink: 320 bytes leftover after parsing attributes in process `syz.5.1479'.
[  907.418999][T13200] nbd0: detected capacity change from 0 to 127
[  907.450977][T11627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  907.468270][ T5775] block nbd0: Receive control failed (result -32)
[  907.651781][T13201] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1479'.
[  907.749258][   T10] block nbd0: Dead connection, failed to find a fallback
[  907.757425][   T10] block nbd0: shutting down sockets
[  907.783046][   T10] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  907.793638][   T10] Buffer I/O error on dev nbd0, logical block 0, async page read
[  907.804132][   T10] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 3 prio class 2
[  907.813709][   T10] Buffer I/O error on dev nbd0, logical block 1, async page read
[  907.822045][   T10] Buffer I/O error on dev nbd0, logical block 2, async page read
[  907.830158][   T10] Buffer I/O error on dev nbd0, logical block 3, async page read
[  907.976423][   T10] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  908.006367][   T10] Buffer I/O error on dev nbd0, logical block 0, async page read
[  908.028915][   T10] Buffer I/O error on dev nbd0, logical block 1, async page read
[  908.039038][   T10] Buffer I/O error on dev nbd0, logical block 2, async page read
[  908.048187][   T10] Buffer I/O error on dev nbd0, logical block 3, async page read
[  908.067152][   T10] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  908.083037][   T10] Buffer I/O error on dev nbd0, logical block 0, async page read
[  908.091778][   T10] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 3 prio class 2
[  908.114845][   T10] Buffer I/O error on dev nbd0, logical block 1, async page read
[  908.143613][   T10] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  908.155452][   T10] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 3 prio class 2
[  908.183577][   T10] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  908.196703][   T10] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 3 prio class 2
[  908.286979][   T10] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  908.333501][T13012] ldm_validate_partition_table(): Disk read failed.
[  908.424052][T13012] Dev nbd0: unable to read RDB block 0
[  908.482241][T13012]  nbd0: unable to read partition table
[  908.823373][T13225] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1483'.
[  909.264951][T13012] ldm_validate_partition_table(): Disk read failed.
[  909.530635][T13012] Dev nbd0: unable to read RDB block 0
[  909.760180][T13232] loop5: detected capacity change from 0 to 256
[  909.893045][T13012]  nbd0: unable to read partition table
[  910.045355][T13232] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  910.358655][T13242] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1487'.
[  910.981451][T13246] bond0: entered promiscuous mode
[  910.987107][T13246] bond_slave_0: entered promiscuous mode
[  910.993819][T13246] bond_slave_1: entered promiscuous mode
[  911.000564][T13246] bond0: left allmulticast mode
[  911.015833][T13247] xt_socket: unknown flags 0xc
[  911.048505][T13244] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  912.787374][T13255] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  914.991068][T13276] loop7: detected capacity change from 0 to 512
[  915.079520][T13012] udevd: attempt to access beyond end of device
[  915.079520][T13012] loop7: rw=524288, sector=0, nr_sectors = 8 limit=0
[  915.978772][T13288] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  916.577337][T13292] comedi comedi0: Minor 6 could not be opened
[  920.072186][T13324] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  926.995515][T13379] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  928.379100][T13387] loop7: detected capacity change from 0 to 512
[  928.419193][T13388] loop5: detected capacity change from 0 to 128
[  928.638789][T13390] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  931.443815][T13390] syzkaller0: entered promiscuous mode
[  931.467207][T13390] syzkaller0: entered allmulticast mode
[  931.490166][ T5955] tipc: Node number set to 2008430668
[  931.876276][T13398] tipc: Resetting bearer <eth:syzkaller0>
[  932.411489][T13410] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  932.436162][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  932.442980][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  932.725519][T13389] tipc: Resetting bearer <eth:syzkaller0>
[  933.020419][T13389] tipc: Disabling bearer <eth:syzkaller0>
[  936.080735][T13440] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1522'.
[  936.095091][T13442] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1522'.
[  946.321161][T13485] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  947.304609][T13496] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1526'.
[  947.571518][T13504] loop5: detected capacity change from 0 to 512
[  947.659498][T13504] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  947.779852][T13504] EXT4-fs (loop5): invalid journal inode
[  947.942928][T13504] EXT4-fs (loop5): can't get journal size
[  948.189780][T13504] EXT4-fs (loop5): 1 truncate cleaned up
[  948.885488][T13504] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  949.602805][T13521] trusted_key: encrypted_key: master key parameter 'defa' is invalid
[  950.979421][ T8135] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  950.992770][T13521] 8021q: adding VLAN 0 to HW filter on device bond0
[  951.024873][T13521] bond0: (slave rose0): Enslaving as an active interface with an up link
[  951.895172][T13533] loop5: detected capacity change from 0 to 1024
[  951.920282][T13535] loop9: detected capacity change from 0 to 512
[  951.959984][T13535] EXT4-fs (loop9): filesystem is read-only
[  952.479848][T13542] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  952.499236][T13542] syzkaller0: entered promiscuous mode
[  952.511029][T13542] syzkaller0: entered allmulticast mode
[  952.542019][T13542] tipc: Resetting bearer <eth:syzkaller0>
[  952.557479][T13547] loop7: detected capacity change from 0 to 64
[  952.655850][T13548] loop5: detected capacity change from 0 to 1024
[  952.694329][T13548] hfsplus: bad catalog file entry
[  952.699810][T13548] hfsplus: failed to load root directory
[  953.763766][T13479] blk_print_req_error: 91 callbacks suppressed
[  953.763786][T13479] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  953.773206][T13541] tipc: Resetting bearer <eth:syzkaller0>
[  954.018462][T13541] tipc: Disabling bearer <eth:syzkaller0>
[  954.459171][T13558] loop5: detected capacity change from 0 to 8192
[  954.716781][T13572] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  955.422954][T13479] I/O error, dev loop5, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  955.798990][T13580] loop9: detected capacity change from 0 to 1024
[  955.819915][T13580] EXT4-fs: inline encryption not supported
[  955.852795][T13580] EXT4-fs: inline encryption not supported
[  956.121230][T13580] EXT4-fs: Ignoring removed nobh option
[  956.274007][T13580] EXT4-fs: Ignoring removed nomblk_io_submit option
[  956.476621][T13580] ext4: Unknown parameter 'nodioread_'
[  957.742391][T13594] loop7: detected capacity change from 0 to 8192
[  959.819151][T13629] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  960.481593][T13632] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  960.921601][T13623] MTD: Couldn't look up '': -22
[  961.764787][T13623] ubi31: attaching mtd0
[  961.774780][T13623] ubi31: scanning is finished
[  961.779581][T13623] ubi31: empty MTD device detected
[  962.474164][T13639] tty tty31: ldisc open failed (-12), clearing slot 30
[  962.638896][T13623] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  962.646861][T13623] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  962.654370][T13623] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  962.661482][T13623] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  962.669118][T13623] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  962.676775][T13623] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  962.685075][T13623] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 4244622053
[  962.695714][T13623] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  962.709442][T13648] ubi31: background thread "ubi_bgt31d" started, PID 13648
[  962.991088][T13655] loop7: detected capacity change from 0 to 128
[  963.522179][T13665] loop5: detected capacity change from 0 to 1024
[  963.625575][T13665] hfsplus: bad catalog file entry
[  963.631062][T13665] hfsplus: failed to load root directory
[  964.550384][T11591] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  965.804061][T11591] usb 10-1: Using ep0 maxpacket: 32
[  965.817892][T11591] usb 10-1: unable to get BOS descriptor or descriptor too short
[  965.833066][T11591] usb 10-1: config 64 has an invalid interface number: 5 but max is 1
[  965.878895][T13688] comedi comedi0: Minor 6 could not be opened
[  965.962893][T11591] usb 10-1: config 64 has an invalid interface number: 2 but max is 1
[  965.971471][T11591] usb 10-1: config 64 has no interface number 0
[  965.978755][T11591] usb 10-1: config 64 has no interface number 1
[  965.985602][T11591] usb 10-1: config 64 interface 5 has no altsetting 0
[  966.024705][T11591] usb 10-1: New USB device found, idVendor=0582, idProduct=0120, bcdDevice=cf.3d
[  966.065434][T11591] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  966.074543][T11591] usb 10-1: Product: syz
[  966.079474][T11591] usb 10-1: Manufacturer: syz
[  966.085553][T11591] usb 10-1: SerialNumber: syz
[  966.460870][T11591] usb 10-1: Quirk or no altest; falling back to MIDI 1.0
[  966.468888][T11591] snd-usb-audio: probe of 10-1:64.5 failed with error -2
[  966.488279][T11591] usb 10-1: Quirk or no altest; falling back to MIDI 1.0
[  967.027459][T13707] loop5: detected capacity change from 0 to 512
[  967.300285][T13707] EXT4-fs error (device loop5): ext4_orphan_get:1398: inode #15: comm syz.5.1577: inode has both inline data and extents flags
[  967.340916][T11591] snd-usb-audio: probe of 10-1:64.2 failed with error -2
[  967.396905][T13716] loop9: detected capacity change from 0 to 64
[  967.437395][T13707] EXT4-fs error (device loop5): ext4_orphan_get:1403: comm syz.5.1577: couldn't read orphan inode 15 (err -117)
[  967.450873][T11591] usb 10-1: USB disconnect, device number 2
[  967.464347][T13716] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  967.501140][T13707] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  967.626477][T13479] udevd[13479]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:64.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  967.919476][T13719] loop7: detected capacity change from 0 to 4096
[  970.542793][T11443] usb 10-1: new full-speed USB device number 3 using dummy_hcd
[  970.804799][T11443] usb 10-1: not running at top speed; connect to a high speed hub
[  970.942211][T11443] usb 10-1: config 1 interface 0 altsetting 5 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  970.974179][T11443] usb 10-1: config 1 interface 0 altsetting 5 endpoint 0x3 has invalid maxpacket 1024, setting to 64
[  970.993026][ T8135] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  971.013177][T11443] usb 10-1: config 1 interface 0 has no altsetting 0
[  971.152909][T11443] usb 10-1: string descriptor 0 read error: -71
[  971.159553][T11443] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  971.201075][T11443] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  971.251142][T11443] usb 10-1: can't set config #1, error -71
[  971.298032][T11443] usb 10-1: USB disconnect, device number 3
[  973.205146][T13761] loop9: detected capacity change from 0 to 512
[  973.276119][T13761] EXT4-fs error (device loop9): ext4_orphan_get:1398: inode #15: comm syz.9.1591: inode has both inline data and extents flags
[  973.329754][T13767] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1594'.
[  973.335644][T13761] EXT4-fs error (device loop9): ext4_orphan_get:1403: comm syz.9.1591: couldn't read orphan inode 15 (err -117)
[  973.339001][T13767] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1594'.
[  973.440546][T13761] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  973.474599][T13772] loop5: detected capacity change from 0 to 1024
[  973.523678][T13772] hfsplus: bad catalog file entry
[  973.528962][T13772] hfsplus: failed to load root directory
[  975.744524][T13779] loop5: detected capacity change from 0 to 8192
[  976.053598][T13479] I/O error, dev loop5, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  976.323903][T11627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  978.096300][T13804] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1601'.
[  978.247795][T13804] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1601'.
[  979.425044][T13819] loop5: detected capacity change from 0 to 512
[  979.473128][T11591] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  979.582278][T13819] EXT4-fs error (device loop5): ext4_orphan_get:1398: inode #15: comm syz.5.1608: inode has both inline data and extents flags
[  979.864759][T13819] EXT4-fs error (device loop5): ext4_orphan_get:1403: comm syz.5.1608: couldn't read orphan inode 15 (err -117)
[  979.901417][T11591] usb 8-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  979.920449][T13819] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  980.286090][T11591] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  980.298979][T11591] usb 8-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  980.326908][T11591] usb 8-1: config 1 has no interface number 1
[  981.737513][T11591] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  981.751626][T11591] usb 8-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  981.859945][T11591] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  981.901840][T11591] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  981.922779][T11591] usb 8-1: Product: syz
[  981.941480][T11591] usb 8-1: Manufacturer: syz
[  981.948989][ T8135] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  981.958874][T11591] usb 8-1: SerialNumber: syz
[  982.510721][T13842] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  982.701806][T13844] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  983.513011][T11591] usb 8-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  983.530901][T11591] usb 8-1: MIDIStreaming interface descriptor not found
[  983.639100][T11591] usb 8-1: USB disconnect, device number 7
[  983.815423][T13854] udevd[13854]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  984.380753][T13850] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  984.434826][T13861] syzkaller0: entered promiscuous mode
[  984.504935][T13861] syzkaller0: entered allmulticast mode
[  984.558143][T13850] tipc: Resetting bearer <eth:syzkaller0>
[  984.660108][T13848] tipc: Resetting bearer <eth:syzkaller0>
[  984.704886][T13869] netlink: 'syz.5.1618': attribute type 2 has an invalid length.
[  984.754815][T13869] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1618'.
[  984.834372][T13848] tipc: Disabling bearer <eth:syzkaller0>
[  985.314996][T13883] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  986.730956][T13911] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1631'.
[  987.547290][T13940] (unnamed net_device) (uninitialized): option lp_interval: invalid value (18446744073709551611)
[  987.572685][T13940] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647
[  988.413076][T13972] x_tables: unsorted underflow at hook 1
[  988.707759][T13981] vcan1: entered promiscuous mode
[  988.747896][T13986] libceph: resolve '0.' (ret=-3): failed
[  989.219457][T14003] printk: syz.0.1669 (14003): Attempt to access syslog with CAP_SYS_ADMIN but no CAP_SYSLOG (deprecated).
[  989.375056][T14010] loop9: detected capacity change from 0 to 256
[  989.686128][T14019] loop5: detected capacity change from 0 to 512
[  989.710675][T14019] EXT4-fs error (device loop5): ext4_orphan_get:1398: inode #15: comm syz.5.1678: inode has both inline data and extents flags
[  989.763041][T14025] usb usb8: usbfs: interface 0 claimed by hub while 'syz.7.1679' sets config #0
[  989.780569][T14019] EXT4-fs error (device loop5): ext4_orphan_get:1403: comm syz.5.1678: couldn't read orphan inode 15 (err -117)
[  989.837891][T14019] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  990.006595][ T8135] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  990.242297][T14040] loop7: detected capacity change from 0 to 256
[  990.547954][T14049] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1691'.
[  990.603071][T14049] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1691'.
[  990.747734][T14054] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  992.037721][T14070] loop5: detected capacity change from 0 to 4096
[  992.054764][T14070] ntfs: (device loop5): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1.
[  992.172869][T14070] ntfs: volume version 3.1.
[  992.214430][T14070] ntfs: (device loop5): ntfs_lookup_inode_by_name(): Size of index buffer (VCN 0x0) of directory inode 0x5 exceeds maximum size.
[  992.214461][T12979] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  992.261210][T14076] loop9: detected capacity change from 0 to 1024
[  992.279215][T14076] hfsplus: bad catalog file entry
[  992.284571][T14076] hfsplus: failed to load root directory
[  992.387840][T14070] ntfs: (device loop5): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  992.442735][T14070] ntfs: (device loop5): load_system_files(): Failed to determine if Windows is hibernated.  Mounting read-only.  Run chkdsk.
[  992.532883][T12979] usb 8-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  992.581801][T12979] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  992.605368][T12979] usb 8-1: Product: syz
[  992.609865][T12979] usb 8-1: Manufacturer: syz
[  992.618342][T14070] ntfs: (device loop5): ntfs_readdir(): Size of index buffer (VCN 0x0) of directory inode 0x5 exceeds maximum size.
[  992.642024][T12979] usb 8-1: SerialNumber: syz
[  992.652143][T14077] loop9: detected capacity change from 0 to 8192
[  992.696561][T13515] I/O error, dev loop9, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  993.022425][T14080] loop5: detected capacity change from 0 to 1024
[  993.037418][T14080] hfsplus: bad catalog file entry
[  993.042866][T14080] hfsplus: failed to load root directory
[  993.314870][T12979] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71
[  993.332867][T12979] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -71
[  993.362780][T12979] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  993.375694][T12979] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  994.015817][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  994.036418][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  994.541497][T12979] lan78xx: probe of 8-1:1.0 failed with error -71
[  994.613358][T14096] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  995.076709][T12979] usb 8-1: USB disconnect, device number 8
[  995.242893][T14098] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1709'.
[  995.276542][T14098] netlink: 56 bytes leftover after parsing attributes in process `syz.7.1709'.
[  995.640366][T12979] kernel write not supported for file /sysvipc/sem (pid: 12979 comm: kworker/1:8)
[  995.724542][T14115] loop5: detected capacity change from 0 to 1024
[  995.738318][T14115] hfsplus: bad catalog file entry
[  995.744292][T14115] hfsplus: failed to load root directory
[  995.986235][T14117] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  997.846924][T14123] loop9: detected capacity change from 0 to 2048
[  997.888512][T14123] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  998.029313][T14129] loop5: detected capacity change from 0 to 64
[  998.286304][T14135] loop5: detected capacity change from 0 to 1024
[  998.340619][T14135] hfsplus: request for non-existent node 3 in B*Tree
[  998.362375][T14135] hfsplus: request for non-existent node 3 in B*Tree
[  998.591471][T14137] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  999.533546][T14143] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  999.545442][T14147] loop5: detected capacity change from 0 to 1024
[  999.551639][T14143] syzkaller0: entered promiscuous mode
[  999.560717][T14143] syzkaller0: entered allmulticast mode
[  999.590254][T14147] hfsplus: bad catalog file entry
[  999.596538][T14147] hfsplus: failed to load root directory
[  999.615300][T14143] tipc: Resetting bearer <eth:syzkaller0>
[  999.673469][T14142] tipc: Resetting bearer <eth:syzkaller0>
[  999.843831][T14142] tipc: Disabling bearer <eth:syzkaller0>
[ 1000.316535][T14149] loop5: detected capacity change from 0 to 8192
[ 1000.516449][T14125] loop7: detected capacity change from 0 to 32768
[ 1000.651074][T13515] I/O error, dev loop7, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1004.323296][T14201] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1004.656906][T14215] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1744'.
[ 1004.719606][T14216] netlink: 4083 bytes leftover after parsing attributes in process `syz.9.1746'.
[ 1004.969840][T14216] netlink: 4083 bytes leftover after parsing attributes in process `syz.9.1746'.
[ 1005.087471][T14211] netlink: 4083 bytes leftover after parsing attributes in process `syz.9.1746'.
[ 1006.248417][T14235] loop7: detected capacity change from 0 to 256
[ 1006.308649][T14235] exfat: Deprecated parameter 'utf8'
[ 1006.361329][T14235] exfat: Deprecated parameter 'namecase'
[ 1006.375156][T14235] exfat: Deprecated parameter 'namecase'
[ 1006.387394][T14235] exfat: Deprecated parameter 'utf8'
[ 1006.402115][T14237] loop9: detected capacity change from 0 to 16
[ 1006.454468][T14237] erofs: (device loop9): mounted with root inode @ nid 36.
[ 1006.755401][T14240] loop7: detected capacity change from 0 to 1024
[ 1006.991308][T14242] loop5: detected capacity change from 0 to 2048
[ 1007.070681][T14242] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1007.520491][T14251] loop7: detected capacity change from 0 to 8192
[ 1007.922440][T14242] ext4 filesystem being mounted at /351/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1008.184534][ T8135] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1008.730553][T14265] loop7: detected capacity change from 0 to 4096
[ 1009.504263][T14273] loop7: detected capacity change from 0 to 1024
[ 1010.377300][T14275] loop7: detected capacity change from 0 to 8192
[ 1010.741317][T13479] I/O error, dev loop7, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1010.748263][T14261] loop5: detected capacity change from 0 to 32768
[ 1011.092869][T14261] XFS (loop5): DAX unsupported by block device. Turning off DAX.
[ 1011.374734][T14261] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1011.960128][T14261] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop5": -EINTR
[ 1011.999554][T14261] XFS (loop5): log mount failed
[ 1012.611171][T14298] loop7: detected capacity change from 0 to 1024
[ 1012.708963][T14302] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1013.573208][T13515] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1016.004926][T14336] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1018.507737][T14347] loop9: detected capacity change from 0 to 1024
[ 1018.625503][T14347] EXT4-fs (loop9): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[ 1018.654556][T14347] ext4 filesystem being mounted at /124/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1018.915892][   T28] audit: type=1800 audit(1770443724.279:233): pid=14347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1786" name="file1" dev="loop9" ino=15 res=0 errno=0
[ 1018.980449][T11627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[ 1019.628952][T14377] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[ 1020.229593][ T5838] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[ 1020.548712][T14384] loop5: detected capacity change from 0 to 2048
[ 1020.602741][ T5838] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1020.850387][T14384] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1020.918168][ T5838] usb 10-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1021.488734][   T28] audit: type=1800 audit(1770443726.839:234): pid=14384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1799" name=D54AE4933AD529888FDAC7BB8A70C72BC0FC81BA06506F2D5BC7686E219BBE5283959CBEF9950E071CB6D9F341FC624A5110341F26CEBD71 dev="loop5" ino=1450 res=0 errno=0
[ 1021.489935][ T5838] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1021.542537][ T5838] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1021.607376][ T5838] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1021.631852][ T5838] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1021.653174][ T5838] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1021.682850][ T5838] usb 10-1: Product: syz
[ 1021.687361][ T5838] usb 10-1: Manufacturer: syz
[ 1021.726063][ T5838] cdc_wdm 10-1:1.0: skipping garbage
[ 1021.731696][ T5838] cdc_wdm 10-1:1.0: skipping garbage
[ 1021.779454][T14394] loop7: detected capacity change from 0 to 1024
[ 1021.780419][ T5838] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device
[ 1021.793727][T14394] EXT4-fs: Ignoring removed orlov option
[ 1021.808731][ T5838] cdc_wdm 10-1:1.0: Unknown control protocol
[ 1021.812248][T14394] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1021.999370][    C1] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[ 1022.011777][    C1] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[ 1022.012782][T11591] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[ 1022.018796][    C1] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[ 1022.033896][    C1] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[ 1022.041638][    C1] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[ 1022.048931][    C1] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[ 1022.055828][    C1] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[ 1022.063084][    C1] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[ 1022.069860][    C1] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[ 1022.076864][    C1] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[ 1022.084154][    C1] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[ 1022.090986][    C1] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[ 1022.098361][ T5838] usb 10-1: USB disconnect, device number 4
[ 1022.104480][    C1] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[ 1022.104505][    C1] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[ 1022.104517][    C1] cdc_wdm 10-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[ 1023.402776][T11591] usb 6-1: Using ep0 maxpacket: 32
[ 1023.411700][T11591] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[ 1023.422455][T11591] usb 6-1: config 0 has no interface number 0
[ 1023.448721][T11591] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1023.458710][T11591] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1023.469282][T11591] usb 6-1: Product: syz
[ 1023.497113][T11591] usb 6-1: Manufacturer: syz
[ 1023.502238][T11591] usb 6-1: SerialNumber: syz
[ 1023.538364][T11591] usb 6-1: config 0 descriptor??
[ 1023.556331][T11591] smsc95xx v2.0.0
[ 1023.995123][T11591] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1024.022925][T11591] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1024.476329][T11591] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 1024.521487][T11591] smsc95xx: probe of 6-1:0.67 failed with error -71
[ 1024.560880][T11591] usb 6-1: USB disconnect, device number 18
[ 1025.993904][T14450] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[ 1026.253158][T14453] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[ 1026.884127][T14462] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1822'.
[ 1027.863381][T14470] netlink: 'syz.7.1828': attribute type 1 has an invalid length.
[ 1027.877648][T14470] nbd: error processing sock list
[ 1027.912949][T14470] block nbd1: shutting down sockets
[ 1030.134468][T14502] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1836'.
[ 1031.057960][T14523] loop5: detected capacity change from 0 to 1024
[ 1031.152148][T14523] hfsplus: bad catalog file entry
[ 1031.158156][T14523] hfsplus: failed to load root directory
[ 1031.422507][T14525] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1032.655727][T14537] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1847'.
[ 1034.294544][T14563] loop7: detected capacity change from 0 to 1024
[ 1035.025053][T14567] loop7: detected capacity change from 0 to 8192
[ 1036.088278][   T28] audit: type=1326 audit(1770443741.449:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14587 comm="syz.9.1861" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4693d9aeb9 code=0x0
[ 1036.123434][T11591] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[ 1036.183141][T14590] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1036.202499][T14590] syzkaller0: entered promiscuous mode
[ 1036.211961][T14590] syzkaller0: entered allmulticast mode
[ 1036.290572][T14590] tipc: Resetting bearer <eth:syzkaller0>
[ 1036.307883][T14589] tipc: Resetting bearer <eth:syzkaller0>
[ 1036.346023][T14589] tipc: Disabling bearer <eth:syzkaller0>
[ 1036.351050][T11591] usb 6-1: config 0 has no interfaces?
[ 1036.370313][T11591] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1036.393095][T11591] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1036.401685][T11591] usb 6-1: Product: syz
[ 1036.422975][T11591] usb 6-1: Manufacturer: syz
[ 1036.436571][T11591] usb 6-1: SerialNumber: syz
[ 1036.445081][T11591] usb 6-1: config 0 descriptor??
[ 1036.763831][T12790] usb 6-1: USB disconnect, device number 19
[ 1037.068763][T14605] loop9: detected capacity change from 0 to 256
[ 1037.111735][T14605] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xd509bb81, utbl_chksum : 0xe619d30d)
[ 1039.814829][T14617] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1039.877781][T14617] syzkaller0: entered promiscuous mode
[ 1039.905335][T14617] syzkaller0: entered allmulticast mode
[ 1040.040927][T14616] tipc: Resetting bearer <eth:syzkaller0>
[ 1040.167335][T14616] tipc: Disabling bearer <eth:syzkaller0>
[ 1040.858807][T12790] IPVS: starting estimator thread 0...
[ 1040.952852][T14636] IPVS: using max 22 ests per chain, 52800 per kthread
[ 1042.602837][T14630] loop5: detected capacity change from 0 to 40427
[ 1042.635138][T14630] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[ 1043.101662][T14654] loop9: detected capacity change from 0 to 8192
[ 1043.184535][T14630] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[ 1043.458981][T14656] syzkaller0: entered promiscuous mode
[ 1043.516684][T14656] syzkaller0: entered allmulticast mode
[ 1043.545443][T14630] F2FS-fs (loop5): invalid crc value
[ 1043.570896][T14630] F2FS-fs (loop5): Failed to start F2FS issue_checkpoint_thread (-4)
[ 1043.893962][T14661] kvm: user requested TSC rate below hardware speed
[ 1044.270527][T14671] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1889'.
[ 1046.652985][T14688] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1047.145248][T14704] pimreg: entered allmulticast mode
[ 1047.169736][T14704] pimreg: left allmulticast mode
[ 1047.506657][T14713] loop9: detected capacity change from 0 to 512
[ 1047.526272][T14713] EXT4-fs: Ignoring removed i_version option
[ 1047.550294][T14713] EXT4-fs: Ignoring removed bh option
[ 1047.611630][T14713] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1047.628748][T14713] ext4 filesystem being mounted at /156/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1048.601931][T14727] loop7: detected capacity change from 0 to 32768
[ 1048.623430][T11627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1049.251463][T14750] loop7: detected capacity change from 0 to 4096
[ 1050.844786][T14769] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[ 1051.204786][T14766] loop9: detected capacity change from 0 to 8192
[ 1051.448143][T13479] I/O error, dev loop9, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1051.965415][   T11] tipc: Left network mode
[ 1054.016121][   T28] audit: type=1326 audit(1770443759.309:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14800 comm="syz.5.1931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e50d9aeb9 code=0x7fc00000
[ 1054.490271][T14824] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1054.504377][T14824] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1054.515333][T14824] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1054.524795][T14824] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1054.539154][T14824] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1054.554039][T14824] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1054.885298][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.911200][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[ 1055.643702][T14839] tipc: Failed to remove unknown binding: 66,1,1/0:1351835599/1351835601
[ 1055.667344][T14839] tipc: Failed to remove unknown binding: 66,1,1/0:1351835599/1351835601
[ 1055.894902][   T11] hsr_slave_0: left promiscuous mode
[ 1055.919261][   T11] hsr_slave_1: left promiscuous mode
[ 1056.625499][T14824] Bluetooth: hci2: command tx timeout
[ 1058.723153][T14824] Bluetooth: hci2: command tx timeout
[ 1058.895014][T14902] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[ 1060.804518][ T5775] Bluetooth: hci2: command tx timeout
[ 1062.625304][T14924] team0: Port device vlan1 added
[ 1062.668507][T14936] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1967'.
[ 1062.873993][ T5775] Bluetooth: hci2: command tx timeout
[ 1063.313174][T14950] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1063.686663][T14950] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1063.749927][T14821] chnl_net:caif_netlink_parms(): no params data found
[ 1063.863104][T14945] loop9: detected capacity change from 0 to 40427
[ 1063.947461][T14950] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1063.951904][T14945] F2FS-fs (loop9): build fault injection attr: rate: 25, type: 0x7ffff
[ 1063.998006][T14945] F2FS-fs (loop9): build fault injection attr: rate: 0, type: 0x7698c
[ 1064.037863][T14945] F2FS-fs (loop9): invalid crc value
[ 1064.062566][T14945] F2FS-fs (loop9): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x21d/0x9b0
[ 1064.095321][T14950] bridge0: port 3(netdevsim0) entered disabled state
[ 1064.137264][T14945] F2FS-fs (loop9): Found nat_bits in checkpoint
[ 1064.244670][T14950] netdevsim netdevsim0 netdevsim0 (unregistering): left allmulticast mode
[ 1064.253042][T14945] F2FS-fs (loop9): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x68b/0x9b0
[ 1064.277054][T14950] netdevsim netdevsim0 netdevsim0 (unregistering): left promiscuous mode
[ 1064.298526][T14945] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[ 1064.309989][T14950] bridge0: port 3(netdevsim0) entered disabled state
[ 1064.448192][T14945] F2FS-fs (loop9): inject dquot initialize in f2fs_dquot_initialize of f2fs_new_inode+0x509/0x1030
[ 1064.574040][    C1] F2FS-fs (loop9): inject write IO error in f2fs_write_end_io of blk_update_request+0x597/0xe40
[ 1064.586563][    C1] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[ 1064.594602][T11627] F2FS-fs (loop9): do_checkpoint failed err:-5, stop checkpoint
[ 1064.786086][T14821] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1064.812885][T14821] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1064.823048][T14821] bridge_slave_0: entered allmulticast mode
[ 1064.841843][T14821] bridge_slave_0: entered promiscuous mode
[ 1064.856192][T14821] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1064.873326][T14821] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1064.893138][T14821] bridge_slave_1: entered allmulticast mode
[ 1064.911773][T14821] bridge_slave_1: entered promiscuous mode
[ 1064.950600][T14950] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1065.044773][T14950] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1065.278951][T14950] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.071066][T14821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1066.171352][T14950] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.209286][T14821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1066.266039][T14821] team0: Port device team_slave_0 added
[ 1066.279447][T14992] pimreg: entered allmulticast mode
[ 1066.292904][T14821] team0: Port device team_slave_1 added
[ 1066.307443][T14992] pimreg: left allmulticast mode
[ 1066.368586][T14821] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1066.398738][T14821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1066.484859][T14821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1066.520502][T14821] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1066.533935][T14821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1066.561590][T14821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1067.194941][T14821] hsr_slave_0: entered promiscuous mode
[ 1067.228471][T14821] hsr_slave_1: entered promiscuous mode
[ 1067.265293][T14821] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1067.295581][T14821] Cannot create hsr debugfs directory
[ 1067.347374][T15006] loop5: detected capacity change from 0 to 512
[ 1068.255085][T15008] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1979'.
[ 1068.335189][T15006] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1068.378231][T15006] ext4 filesystem being mounted at /404/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1068.551869][   T28] audit: type=1800 audit(1770443773.909:237): pid=15006 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1980" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1068.843860][ T8135] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1071.159232][T15043] pimreg: entered allmulticast mode
[ 1071.185544][T15044] pimreg: left allmulticast mode
[ 1071.310080][T15049] loop5: detected capacity change from 0 to 1024
[ 1071.321076][T15049] hfsplus: bad catalog file entry
[ 1071.326421][T15049] hfsplus: failed to load root directory
[ 1072.055297][T15053] loop5: detected capacity change from 0 to 8192
[ 1073.553330][T15062] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1988'.
[ 1074.179741][T15079] loop9: detected capacity change from 0 to 2048
[ 1074.200597][T14821] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1074.235686][T14821] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1074.262323][T14821] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1074.286880][T15079] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1074.299981][T14821] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1074.313725][ T5827] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[ 1074.497286][T15094] EXT4-fs warning (device loop9): ext4_dirblock_csum_set:427: inode #2: comm syz.9.1993: No space for directory leaf checksum. Please run e2fsck -D.
[ 1074.553165][ T5827] usb 6-1: Using ep0 maxpacket: 32
[ 1074.578455][ T5827] usb 6-1: config 4 has an invalid descriptor of length 49, skipping remainder of the config
[ 1074.603123][ T5827] usb 6-1: config 4 has 0 interfaces, different from the descriptor's value: 9
[ 1074.639182][ T5827] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1074.656753][T14821] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1074.664933][ T5827] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1074.685031][ T5827] usb 6-1: Product: syz
[ 1074.700067][ T5827] usb 6-1: Manufacturer: syz
[ 1074.712027][ T5827] usb 6-1: SerialNumber: syz
[ 1074.722190][T14821] 8021q: adding VLAN 0 to HW filter on device team0
[ 1074.778771][ T1086] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1074.786409][ T1086] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1074.820350][ T2966] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1074.827805][ T2966] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1074.944255][ T5827] usb 6-1: USB disconnect, device number 20
[ 1075.049684][T11627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1075.275452][T15106] loop9: detected capacity change from 0 to 1024
[ 1075.339513][T15106] hfsplus: bad catalog file entry
[ 1075.344933][T15106] hfsplus: failed to load root directory
[ 1076.217585][T15114] loop9: detected capacity change from 0 to 8192
[ 1076.944769][T15127] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1077.315558][T15123] loop5: detected capacity change from 0 to 2048
[ 1077.503743][T14821] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1077.710872][T15123] NILFS (loop5): invalid segment: Magic number mismatch
[ 1077.732098][T15123] NILFS (loop5): trying rollback from an earlier position
[ 1077.845218][T15123] NILFS (loop5): recovery complete
[ 1077.861578][T14821] veth0_vlan: entered promiscuous mode
[ 1077.882523][T14821] veth1_vlan: entered promiscuous mode
[ 1077.883809][T15130] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1078.046065][T14821] veth0_macvtap: entered promiscuous mode
[ 1078.098887][T14821] veth1_macvtap: entered promiscuous mode
[ 1078.128535][T15123] overlayfs: upper fs does not support tmpfile.
[ 1078.171668][T15123] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1078.188736][T14821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1078.275007][T15123] overlayfs: failed to set xattr on upper
[ 1078.289672][T14821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1078.300503][T15123] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1078.318297][T15123] overlayfs: ...falling back to index=off.
[ 1078.323140][T14821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1078.329218][T15123] overlayfs: ...falling back to uuid=null.
[ 1078.372167][T14821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1078.397604][T14821] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1078.421964][T14821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1078.471131][T14821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1078.490102][T14821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1078.513215][T14821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1078.526086][T14821] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1078.570531][T14821] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1078.595721][T14821] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1078.620438][T14821] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1078.650927][T14821] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1078.942025][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1078.979739][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1079.121421][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1079.161613][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1079.908054][T15178] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2011'.
[ 1083.422051][T15221] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2016'.
[ 1084.675384][T15234] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2018'.
[ 1085.698507][T15242] syzkaller0: entered promiscuous mode
[ 1085.718105][T15242] syzkaller0: entered allmulticast mode
[ 1087.019514][T15249] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1087.027697][T15249] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1088.543977][T15249] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1088.648184][T15249] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1089.118359][T15249] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1089.128257][T15249] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1089.137389][T15249] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1089.147235][T15249] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1089.333234][T15311] netlink: 'syz.0.2032': attribute type 13 has an invalid length.
[ 1089.341856][T15311] netlink: 'syz.0.2032': attribute type 17 has an invalid length.
[ 1090.116393][T15311] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1094.170567][T15359] loop1: detected capacity change from 0 to 128
[ 1094.219880][T15359] UBIFS error (pid: 15359): cannot open "/dev/loop1", error -22
[ 1094.335013][T15225] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1094.698840][T15364] loop9: detected capacity change from 0 to 4096
[ 1095.035445][T15367] syzkaller0: entered promiscuous mode
[ 1095.076491][T15367] syzkaller0: entered allmulticast mode
[ 1095.102391][T15364] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 1095.218358][T15364] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0002]
[ 1095.271146][T15364] System zones: 0-5
[ 1095.308341][T15364] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1095.868938][T15386] EXT4-fs error (device loop9): __ext4_get_inode_loc:4489: comm syz.9.2044: Invalid inode table block 4 in block_group 0
[ 1095.929653][T15383] EXT4-fs error (device loop9): __ext4_get_inode_loc:4489: comm syz.9.2044: Invalid inode table block 4 in block_group 0
[ 1096.037757][T15386] EXT4-fs error (device loop9) in ext4_reserve_inode_write:5920: Corrupt filesystem
[ 1096.139485][T15386] EXT4-fs error (device loop9): ext4_dirty_inode:6124: inode #15: comm syz.9.2044: mark_inode_dirty error
[ 1096.206864][T15386] EXT4-fs error (device loop9): __ext4_get_inode_loc:4489: comm syz.9.2044: Invalid inode table block 4 in block_group 0
[ 1096.255087][T15392] 8021q: VLANs not supported on ip6tnl0
[ 1096.278910][T15386] EXT4-fs error (device loop9) in ext4_reserve_inode_write:5920: Corrupt filesystem
[ 1096.324801][T15386] EXT4-fs error (device loop9): ext4_write_end:1349: inode #15: comm syz.9.2044: mark_inode_dirty error
[ 1097.637599][ T1086] EXT4-fs error (device loop9): __ext4_get_inode_loc:4489: comm kworker/u4:7: Invalid inode table block 4 in block_group 0
[ 1097.750761][T11627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1099.910579][T15426] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2051'.
[ 1101.242878][T12793] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[ 1101.482801][T12793] usb 10-1: Using ep0 maxpacket: 8
[ 1101.493591][T12793] usb 10-1: config 1 interface 0 altsetting 3 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1101.509093][T12793] usb 10-1: config 1 interface 0 altsetting 3 bulk endpoint 0x82 has invalid maxpacket 0
[ 1101.520246][T12793] usb 10-1: config 1 interface 0 altsetting 3 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1101.530748][T12793] usb 10-1: config 1 interface 0 altsetting 3 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1101.564848][T12793] usb 10-1: config 1 interface 0 has no altsetting 0
[ 1101.586332][T12793] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[ 1101.602761][T12793] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1101.631772][T12793] usb 10-1: Product: syz
[ 1101.636628][T12793] usb 10-1: Manufacturer: syz
[ 1101.652320][T12793] usb 10-1: SerialNumber: syz
[ 1101.676876][T12793] cdc_ether: probe of 10-1:1.0 failed with error -22
[ 1101.703989][T12793] usb-storage 10-1:1.0: USB Mass Storage device detected
[ 1101.750569][T12793] usb-storage 10-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[ 1102.091528][T12793] usb 10-1: USB disconnect, device number 5
[ 1102.208562][T15460] loop5: detected capacity change from 0 to 512
[ 1102.428104][T15460] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found
[ 1102.752687][T15460] UDF-fs: Scanning with blocksize 512 failed
[ 1102.790846][T15460] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found
[ 1102.835462][T15460] UDF-fs: Scanning with blocksize 1024 failed
[ 1102.891212][T15460] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found
[ 1102.899014][T15460] UDF-fs: Scanning with blocksize 2048 failed
[ 1102.926583][T15460] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[ 1102.976019][T15460] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1104.189440][T15478] loop5: detected capacity change from 0 to 256
[ 1104.248806][T15478] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[ 1113.213276][T15547] netlink: 20 bytes leftover after parsing attributes in process `syz.9.2079'.
[ 1113.258357][T15547] geneve0: entered promiscuous mode
[ 1113.552465][T15552] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1115.169016][T11443] libceph: connect (1)[c::]:6789 error -101
[ 1115.175639][T11443] libceph: mon0 (1)[c::]:6789 connect error
[ 1115.274814][T15570] ceph: No mds server is up or the cluster is laggy
[ 1115.360115][T15575] tmpfs: Bad value for 'huge'
[ 1115.925278][T15589] mac80211_hwsim hwsim21 syzkaller0: entered promiscuous mode
[ 1115.945101][T15589] mac80211_hwsim hwsim21 syzkaller0: entered allmulticast mode
[ 1116.081630][T15590] loop1: detected capacity change from 0 to 512
[ 1116.209264][T15228] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1116.311210][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.315963][   T28] audit: type=1326 audit(1770443821.669:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15588 comm="syz.1.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1919aeb9 code=0x7ffc0000
[ 1116.318490][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.481405][   T28] audit: type=1326 audit(1770443821.669:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15588 comm="syz.1.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1919aeb9 code=0x7ffc0000
[ 1116.561205][   T28] audit: type=1326 audit(1770443821.719:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15588 comm="syz.1.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fad1919aeb9 code=0x7ffc0000
[ 1116.659389][   T28] audit: type=1326 audit(1770443821.719:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15588 comm="syz.1.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1919aeb9 code=0x7ffc0000
[ 1116.754410][   T28] audit: type=1326 audit(1770443821.719:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15588 comm="syz.1.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1919aeb9 code=0x7ffc0000
[ 1116.895603][   T28] audit: type=1326 audit(1770443821.739:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15588 comm="syz.1.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fad1919aeb9 code=0x7ffc0000
[ 1118.382725][   T28] audit: type=1326 audit(1770443821.749:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15588 comm="syz.1.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1919aeb9 code=0x7ffc0000
[ 1118.421973][   T28] audit: type=1326 audit(1770443821.769:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15588 comm="syz.1.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fad1919aeb9 code=0x7ffc0000
[ 1118.422483][T15609] syzkaller0: entered promiscuous mode
[ 1118.462743][   T28] audit: type=1326 audit(1770443821.769:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15588 comm="syz.1.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1919aeb9 code=0x7ffc0000
[ 1118.520261][T15609] syzkaller0: entered allmulticast mode
[ 1118.526721][   T28] audit: type=1326 audit(1770443821.769:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15588 comm="syz.1.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1919aeb9 code=0x7ffc0000
[ 1119.134141][T15624] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2095'.
[ 1120.775666][T15635] loop9: detected capacity change from 0 to 512
[ 1120.813654][T15635] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1120.885014][T15635] EXT4-fs (loop9): Cannot turn on journaled quota: type 0: error -13
[ 1120.915677][T15635] EXT4-fs error (device loop9): ext4_clear_blocks:883: inode #13: comm syz.9.2094: attempt to clear invalid blocks 2 len 1
[ 1120.943917][T15635] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1120.966817][T15635] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #13: comm syz.9.2094: invalid indirect mapped block 1819239214 (level 0)
[ 1120.986318][T15635] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #13: comm syz.9.2094: invalid indirect mapped block 1819239214 (level 1)
[ 1121.023684][T15635] EXT4-fs (loop9): 1 truncate cleaned up
[ 1121.030826][T15635] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1121.129496][T15635] 
[ 1121.131894][T15635] ======================================================
[ 1121.139032][T15635] WARNING: possible circular locking dependency detected
[ 1121.146170][T15635] syzkaller #0 Not tainted
[ 1121.150883][T15635] ------------------------------------------------------
[ 1121.157937][T15635] syz.9.2094/15635 is trying to acquire lock:
[ 1121.164039][T15635] ffff8880273e80e0 (&type->s_umount_key#32){++++}-{3:3}, at: super_lock+0x17f/0x3a0
[ 1121.173853][T15635] 
[ 1121.173853][T15635] but task is already holding lock:
[ 1121.181250][T15635] ffff888148d3ba88 (&bdev->bd_holder_lock){+.+.}-{3:3}, at: blkdev_common_ioctl+0x835/0x2570
[ 1121.191500][T15635] 
[ 1121.191500][T15635] which lock already depends on the new lock.
[ 1121.191500][T15635] 
[ 1121.202211][T15635] 
[ 1121.202211][T15635] the existing dependency chain (in reverse order) is:
[ 1121.211263][T15635] 
[ 1121.211263][T15635] -> #4 (&bdev->bd_holder_lock){+.+.}-{3:3}:
[ 1121.219918][T15635]        __mutex_lock+0x136/0xcc0
[ 1121.225242][T15635]        bd_finish_claiming+0x22f/0x3f0
[ 1121.231104][T15635]        blkdev_get_by_dev+0x45c/0x600
[ 1121.236664][T15635]        bdev_open_by_dev+0x77/0x100
[ 1121.242130][T15635]        setup_bdev_super+0x59/0x660
[ 1121.247615][T15635]        mount_bdev+0x1d3/0x2d0
[ 1121.252566][T15635]        legacy_get_tree+0xea/0x180
[ 1121.257796][T15635]        vfs_get_tree+0x8c/0x280
[ 1121.262829][T15635]        do_new_mount+0x24b/0xa40
[ 1121.267949][T15635]        init_mount+0xde/0x130
[ 1121.272857][T15635]        do_mount_root+0x97/0x230
[ 1121.278095][T15635]        mount_root_generic+0x1a6/0x3e0
[ 1121.283758][T15635]        prepare_namespace+0xc2/0x100
[ 1121.289175][T15635]        kernel_init_freeable+0x42e/0x580
[ 1121.295268][T15635]        kernel_init+0x1d/0x1c0
[ 1121.300219][T15635]        ret_from_fork+0x48/0x80
[ 1121.305341][T15635]        ret_from_fork_asm+0x11/0x20
[ 1121.310925][T15635] 
[ 1121.310925][T15635] -> #3 (bdev_lock){+.+.}-{3:3}:
[ 1121.318154][T15635]        __mutex_lock+0x136/0xcc0
[ 1121.323291][T15635]        bd_prepare_to_claim+0x1c0/0x490
[ 1121.328935][T15635]        truncate_bdev_range+0x4e/0x260
[ 1121.334520][T15635]        blkdev_fallocate+0x428/0x6a0
[ 1121.339958][T15635]        vfs_fallocate+0x58e/0x700
[ 1121.345174][T15635]        do_madvise+0x166b/0x3750
[ 1121.350392][T15635]        __x64_sys_madvise+0xa6/0xc0
[ 1121.355775][T15635]        do_syscall_64+0x55/0xa0
[ 1121.360908][T15635]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1121.367504][T15635] 
[ 1121.367504][T15635] -> #2 (mapping.invalidate_lock){++++}-{3:3}:
[ 1121.376210][T15635]        down_write+0x97/0x200
[ 1121.381080][T15635]        set_blocksize+0x247/0x4b0
[ 1121.386464][T15635]        sb_min_blocksize+0xbe/0x190
[ 1121.391849][T15635]        ext4_fill_super+0x6f0/0x6790
[ 1121.397419][T15635]        get_tree_bdev+0x3f3/0x520
[ 1121.402697][T15635]        vfs_get_tree+0x8c/0x280
[ 1121.407768][T15635]        do_new_mount+0x24b/0xa40
[ 1121.413171][T15635]        init_mount+0xde/0x130
[ 1121.418210][T15635]        do_mount_root+0x97/0x230
[ 1121.423589][T15635]        mount_root_generic+0x1a6/0x3e0
[ 1121.429934][T15635]        prepare_namespace+0xc2/0x100
[ 1121.435324][T15635]        kernel_init_freeable+0x42e/0x580
[ 1121.441341][T15635]        kernel_init+0x1d/0x1c0
[ 1121.446278][T15635]        ret_from_fork+0x48/0x80
[ 1121.451503][T15635]        ret_from_fork_asm+0x11/0x20
[ 1121.457067][T15635] 
[ 1121.457067][T15635] -> #1 (&sb->s_type->i_mutex_key#8){++++}-{3:3}:
[ 1121.466148][T15635]        down_write+0x97/0x200
[ 1121.471209][T15635]        set_blocksize+0x1ff/0x4b0
[ 1121.476439][T15635]        sb_min_blocksize+0xbe/0x190
[ 1121.481736][T15635]        ext4_fill_super+0x6f0/0x6790
[ 1121.487134][T15635]        get_tree_bdev+0x3f3/0x520
[ 1121.492437][T15635]        vfs_get_tree+0x8c/0x280
[ 1121.497506][T15635]        do_new_mount+0x24b/0xa40
[ 1121.502802][T15635]        init_mount+0xde/0x130
[ 1121.507591][T15635]        do_mount_root+0x97/0x230
[ 1121.514015][T15635]        mount_root_generic+0x1a6/0x3e0
[ 1121.520102][T15635]        prepare_namespace+0xc2/0x100
[ 1121.525933][T15635]        kernel_init_freeable+0x42e/0x580
[ 1121.531842][T15635]        kernel_init+0x1d/0x1c0
[ 1121.536935][T15635]        ret_from_fork+0x48/0x80
[ 1121.542064][T15635]        ret_from_fork_asm+0x11/0x20
[ 1121.547362][T15635] 
[ 1121.547362][T15635] -> #0 (&type->s_umount_key#32){++++}-{3:3}:
[ 1121.555742][T15635]        __lock_acquire+0x2df1/0x7d40
[ 1121.561436][T15635]        lock_acquire+0x19e/0x420
[ 1121.566489][T15635]        down_read+0x46/0x2e0
[ 1121.571275][T15635]        super_lock+0x17f/0x3a0
[ 1121.576849][T15635]        fs_bdev_sync+0xa4/0x170
[ 1121.581839][T15635]        blkdev_common_ioctl+0x8a6/0x2570
[ 1121.587593][T15635]        blkdev_ioctl+0x512/0x730
[ 1121.592924][T15635]        __se_sys_ioctl+0xfd/0x170
[ 1121.598146][T15635]        do_syscall_64+0x55/0xa0
[ 1121.603281][T15635]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1121.609967][T15635] 
[ 1121.609967][T15635] other info that might help us debug this:
[ 1121.609967][T15635] 
[ 1121.620648][T15635] Chain exists of:
[ 1121.620648][T15635]   &type->s_umount_key#32 --> bdev_lock --> &bdev->bd_holder_lock
[ 1121.620648][T15635] 
[ 1121.634756][T15635]  Possible unsafe locking scenario:
[ 1121.634756][T15635] 
[ 1121.642294][T15635]        CPU0                    CPU1
[ 1121.648712][T15635]        ----                    ----
[ 1121.654174][T15635]   lock(&bdev->bd_holder_lock);
[ 1121.659210][T15635]                                lock(bdev_lock);
[ 1121.665740][T15635]                                lock(&bdev->bd_holder_lock);
[ 1121.673924][T15635]   rlock(&type->s_umount_key#32);
[ 1121.679451][T15635] 
[ 1121.679451][T15635]  *** DEADLOCK ***
[ 1121.679451][T15635] 
[ 1121.687616][T15635] 1 lock held by syz.9.2094/15635:
[ 1121.692912][T15635]  #0: ffff888148d3ba88 (&bdev->bd_holder_lock){+.+.}-{3:3}, at: blkdev_common_ioctl+0x835/0x2570
[ 1121.704253][T15635] 
[ 1121.704253][T15635] stack backtrace:
[ 1121.710755][T15635] CPU: 1 PID: 15635 Comm: syz.9.2094 Not tainted syzkaller #0
[ 1121.718485][T15635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1121.729071][T15635] Call Trace:
[ 1121.732449][T15635]  <TASK>
[ 1121.735580][T15635]  dump_stack_lvl+0x18c/0x250
[ 1121.740368][T15635]  ? load_image+0x400/0x400
[ 1121.744976][T15635]  ? show_regs_print_info+0x20/0x20
[ 1121.750204][T15635]  ? print_circular_bug+0x12b/0x1a0
[ 1121.755694][T15635]  check_noncircular+0x2fc/0x400
[ 1121.760839][T15635]  ? print_deadlock_bug+0x5d0/0x5d0
[ 1121.766071][T15635]  ? lockdep_lock+0xf5/0x230
[ 1121.770877][T15635]  ? _find_first_zero_bit+0xd3/0x100
[ 1121.776456][T15635]  __lock_acquire+0x2df1/0x7d40
[ 1121.781567][T15635]  ? verify_lock_unused+0x140/0x140
[ 1121.786888][T15635]  ? stack_trace_save+0xaa/0x100
[ 1121.792021][T15635]  ? stack_trace_snprint+0xf0/0xf0
[ 1121.797414][T15635]  ? __stack_depot_save+0x1f/0x630
[ 1121.802793][T15635]  ? do_syscall_64+0x55/0xa0
[ 1121.807687][T15635]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1121.814042][T15635]  lock_acquire+0x19e/0x420
[ 1121.819038][T15635]  ? super_lock+0x17f/0x3a0
[ 1121.823989][T15635]  ? __might_sleep+0xe0/0xe0
[ 1121.828920][T15635]  ? __mutex_trylock_common+0x159/0x260
[ 1121.834694][T15635]  ? read_lock_is_recursive+0x20/0x20
[ 1121.840268][T15635]  ? trace_raw_output_contention_end+0xd0/0xd0
[ 1121.846542][T15635]  down_read+0x46/0x2e0
[ 1121.850720][T15635]  ? super_lock+0x17f/0x3a0
[ 1121.855491][T15635]  super_lock+0x17f/0x3a0
[ 1121.860067][T15635]  ? user_get_super+0x180/0x180
[ 1121.864930][T15635]  ? mutex_lock_nested+0x20/0x20
[ 1121.869987][T15635]  fs_bdev_sync+0xa4/0x170
[ 1121.874415][T15635]  ? fs_bdev_mark_dead+0x1f0/0x1f0
[ 1121.879805][T15635]  blkdev_common_ioctl+0x8a6/0x2570
[ 1121.885262][T15635]  ? tomoyo_path_number_perm+0x5b4/0x620
[ 1121.890914][T15635]  ? blkdev_bszset+0x1f0/0x1f0
[ 1121.895903][T15635]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 1121.901568][T15635]  blkdev_ioctl+0x512/0x730
[ 1121.906086][T15635]  ? blkdev_compat_ptr_ioctl+0xd0/0xd0
[ 1121.911924][T15635]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1121.917394][T15635]  ? security_file_ioctl+0x80/0xa0
[ 1121.923142][T15635]  ? blkdev_compat_ptr_ioctl+0xd0/0xd0
[ 1121.929039][T15635]  __se_sys_ioctl+0xfd/0x170
[ 1121.933708][T15635]  do_syscall_64+0x55/0xa0
[ 1121.938168][T15635]  ? clear_bhb_loop+0x40/0x90
[ 1121.942868][T15635]  ? clear_bhb_loop+0x40/0x90
[ 1121.947737][T15635]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1121.953643][T15635] RIP: 0033:0x7f4693d9aeb9
[ 1121.958418][T15635] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1121.978738][T15635] RSP: 002b:00007f4694c55028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1121.987342][T15635] RAX: ffffffffffffffda RBX: 00007f4694015fa0 RCX: 00007f4693d9aeb9
[ 1121.995497][T15635] RDX: 0000000000000000 RSI: 0000000000001261 RDI: 0000000000000007
[ 1122.003916][T15635] RBP: 00007f4693e08c1f R08: 0000000000000000 R09: 0000000000000000
[ 1122.011979][T15635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1122.020046][T15635] R13: 00007f4694016038 R14: 00007f4694015fa0 R15: 00007ffeddf25798
[ 1122.029079][T15635]  </TASK>
[ 1122.156200][T11627] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.