last executing test programs:

3m46.793965401s ago: executing program 0 (id=1):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, 0x0, &(0x7f0000000180), 0x1003}, 0x38)
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f00000003c0)={0x2, {0x2, 0xe, 0x8, 0xc1e6, 0x1ff}})
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0x0, 0x3b12, 0x0, 0x4}})
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000440)=0x4)
sched_setaffinity(0x0, 0xfffffffffffffe02, &(0x7f00000002c0)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0)
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000380)='./bus\x00', 0x408, &(0x7f0000000040), 0x1, 0x55f3, &(0x7f0000005600)="$eJzs3X9sXWX9B/Bzb9etK9+1JexbB2RlGyDZItK5aUIgsWObTgvLlU7YhKw/cASd0zo2XIWwIsYZGKFYwxissOD2xxSh6DqHkljArqL7hWAyXVQwW1gzRooTERMW03vvub333LW9TKQIrxdpz3nu5zzPee7J+aPvy55zAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiC4I8n7phx2721E3dcV3vfedecve7BrqUnLrx1W+WWh3aM29/+3FePVa5uObps4U33Jxof2dDX1REEsWS/gd8vB0FQf9mCK6+vq7+iJByw4XOpbUXFUKdMDfBiqjE258WBfrk/jUEQFEcGKEpv56d34uMHBiiOnCBYmT/gsK6d3N0ybcL8hu2rOjc9u/zyrflvnQEloz2B0ZK+rw4N3ks1yd/xyBGZdtatF8u+x9P9ozfcu/ImAIC3pTqR3GT+0Ez/iZtpt0brkXZNpN0WaYd/IbRlN05FatyxQ81zSrQ+SvOsSUWFcUPOM1JPX/9MOxHtH2lHosbbmGfuoelIUzLUPJsj9dGaJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB7yQXXz6rbt/fhV77S8tvfPfzGt177+NHVDbf0d9VdtH7J4+07v/fyscrVLUeXLbzp/kTjIxv6ujqCoCLZL5bqHnumMh6f1V+7/bF7eqrrP7RobVF63HA7Juvg4EC4c3F5EDRlVQ6Fw/aVBUEit5BsBhvzC19K7nwmLAAAAPB+cmbydzzTTsXB4px2LJkmY8n/QqmweO3k7pZpE+Y3bF/VuenZ5ZdvPfXxEkOMV3PS8TLtisGfWFYwDuNvdLzBenjoyrxxhhcdMZrnTz/eN72p9oaSK/dcsGjmnLqtlwY/mXGkfcXi+ya+OGHp/rbqvPxfMXz+D6+c/A8AAMB/Qv6PjjO8kfJ/U3X55EPTvlv02HWVJ44seODnHb3PPxl/qLi/6+mXxo6/7Zdr8vL/lJxT5uX/cMZh/o8Hp5b/AQAA4L3sv53/a/LGGd5I+f8XB7Z8/l+rvjH1yMx/7nzh6d9fvG1q2YLXS2fe8NYTC1+t3936p7z8X11Y/h+TPe3wxd3hhJeXB0F14RcVAAAAyBH+f/fBjxbCvJ765CCa1y+7q/TJ3W9uuDF+VvPfz1jSN7vqi3vWfH3j5lj/xo71O1fMW5mX/2sKy//F787bBQAAAArwmx233F315aXbtu49PHfnnYktYy+Z99ren3Zc1fvK8UTR8zf35uX/RGH5f9zovB0AAADgJJ4aP+m5w48e/tqcPesm7lvdOvfx6fvXLHrgH3P+dsVLfz6x+cKyvPzfUFj+L01v0ysfUp12hf8Kob08CEoGdppThd6g7ZOZAgAAAPAOCXN6Y+P6nl0bxsx+/ewjP1y7csWv9l367bs2Vd188NeVt597/EDPjXn5v3n45/+HTzoI1//nPP8vb/1/ViH11L9LPBgAAACAD6L89fzh4/FT31ww1PfvF7r+/6NnHhzX3nR+xZT49qrZT/x/71Xrqt5Y3H7RJ3bc+uaHY2V//VRe/m8tLP8XZW/fye//AwAAgFPwv/b9f0vyxhneSM//7x3/zDlrP3vPD2q+WfrUuW/d3fSdtkMzztsy/YyPFJ3fNXfWH76fl//bCsv/4fa07LfXHV6f28uDYNLATvppgtvC6S6PFDqLswqpCx/pURf2SBc6g9bBQlJzpMfHyoNg6sBOa6RwelhoixT6y9KFzZHCvrCQvh8yhUcjhe7wTru3LD3daOFnYSG9wKIzXEFxWmZJRKTH8aF6DBRO2uNg5uQAAAAfKGF4TmfZ4txmEI2ynbGRDigd6YD4SAcUjXTAmMgB0QOHej1oyC2Er/94XteyV695sLbn6vpjZ83Zu/SO1v/rXtyz6ws/6j7nL1e/sOjTefl/c2H5P7wUY1Obodb/B+H6//T3GmbW/zeEhYpIoTMsJKJPDEiE50iF3TvDc1Qk0j36J2UKAAAA8L4Wfi5QNMrzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4N3v3HidVdScI/FTTb5rujhgxxgTUiOguTdOGBBFHInHXJC5pErJxzBBAaLRDG5CHK8as+MhkI9HFqDExYQc/Gc1jWIMPok5UiI6YZFQSn7Pic9CJrLoMOmocJ8t8um+d6qpbXXQhoLR+v390narfed56dJ17b50LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHvDxStubX5x6P/58q++vun5r39o+m+nn7d9nz/f0vDq8HMe2n7UsIafvbTfkqUvdEw586r2Wauv3LJ2ZQjtPeUySfHMXftVVBz5z5+56eeX3t06Y9i0c6uz9WbjYXD3n4rsnQtjq88OCeHmTAiV6cDohiRQlb3fEOs7sCGE94XeQK5ER31SIt1wuLsuhFWhN5Cr6ta6EBryAtMeuHPdxd2Jy+tCODSEUJNu44mapI26dGBkdRKoTwfmVyaB17cncoFbKpIA7LL4Zsi96Ne0F2Zo7rtciddf1W7r2DsrPbxBMdFcOt9Ln9jDncpTnX6gfZeetqLq2COK3h7rvdsGwLutaDuveK88bdsH7SCY+yKV/YayvTdUEyrmdMydtaRrcXykIrS0lKxsDz3Pm7adM3tn0gPmdRg70LxbXod31E9pvPjlyUevPeWPZxy6eOP0Xe3mY3mbND+9p9WE7GtuwDyP0aT3yufJDu3tT1vRt6QRvnSFED7/b+/PPDL/qQO2vvHsSZOvf+KbV8xYeuW0yY/u98vxf3/VPjfPuKRo/t+84/l/fDnH24qC3LHVNxuTuXl8pCEmtjYmc3MAAAAYMAbCXtOPH/nsU6fddfOyJ1d/tvJrE3598v6NlWd/u+vz+66d+MGLLuu8f5+i+f+I8o7/x0P+DfmjXR/CpJ7EBU0h7N/zeBL4aezOKU0hHNSTai8MfCIVWB/CB3oSh+eqSpWojSVGpAJ/aMwGJqUCG2KgPRW4JgZWpAIXxsCaVGB2DKxPBY6LgdBZOI4jGrPjKDtQFwMzk424Jp6F8EpjbC21rTblqgIAANhNsrPDqsK7eec67GqGOL1cU9dfhngGdskMNaka0jPY3LSqZA2V/dVQ0V8NuXEv2/Hwi2rO9Fdz0WkYmcIMbw7/akXT5IO/d9M1o69te3Ly114d//mP/unFV9cf/g//85ZzFv/wiKL5f+uO5/81fXQkU3T8P4SpPX9j7opspCsXn9lekAEAAADYBZfft/LBHx1xwv+77enbbvzQVT+qWH/F5/7/M1svOHjsZ0dlav/mK2uK5v+Tyjv/P+4TGZSXOdwbd0PMawqhtTCQVHt0cSA56j04GwAAAICBIHc8PncsvDN7m5yinZ5PF+dv38n88cD/pD7zX7LtLx/9yFUPnrR05CFbLv0fZ76Ref/43+9z4sYx97/04ZF/11xbfP5/e3nn/9cX3iad2BB7cVlTCLV5gXtiL7sDPUbEwNPHFgay498QN8DyWFX2xIRcVctjiZkx0JoKrCpV4ne5EvsXBrJPVq7xC3Lj6MyWyAsAAADA2y7uDojH5eP5/7dMPeJDh+/31LgnP3zr0ucmrfziafXfPeRn+z7f1DVl3McmHfPJR4rm/zN37vz/nnlw0en9XYNDGFMZwqDCHwYkhVeF3kBDJpu4vT6pa1C6qvPqQ5jYPbD0bwyeya7/X5leY/CBuqSqGNj/4J9sG9md+FFdCGPyA4986epx3YnFdSF0d6Qy3fgX6kIY3j3adONra5PGq9KNX1kbwofzArmqTqkNobux6nRVd9Zkr2OQrurnNSEMzQvkqvpYTQhLAwADVPxXOif/wUVLz543q6urY+EeTMR9+HVhbmdXR8vs+V1zakr0aU6qzwXLGJ1XPKZyr3zzeHaJounDrx9VTjr3O8HW/Lay+/GLThzM3o/fhap6xtlWVXD3yPSQRx1S3ETI+yZVasgVe3jI9fmV9D6JRfXH/NVhcKhdsqhjYctZsxYvXjg2+Vtu9rbkbzzMlGyrseltVd9X38p4eezoggX53uq2Oiy/kjGLT18wZtHSs0d3nj7r1I5TO77aNn5sW9u4j48f1zame1Styd9+hnpYX1Wnhrr96jLHtRuHekBlXiVvx6fGuymxakEIu73m7idkbxngeylRm30T7C392asSs1Zkzp804ze3f/nADaefdfKBf3vgnNEn/8Ulv11wUssxU3999Z9vLJr/L9jx/D9+6sRP/uz6DKWO/zfHw/zJ472H+WfGwKpyj/83lzqanzsxYEQqsCwGljnMDwAAwLtD3B0Z92bGvdI/bPiHm4+fM/uY13/1xWlX/PX4CaedtfnQ5m9eceKK/7T5lRXrPvly0fx/WXm//99N6//nlq7/dKll/g+PJVpLrf+fXuY/t/7/slLr/6eX+c+t/7/qHVj/f0kukNokr1j/HwAAeDd4+9b/73d5//QFAooy9Lu8f/oCAUUZ+l3Gv9wLBOz0+v/zu/6sfr9L5k84dvSC79+z7uAVQ3/+occn/+aQlUeNvnXtz14be13R/H9FefN/C/cDAADA3uOuX9V+5Zuvjrz9oXtePz5z0e+2Xvv5v+g44ph/Htp26tRP1X372n8tmv+vKm/+//av/xdKnf8/olSgvdTCgNb/AwAAYIAqtf7fj4c+PWL94tHX3PeLF3/2VN0v50x87j+s+M5HZ41s/fGGTb9tnr25aP6/prz5fzztoqIgd+zNm43JmnYhvabd1sbcTwYAAABgYKgILS1VZeYtWBn1E2+9zU3ZpUB3lM738G37rVtScdflmZqt3/nWjGNazj3xzPnHf2Pzt+sf/EH99JaahUXz//Xlzf8LfpdxR/2Uxotfnnz0m2tP+eMZhy7eOL33+D8AAACw55S7XwIAAAAAAAAAAAAAAHjnPTRz5VFvjP3UC3MOGvtvXzjxie8s/+CX7vmrq/505i+Ou+2gzu0jpxX9/j9M7SlX6vf/8bp/8fcF+xbkjq32v/5f9v60z1y3tGfJwnsbQzgkPzDv/HnvC9lr8x+WH1g3/fBh3Ynz0yVue/K457oTM9KBE0bv81p3YmIqMDMukviBxnMLA/Gqiq8NSZWIyys+mA7E7bEmHajOBr41JBlHJr2ttjQk2yqT3laPNYTQlBfIbaubG5I2MukBXp4K5AZ4RjoQBzglG6hI9+q6wUmvYqAhFv2rwUmvAADYa8VvgVVhbmdXR2v8Ch9vD6gsvI0Kliw7r7jaTJnNP55dmmz68OtHlZMelP4u2nut8apQ0z2EsUVfV/OzZHpGuXtq6WfT7VtiyP2t9lZRolzazm666tIjqktG1DJ7ftecqn4HfmT/Wdoq+80ytmiyk5+lomeTllFLGX0pY0RlbpsyuhzvV4SWlkGpXBNisDkU6O8VUe7v9fPX+Sv1KsjP89d1V100aNig1/914jfuurOpquu0qR3fOOC+fxw6ds73v3vnzCv/UDT/by5v/l+TP67XshcDWBavrHd0UwgzyxwRAAAAvPv973NX33DS/A1b5q6vfPT3v59X8dmTqhbec9M5Z3/jsduXn/Ct//jjPuLbz9mJ+JrMQ9tOemHbWX/5wg8++sO7z3rquNln3TRl0zGbO2qu+dqfrT5teNH8f0R58/+4Byt7KDjZ27E+Xv//gqYQei6t35wEfhqHe0pTCAf1pNpjieSC+p+OJVqTwE/jDpPDY4mZ7YVV1cbAmlTgD43ZwPpUYEMMZPdS/CRkd+Vc2hjCuJ7U1MISC2KJ5lTgszEwIhVoiYHWVGBIDExKBV4ckg20pwJ/HwOhs3Bb3Tgku612oLKfOAAA8B6UnWdVFd4N6Xnemsr+MmT6y1DfX4aK/jLU9Jeh1Cji/RtihqrUySuZvExV6VrrUrUUZYgXw9/pfhVlCL8rzJkuWNR0PP8gd75BpjDDhO/eMPOoTy/6/rZvfu/+4z924fErLnv5ok8NHnbZo/+389zBQ7bVF83/W8ub/9cX3iatb4jz/97r/yWBe2L3Lounjo+IgaePLQxkdwxsiJPd5bmq2rMlspP25bHEpBgYkQosiIFJqcDMqdnAqmGFgexMO9f4BbnGO7Ml8gIAAADwtos7COJumjj/XzshvHLg8a+3HXDZ0AUT7r/nvE/Oqtu3pu4fJ25cOfGimrsOqy2a/08qb/4f2xuc39iFsTfPDgnh5kxvb3KB0Q1JIO7HaIg/jz+wIYT35e3gyJXoqE9KVKcaDnfXJb9Qr05XdWtdssZAvD/tgTvXXdyduLwuhEPz9r7k2niiJmmjLh0YWZ0E6tOB+ZVJIO75yQVuqUgCsMtyewXjCyp7qktOc9/lSrz+3i3XBE0Pr2gfaB/5+vrN1Z5Sk34gu081Z+eetqLq2COK3h7rvdsG4rut2but96tMuDD7DWV7b6wmVMzpmDtrSdfi+Ej+L1mL7KHnOf9XquWkd8PrcNlb723/atIdaE19fLT2Xa7v12EmVndH/ZTGi1+efPTaU/54xqGLN04vuxslxB8KH33dgiMey9u8e1pNyL7mBtznSbvPk4H4b2CEpy2EsPqCuQ8+8E+vP165ue2/fWz86p+/eN/qHxx1x9zRH9jyrY9sfenVE4rm/+3lzf8rU7c93ogbc1FTCKPyNu69cfNPbko+B/MCyafk0OJAcsh9c2PJT04AAADY3XK7O3L7Czqzt8kJ4el5cnH+9p3MH/dXTOozf7n9Hjru775+7OXPf+Fzmw+45N6VD236Ly8+88kZx96x7eE1a59vO/H9DxfN/2fueP5fm+rm7jr+P3WI4/9QwPH/Pu11u6JTy/nWpuPLdmlXdFF17BGO//dpr3u3pTj+36fcF6k9cPw/t40c/+/1Ljz+vzvfC47/D2x7+9NW9C1pgS9dIYSZTT+6/pf1s0YNvvScL8/e+IuHX2md8ETDuZ+68X8dtzxced66PxXN/xeUN/+3/l/fi/bl1v+bWWr9vwWl1v9btjvX/wMAAChSYqG5wnne16qKVu9LTwSLVu8rytDvAoH9LjFo/b+dXv+v/uSzT36m8aWDrpx8/X+9cdaFj5980qOHDnr8i9d/8doxV4x66iNbiub/y8qb/8eXw+D81gfK+n8jppaoakUMLLAwIAAAAHujUjsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeGetuXP5B7cvP+Soax99/7XH/cuqDXMP/vUR248cd0rLqOVDM5f9zT+9tN+SpS90TDnzqvZZq6/csnZlCJ095TJJ8cxdsaJL726dMWzauTXZu1XZ2w8W5I6Z32wMYVXeIw0xsbWx+05vYNpnrlta2Z24tzGEQ/ID886f977uxDWNIRyWH1g3/fBh3Ynz0yVue/K457oTM9KBE0bv81p3YmI2kOkOTG/q3Ug/HJJ0N5Pu7sVDQmjKC+S6+5UheVXlt/Gfs4GK9Cb5cUPSRgw0xKLfa0jaiIGuWKKzNoQxlSEMSlf1m5qkqkHpqv62JqlqULqq/14TwsQQQmW6qierk6oq0yPfWJ1UFQP7H/yTbSO7E6uqQxiTH3jkS1eP606ckQrkGv9cdQjDu18y6cZvqEoar0o3fnlVCB8OIVSnS/xLZVKiOl3imcoQhuYFco2fVhnC0sC7QvzwmZP/4KKlZ8+b1dXVsXAPJqqzbdWFuZ1dHS2z53fNqUn1qZRMXnr7eW997I9vO2d29+304dePKiddmS1X1dPltqqCu0fu7b2P/arPr6T3+SiqP+avDoND7ZJFHQtbzpq1ePHCscnfcrO3JX8HZaPJtho7ULbVYfmVjFl8+oIxi5aePbrz9Fmndpza8dW28WPb2sZ9fPy4tjHdo2pN/u6OoV799g/1gMq8St6OD4CBm6iyfSTeo4mKgk+31r39g7zoi35vR6tCTc8HdNG0Ij9LpmeUu2PQn3iLI34r31P6HdHYoolDUZa2/rMcWTSZ6M1Sl2Tp+V6X2VFNFT2bNN6vCC0tg0pth+bCu/mb96Vd2Lybspuu3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC/swMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCxAAAAAIAwf+swejYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACASwEAAP//3UzHsQ==")
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x19, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe(0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$F2FS_IOC_GARBAGE_COLLECT(r2, 0x4004f506, &(0x7f0000000040)=0x1)
socket$inet_sctp(0x2, 0x5, 0x84)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='attr/current\x00')
write$binfmt_script(r4, &(0x7f0000000180)={'#! ', './file0'}, 0xb)
write$sndseq(r3, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)

3m45.710986637s ago: executing program 0 (id=6):
r0 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000280)=[0x8000, 0x8], 0x0, 0x0, 0x2, 0x1}}, 0x40)
mmap(&(0x7f00001f8000/0x4000)=nil, 0x4000, 0x0, 0x12012, r1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, 0xffffffffffffffff, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x3, 0x7fff0000}]})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r4 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x19})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4})
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xe, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x3ff}, [@ringbuf_output={{0x18, 0x5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x54}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
writev(r5, &(0x7f0000000040), 0x2)
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./file0\x00', 0x3000000, &(0x7f0000000b40), 0x44, 0x70b, &(0x7f0000000300)="$eJzs3U1sHGcZAOB31uu1N5XcbZu0BSHFatQIGkhsLyVBQiJUCHyoUCQuvS6J01heu5HtIidCZAsUuMEJ5dBDK2QOPaEekIo4IMoZCYkryj0S94gDi2Z2dr0/9nq3/kvT55Fm55uZ7+edNzPf/sXaAD63Ft+IyUYksXjh9a10+8F2tf5gu7raLkfEVEQUIoqtVSRrEcknEVejtcQX0p15d8le47z68OP3zt//sNraKuZLVr8wrN2O5pARGvkSsxExka/HVNyrv+vx2kB/98bqOunEnSbsXDtxcNKaAxrjNB/hvgUed/ciJiZ32V+JOBUR0/nrgMhnh8Ixh3foxprlAAAA4PE0sV+Fpx/Fo9iKmeMJBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4MSes3A5N8KbTLs5G0f/+/lO9LlUonHO9wX93n+Ls3jykQAAAAAAAAABjR98eq/VH+xf3ZR/EotmKmvb+ZZN/5v5RtnM4en4q3YyOWYj0uxlbUYjM2Yz3mIyZnujosbdU2N9fnB1v+LtKWzWbzXt5yISIqAy0X9gi0MNZpAQAAAAAAAMDn1c9iMWZOOggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiWREy0Vtlyul2uRKEYEdMRUUrrNSL+0i5/lv31pAMAAACAo1fO1zPJ/1qFZpK9538+e98/HW/HWmzGcmxGPZbiRiQfRP6uv/DPRrX+YLu6mi6DHX/nP2PFkfUYERPxzh4jz2U1znRaLMb34odxIWbjWqzHcvw4arEZSzEb5fQkohZJVMqtTy8q7Th3j/dqz9a1/tjO9m2/mEVSjpuxnMV2Ma6XovWxSXYO6Zgvdo32p1JE34jvpNlJvp0bMUc3uv69fpt/LpNrPj1iH0ejkp35ZCcjc2nu82w8Mzz3Y14n/SPNR6HzGdTpnVHSzf6R2jn/0Tg5P9VaTacPv+zN+WEb86O0/kwsRCG/+iKe78357ZfvP9vb+Cv/+tu1W4W1lVs3Ny4c4SkdxOx+FSbbhf5MVLsy8cLwqy/PRD3NRGP0TEz275geteXRKuXZyKaiEWfL72alWrzUdQm+FTdiKS7HXMzHlZiLb8ZCVDtXWLqc6clrsbram5PsXisMzm/lIcGf+3JXpV/tU/l4pXl5piuv3TNdJb8csj1XfxNzXVffs8OvvrGfBdLxv5iX0zF+3nnGeRxUsiz1zs3t6J4bnokPmunjRn1tZf1W7faI453P1+lt+27v3Pz70aPuf3Y/DOn1ks64xWwry0m5fb2kx57rRNubr1L+jUurXWHg2JnOsUrMxHL8YM87tZS/hhvsqXXshe5j/96ZOUv565v2sZ5XOfFW1LNXIX32naoBOGanXjlVKj8s/6P8fvkX5Vvl16dfm7oy9aVSTP69+OeJPxb+UPhW8kq8Hz+NmZOOFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAngQbd+6u1Or1pfVOIab79xy0UNpzrOGFKOxbZ/up0TqMSsTwsZK8UNq9zlMRcchpObrCy78+UPNy/5m2f2HpoIF9FBFD6pQOfO7J2NfY2IU0D4fSYbPZSmq2pzkxRvNiu9XudYqxMR0rtaS4yx03tXMXRGWlVv9vs6d5ObpuGeAJd2lz9faljTt3v7a8Wntz6c2ltYUrl69crn5j/uuXbi7Xl+ZajycdJXAUNu7cndhl98Av3QIAAAAAAAAAAACPj/x//29+6j9mKO5Tp7S+sfvIZ4/7VAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDPqMU3YrIRSczPXZxLtx9sV+vp0i7v1CxGRCEikp9EJJ9EXI3WEpWu7pK9xnn14cfvnb//YXWnr2K7fmFYu9E08iVmI2IiX+9vapduBvu73tVf41OFl3TOME3YuXbi4KT9PwAA//+FhvXF")
file_getattr(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x18, 0x100)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

3m45.292429098s ago: executing program 0 (id=8):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
sendfile(r4, r3, 0x0, 0x3a)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
mq_open(&(0x7f0000000040)='-\'$(:*{:\x00', 0x40, 0x24, 0x0)
r6 = userfaultfd(0x80001)
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f0000000000)=@ethtool_ringparam={0x9, 0x0, 0x6}})
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, 0x0)

3m43.804739806s ago: executing program 0 (id=10):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x24, &(0x7f0000000280)=0x1, 0x4)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001f80)=r0, 0x4)
madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x87, @private=0xa010101, 0x4e24, 0x1, 'none\x00', 0x5, 0x32bd, 0x9}, {@loopback, 0x4e25, 0x2, 0xfffffffe, 0x8, 0x12d5c}}, 0x44)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x69, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000180)={0x0, 0x10d000})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f"], 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000d40)=@filter={'filter\x00', 0x2, 0x4, 0x388, 0xffffffff, 0x1e8, 0x0, 0x0, 0xfeffffff, 0xffffffff, 0x2b8, 0x2b8, 0x2b8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1, [0xffffff00, 0xff, 0x0, 0xffffff00], [], 'pimreg0\x00', 'bond_slave_0\x00', {}, {}, 0x6, 0x0, 0x3, 0x40}, 0x2f2, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0xa, 0x8, 0x5365}}}, {{@ipv6={@remote, @loopback, [0x0, 0xff000000], [0x0, 0x0, 0xffffffff], 'netdevsim0\x00', 'syz_tun\x00'}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "ddabf53d9b1435965491f6531877000001e770b689f173dfa40b58c10327e3121114449fd20ba2be6eb0cde72a972f25170163232ed996b4789b9d00"}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0x401}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e8)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102400, 0x19000)
writev(0xffffffffffffffff, &(0x7f0000000a40)=[{0x0}, {0x0}, {&(0x7f0000001000)}], 0x3)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

3m27.887494553s ago: executing program 32 (id=10):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x24, &(0x7f0000000280)=0x1, 0x4)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001f80)=r0, 0x4)
madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x87, @private=0xa010101, 0x4e24, 0x1, 'none\x00', 0x5, 0x32bd, 0x9}, {@loopback, 0x4e25, 0x2, 0xfffffffe, 0x8, 0x12d5c}}, 0x44)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x69, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000180)={0x0, 0x10d000})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f"], 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000d40)=@filter={'filter\x00', 0x2, 0x4, 0x388, 0xffffffff, 0x1e8, 0x0, 0x0, 0xfeffffff, 0xffffffff, 0x2b8, 0x2b8, 0x2b8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1, [0xffffff00, 0xff, 0x0, 0xffffff00], [], 'pimreg0\x00', 'bond_slave_0\x00', {}, {}, 0x6, 0x0, 0x3, 0x40}, 0x2f2, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0xa, 0x8, 0x5365}}}, {{@ipv6={@remote, @loopback, [0x0, 0xff000000], [0x0, 0x0, 0xffffffff], 'netdevsim0\x00', 'syz_tun\x00'}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "ddabf53d9b1435965491f6531877000001e770b689f173dfa40b58c10327e3121114449fd20ba2be6eb0cde72a972f25170163232ed996b4789b9d00"}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0x401}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e8)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102400, 0x19000)
writev(0xffffffffffffffff, &(0x7f0000000a40)=[{0x0}, {0x0}, {&(0x7f0000001000)}], 0x3)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1m1.067464922s ago: executing program 3 (id=268):
r0 = socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x103}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
rt_tgsigqueueinfo(r1, r1, 0x2a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe2$9p(&(0x7f0000002740), 0x80080)
r4 = fsopen(&(0x7f0000000040)='ceph\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000100)='test_dummy_encryption', &(0x7f0000000240)='v2\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000000)='test_dummy_encryption', &(0x7f0000000080)='v1\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002280)='/proc/cpuinfo\x00', 0x0, 0x0)
read$FUSE(r5, &(0x7f0000000200)={0x2020}, 0x2020)
mount(0x0, 0x0, &(0x7f0000000180)='tmpfs\x00', 0x2204c96, 0x0)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r6, 0xfffd, 0x0)
socket$inet6(0xa, 0x2, 0x0)
socket(0x10, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000001c80)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2, 0x3}}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x0, 0x1}]}]}}, 0x0, 0x5a}, 0x20)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x200000001300, 0x200000001330], 0x0, 0x0, &(0x7f0000001300)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}]}, 0x108)

59.595738245s ago: executing program 3 (id=271):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r5, 0x2285, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
write$sndseq(r6, &(0x7f0000000180)=[{0x0, 0x47, 0xd, 0x0, @tick, {0x40, 0xff}, {0x10, 0x9}, @note={0xa, 0x8, 0xb0, 0x9, 0x3}}, {0x0, 0x0, 0x0, 0x0, @tick=0x46f, {0x8}, {0x80, 0x1}, @connect={{0x40, 0x7}, {0x80, 0xf6}}}], 0x38)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
listen(r7, 0x2)
close_range(r4, 0xffffffffffffffff, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)={0x13, 0x65, 0xffff, 0xff, 0x6, '9P2000'}, 0x13)
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000000314770026bd7000fbdbdf2509000200f3797a3200000000080041007369770014003300776c616e3100"/56], 0x38}, 0x1, 0x0, 0x0, 0x48049}, 0x800)

58.054001445s ago: executing program 3 (id=272):
syz_mount_image$udf(&(0x7f0000000180), &(0x7f0000000100)='./bus\x00', 0x1014494, &(0x7f00000003c0)=ANY=[@ANYBLOB="696f6323db6861727365743d696172746974696f6e3d30303030303030303030303030303030303030362c6769643d666f726746cde9dc800b2d55d678be3d7a8065742c73657373696f6e3d30303030303030303030303030303030343037361422927769e1d5322c6e6f6164696e6963622c616e63686f723d30303030303030303030303030303030303030302c7569643d666f726765742c00"/165], 0xfe, 0xc24, &(0x7f0000001480)="$eJzs3UFsHNd9B+D/Gy5Fym4rJk5Uu42LTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmFoSJNXIRtrQvfTQQ4Ci6CEnAq1RIEUDoymCHtnWBZKLD0VOPREtbARFD2wRIKeAxcy+lZY0ZcmmSFH299nUbznz3ux7b5YzkqA3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiN976cKpZ9ODbgUAcJAuTX311Gn3fwD4RLnsz/8AAAAAAAAAAAAAAHDYpSjisUixeGkzzVTfdw1fbHdu3Jwen9i92tFU1Ryoypdfw8+ePnP2S8+NnevlB9e/356IV6YuX6i/uHB9cam1vNyaq0932rMLc617PsJe6+80Wg1A/fqrN+auXl2un37mzLbdN0feG3r0+Mj5sadOPtkrOz0+MTHVV6Y2+JHf/X3uNMPjSBRxMlI8/b2fpGZEFLH3sbjLZ2e/Ha06MVp1Ynp8ourIfLvZWSl3TvYGooio91Vq9MboAM7FnjQiVsvmlw0eLbs3tdhcal6Zb9Unm0sr7ZX2QmcydVtb9qceRZxLEWsRsTH0/sMNRhG1SPGdY5vpSkQM9Mbhi9XE4Du3o9jHPt6Dsp31wYi14iE4Z4fYUBTxcqT46dtFzJZjlr/iCxEvl/mDiDfLfCEilR+MsxHv7vI54uFUiyL+vDz/5zfTXHU96F1XLn6t/pXO1YW+sr3rykN/fzhIh/zaNBxFNKsr/mb66L/ZAQAAAAAAAAAAAAAAAOB+OxpFPBEpXvr3P6rmFUc1L/3Y+bHfH/nF/jnjj9/lOGXZZyJitbi3OblH8hTiyTSZ0gOeS/xJNhxF/HGe//fGg24MAAAAAAAAAAAAAAAAAADAJ9yPI8Xz75xIa9G/pni7c61+uXllvrsqbG/t396a6VtbW1v11M1GzpmcqznXcq7n3MgZRa6fs5FzJudqzrWc6zk3csZArp+zkXMm52rOtZzrOTdyRi3Xz9nIOZNzNedazvWcGznjkKzdCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwcVJEET+PFN/+xmaKFBGNiJno5vpQrwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CANpSK+Hynqf9C4ta0WEan6v+tE+cvZaBwp89PRGCvzhWhcyNmsstZ44wG0n70ZTEX8KFIMDb9164Tn8z/Y/e7WxyDe/Obt736l1s2B3s6R94YePX7s/NjErz1+p9dptwaMXmx3btysT49PTEz1ba7ld/9037aR/L7F/ek6EbH82uuvNufnW0ufmBdFHIpmPKgXte6LWhyS9hzUi3y9il12FYfhp6BxWAaq9+IBX5g4EOX9/91I8dvv/Efvht+7//9C97tbd/j42Z/cvv8/v/NA+3T/f6xv2/P5dyODtYjhleuLg8cjhpdfe/1k+3rzWutaq3P21Kkvj419+cypwSMRw1fb862+V3seKgAAAAAAAAAAAAAAAICDlYr43UjR/NFmqkfEzWq+1sj5sadOPjkQA9V8q23ztl6Zunyh/uLC9cWl1vJya64+3WnPLsy17vXthqvpXtPjE/vSmbs6us/tPzr84sLia0vta3+4suv+R4YvXFleWWrO7r47jkYR0ejfMlo1eHp8omr0fLvZqapO7jqZ7sMbTEX8Z6SYPVs/0tuW5//tnOG/bf7/6s4D7dP8v0/1bSvfM6UifhYpfusvHo/PV+18JN43Zrnc30SK0XOfy+XiSFmu14bucwW6MwPLsv8bKf7h59vL9uZDPna77LP3Oq4Pi/L8H4sU3/+z78av523bn/+w+/l/ZOeB9un8f6Zv2yPbnlew566Tz//JSPHCY2/Fb+RtH/T8jyK2tra+FXEiF771fI59Ov+f7ds2Et33/c37130AAAAAAAAAAICH1mAq4m8jxZMTtfRc3nYv//5vbueB9unff/1y37a5A1qvaM+DCgAAAACHxGAq4seR4trKW7fmUG+f/903//N3bq+9Pp527K3+nu+XqucG3M+//+s3kt93Zu/dBgAAAAAAAAAAAAAAAAAAgEMlpSKey+upz9xlPfX1SPHSfz+dy6XjZbneOvAj1a/DlxY6Jy/Mzy/MNleaV+Zb9anF5myrrPuZSLH515/LdYtqffXP57rdNd6Ht3prsS9Fiom/65XtrsXeW5u8ux54dy32suynIsV//f32sr11rD97u+zpsuxfRYqv/9PuZY/fLnumLPvdSPHDr9d7ZR8py/aej9p9JulwLeZbz8wuzL/vUagAAAAAAAAAAAAAAAAAAADwYQ2mIv40UvzP9bVYrab9v3FrV85ab8Ob3+xb73+Hm9U6/yPV+v93ev1R1v8fuS+9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh0uKIl6PFIuXNtP6UPl91/DFdufGzenxid2rHU1VzYGqfPk1/OzpM2e/9NzYuV5+cP377Yl4ZeryhfqLC9cXl1rLy625+nSnPbsw17rnI+y1/u2h6xqtBqB+/dUbc1evLtdPP3Nm2+6bI+8NPXp85PzYUyef7JWdHp+YmOorUxv8EO/+oRp325Eo4i8jxdPf+0n656GIIvY+Fnf57Oy3o1UnRqtOTI9PVB2Zbzc7K+XOyd5AFBH1vkqN3hgdwLnYk0bEatn8ssGjZfemFptLzSvzrfpkc2mlvdJe6EymbmvL/tSjiHMpYi0iNob6D3QkZxGvRorvHNtM/zIUMdAbhy9emvrqqdN3bkexr728i29V7awPRqwVD8E5O8SGooh/jBQ/fftE/OtQRC26X/GFiJfL/EHEm2W+EJHKD8bZiHeHHnSruV9qUcT/lef//GZ6eyii+pGprisXv1b/SufqQl/Z3nVl5/1hKyIeqvvDQTrk16bhKOKH1RV/M/2bn2sAAAAAAAAAAAAAAACAQ6SIX40Uz79zIlXzg2/NKW53rtUvN6/Md6f19eb+9eZMb21tbdVTNxs5Z3Ku5lzLuZ5zI2cUuX7ORs6ZnKs513Ku59zIGQO5fs5GzpmcqznXcq7n3MgZtVw/ZyPnTM7VnGs513Nu5IxDMncPAAAAAAAAAAAAAAAAAAD4eCmq/1J8+xubaWuou770THRz3XqgH3v/HwAA//9wn/vk")
open(&(0x7f0000000140)='.\x00', 0xa0180, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000380)='./bus\x00', 0x210840, &(0x7f0000001680)=ANY=[@ANYBLOB="74696d655f6f66667365743d3078303030303030303030303030303030362c6572726f72733d72656d6f756e742d726f2c757466383d757466382c6572726f72733d636f6e74696e75652c00c0ec72da0e786da19f8afc9cab685c2f1b3be1370ef4e2ac9f32df7c6276b71904c62c69c4ccddbeeaa7f603fbed1185661060"], 0x3, 0x1516, &(0x7f0000002580)="$eJzs3AuYTlXbOPD7XmvtMSQ9SQ7DWuvePMlhmSTJIUkOSZIkSU4JoUleSUgMOSUNSUgOQ3IYQnKYmDTO5/MxJEmTJCE5Jet/TfF63w7f+/V9/V/X9879u659Wfde+1577X3v8ey9eeabLkNrNKpZtQERwf8K/vJHIgDEAsBAALgOAAIAKJu7bO7M/uwSE/93O2F/rUdSrvYM2NXE9c/auP5ZG9c/a+P6Z21c/6yN65+1cf2zNq4/Y1nZ5ukFrucl6y78/j8r48///yAZpcZ+sbbUjV3/RArXP2vj+v/HCv47G3H9szauf9bG9c/auP5ZQbY/7OH6Z21cf8aysqv9/pmXq7tc7euPMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxljWcNZfoQDgcvtqz4sxxhhjjDHGGGN/HZ/tas+AMcYYY4wxxhhj//8hCJCgIIAYyAaxkB1ygACAayEXXAcRuB5yww2QB26EvJAP8kMBiIOCUAg0GLBAEEJhKAJRuAmKws1QDIpDCSgJDkpBPNwCpeFWKAO3QVm4HcrBHVAeKkBFqAR3QmW4C6rA3VAV7oFqUB1qQE24F2rBfVAb7oc68ADUhQehHjwE9eFhaACPQEN4FBrBY9AYHocm0BSaQXNo8T/KfxF6wEvQE3pBIvSGPvAy9IV+0B8GwEB4BQbBqzAYXoMkGAJD4XUYBm/AcHgTRsBIGAVvwWh4G8bAWBgH4yEZJsBEeAcmwbswGabAVJgGKTAdZsB7MBNmwWx4H+bABzAX5sF8WACp8CEshEWQBh/BYvgY0mEJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHXbATtgFu+ET2AN7YR98Cvvhsz+Zf+ZX+V0REFCgQIUKYzAGYzEWc2AOzIk5MRfmir18keTBPJgX82J+zI9xGIeFsBAaNEhIWBgLYxSjWBSLYjEshiWwBDp0GI/xWBpvxTJYBstiWSyH5bA8VsAKWAkrYWWsjFWwClbFqlgNq2ENrIH34r3YG2tjbayDdbAu1r38egobYANsiA2xETbCxtgYm2ATbIbNsAW2wJbYElthK2yDbbAttsX22B4TMAE7YAfsiB2xE3bCztgZu2AX7IrdsBu+mA3wJXwJe2E10Rv7YB/si0nZ+uMAHICv4CB8FV/F1zAJh+BQfB1fxzdwOJ7GETgSR+EorCzexjE4FkmMx2RMxok4ESfhJJyMU3AKTsMUnI4zcAbOxFk4C9/HOfgBfoDzcB4uwFRMxYW4CNMwDRfjGUzHJbgUl+FyXIHLcRWuxlW4FtfhWtyAG3ATbsItuAW34TbcgTtwFyoA/AT34l5Mwv24Hw/gATyIB/EQHsIMzMDDeBiP4BE8ikfxGB7D43gCT+IJPIWn8DSewbN4Fs/jebyAz8d91XBX8TVJIDIpoUSMiBGxIlbkEDlETpFT5BK5RERERG6RW+QReURekVfkF/lFnIgThUQhYYQRJMIYABBRERVFRVFRTBQTJUQJ4YQT8SJelBalRRlRRpQVt4ty4g5RXlQQrV0lUUlUFm1cFXG3qCqqimqiuqghaoqaopaoJWqL2qKOqCPqirqinnhI1Be9sT8+IjIr00gMwcZiKDYRTYW8dHG2FMOxlWgt2oinxEgcge1FS5cgnhEdxBjsKP4mxuJzorMYj13EC6Kr6Ca6ixdFD9HK9RS9xGTsLfqIadhX9BP9xQAxE6uL93FO9hriNZEkhoih4nWxAN8Qw8WbYoQYKUaJt8Ro8bYYI8aKcWK8SBYTxETxjpgk3hWTxRQxVUwTKWK6mCHeEzPFLDFbvC/miA/EXDFPzBcLRKr4UCwUi0Sa+EgsFh+LdLFELBXLxHKxQqwUq8RqsUasFevEerFBbBSbxGaxRWwV28R2sUPsFLvEbvGJ2CP2in3iU7FffCYOiM/FQfGFOCS+FBniK3FYfC2OiG/EUfGtOCa+E8fFCXFSfC9OiR/EaXFGnBXnxHnxo7ggfhIXhRcgUQoppZKBjJHZZKzMLnPIa2ROGVw6u9fL3PIGmUfeKPPKfDK/LCDjZEFZSGpppJUkQ1lYFpFReZMsKm+WxWRxWUKWlE6WkvHyFlla3irLyNtkWXm7LCfvkOVlBVlRVpJ3ysryLgmRX/ZRTVaXNWRNea+sJe+TteX9so58QNaVD8p68iFZXz4sG8hHZEP5qGwkH5ON5eOyiWwqm8nmsoV8QraUT8pWsrVsI5+SbWU72V4+LRPkM7KD9JcukedkZ/m87CJfkF1lN9ld/iQvSi97yl4SoLfsI1+WfWU/2V8OkAPlK3KQfFUOlq/JJDlEDpWvy2HyDQHyTTlCjpSj5FtytHxbjpFj5Tg5XibLCXKifEdOku/KyXKKnCqnyRQ5Xfa/NNJsKTPz5fD/Iv+d38kf/PPeN8nNcovcKrfJ7XKH3Cl3yd1yt9wj98h9cp/cL/fLA/KAPCgPykPykMyQGfKwPCyPyCPyqDwqj8lj8rg8Ic/J7+Up+YM8Lc/IM/KcPC/PywuXzgEoVEJJpVSgYlQ2FauyqxzqGpVTXatyqetURF2vcqsbVB51o8qr8qn8qoCKUwVVIaWVUVaRClVhVURF1U146YJRJVRJ5VQpFa9u+TP5qqi6WRVTxf8p//L8Ev9gfi1UC9VStVStVCvVRrVRbVVb1V61VwkqQXVQHVRH1VF1Up1UZ9VZdVFdVFfVVXVX3VUP1UP1VD1VokpUfdTLqq/qp/qrAWqgekUNUoPUYDVYJakkNVQNVcPUMDVcDVcj1Ag1So1So9VoNUaNUePUOJWsktVENVFNUpPUZDVZTVVTVYpKUTPUDDVTzVSz1Ww1R81Rc9VcNV/NV6kqVS1UC1WaSlOL1WKVrpaoJWqZWqZWqBVqlVql1qg1ap1apzaoDSpdbVab1Va1VW1X29VOtVPtVrvVHrVH7VP71H61Xx1QB9RBdVAdUodUhspQh9VhdUQdUUfVUXVMHVPH1XF1Up1Up9QpdVqdVmfVWXVenVcX1AV1UV3MvO0LRCACFaggJogJYoPYIEeQI8gZ5AxyBbmCSBAJcge5gzzBjUHeIF+QPygQxAUFg0KBDkxgA3Gp6NHgpqBocHNQLCgelAhKBi4oFcQHtwSlg1uDMsFtQdng9qBccEdQPqgQVAwqBXcGlYO7girB3UHV4J6gWlA9qBHUDO4NagX3BbWD+4M6wQNB3eDBoF7wUFA/eDhoEDwSNAweDRoFjwWNg8eDJkHToFnQPGjxl47v/el8T7qeupdO1L11H/2y7qv76f56gB6oX9GD9Kt6sH5NJ+kheqh+XQ/Tb+jh+k09Qo/Uo/RberR+W4/RY/U4PV4n6wl6on5HT9Lv6sl6ip6qp+kUPV3P0O/pmXqWnq3f13P0B3qunqfn6wU6VX+oF+pFOk1/pBfrj3W6XqKX6mV6uV6hV+pVerVeo9fqdXq93qA36k16s96it+pterveoXfqXXq3/kTv0Xv1Pv2p3q8/0wf05/qg/kIf0l/qDP2VPqy/1kf0N/qo/lYf09/p4/qEPqm/16f0D/q0PqPP6nP6vP5RX9A/6YvaZ97cZ368G2WUiTExJtbEmhwmh8lpcppcJpeJmIjJbXK3u1R+k9/kN3EmzhQyhUwmMmQKm8ImaqKmqClqiplipoQpYZxxJt7Em9KmtCljypiypqwpZ8qZ8qa8qWgqmjvNneYuc5e529xt7jH3mOqmuqlpappappapbWqbOqaOqWvqmnqmnqlv6psGpoFpaBqaRqaRaWwamyamiWlmmpkWpoVpaVqaVqaVaWPamLamrWlv2psEk2A6mA6mo+loOplOprPpbLqYLqar6Wq6m+6mh+lhepqeJtEkmj6mj+lr+pr+pr8ZaAaaQWaQGWwGmySTZIaaoWaYGWaGm+FmhBlpRmUDQPO2GWPGmnFmvEk2yWaimWgmmUlmsplsppqpJsWkmBlmhplpZprZZraZY+aYuWaumW/mm1STahaahSbNpJnFZrFJN+lmqVlqlpvlZqVZaVab1WatWWvWw3qz0Ww0m81ms9VsNdvNdrPT7DS7zW6zx+wx+8w+s9/sNwfMAXPQHDSHzCGTYTLMYXPYHDFHzFFz1Bwzx8xxc9ycNCfNKXPKnDanzVlz1pw3+S59XnoTa7PbHPYam9Nea3PZ6+yv4/y2gI2zBW0hq21em+/neG/ML7Gx1hazxW0JW9I6W8rG21t+E5e3FWxFW8neaSvbu2yV38S17H22tr3f1rEP2Jr23n+K69oHbT37mK2PCGCb2oa2uW1kH7ON7eO2iW1qm9nmtq1tZ9vbp22CfcZ2sM/+Jl5oF9nVdo1da9fZPXavPWvP2SP2G3ve/mh72l52oH3FDrKv2sH2NZtkh/wmHmXfsqPt23aMHWvH2fG/iafaaTbFTrcz7Ht2pp31mzjVfmjn2DQ7186z8+2Cn+PMOaXZj+xi+7FNt0vsUrvMLrcr7Eq76u9zXWY32I12k91tP7Fb7Ta73e6wO+2un+PM49hnP7X77Wf2sP3aHrRf2EP2qM2wX/0cZx7fUfutPWa/s8ftCXvSfm9P2R/saXvm5+PPPPbv7U/2ovUWCAlIkqKAYigbxVJ2ykHXUE66lnLRdRSh6yk33UB56EbKS/koPxWgOCpIhUiTIUtEIRWmIhSlm+jyfXoJKkmOSlE83UKl6VYqQ7dRWbqdytEdVJ4qUEWqRHdSZbqLqtDdVJXuoWpUnWpQTbqXatF9VJvupzr0ANWlB6kePUT16WFqQI9QQ3qUGtFj1JgepybUlJpRc2pBT1BLepJaUWtqQ09RW2pH7elpSqBnqAM9Sx3pb9SJnqPO9Dx1oReoK3Wj7vQi9aCXqCf1okTqTX3oZepL/ag/DaCB9AoNoldpML1GSTSEhtLrNIzeoOH0Jo2gkTSK3qLR9DaNobE0jsZTMk2gifQOTaJ3aTJNoak0jVJoOs2g92gmzaLZ9D7NoQ9oLs2j+bSAUulDWkiLKI0+osX0MaXTElpKyyg11wpaSatoNa2htbSO1tMG2kibaDNtoa20jbbTDtpJu2g3fUJ7aC/to09pP31GB+hzOkhf0CH6kjLoKzpMX9MR+oaO0re+F31Hx+kEnaTv6RT9QKfpDJ2lc3SefqQL9BNdJE8QYihCGaowCGPCbGFsmD3MEV4T5gyvDXOF14WR8Powd3hDmCe8Mcwb5gvzhwXCuLBgWCjUoQltSGEYFg6LhNHwprBoeHNYLCwelghLhi4sFcaHt4Slw1vDMuFtYdnw9rBceEdYPqwQPvZApfDOsHJ4V1glvDusGt4TVgurhzXCmuG9Ya3wvrB2eH9YJ3wgLBM+GNYLHwrrhw+HDcJHwobho2Gj8LGwcfh42CRsGjYLm4ctwifCluGTYauwddgmfCpsG7YL24dPhwnhM2GH8Nmf+x9c9Mf9iWHvsE/4cvhy6P39cn50QTQ1+mF0YXRRNC36UXRx9ONoenRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10fXRDdGN0U9T7mtnAoRNOOuUCF+OyuViX3eVw17ic7lqXy13nIu56l9vd4PK4G11el8/ldwVcnCvoCjntjLOOXOgKuyIu6m5yRd3Nrpgr7kq4ks65Ui7eNXctXAvX0j3pWrnWro17yj3l2rl27mn3tHvGdXDPuo7ub66Te851ds+7590Lrqvr5rq7F10PNyHXLz+Tia6P6+P6ur6uv+vvBrqBbpAb5Aa7wS7JJbmhbqgb5oa54W64G+FGuFFulBvtRrsxbowb58a5ZJfsJrqJbpKb5Ca7yW6qm+pSXIqb4Wa4mW6mqzzrl73MdXPdfDffpbpUt9Bl3jOmucVusUt36W6pW+qWu+VupVvpVrvVbq1b69a79W6j2+g2u81uq9vqtrvtbqfb6Xa73W6Pv+6XQd1+d8AdcAfdQXfIfeky3FfusPvaHXHfuKPuW3fMfeeOuxPupPvenXI/uNPujDvrzrnz7kd3wf3kLjrvkiMTIhMj70QmRd6NTI5MiUyNTIukRKZHZkTei8yMzIrMjrwfmRP5IDI3Mi8yP7Igkhr5MLIwsiiSFvkosjjycSQ9siSyNLIssjyyIuJ9wa2hL+yL+Ki/yRf1N/tivrgv4Ut650v5eH+LL+1v9WX8bb6sv92X83f48r6Cr+gf9018U9/MN/ct/BO+pX/St/KtfRv/lG/r2/n2/mmf4J/xHfyzvqP/m+/kn/Od/fO+i3/Bd/XdfHf/ou/hX/I9fS+f6Hv7Pv5l39f38/39AD/Qv+IH+Vf9YP+aT/JD/FD/uh/m3/DD/Zt+hB/pR8W85UdffkSG8T7ZT/AT/Tt+kn/XT/ZT/FQ/zaf46X6Gf8/P9LP8bP++n+M/8HP9PD/fL/Cp/kO/0C/yaf4jv9h/7NP9kssvlf1Kv8qv9mv8Wr/Or/cb/Ea/yW/2W/xWv81v9zv8Tr/L7/af+D1+r9/nP/X7/Wf+gP/cH/Rf+EP+S5/hv/KH/df+iP/GH/Xf+mP+O3/cn/An/ff+lP/Bn/Zn/Fl/zp/3P/oL/id/kb+zxhhjjDH23zLhSlP8Xn/v31kn/mHjPgBw7bYCGf/Yn3lHuT7vL+1+Iq5tBACe6dXlkctLtWqJiYmXtk2XEBSZB3D5X4IyxcCVeAm0gXaQAK2h9O/Ov5/odp7+xfjR2wFy/ENOLFyJr4z/+R+M/8RToxaWC8/m/i/GnwdQrMiVnOzw9/jv365oDWX+YPx8Lf/F/LN/kQzQ6h9ycsKV+Mr84+FJeBYS/mlLxhhjjDHGGGPsF/1ExU6Xnz8v/4/P33s+j1NXcjIfai/H/+r5nDHGGGOMMcYYY1ffc926P/1EQkLrTn++UeV/lMWNv7oh4K8Zx3uAy2sUAPy59AB+tQbg3342tvxb9pV06Ufn113Lz/nfnIT/w42r/BcTY4wxxhhj7C935ab/n9erqzUhxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsC/p3/Dqxq32MjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG2NX2/wIAAP//WyMKiA==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r4, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000100)={0x4c, 0x0, 0x8, 0x301, 0x0, 0x0, {0x9}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_DATA={0x1c, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_REQUEST={0x8, 0x1, 0x1, 0x0, 0x6}, @CTA_TIMEOUT_DCCP_CLOSEREQ={0x8, 0x5, 0x1, 0x0, 0x65}, @CTA_TIMEOUT_DCCP_CLOSING={0x8, 0x6, 0x1, 0x0, 0x3}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}]}, 0x4c}}, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x1e)
r5 = shmget$private(0x0, 0x3000, 0x1, &(0x7f0000ffd000/0x3000)=nil)
shmat(r5, &(0x7f0000ffc000/0x3000)=nil, 0x4000)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

56.358282754s ago: executing program 3 (id=275):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f00000000c0)=r0, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYRES32=0x1, @ANYBLOB="fdffffff00"/19, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000001600)={r5, &(0x7f0000000580), 0x0}, 0x20)
r6 = socket(0x2b, 0x1, 0x1)
setsockopt$inet6_IPV6_RTHDR(r6, 0x29, 0x39, &(0x7f0000000080)={0x0, 0x2, 0x2, 0x1, 0x0, [@mcast2]}, 0x18)
setsockopt$sock_timeval(r6, 0x1, 0x15, &(0x7f0000000000)={0x0, 0xea60}, 0x10)
connect$inet6(r6, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r6, 0x29, 0x36, &(0x7f0000000340)=ANY=[], 0x8)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4)

48.850172718s ago: executing program 3 (id=290):
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x0, 0x0)
sendmsg$NL80211_CMD_START_SCHED_SCAN(r2, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000041}, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x0, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}, @flat=@binder={0x73622a85, 0x10b}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
syz_emit_ethernet(0x0, 0x0, 0x0)
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f0000000700)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

46.857544866s ago: executing program 3 (id=291):
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), r0)
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000700)='ns/time_for_children\x00')
fchown(r3, 0x0, 0x0)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000004340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008000}, 0x4000000)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x21800, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000180), 0x0, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000040)={0x9, 0x3, 0x80, "11010000001413ff0300", 0x47425247})
r5 = socket(0x1d, 0x2, 0x6)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
read$FUSE(r6, 0x0, 0x0)
r7 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@loopback, @in6=@remote}}, {{@in6=@mcast1}}}, &(0x7f0000000200)=0xe8)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
getgid()
ioctl$VHOST_SET_OWNER(r7, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_KICK(r7, 0x4008af24, &(0x7f0000000000)={0x1})

30.583829951s ago: executing program 33 (id=291):
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), r0)
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000700)='ns/time_for_children\x00')
fchown(r3, 0x0, 0x0)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000004340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008000}, 0x4000000)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x21800, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000180), 0x0, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000040)={0x9, 0x3, 0x80, "11010000001413ff0300", 0x47425247})
r5 = socket(0x1d, 0x2, 0x6)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
read$FUSE(r6, 0x0, 0x0)
r7 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@loopback, @in6=@remote}}, {{@in6=@mcast1}}}, &(0x7f0000000200)=0xe8)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
getgid()
ioctl$VHOST_SET_OWNER(r7, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_KICK(r7, 0x4008af24, &(0x7f0000000000)={0x1})

21.90488006s ago: executing program 2 (id=331):
mknodat(0xffffffffffffff9c, &(0x7f0000000180)='./file5\x00', 0x61c0, 0x700)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e23, 0xd, @local, 0x9}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x7ad3db81}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x2b, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000140), 0x24, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
llistxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000007, 0x13, r4, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f0000000040)={0x0, 0xb, 0x0, 0x1b, 0x0, 0x4f, 0x0, 0xe7})
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x4, &(0x7f0000000040)=""/173, &(0x7f0000000100)=0xad)
time(0x0)

19.097393299s ago: executing program 1 (id=334):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000", 0xe)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0xfff, 0x4000000007}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x4008, &(0x7f0000000340)=ANY=[], 0x3, 0x60f2, &(0x7f0000032680)="$eJzs3U1vHVf9B/DfffC147RpVP1V5R+xcFMeWkrznEB5asqCBSxAQl2TyHWrlBRQEhCtIuLKC8QGeAmw6YZFJV4BL6CvASGxJVLSVReUQWOf44xvrn3tJp659vl8pJuZ35w7vmfyveOZ65m5EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/OD7PznXi4irv04Tjkc8FYOIfsSRul6KeuRKfv4wIk7EenM8FxGD+Yh6/vV/nom4GBEfH4u4/+DOcj35/C77cens7Zuf/fB7//jdH9dOvPPmTz8cb//x/1346Pd3I47/6NWPPrv7ZJYdAAAASlFVVdVLH/NPps/3/a47BQC0Im//qyRPV6vVavUTrf/Q38vznzradX/Vh7Ruqia72ywiYrU5T73P4HA8ABwwq/Fp112gQ/Iv2jAijnbdCWCm9bruAPvi/oM7y72Ub6+5PVjaaM9/p9yS/2pv8/qO7YbTjJ9j0tb7ay0G8ew2/TnSUh9mSc6/P57/1Y32UXrefufflu3yH21c+lScnP9gPP8xW/L/U0Qc2Pz7E/MvVc5/uJf8VwcHeP2XPwAAAAAAh1/++//xjo//zj/+ouzKTsd/l1rqAwAAAAAAAAA8aY97/79N7v8HAAAAM6v+rF7787GH07b7LrZ6+hu9iKfHng8UZqnx5YAAAAAAAAAAAAAAQDuGEYvpvP65iHh6cbGqqvrRNF7v1ePOf9CVvvxQsq5/yQMAwIaPj41dy9+LWIiIN9J3/c0tLi5W1VxELFZH5vP+7Gh+oTrS+Fybh/W0+dEudoiHo6r+YQuN+ZqmfV6e1j7+8+rXGlWDXXSsHR0GDgARsbE1um+LdMhU1TPR9V4OB4P1//Cx/rMbXb9PAQAAgP1XVVXVS1/nfTId8+933SkAoBV5+z9+XECtVquLqT/ZmDgz/VGr97Fuqia72ywiYrU5T73P4Hb8AHDArManXXeBDsm/aMOIONF1J4CZ1uu6A+yL+w/uLPdSvr3m9mBpoz2fC7Il/9Xe+nx5/knDacbPMWnr/bUWg3h2m/4811IfZknOvz+e/9WN9nyL/818FvYn/7Zsl3+9nMc76E/Xcv6D8fzH7Pf635a16E/Mv1Q5/+Ge8h/IHwAAAAAAZlj++/9xx3/zIgMAAAAAAADAgXP/wZ3lfN1rPv7/hQnP6zXHXP95aOT8e7vO3/W/h0nOvz+e/9gJOYPG+L3XH+b/yYM7yx/e/vf/5+HM5z83GNWvPdfrD4bpnJ9q7q24HjdiJc4+8vzhlvZzj7TPbWk/P6X9wiPto7r9SG4/Hcvxi7gRb262z085MWphSns1pT3nP7D+FynnP2w86vwXU3tvbFi790H/kfW+OZz0Olf++p8vP7p2tWG4pVqLweayNRyr/znVWp8eWv8/OTqKX91auXn6N9du3755LtJgy9TzkQZPWM5/Lj1y/i++sNGef+8319d7H4z2nP+sWIvhpPzX398vNMbr5X2p5b51Iec/So+cf94CTV7/D3L+E9f/9eV7uYP+AAAAAAAAAAAAAAAAwE6qqlq/RPRKRFxO1/90dW0mANCuvP2vkjxdre6g/tffZqs/arVavbXuzVh/PkfdVE32WrOIiL8356n3GX476YcBALPsvxHxz647QWfkX7D8fX/18ItddwZo1a333v/ZtRs3Vm7e6ronAAAAAAAAAMDnle//udS4//P6eUBj943ecv/X12PpwN7/sz8arN/rPC3Q87Hz/b9Pxc73/x5Oeb25Ke2jKe3zU9oXprRPvNCjIef/fMo4538yLVhJ9399sYP+dC3nfyrd6znn/5Wx5zXzr/5ykPPvb8n/zO13f3nm1nvvv3L93Wtvr7y98vNzZy9fvHDp4oVLl868df3GytmNfzvs8f7K+ed7XzsPtCw5/5y5/MuS8/9SquVflpT/5m6o/MuS1/+8vyf/suT882cf+Zcl5/9SquVflpz/V1Mt/7Lk/F9OtfzLkvP/WqrlX5ac/yupln9Zcv6nUy3/suT8z6Ra/mXJ+ecjXPIvS84/n9kg/7Lk/M+nWv5lyflfSLX8y5Lzv5hq+Zcl538p1fIvS87/cqrlX5ac/9dTLf+y5Py/kWr5lyXn/2qq5V+WnP83Uy3/suT8v5Vq+Zcl5//tVO+U/zst9ot25Py/k2rrf1ly/t9NtfzLkvN/LdXyL8vD7/83sueRxdnoRpsjVRUxA90wsu8jXf9mAgAAAAAAAAAAAADGtXE6cdfLCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX27jVGrrO+H/izV6+TQPwnIYQQiO1cMGST3fUtMcFgrv809JIGQksLdYy9dgy+1buGBKFmaWgLAqmR2hf0RSkgQEhtlahCKpUoilSk9k1VXhVFlVArIdWVoDIRVKICtjpznufZmdnZmV3vrj1zzueD4p+9M2fmmTNnZve76DsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABotuNts380FEIo/mv8sS2E64q/bw2Hin8u7L/aKwQAAADW6+eNP//q+vyFQ6vYqOk6//iaf/n64uLiYvjgixd/8SeLi/mC7SGMbAmhcVnyTz/9yWLzdaKnw8TQcNO/h3vc/UiPy0d7XD7W4/LxHpdv6XH5RI/Ll+2AZbaWv49p3Ngdjb9uK3dpuDGMNS67o8NWTw9tGR5Ov8tpGGpsszh2PJwMp8JsmF62zVDjfyF8c0dxXw+GdF/DTfd1awjh0o8+fjStYSju4ztCy501ND93P3xL2P7ijz5+9KvzP3hlp9lzNyxbaQi7dhbr/GQIS7+uCkNhS94naZ3DTeu8tcM6R1rWOdTYrvh7+zovrXKd6XFPxHV+p8s6b41fe+L2EMJCWPE67Z4Ow+GatnvN+3uiPCKK2yieypeF0TUdJztWcZwU23z/9tbjpP2YTPt/R9wnoyusofnp+OEnxpft98s9TopH3Q/HanHbDxd3OjHR/KvVlmO1uM7H71z5GOj43HU4BvKx3HQM7Ox1DAyPjzSOgeGlNe9sOQZmlm0zHIYa93Xxzu7HwNT86XNTc09+7J6Tp4+cmD0xe2Zmev/ePfv27tm3b+r4yVOz0+Wfa9ulA+SaMJyPwZ3xvSYdg69tu27zIbn4xY17HUz0yeugeOzvuatY0HXDYYVjvLjOJ3et/3WQv+83vQ5Gm14HHd9TO7wORlfxOiiuc2nX6r5njjb912kNm/VeuK3pGLia3w+L+3z/61Z+L7w1rutTr1/r98ORZcdAelhD8bVXfCX/vDdxf9wvy4+LW4oLrh0PF+Zmz9/7xJH5+fMzIY4r4oam56r9eLmm6TGFZcfL8JqPl0N/+bO7bunw9W1xX03cvfRcjXd4Horr7J3s/lw13t0778+Wr+4OcWywK70/O303K/ZnzhJdjv3iOp+8Z/0/C+Zc0vT+N9br/W9kbLR8/xvJe2Os5f1v+VMz0lhZCJfuWd3731j870q//93YJ+9/xb56/73dj4HiOp+aWusxMNr1/e/2OIfiel4XE8NEU+7/RePyhfIwbXouex43o6Nj8bgZTffYetzsWbZNcWvFfe+avrzjZtftrc9Vy88tFTxuin31p9Pdj5viOs/PrP+9Y2v6a9N7x3ivY2BsZLxY71g+CMr3u8Wt6Ri4NxwNZ8OpcCxvUzzLxX1N7l7dMTAe/7vS7x0398kxUOyrz+3ufgwU1/n2no392WlX/Eq+TtPPTu2/X1gp898yunR77bttozN/sc637+3+u6HiOj/Yu9ac0X0/3R2/cm2H/dT++lnpmD4Wrsx+ujmu89S+7r+bKq5z4/5VHk+HQggvzLzQ+H1X/P3u31z416+3/N630++UX5h54aGpR767lvUDAHD5ftH4c2G8/Fmz6f+xXs3//w8AAAAMhJT7h+PM5H8AAACojJT7R+LM5H8AAACojJT7R+PMapL/H7//wLM/fyrkTwNcjNLlaTc8/KbyeqnjvRD/vX1xSfH1t3557NlPP7W6+x4OIfzsoVd1vP7jb0rrKp1L63xD69eXufm2Vd3/Y48uXa/58xMuHShvPz2e1R4Gqav8zandjdvd/uRMYz7/UGjMRxY+9XR5++W/0/Uv7imv/+fxQ0sOHR9q2X5XXM8dcW6Pnynz8KGl/VDMtN2zt77mH25479L9pe2Gdr608TA/93vl7abPiHrmhvL66XGvtP6//8zXni2u/8Sdndf/1HDn9V+Mt/v9OH96sLx+8z7/dNP6/yCuP91f2u7eL32r4/qfe0V5/eficfGFONvX/5Y/fvXPOz1f6X4OPVBul+5/+n/2NrZLt5duv339E0/NtOyP9tt//sXydg5+5McjzddPX0/3kzz2QOvxPRSf35YeeQjha38YWvZzeGO53d+1rT/d3rkHOq//7rZ1nhu6rbH90uPZ1vK4Pv+V3R0fb1rPob/e1vJ4nnlH3H8vTn27uN2Lj8TjMV7+v98pb6/9s0yfe0fr+026/he2la/bdHtTbet/pm39C7cV+673+h98sVz/c2/e0rL+Q++Mx9OD5ey1/hN/cX3L9l/8avl8nP/o5JmzcxdOHosPZlvb63jLxNZrrr3uJS+9Pr6Xtv/78Nn5x2fPb5/ePh3C9gH8yMDNXv+X4vzvcixs/D2Uvvvj8rj77LvK71uv/Un572fi1x+Lz2f6/vj5PxtrOV7bn/eFN5dzvet/fVzHar3iM/9xW4cv/+eyz/y9+IFvXvjb3/9B+88F6fGce/lE4/F9bsdNjcuGni8vb3+/6uXfX976uv7e6HRjfiPu18X4ycw7byrvr/3202eTfPbd5es3/SSXtg9tnyeybaT1cax3/d+LP8d86+bW9790fHzjqbZPc94WhoolLMT3h7BQXp6ulfb3Zy/d1PH+0ufwhIVXrmWZK5p7cm7q1MkzF56Ymp+dm5+ae/Jjh0+fvXBm/nDjs0sPf6jX9kuv72sar+9js/v3hsar/Ww5NtnVXv+5R48eu2/6rmOzx49cOD7/6LnZ8yeOzs0dnT02d9eR48dnP9pr+5PHDs7sPrDnvt2TJ04eO3j/gQN7DkyePHO2WEa5qB72T3948sz5w41N5g7uPTCzb9/e6cnTZ4/NHrxvenryQq/tG9+bJoutPzJ5fvbUkfmTp2cn505+bPbgzIH9+3f3/PTH0+eOz22fOn/hzNSFudnzU+Vj2T7f+HLxva/X9tTD3Nn4ftdmKP50/r679+fPxy18+RMr3lR5ldYfT8MP42dBpe9vvf6dcv9YnFlN8j8AAADUQcr98YP/ly6Q/wEAAKAyUu7fEmcm/wMAAEBlpNw/EWdWk/yv/6//r/+v/6//fwX7/0H/f6Pp/29I/385/f9V0f/X/9f/1/+nu37r/6fcvzWEWuZ/AAAAqIOU+6+JM5P/AQAAoDJS7r82zkz+BwAAgMpIuf+6OLN65P+x9r/q/+v/6/839//TdfX/g/6//v9l0v/X/+9G/1//f5DX34f9/636//Sbfuv/p9z/kjizeuR/AAAAqIWU+18aZyb/AwAAQGWk3H99nJn8DwAAAJWRcv+2OLOa5P8NPP//Z+JF+v/6/4Pe/z+djmPn/9f/1/9fP/1//f9u9P/1/wd5/X3Y/++z8/+3f4enjvqt/59y//+LM6tJ/gcAAIA6SLn/ZXFm8j8AAABURsr9N8SZyf8AAABQGSn33xhnVpP8v4H9f+f/1/+vSv+/6fz/+v/N9P/1/y+H/r/+fzf6//r/G7/+ofhjgv5/r+2d/58rod/6/yn3vzzOrCb5HwAAAOog5f6b4szkfwAAAKiMlPtfEWcm/wMAAEBlpNx/c5xZTfK//r/+v/6//r/+v/7/ZtL/1//vRv9f/3+Q16//r/9Pb/3W/0+5/5VxZjXJ/wAAAFAHKfffEmcm/wMAAEBlpNz/qjgz+R8AAAAqI+X+W+PMapL/9f/7qv//ZND/X97/H9b/1/8vrbX/37DQe/36/5trsPr/wyteov9f0v9vpf+v/6//r/9Pd/3W/0+5/9VxZjXJ/wAAAFAHKfe/Js5M/gcAAIDKSLn/tjgz+R8AAAAqI+X+7XFmNcn/+v991f93/n/n/9f/d/7/pf7//JD+/yo4/7/+f9D/v2xXuz8/6OvX/9f/p7d+6/+n3L8jzqwm+R8AAADqIOX+nXFm8j8AAABURsr9t8eZyf8AAABQGSn33xFnVpP8r/9/mf3/ra3/1P/vvH79f/1//X/n/9f/1//vRv9f/3+Q16//v7r+/3ivG6LS+q3/n3L/nXFmNcn/AAAAUAcp998VZyb/AwAAQGWk3P/aODP5HwAAACoj5f5dcWY1yf/6/87/r/+v/6//r/+/mfT/V93/33o569qU/n96k9X/70n/X/9/UPr/Ex22d/5/roR+6/+n3P+6OLOa5H8AAACog5T7Xx9nJv8DAABAZaTcf3ecmfwPAAAAlZFy/2ScWU3yv/6//r/+v/6//r/+/2aqav8/v486/7/+v/6//v8m9/+/ssL2g3L+f+qt3/r/KfffE2dWk/wPAAAAdZBy/71xZvI/AAAAVEbK/VNxZvI/AAAAVEbK/dNxZjXJ/9Xv/7c3i0v6/yX9f/3/oP+v/7/Jqtr/bz//fwhB/1//P9P/1//vt/P/d6L/z5Ww/v7/eN6k8ec6+/8p98/EmdUk/wMAAEAdpNy/O85M/gcAAIDKSLl/T5yZ/A8AAACVkXL/3jizmuT/6vf/O9P/L+n/6/8H/X/9/01Wl/6/8/+Xl+v/l/T/9f/1//X/62i4w9fW3/9f2qTx5zr7/yn374szq0n+BwAAgDpIuX9/nJn8DwAAAJWRcv99cWbyPwAAAFRGyv33x5nVJP/r/+v/6//r//dv/7/1/jev//9f+v+bSP9f/78b/X/9/0Fev/6//j+9bWz///p19/9T7j8QZ1aT/A8AAAB1kHL/G+LM5H8AAACojJT7H4gzk/8BAABgoHQ6D2GScv8b48xqkv/1/6ve/1/cov+v/z+4/f/W/en8//r/ncS3T/3/VapX/3/rsvvT/291tfvzg75+/X/9f3rb2P7/sh9P19z/T7n/YJxZTfI/AAAA1EHK/W+KM5P/AQAAoDJS7n9znJn8DwAAAJWRcv+hOLOa5H/9/6r3//vv/P9DYXD7/6P6//r/+v9r5vz/+v/dOP//YPb/0+du6P/3T/+/OIb0/+lH/db/T7n/LXFmNcn/AAAAUAcp9781zkz+BwAAgMpIuf9tcWbyPwAAAFRGyv1vjzOrSf7X/9f/d/5/5//X/9f/30z6//r/3ej/D2b/P9H/75/+v/P/06/6rf+fcv874sxqkv8BAACgDlLuf2ecmfwPAAAAlZFy//+PM5P/AQAAoDJS7n8wzqwm+b9C/f+xOPX/9f/1//X/G/T/+4P+v/5/N/r/+v+DvH79f/1/euu3/n/K/b8UZ1aT/A8AAAB1kHL/Q3Fm8j8AAABURsr974ozk/8BAACgMlLu/+U4s5rk/wr1/0t9ev7/4Xz7+v/6//r/+v/6/xtpQPv/E/r/Jf1//f9BXr/+v/4/vfVb/z/l/l+JM6tJ/gcAAIA6SLn/V+PM5H8AAACojJT7fy3OTP4HAACAyki5/+E4s5rkf/1/5//X/9f/79v+/2jr/tT/1//vZED7/87/H+n/6/8P8vr1//X/6a3f+v8p9/96nFlN8j8AAADUQcr9j8SZyf8AAABQGSn3vzvOTP4HAACAyki5/z1xZjXJ//r/+v/6//r/fdv/b9uf+v/92v//t66X6v/r/3ej/6//P8jr1//X/6e3fuv/p9z/aJxZTfI/AAAA1EHK/e+NM5P/AQAAoDJS7v+NODP5HwAAACoj5f7fjDMbzPw/vNYN9P/1//X/9f9X3f9fCCHo/+v/r5H+//L+f/EedjX7/+OruaL+/6ro/+v/6//r/9Ndv/X/U+5/X5zZYOZ/AAAAoIOU+38rzkz+BwAAgMpIuf+348zkfwAAAKiMlPvfH2dWk/yv/6//r/+v/+/8//r/m0n/v17n/x8P+v9B/1//X/9f/5+s3/r/Kfd/IM6sJvkfAAAA6iDl/t+JM5P/AQAAoDJS7j8cZyb/AwAAQGWk3P9YnFlN8r/+/1Xq/28tr6//r/9fnf7/ov6//n9H+v/16v87/39J/1//X/9f/59Sv/X/U+4/EmdWk/wPAAAAdZBy/wfjzOR/AAAAqIyU+4/Gmcn/AAAAUBkp9x+LM6tJ/tf/d/5//X/9f+f/1//fTPr/+v/d6P/r/w/y+vX/9f/prd/6/yn3z8aZ1ST/AwAAQB2k3H88zkz+BwAAgMpIuf9EnJn8DwAAAJWRcv/jcWY1yf/6//r/q+r/jwX9f/1//X/9/8ui/6//343+v/7/IK9f/1//n942rv//zxvS/0+5/2ScWU3yPwAAANRByv0fijOT/wEAAKAyUu7/cJyZ/A8AAACVkXL/qTizmuR//X/9f+f/b/T/G7dfmf7/qP5/0P/vG/r/+v/d6P/r/w/y+vX/9f/pbShsVP8/bEj/P+X+03FmNcn/AAAAUAcp95+JM5P/AQAAoDJS7j8bZyb/AwAAQGWk3H8uzqwm+V//X/9f/9/5//X/9f83k/6//n83+v/6/4O8fv1//X9627jz/29M/z/l/t+NM6tJ/gcAAID/Y+8+muw6qz0Ob9mSW12uW3fEnK/AjBl8A38GJkwpcs7RgMnJ5JxzMtHknHMwOSeDyWCoMmX1WkuWdHrv00d9+uz9vs8zuOuaK6xtqUq3/uX61duD3P33iVvsfwAAAGhG7v77xi32PwAAADQjd//94pZO9r/+X/+v/9f/6//1/9uk/9f/j9H/L6f/P7Piv6//1//r/5ly0v3/FcN4/5+7//5xSyf7HwAAAHqQu/8BcYv9DwAAAM3I3f/AuMX+BwAAgGbk7n9Q3NLJ/tf/6//1/7Pp/w86P/2//l//fyT6f/3/sOv+fz/+ovH+fxX9v/5f/8+Uub3/n7v/wXFLJ/sfAAAAepC7/yFxi/0PAAAAzcjd/9C4xf4HAACAZuTuf1jc0sn+1//r/9vt//eW1v97/z9/X1vs/0+d/2n1/8dL/6//H3bd/3fy/v8q+n/9v/6fKXPr/3P3Pzxu6WT/AwAAQA9y9z8ibrH/AQAAoBm5+x8Zt9j/AAAA0Izc/Y+KWzrZ//p//X+7/f/i3v/X/+fvaxP9/379fbz/r//X/x9O/6//X/L36//1/0ybW/+fu//RcUsn+x8AAAB6kLv/MXGL/Q8AAADNyN3/2LjF/gcAAIBm5O5/XNzSyf7X/+v/9f/6f/3/Cbz/r//X/+v/V9L/6/+X/P36f/0/0+bW/+fuf3zc0sn+BwAAgB7k7n9C3GL/AwAAQDNy9z8xbrH/AQAAoBm5+58Ut3Sy/4/W/5/S/x9C/7/6+/X/+n/9v/5f/6//H6P/1/8v+fv1//p/pm29/7/m2nN33f4/d/+1cUsn+x8AAAB6kLv/yXGL/Q8AAADNyN3/lLjF/gcAAIBm5O5/atzSyf5f0f9fOSz4/f+z6/3U+v/4+S/s/287pf/X/8+z/781/pTR/+v/L7Xs/v+s/n9n/f+e/n+0n1/vV0L/r//X/zNl6/3/RO9/8V/n7r8ubulk/wMAAEAPcvc/LW6x/wEAAKAZufufHrfY/wAAANCM3P3PiFs62f9He/9//v2/9/93+/5//n230P+fWfX9+v9e+v8D3v/X/6+y7P7f+/9b7P/vmb+Y3v8/3K77+aV//1j/f7c1vl//Tw/m1v/n7n9m3NLJ/gcAAIAe5O5/Vtxi/wMAAEAzcvc/O26x/wEAAKAZufufE7d0sP9Pb6n/v2rNn1//317/3837//sH/339/4Xfo//X/6+i/9f/j9nd+/9H6P/3D/9+/f96/fwVx/K1u/v+w3j/f7r/v3rqb0Lz5tb/5+5/btzSwf4HAACAXuTuf17cYv8DAABAM3L3Pz9usf8BAACgGbn7XxC3dLL/vf+v/9f/e///svr/K7fR/59e+eup/9f/r6L/1/8P2+7/R+j/vf+v//f+P+Pm1v/n7r8+bqnhd3qDf0oAAABgTnL3vzBu6eTf/wMAAEAPcve/KG6x/wEAAKAZuftfHLd0sv/1//p//f/W+/+94aIf31T/7/1//f8E/X9z/f8p/f95+n/9v/5f/8+4ufX/uftfErd0sv8BAACgB7n7Xxq32P8AAADQjNz9L4tb7H8AAABoRu7+l8ctnex//b/+X//v/X/9v/5/m/T/zfX/3v+/A/2//l//r/9n3Nz6/9z9r4hbOtn/AAAA0IPc/a+MW+x/AAAAaEbu/lfFLfY/AAAANCN3/6vjlsXt/4sL2vXo//X/+n/9v/5f/79N8+//z6z1o/T/B/T/F9pW/3/2kJ9P/z+v7z+e/j9/9/X/tOmo/f+ITfv/u9/xr3P3vyZuWdz+BwAAAA6Tu/+1cYv9DwAAAM3I3f+6uMX+BwAAgGbk7n993NLJ/j+s/7/l6oP/+0T/n79g+v+4+n/9/6D/L/p//f+wiP5/Pfr/A/r/C3n/X//v/X/9P+Pm9v5/7v43xC2d7H8AAADoQe7+N8Yt9j8AAAA0I3f/m+IW+x8AAACakbv/zXFLJ/vf+//6f/2//l//r//fJv2//n/Mgvr/vVX/of5f/6//1/8zbm79f+7+t8Qtnex/AAAA6EHu/rfGLfY/AAAANCN3/9viFvsfAAAAmpG7/+1xSyf7X/+v/995/39Fk/3/uU/U/+v/9f/6f/3/uAX1/yvp//X/+n/9P+Pm1v/n7n9H3NLJ/gcAAIAe5O5/Z9xi/wMAAEAzcve/K26x/wEAAKAZufvfHbd0sv/1//r/nff/3v8v+v/4fdX/6/+PQP+v/x/0/xvbdT+/9O/X/+v/mTa3/j93/3vilk72PwAAAPQgd/974xb7HwAAAJqRu/+GuMX+BwAAgGbk7n9f3NLJ/tf/6//1//p//b/+f5v0//r/MSfb/193i/7/Qrvu55f+/fp//T/T5tb/5+5/f9zSyf4HAACAHuTu/0DcYv8DAABAM3L3fzBusf8BAACgGbn7PxS3dLL/9f9L7//vcXN8wdz6//wh+n/9/2j/vzdcSv+v/z8K/b/+f9jK+/8X/0mxmv5f/6//1/8z7sT6/3tdc++73v6/TPT/ufs/HLd0sv8BAACgB7n7b4xb7H8AAABoRu7+j8Qt9j8AAAA0I3f/R+OWTvZ/H/3/mUt+WDv9v/f/9f+z7v/zD1Xv/+v/9f/6/5Xm2/+vR/+v/9f/6/8ZN7f3/3P3fyxu6WT/AwAAQA9y9388brH/AQAAoBm5+z8Rt9j/AAAA0Izc/Z+MWzrZ/330/5fS/x849v7/tv/X/+v/yzrv/+v/9f+XS/+v/x/0/xvbdT+/9O9vuv8/Nej/ORZz6/9z938qbulk/wMAAEAPcvd/Om6x/wEAAKAZufs/E7fY/wAAANCM3P2fjRvu8n+7+6QTpf/X/3v/X/+v/9f/b5P+f4P+/9Tptb9L/39A/7+ZXffzS//+pvt/7/9zTObW/+fu/1zc4t//AwAAQDNy938+brH/AQAAoBm5+78Qt9j/AAAA0ICD3j13/xfjlk72/0T/v5c/buP+f//wn1v/r/8f9P/6f/2//v8yNdn/H4H+/4D+fzO77ueX/v2L6/9vuPAv9f+chBX9/7k/iXfV/+fu/1Lc0sn+BwAAgB7k7v9y3GL/AwAAQDNy938lbrH/AQAAoBm5+78at3Sy/1f2/3ve/9f/6/8P6/9PD/p//f/q79f/r6b/1/+P0f/r/5f8/Yvr/y+i/+ckzO39/9z9X4tbOtn/AAAA0IPc/V+PW+x/AAAAaEbu/m/ELfY/AAAANCN3/zfjlk72/8T7//r/9f5R9P8d9f/e/9f/b6H/PzPo/zem/9f/D/r/je26n1/6919O/7+v/6cTc+v/c/d/K27pZP8DAABAD3L3fztusf8BAACgGbn7vxO32P8AAADQjNz9341bOtn/Lff/Yz9M/39A/6//H/T/c+j/vf9/GfT/+v9B/7+xXffzS/9+7//r/5k2t/4/d//34pZO9j8AAAD0IHf/9+MW+x8AAACakbv/pmG40f4HAACANt107n+eHX4Qt3Sy/1vu/8fo/w/o//X/g/5f/79l+n/9/xj9v/5/yd+v/9f/M21u/X/u/h/GLZ3sfwAAAOhB7v4fxS32PwAAADQjd/+P4xb7HwAAAJqRu/8ncUtT+//i2vU8/b/+X/+v/9f/6/+3Sf+v/x+j/9f/L/n79f/6f6bNrf/P3f/TuKWp/Q8AAAB9y93/s7jF/gcAAIBm5O7/edxi/wMAAEAzcvf/Im7pZP/r//X/+n/9v/5f/79N+n/9/xj9v/5/yd+v/9f/M21u/X/u/l/GLZ3sfwAAAOhB7v5fxS32PwAAADQjd/+v4xb7HwAAAJqRu/83cUsn+1//f/t37Nd/rv/X/+v/9f9J/388uu3/b/9/q/r/Sfp//f+Sv1//r/9n2tz6/9z9v41bOtn/AAAA0IPc/b+LW+x/AAAAaEbu/t/HLfY/AAAANCN3/x/ilk72v/7f+//6f/3/Mvr/q/T/+v+VZtv/e/9/Lfp//f+Sv1//r/9n2tz6/9z9N8ctnex/AAAA6EHu/j/GLfY/AAAANCN3/5/iFvsfAAAAmpG7/5a4pZP9r//X/zfZ/+/p/9vr/73/v8j+/876f/3/OP2//n/J36//1/8zbW79f+7+P8ctnex/AAAA6EHu/r/ELfY/AAAANCN3/1/jFvsfAAAAmpG7/29xSyf7X/+v/2+y//f+v/5f/z8b+n/9/xj9v/5/yd+v/9f/M21u/X/u/r/HLZ3sfwAAAOhB7v5/xC32PwAAADQjd/8/4xb7HwAAAJqRu/9fcUsn+1//r//X/+v/9f/6/23S/y+3/79q2KD/v37Q/+v/9f/6f/0/ZW79f+7+f8ctnex/AAAA6EHu/lvjlpX7/04n9FUAAADAccrd/5+4xb//BwAAgGbk7v9v3NLJ/tf/6//1//p//b/+f5v0/8vt/73/P03/r//X/+v/GTe3/j93//8CAAD//xIM9gg=")
syz_clone3(&(0x7f00000014c0)={0x4300, 0x0, &(0x7f0000000340), &(0x7f0000000380), {0x2a}, &(0x7f0000000440)=""/34, 0x22, &(0x7f0000000480)=""/4096, &(0x7f0000001480)=[0xffffffffffffffff, 0x0, 0x0], 0x3}, 0x58)
r1 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="110000000400"], 0x48)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1, 0x0)
sendmsg$alg(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r2, 0x0, 0x0, 0x24000840)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="143bc4b06e81e702d1810cc2040000000000000000000000000000000a14000000060a090800000000000000000200fff414"], 0x3c}, 0x1, 0x0, 0x0, 0x24044800}, 0x24024088)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000001540)=ANY=[], 0x20)
openat$incfs(0xffffffffffffffff, 0x0, 0x58000, 0x4)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x204220c, 0x0, 0x1, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x4842, 0x1cb)
writev(r3, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x64000}], 0x1)

15.826900851s ago: executing program 1 (id=344):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
connect$llc(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0xe7e, 0x0)
read$msr(r2, &(0x7f0000009b80)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xd0}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x5, 0x0, 0x7, 0x9, 0x0, 0x2, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0xf1}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x9, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe5}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x11, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x9d}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x14, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
ioctl$RTC_ALM_SET(r6, 0x40247007, &(0x7f0000000300)={0xf, 0x37, 0xb, 0x6, 0x3, 0xc, 0x1, 0xcf, 0x1})

15.819210234s ago: executing program 2 (id=336):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
read(r1, &(0x7f0000000080)=""/1, 0x1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_udp_int(r2, 0x11, 0x65, 0x0, &(0x7f00000000c0))
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x1, 0x0)
r5 = openat$cgroup_subtree(r4, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
r6 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000080)='./file0\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
mount(0x0, 0x0, &(0x7f0000000100)='tmpfs\x00', 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x2e40ab, &(0x7f0000000200)=ANY=[@ANYBLOB])
keyctl$invalidate(0x15, r6)
r7 = io_uring_setup(0x4a86, &(0x7f0000000300)={0x0, 0x4178, 0x40, 0x8001002, 0x3d7})
r8 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r8, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x4f21, @dev={0xac, 0x14, 0x14, 0xe}}, 0x10, &(0x7f0000000440)=[{&(0x7f0000000300)="0800c8460f2a2a2a", 0x8}], 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c00"/44], 0x40}, 0x20000000)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_nanosleep(0xfffffff2, 0x0, &(0x7f0000000140)={0x77359400}, &(0x7f0000000040))
close_range(r7, 0xffffffffffffffff, 0x0)
r9 = add_key$fscrypt_v1(0x0, &(0x7f0000000300)={'fscrypt:', @desc4}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$unlink(0x9, r9, 0xffffffffffffffff)
close_range(r0, 0xffffffffffffffff, 0x0)

15.650613107s ago: executing program 1 (id=337):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x100)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f0000000240)={@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, 0x0})
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
capset(0x0, &(0x7f0000000080)={0x6, 0xe, 0x13e, 0x89, 0xffffffff, 0x2})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x114, 0x0, &(0x7f0000000680)="c3ef7f670000ec6783b4241544b50000000000000000000000000033a42c9550f50ac311e0f0544b00aab05450dc23d925bde6a1b56f92241432fa00228f11b0cc67e2e658d909c57270d30b39d3050b381d0000000000000004e1932780b192d2d61359ae0fe90b9d2a6faff570879d2f1b517210627c69e56ed195980a9a880700d5f059a6b7bb7b6a9787136a408914de373597695c519462765ac26a88185098ad1245c1d4d5162ce2fea5c53a8a44e93948de54e526e931694b28cdbc247797e769ef43a9f6bd08ef5c0abb843cc87035a5b7000083add0ccba38d197307108bfdbfae41be13e5d862e02e9f2d2582ff8ac1633f06ec78ba44e55b01022e4571179474ab5fdc0434372f826013043d00700", 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x10000008}, 0x50)
r6 = syz_open_dev$sg(&(0x7f00000000c0), 0x6f5e, 0x101003)
ioctl$FIBMAP(r6, 0x1, &(0x7f0000000040)=0x85)

14.712049376s ago: executing program 1 (id=338):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x240, 0x0)
ioctl$VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0585611, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x20008040)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_emit_ethernet(0xa6, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
r3 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$sock(r3, 0x0, 0x0)
sendmsg$sock(r3, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'team_slave_1\x00', <r4=>0x0})
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000300)={r6, r4, 0x25, 0x0, @val=@tcx={@void, @value=r6}}, 0x1c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r5, 0x0, &(0x7f0000000040)=@tcp6=r7, 0x1}, 0x20)
syz_emit_ethernet(0xd81, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="646f7473ac646f74732c6e6f646f74732c6e6f646f6437a8c48feb1ae05d2bef06ac573d", @ANYRESHEX=0x0, @ANYBLOB=',check=relaxed,dots,dots,tz=UTC,nodots,nodots,dos1xfloppy,dots,umask=00000000000000000007777,dots,check=strict,usefree,showexec,dots,nodots,nodots,flush,\x00'], 0xfd, 0x1bf, &(0x7f0000000840)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")

14.593670605s ago: executing program 2 (id=339):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x802, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000001800dd8d0000000000000000020000000000fc050000000006001500010000001800168014000100800000100000030000001000000011"], 0x3c}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000a0)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
prctl$PR_GET_TSC(0x43, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(r2, 0x2, &(0x7f0000000180)=0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
ptrace$setregs(0xf, r5, 0x0, &(0x7f00000003c0))
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f0000000740)={0x8180080, 0x0, 0x0, 0x0, {0x39}, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[0xffffffffffffffff], 0x1}, 0x58)
write$sysctl(r1, &(0x7f0000000000)='2\x00', 0x2)

11.721523855s ago: executing program 5 (id=342):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x200050, &(0x7f0000000080)=ANY=[], 0x1, 0x1d2, &(0x7f00000003c0)="$eJzs20tu00Acx/Gf67gp4f3asEBILGBDAoUNO3oALsCuak1V4QKibBIhRRyFm+QEXIELJBLsWDHIzkQklh2PnVDn8f1Ibf7q+OeZSDPuzMICsLVuJL89eQqSyhjTfyDpzWtJjZoHB+C/MvpjAGwr/2fdIwBQj9GBn+wDBp7049eXo6H9CRz3D6ODnXGxJ2kqv+ua/+oln/ca0nAq37S3LNy/fBvnH2k2f6lk/61UvpVz/Xf76aX+/vjhbP6ypCuSrkq6Jum6PWvdlHQro//jVP93HccPLCKefe1F8wvcIH56vD2NwqdZjX5xPrD5Z9nNU4+QQeYFuza/7zjevPzzivmmzbePPkTHGe07Fe8LuIjnV7tZdFUrdx66rH9jTD+vzZd+m/T6f1U0nn8a89c/gDnOu713h1EUfipRBEkxeWiUiMeXl+zLqfC05Btue7GX0RRUnC3p4r49ea7EN43/fa3AMFyLyaq9yL4AbKrO57OPnfNu78np2eFJeBK+33/xcnLsTs7lndzTOYA1N7s5BwAAAAAAAAAAAAAA6+i2pDtVgq4v+AEAAABYGct9ZyiQMl7Fq/s7AgAAAAAAAAAAAAAAAAAAAJvibwAAAP//CWZIGA==")
truncate(0x0, 0x1bf8)
sendmsg$NFT_MSG_GETOBJ(0xffffffffffffffff, 0x0, 0x40004)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000001d40)={'wlan1\x00'})
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
userfaultfd(0x80001)
r2 = openat$adsp1(0xffffffffffffff9c, 0x0, 0xa0301, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, 0x0)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYRESHEX=r0, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',grou', @ANYRESDEC=0x0])
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x10408, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
r3 = openat(0xffffffffffffff9c, 0x0, 0x80101, 0x0)
ioctl$HIDIOCSUSAGES(r3, 0x501c4814, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000700)='./file1\x00', 0x42041, 0x12c)
pwrite64(r4, &(0x7f0000000140)='2', 0xfdef, 0xe7c)

10.205376717s ago: executing program 5 (id=345):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x0, 0x0, 0x4}, 0xfe}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='\x00@\x00\x00\x00B\x00\x00\x00', @ANYRES32=0x1, @ANYBLOB="fdffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000001600)={r6, &(0x7f0000000580), 0x0}, 0x20)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
r7 = socket(0x2b, 0x1, 0x1)
setsockopt$inet6_IPV6_RTHDR(r7, 0x29, 0x39, &(0x7f0000000080)={0x0, 0x2, 0x2, 0x1, 0x0, [@mcast2]}, 0x18)
setsockopt$sock_timeval(r7, 0x1, 0x15, &(0x7f0000000000)={0x0, 0xea60}, 0x10)
connect$inet6(r7, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r7, 0x29, 0x36, &(0x7f0000000340)=ANY=[], 0x8)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r7, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4)
syz_io_uring_setup(0x8d2, &(0x7f00000001c0)={0x0, 0xb0a8, 0x80, 0x1, 0x37a}, &(0x7f00000002c0), &(0x7f0000000080), &(0x7f0000000000))
close(r1)

9.321604167s ago: executing program 2 (id=346):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$dri(&(0x7f0000000240), 0xd21, 0x4000)
connect$unix(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000040)={0x0, &(0x7f0000000480)=[@nested_amd_vmload={0x182, 0x18, 0x3}, @uexit={0x0, 0x18, 0x8001}, @wr_drn={0x68, 0x20, {0x3, 0xc4}}, @nested_amd_invlpga={0x17d, 0x20, {0x0, 0xdaae}}, @code={0xa, 0x56, {"f20f108100680000470f0966b808018ed80f2043410f01d166ba400066ed66baa100b000eec744240051000000c74424020d000000ff1c242ef30fc7b680ffffff410f01f8"}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x2, @save_area=0x457, 0x10, 0xffff, 0x2}}, @uexit={0x0, 0x18, 0x2}, @nested_amd_inject_event={0x180, 0x38, {0x3, 0x56, 0x2, 0x4, 0x2}}], 0x14e})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
syz_clone(0x100011, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x1, 0x2, &(0x7f0000000140)=@raw=[@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x8}, @exit], &(0x7f00000000c0)='GPL\x00', 0x9}, 0x94)
r3 = syz_open_dev$vim2m(&(0x7f0000000680), 0x8, 0x2)
r4 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$USBDEVFS_REAPURB(r5, 0x4008550c, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x800007, 0x11, r3, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r6 = syz_open_dev$vim2m(0x0, 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x300, 0x59555956, 0x7, 0x0, [{0x0, 0x1000}, {}, {0x1, 0x6}, {0x8}, {}, {0x0, 0x4}], 0x6, 0x6}})

7.57519798s ago: executing program 4 (id=348):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000240), 0x1, 0x4bf, &(0x7f0000000540)="$eJzs3c9vG1kdAPDvTJImm81usrASPwRsWRYKqtZO3N1otaflAkKrlRArThzakLhRFDuOYqc0oYf0f0CiEif4EzggcUDqiTs3uCGkckAqUIEaJA5GM56kaWqnEU08Vfz5SE8zb57t73tt573pt41fACPrckTsRcSliLgREbPF9aQo8VGvZK97/OjO8v6jO8tJdLuf/iPJ27NrceQ9mVeLz5yKiB98N+LHybNx2zu760uNRn2rqFc7zc1qe2f3L2vNpdX6an2jVltcWJz/4Nr7tTMb61vNXz/8ztrHP/zdb7/84A973/pp1q2Zou3oOM5Sb+gTh3Ey4xHx8XkEK8FYMZ5LZXeE/0saEZ+JiLez+79bdm8AgGHodmejO3u0DgBcdGmeA0vSSpELmIk0rVR6Obw3YzpttNqdqzdb2xsrvVzZXEykN9ca9fkiVzgXE0lWX8jPn9Rrx+rXIuKNiPjZ5Ct5vbLcaqyU+eADACPs1WPr/78ne+s/AHDBTZXdAQBg6Kz/ADB6rP8AMHqs/wAweqz/ADB6rP8AMHqs/wAwUr7/ySdZ6e4X33+9cmtne711692Venu90txeriy3tjYrq63Wav6dPc3nfV6j1dpceC+2b1c79Xan2t7Zvd5sbW90ruff6329PjGUUQEAJ3njrft/SiJi78NX8hJH9nKwVsPFlpbdAaA0Y2V3ACjNeNkdAErj7/hAny16nzLwvwjdG/gWUwu85K58Qf4fRpX8P4wu+X8YXfL/MLq63cSe/wAwYuT4gXP4938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC48GbykqSVYi/wmUjTSiXitYiYi4nk5lqjPh8Rr0fEHycnJrP6QtmdBgBeUPq3pNj/68rsOzPHWy8l/5nMjxHxk198+vPbS53O1kJ2/Z+H1zv3iuu1EwPZahAASnKwTh+s4wceP7qzfFCG2Z+H3+5tLprF3S9Kr2U8xvPjVP7gMP2vpKj3ZM8rY2cQf+9uRHy+3/iTPDcyV+x8ejx+Fvu1ocZPn4qf5m29Y/Zr8dkz6AuMmvvZ/PNRv/svjcv5sf/9P5XPUC/uYP7bf2b+Sw/nv7EB89/l08Z47/ffG9h2N+KL4/3iJ4fxkwHx3zll/D9/6StvD2rr/jLiSvSPfzRWtdPcrLZ3dt9day6t1lfrG7Xa4sLi/AfX3q9V8xx19SBT/ay/f3j19ZPGPz0g/tRzxv/1U47/V/+98aOvnhD/m1/r//v/5gnxszXxG6eMvzT9m4Hbd2fxV/qPv3jP4PFfPWX8B3/dXTnlSwGAIWjv7K4vNRr1LSdDO8me3V6Cbjgp7ST7E3AWn/O5c+xq2TMTcN6e3PRl9wQAAAAAAAAAAAAAABhkGD/wVPYYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+FwAA//+vctdr")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x1)
mlock2(&(0x7f0000627000/0x3000)=nil, 0x3000, 0x0)
mlock(&(0x7f0000626000/0x5000)=nil, 0x5000)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000002340), 0x40800)
mkdirat(0xffffffffffffff9c, 0x0, 0x195)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=@base={0x13, 0x80000001, 0x35b3, 0x2, 0x800, 0xffffffffffffffff, 0xa, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x2}, 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001180)={r4, 0x0, 0x0}, 0x10)
socket$key(0xf, 0x3, 0x2)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x8001}, 0x8)
getsockopt$bt_hci(r3, 0x84, 0x7f, 0x0, 0x0)
chown(&(0x7f0000000240)='./file1\x00', 0xee00, 0x0)

6.606782433s ago: executing program 4 (id=349):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
pwritev(r0, &(0x7f0000000340)=[{0x0}, {&(0x7f0000000280)="01000000", 0x4}], 0x2, 0x3, 0x7fffffff)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, 0x0, 0x0)
socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x103}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f00000000c0)=0x7)
rt_tgsigqueueinfo(r2, r2, 0x2a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(0x0, 0x1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x1ff})
r5 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000000000/0x4000)=nil)
shmctl$SHM_UNLOCK(r5, 0xc)
mount(0x0, 0x0, 0x0, 0x2204c96, 0x0)
lseek(0xffffffffffffffff, 0xfffd, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
ioctl$USBDEVFS_DISCARDURB(r6, 0x550b, 0x0)
ioctl$FE_READ_UNCORRECTED_BLOCKS(0xffffffffffffffff, 0x80046f49, &(0x7f0000000000))

6.431222932s ago: executing program 5 (id=350):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x30000, 0x0)
getdents64(r4, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000100)=0xfffffffd, 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10)
sendto(r0, &(0x7f00000002c0), 0xfffffffffffffe92, 0x0, 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000700)='/dev/comedi4\x00', 0x80100, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
socket$kcm(0x2, 0xa, 0x2)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
truncate(0x0, 0xa)
socket$nl_xfrm(0x10, 0x3, 0x6)

4.820396295s ago: executing program 4 (id=351):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
clock_gettime(0x6, &(0x7f0000000180))
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(r3, 0x891b, &(0x7f0000000000)={'lo\x00', {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xa}}})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
prctl$PR_SET_MM(0x23, 0x2, &(0x7f0000ffc000/0x4000)=nil)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='environ\x00')
preadv(r5, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0xadc091d}], 0x1, 0xc002a0, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f00000000c0), 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
creat(&(0x7f0000000280)='./file0\x00', 0x8)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000140)=ANY=[], 0x10)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20000023896)
pread64(0xffffffffffffffff, &(0x7f0000019400)=""/102344, 0xfffffcbb, 0x1c2a)
ioctl$UI_DEV_SETUP(r6, 0x405c5503, &(0x7f0000000200)={{0xf272, 0x401, 0x934, 0x3}, 'syz0\x00', 0x4c})

3.757981779s ago: executing program 1 (id=352):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x200000000000000)
creat(&(0x7f0000000280)='./file0\x00', 0x108)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20000023896)
r4 = syz_open_procfs(0x0, &(0x7f00000193c0)='net/igmp6\x00')
pread64(r4, &(0x7f0000019400)=""/102344, 0xfffffcbb, 0x1c2a)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a3100000000080005400000000209000200737997310000000008000a40fffffffc14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0x30, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xb}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x58}, 0x1, 0x0, 0x0, 0x4000850}, 0x4000000)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, &(0x7f0000000040)={0x2, 0x2, @loopback}, 0x10)
sendmsg$rds(r6, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000480)=[@fadd={0x58, 0x114, 0x6, {{0x7, 0xe6}, 0x0, 0x0, 0x4f048974, 0x1, 0x5, 0x80000001, 0x1, 0x9}}, @fadd={0x58, 0x114, 0x6, {{0x2, 0x200e}, 0x0, 0x0, 0x562, 0x9bc0, 0x6, 0xb, 0x1, 0x7fff}}], 0xb0}, 0x0)
sendmsg$NFT_MSG_GETSET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c80)={0x14, 0xa, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x9}}, 0x14}, 0x1, 0x0, 0x0, 0x24048014}, 0x4000)

3.748218141s ago: executing program 5 (id=361):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x1000000)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ptrace$getregset(0x4204, r1, 0x200, &(0x7f00000001c0)={&(0x7f0000000040)=""/93, 0x5d})
bind$unix(r3, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x5231c0, 0xf1)
r4 = socket$inet(0x2, 0x801, 0x0)
listen(r4, 0x540)
pipe2(&(0x7f0000000100)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
splice(r4, 0x0, r5, 0x0, 0x7ffff000, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
semctl$SEM_STAT(0x0, 0x2, 0x12, &(0x7f00000000c0)=""/63)
madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x66)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x0, 0x2})

3.637125102s ago: executing program 4 (id=353):
r0 = socket(0x11, 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000200)={0x6, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x20000}}, {{0xa, 0x4e24, 0x0, @private2}}}, 0x108)
preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000580)=""/118, 0x76}, {0x0}], 0x2, 0x9, 0x100)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000200), r1)
setsockopt(r0, 0x107, 0x1, &(0x7f00000001c0)="110000000200060000071a80010061cc", 0x10)
write(0xffffffffffffffff, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f750800390005", 0x26)
r6 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)=ANY=[@ANYBLOB="2c0000001100050026bd7000feffffff07000000", @ANYRES32=r7, @ANYBLOB="00000000000000000c001a800800048004000380"], 0x2c}, 0x1, 0x0, 0x0, 0x800c000}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x27, &(0x7f0000001680)=0x5, 0x4)
r8 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x2000)
ioctl$SNDRV_PCM_IOCTL_FORWARD(r8, 0x40084149, &(0x7f0000000040)=0x9)

2.594202945s ago: executing program 5 (id=354):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x54, 0x10, 0x401, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x741d4, 0x2028}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'syz_tun\x00'}, @IFLA_CARRIER={0x5, 0x21, 0x5}, @IFLA_VFINFO_LIST={0x18, 0x16, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@IFLA_VF_VLAN={0x10, 0x2, {0x1, 0x2ed, 0x6}}]}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x5}, 0x40080)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000700)=@ethtool_flash={0x33, 0xea6, '.\x00'}})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x200000a, 0x5d031, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000280)={0x0, 0x4}, 0xe)
shutdown(r3, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={<r4=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x3, @local}]}, &(0x7f0000000240)=0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000040)={r4, 0x2, 0x4}, 0x8)
unshare(0x26020480)
r5 = fsopen(&(0x7f0000000000)='pipefs\x00', 0x0)
r6 = fsmount(r5, 0x0, 0x0)
r7 = landlock_create_ruleset(&(0x7f00000000c0)={0x5949}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r7, 0x1, &(0x7f0000000080)={0x1008, r6}, 0x0)
r8 = userfaultfd(0x801)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r8, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000})

2.050602099s ago: executing program 1 (id=355):
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000040)=@v={0x93, 0x0, 0x80, 0x16, @MIDI_NOTEON=@special, 0xee, 0x8})
r1 = socket$nl_route(0x10, 0x3, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000000)={'wg2\x00'})
socket(0x10, 0x3, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x4780, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_open_dev$video(&(0x7f0000000000), 0x8, 0x20202)
syz_open_dev$audion(&(0x7f0000000040), 0x1ff, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x80000000, 0x0)
syz_open_dev$usbfs(&(0x7f0000000040), 0x76, 0x101a01)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1cf)
r2 = creat(&(0x7f00000002c0)='./file1\x00', 0x40)
ioctl$sock_proto_private(r2, 0x89e5, &(0x7f0000000300)="6218")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x8000, 0x44, 0x18}, 0x18)
open(&(0x7f0000000000)='.\x00', 0x1000000, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f00000007c0)={0x14, r3, 0x31, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x20000000)

1.869979484s ago: executing program 2 (id=356):
getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000004300)={0x50, 0x0, 0x0, {0x7, 0x26, 0x6caff549, 0xfffffffff323ca46, 0x0, 0xfffc, 0x1, 0x80, 0x0, 0x0, 0x1, 0x10001}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000fc0)={0xa0, 0x0, 0x8, {{0x3, 0x0, 0x800, 0xbafd, 0x2, 0x8, {0x0, 0xf, 0x5, 0xfffffffffffffff5, 0x9, 0x4, 0x2, 0x6, 0xfffffbff, 0x8000, 0xfff, 0x0, 0x0, 0x0, 0x2}}, {0x0, 0xa}}}, 0x0, 0x0})
statx(0xffffffffffffff9c, 0x0, 0x6000, 0x10, 0x0)
fstat(0xffffffffffffffff, &(0x7f0000006bc0))
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3e, 0x0, 0x0)
r1 = socket(0x8000000010, 0x2, 0x0)
write(r1, &(0x7f00000002c0), 0x0)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
sendfile(r2, r2, 0x0, 0x3fffff)
getsockopt$inet_mreqn(r1, 0x0, 0x24, &(0x7f0000000280)={@initdev, @multicast2, <r3=>0x0}, &(0x7f0000000440)=0xc)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000940)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x5, [@int={0xf, 0x0, 0x0, 0x1, 0x0, 0x32, 0x0, 0xc, 0x1}, @int={0xb, 0x0, 0x0, 0x1, 0x0, 0x2d, 0x0, 0x5f}]}, {0x0, [0x2e, 0x30, 0x0]}}, 0x0, 0x3d, 0x0, 0x1, 0x1}, 0x28)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x10, 0x6, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xf31}, [@call={0x85, 0x0, 0x0, 0x9a}, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x100}]}, &(0x7f0000000240)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', r3, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x5, 0x3}, 0x8, 0x10, &(0x7f00000009c0)={0x0, 0x7, 0xfff}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000ac0)=[r4, 0x1], 0x0, 0x10, 0x7}, 0x94)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r5, 0x0, 0x800)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000480)=@raw={'raw\x00', 0x3c1, 0x3, 0x280, 0x198, 0x178, 0x394, 0x198, 0x178, 0x298, 0x258, 0x258, 0x298, 0x258, 0x3, 0x0, {[{{@ipv6={@loopback={0x1f0}, @loopback, [0xff000000, 0x0, 0x0, 0xffffff00], [], 'team_slave_0\x00', 'netpci0\x00'}, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x0, 0x3}, {0xffffffffffffffff}}}}, {{@ipv6={@private1, @mcast1, [0xffffffff], [], 'veth0_vlan\x00', 'hsr0\x00', {}, {0xff}}, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x0, 0x81, 0x4}, {0xffffffffffffffff, 0x2, 0x3}, 0x7, 0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2e0)

474.03359ms ago: executing program 2 (id=357):
socket$nl_generic(0x10, 0x3, 0x10)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18010000000300000000000000000000850000006d00000018110000", @ANYRES64=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000300000000000000024000d118110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000850000000e00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{}, &(0x7f0000000080), &(0x7f00000000c0)=r1}, 0x20)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x14, 0x13, 0xa, 0x201, 0x0, 0x0, {0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x11}, 0x60004040)
r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x25, 0x0, @void}, 0x10)
ioctl$XFS_IOC_READLINK_BY_HANDLE(r3, 0xc038586c, &(0x7f0000000740)={r3, &(0x7f00000003c0)='GPL\x00', 0x80, &(0x7f0000000400)={@align=0xe, {0xfffd, 0x9, 0x9, 0xd}}, 0x2, &(0x7f0000000440), &(0x7f0000000480)=0x4})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYRES16=r2, @ANYRES32=r3, @ANYBLOB="00000000000000000000000000000000000063cb7976daedb300", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000080"], 0x48)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x440, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r7 = accept4(r6, 0x0, 0x0, 0x800)
sendmmsg$alg(r7, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

332.346021ms ago: executing program 4 (id=358):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000940))
pipe(&(0x7f0000000440))
syz_init_net_socket$ax25(0x3, 0x2, 0x8)
pipe(&(0x7f0000000080))
pipe(&(0x7f0000000000))
socket$can_raw(0x1d, 0x3, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140))
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0xf)
socket(0x10, 0x803, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000008000200fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES32=r0], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

161.519148ms ago: executing program 5 (id=359):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000018c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
tkill(0x0, 0x12)
sched_setscheduler(0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xfffffc99}, 0x1, 0x0, 0x0, 0x40001}, 0x4000000)
listen(r3, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000}, 0x43)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r5, @ANYRES32=r4, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r5, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r3}, 0x20)
sendmmsg$inet6(r3, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000600)="e2", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)}}], 0x56, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000001800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x14013, &(0x7f0000001980)={[{@gid}, {@codepage={'codepage', 0x3d, 'cp1251'}}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@gid}]}, 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ")
mkdirat(0xffffffffffffff9c, 0x0, 0x61c28c7771d1cf6b)
recvmmsg(r6, &(0x7f0000005c40)=[{{0x0, 0x0, 0x0}, 0x41}, {{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, 0x0}, 0x3ff}], 0x3, 0x2120, 0x0)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004088}, 0x0)

0s ago: executing program 4 (id=360):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file2\x00', 0x0, &(0x7f00000010c0)=ANY=[@ANYRES16=0x0, @ANYRESOCT, @ANYRESHEX], 0x5, 0x191, &(0x7f00000003c0)="$eJzslT1P+lAUxp974c/LP34CFwdJxMHSFjUuJLI4OZj4QhxMJFIJWsRAByFx8BO4uzn4PXT1Qxh00QUnHU3NbS/tlYAaEsWE80s497lwejg90OeCIIix5eH+te2+5B4TACaQQly+/xQJc7iSf5d4Pr1ZXSmc71zdxttasl9N1/3+90cBXOcjcIJrP16dkusGeKA3wTErdQEMmtS74NiS2gLDttQHiq6JfE3br9iWtlezS0LoIhgimCJke/vrnDGUlP6YWOW+0WwdFm3bqv+g+Gp+nTxHTulP/b26s9GV+RngMKTOgmFd6iXEu7PxR6Lc/2Q0rK/8NX7l/kmQGDshHq4/0MbwIvQn95JhRvEn30ouvKMm41SPM41ma65SLZatsnVkmtlFfV7XF8yMZ0R+/MT/kp4//Vfq/xuQG2MxnBQdp274MdibfuznuNzzP470tL8X3h/rLfwWHlpMvri3CpWODGyeIAhihEyBeZ7p+XJXLMsP3QBzbcR9EgRBEARBEARBEAQxPO8BAAD///k7c0A=")
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x6, 0x4000000007}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000740)={@map, 0xffffffffffffffff, 0x33, 0x10}, 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdir(&(0x7f0000000140)='./control\x00', 0x111)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x18, 0x6, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000000000000ffffff80e500020000000000c500fcff000000008500feffd100000095"], &(0x7f00000000c0)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7f}, 0x94)
fcntl$setsig(0xffffffffffffffff, 0xa, 0xe)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x404)
openat$dir(0xffffffffffffff9c, 0x0, 0x8074, 0x20)
capset(0x0, 0x0)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
ioctl$SNDCTL_DSP_SUBDIVIDE(r1, 0xc0045009, 0x0)
capget(&(0x7f0000000180)={0x20080522}, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x48042, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000100)='./file1\x00', 0x0, 0x8, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000280)='./file1\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r3, 0xffffffff80000800, 0x0, &(0x7f0000000180)={0x400000000001, 0x1, 0x4c869, 0x1009, 0x2, 0x80000001, 0x48cb, 0xfffffffffffffff9, 0x820000df})
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r2, 0x2000)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.104' (ED25519) to the list of known hosts.
[   73.594709][ T5824] cgroup: Unknown subsys name 'net'
[   73.706131][ T5824] cgroup: Unknown subsys name 'cpuset'
[   73.716209][ T5824] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   75.035769][ T5824] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   77.185451][ T5841] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   77.195126][ T5846] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   77.205810][ T5846] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   77.216037][ T5847] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   77.225014][ T5847] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   77.234662][ T5847] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   77.243213][ T5847] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   77.246127][ T5852] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   77.251540][ T5847] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   77.259330][ T5852] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   77.265335][ T5847] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   77.273828][ T5852] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   77.283618][ T5847] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   77.290763][ T5852] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   77.302453][ T5852] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   77.303031][ T5847] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   77.311773][ T5852] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   77.322280][ T5847] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   77.327058][ T5852] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   77.340540][ T5855] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   77.343188][ T5852] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   77.349145][ T5855] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   77.361771][ T5852] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   77.381560][ T5852] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   77.389477][ T5852] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   77.955131][ T5838] chnl_net:caif_netlink_parms(): no params data found
[   78.068020][ T5836] chnl_net:caif_netlink_parms(): no params data found
[   78.099610][ T5837] chnl_net:caif_netlink_parms(): no params data found
[   78.187846][ T5850] chnl_net:caif_netlink_parms(): no params data found
[   78.270183][ T5842] chnl_net:caif_netlink_parms(): no params data found
[   78.299089][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.307450][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.314694][ T5838] bridge_slave_0: entered allmulticast mode
[   78.321752][ T5838] bridge_slave_0: entered promiscuous mode
[   78.367811][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.375250][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.382769][ T5838] bridge_slave_1: entered allmulticast mode
[   78.389813][ T5838] bridge_slave_1: entered promiscuous mode
[   78.418478][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.425799][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.433054][ T5836] bridge_slave_0: entered allmulticast mode
[   78.440098][ T5836] bridge_slave_0: entered promiscuous mode
[   78.478544][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.486041][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.493300][ T5837] bridge_slave_0: entered allmulticast mode
[   78.500244][ T5837] bridge_slave_0: entered promiscuous mode
[   78.507532][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.515424][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.523075][ T5836] bridge_slave_1: entered allmulticast mode
[   78.530479][ T5836] bridge_slave_1: entered promiscuous mode
[   78.563984][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.571267][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.578673][ T5837] bridge_slave_1: entered allmulticast mode
[   78.585962][ T5837] bridge_slave_1: entered promiscuous mode
[   78.604011][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.618386][ T5850] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.625986][ T5850] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.633238][ T5850] bridge_slave_0: entered allmulticast mode
[   78.640229][ T5850] bridge_slave_0: entered promiscuous mode
[   78.671214][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.689281][ T5850] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.696598][ T5850] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.704454][ T5850] bridge_slave_1: entered allmulticast mode
[   78.711579][ T5850] bridge_slave_1: entered promiscuous mode
[   78.729089][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.769408][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.781255][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.799031][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.806626][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.814436][ T5842] bridge_slave_0: entered allmulticast mode
[   78.821690][ T5842] bridge_slave_0: entered promiscuous mode
[   78.842238][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.862139][ T5838] team0: Port device team_slave_0 added
[   78.868039][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.875802][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.883329][ T5842] bridge_slave_1: entered allmulticast mode
[   78.890210][ T5842] bridge_slave_1: entered promiscuous mode
[   78.899108][ T5850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.927547][ T5838] team0: Port device team_slave_1 added
[   78.947218][ T5850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.967995][ T5836] team0: Port device team_slave_0 added
[   79.000957][ T5837] team0: Port device team_slave_0 added
[   79.008789][ T5836] team0: Port device team_slave_1 added
[   79.025489][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.045991][ T5837] team0: Port device team_slave_1 added
[   79.060567][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.067814][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.094991][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.108650][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.119551][ T5850] team0: Port device team_slave_0 added
[   79.141151][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.149684][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.176842][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.198802][ T5850] team0: Port device team_slave_1 added
[   79.214908][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.222056][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.248867][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.285573][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.292632][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.318979][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.330858][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.338563][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.365207][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.383493][ T5846] Bluetooth: hci0: command tx timeout
[   79.387816][ T5842] team0: Port device team_slave_0 added
[   79.390243][ T5855] Bluetooth: hci2: command tx timeout
[   79.398980][ T5842] team0: Port device team_slave_1 added
[   79.416997][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.424723][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.451701][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.462334][ T5855] Bluetooth: hci3: command tx timeout
[   79.462945][ T5846] Bluetooth: hci1: command tx timeout
[   79.468984][ T5854] Bluetooth: hci4: command tx timeout
[   79.490030][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.497096][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.523074][ T5850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.567740][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.574876][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.601289][ T5850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.638717][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.646018][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.672114][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.710220][ T5838] hsr_slave_0: entered promiscuous mode
[   79.716693][ T5838] hsr_slave_1: entered promiscuous mode
[   79.728809][ T5836] hsr_slave_0: entered promiscuous mode
[   79.735287][ T5836] hsr_slave_1: entered promiscuous mode
[   79.741916][ T5836] debugfs: 'hsr0' already exists in 'hsr'
[   79.748560][ T5836] Cannot create hsr debugfs directory
[   79.755692][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.762933][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.789607][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.814462][ T5850] hsr_slave_0: entered promiscuous mode
[   79.820789][ T5850] hsr_slave_1: entered promiscuous mode
[   79.827239][ T5850] debugfs: 'hsr0' already exists in 'hsr'
[   79.833155][ T5850] Cannot create hsr debugfs directory
[   79.905622][ T5837] hsr_slave_0: entered promiscuous mode
[   79.912730][ T5837] hsr_slave_1: entered promiscuous mode
[   79.918758][ T5837] debugfs: 'hsr0' already exists in 'hsr'
[   79.924652][ T5837] Cannot create hsr debugfs directory
[   80.055545][ T5842] hsr_slave_0: entered promiscuous mode
[   80.062209][ T5842] hsr_slave_1: entered promiscuous mode
[   80.068501][ T5842] debugfs: 'hsr0' already exists in 'hsr'
[   80.074892][ T5842] Cannot create hsr debugfs directory
[   80.464318][ T5850] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   80.483764][ T5850] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   80.495134][ T5850] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   80.505794][ T5850] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   80.577494][ T5836] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   80.591873][ T5836] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   80.603968][ T5836] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   80.622848][ T5836] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   80.734074][ T5838] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   80.745960][ T5838] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   80.765199][ T5838] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   80.777327][ T5838] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   80.877958][ T5837] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   80.889115][ T5837] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   80.898499][ T5837] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   80.908807][ T5837] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   80.931822][ T5850] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.014698][ T5850] 8021q: adding VLAN 0 to HW filter on device team0
[   81.039063][ T5842] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   81.056512][ T5842] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   81.073325][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.081712][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.095531][ T5842] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   81.107763][ T5842] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   81.151770][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.159398][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.221768][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.290646][ T5836] 8021q: adding VLAN 0 to HW filter on device team0
[   81.307763][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.340613][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.347818][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.384913][ T1029] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.392109][ T1029] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.410831][ T5838] 8021q: adding VLAN 0 to HW filter on device team0
[   81.434828][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.448123][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.455491][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.463070][ T5855] Bluetooth: hci2: command tx timeout
[   81.469623][ T5854] Bluetooth: hci0: command tx timeout
[   81.511759][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.519152][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.543219][ T5854] Bluetooth: hci1: command tx timeout
[   81.549413][ T5855] Bluetooth: hci3: command tx timeout
[   81.549670][ T5846] Bluetooth: hci4: command tx timeout
[   81.587765][ T5837] 8021q: adding VLAN 0 to HW filter on device team0
[   81.629579][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.641677][  T140] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.648905][  T140] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.695436][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.703086][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.745278][ T5842] 8021q: adding VLAN 0 to HW filter on device team0
[   81.781268][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.796390][ T1029] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.803686][ T1029] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.840218][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.847466][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.974416][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.010694][ T5850] veth0_vlan: entered promiscuous mode
[   82.081845][ T5850] veth1_vlan: entered promiscuous mode
[   82.185101][ T5836] veth0_vlan: entered promiscuous mode
[   82.249877][ T5836] veth1_vlan: entered promiscuous mode
[   82.285510][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.328069][ T5850] veth0_macvtap: entered promiscuous mode
[   82.359817][ T5850] veth1_macvtap: entered promiscuous mode
[   82.388276][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.433598][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.451256][ T5836] veth0_macvtap: entered promiscuous mode
[   82.480687][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.501213][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.520556][ T5836] veth1_macvtap: entered promiscuous mode
[   82.545428][  T140] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.569815][  T140] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.580886][  T140] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.608821][  T140] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.638493][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.684800][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.694681][ T5838] veth0_vlan: entered promiscuous mode
[   82.727071][   T35] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.753222][   T35] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.775592][   T35] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.785032][   T35] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.794780][ T5838] veth1_vlan: entered promiscuous mode
[   82.895675][ T5842] veth0_vlan: entered promiscuous mode
[   82.911399][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.922526][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.958252][ T5837] veth0_vlan: entered promiscuous mode
[   82.980859][ T5838] veth0_macvtap: entered promiscuous mode
[   82.989292][ T5842] veth1_vlan: entered promiscuous mode
[   82.996885][ T5837] veth1_vlan: entered promiscuous mode
[   83.034167][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.045086][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.045453][ T5838] veth1_macvtap: entered promiscuous mode
[   83.066536][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.075318][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.147825][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.157326][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.169827][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.174696][ T5850] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   83.183605][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.208667][ T5842] veth0_macvtap: entered promiscuous mode
[   83.230661][ T5842] veth1_macvtap: entered promiscuous mode
[   83.276468][ T5837] veth0_macvtap: entered promiscuous mode
[   83.288922][   T48] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.313937][ T5837] veth1_macvtap: entered promiscuous mode
[   83.322306][   T48] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.336451][   T48] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.369373][   T48] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.452341][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.591270][ T5961] loop0: detected capacity change from 0 to 32768
[   83.602434][ T5846] Bluetooth: hci0: command tx timeout
[   83.605283][ T5854] Bluetooth: hci2: command tx timeout
[   83.622821][ T5854] Bluetooth: hci1: command tx timeout
[   83.623276][ T5846] Bluetooth: hci4: command tx timeout
[   83.628623][ T5961] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1281 transid 8 /dev/loop0 (7:0) scanned by syz.0.1 (5961)
[   83.648662][ T5855] Bluetooth: hci3: command tx timeout
[   83.682949][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.858837][   T29] audit: type=1400 audit(1775568992.866:2): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=5958 comm="syz.0.1"
[   84.280285][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.341154][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.411110][ T5853] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1281 transid 8 /dev/loop0 (7:0) scanned by udevd (5853)
[   84.476798][   T79] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.510686][   T79] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.558627][ T1029] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.576993][   T79] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.583525][ T1029] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.696768][   T79] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.740610][   T58] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.838059][   T58] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.860310][   T58] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.999297][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.046239][   T58] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.140167][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.625210][ T5855] Bluetooth: hci0: command tx timeout
[   85.631327][ T5846] Bluetooth: hci2: command tx timeout
[   85.642418][ T5963] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.670694][ T5963] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.758042][ T5846] Bluetooth: hci4: command tx timeout
[   85.764692][ T5846] Bluetooth: hci3: command tx timeout
[   85.771204][ T5846] Bluetooth: hci1: command tx timeout
[   86.528128][ T5987] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9'.
[   87.164489][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.184824][ T5991] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   87.200973][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.209806][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.286915][ T5993] process 'syz.1.2' launched '/dev/fd/6' with NULL argv: empty string added
[   87.703982][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.595898][ T5976] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.636858][ T5976] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.169861][ T6006] ceph: No mds server is up or the cluster is laggy
[   90.183075][ T6012] loop1: detected capacity change from 0 to 2368
[   90.511427][  T963] libceph: connect (1)[c::]:6789 error -101
[   90.530740][  T963] libceph: mon0 (1)[c::]:6789 connect error
[   90.565424][ T6008] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   90.791677][   T24] cfg80211: failed to load regulatory.db
[   91.207645][ T6022] input: syz0 as /devices/virtual/input/input5
[   91.682923][ T6016] loop2: detected capacity change from 0 to 2048
[   92.223950][    C0] vcan0: j1939_tp_rxtimer: 0xffff88803410b800: rx timeout, send abort
[   92.304191][ T6016] udf: Unknown parameter 'ioc#Ûharset'
[   92.662720][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[   92.724466][    C0] vcan0: j1939_tp_rxtimer: 0xffff88803410b400: rx timeout, send abort
[   92.733372][    C0] vcan0: j1939_tp_rxtimer: 0xffff88803410b800: abort rx timeout. Force session deactivation
[   93.232705][    C0] vcan0: j1939_tp_rxtimer: 0xffff88803410b400: abort rx timeout. Force session deactivation
[   93.892006][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[   95.424539][ T6040] ufs: You didn't specify the type of your ufs filesystem
[   95.424539][ T6040] 
[   95.424539][ T6040] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[   95.424539][ T6040] 
[   95.424539][ T6040] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[   95.458446][ T6040] ufs: ufstype=old is supported read-only
[   95.475132][ T6040] ufs: ufs_fill_super(): bad magic number
[   96.886143][ T6049] capability: warning: `syz.1.19' uses 32-bit capabilities (legacy support in use)
[   99.125222][   T29] audit: type=1326 audit(1775569008.076:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6056 comm="syz.4.21" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[   99.476960][   T29] audit: type=1326 audit(1775569008.076:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6056 comm="syz.4.21" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[   99.585486][   T29] audit: type=1326 audit(1775569008.076:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6056 comm="syz.4.21" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[   99.736695][ T6074] loop4: detected capacity change from 0 to 256
[   99.748975][ T6074] =======================================================
[   99.748975][ T6074] WARNING: The mand mount option has been deprecated and
[   99.748975][ T6074]          and is ignored by this kernel. Remove the mand
[   99.748975][ T6074]          option from the mount to silence this warning.
[   99.748975][ T6074] =======================================================
[  100.710133][ T6074] exfat: Deprecated parameter 'utf8'
[  100.743266][ T6074] exfat: Unexpected value for 'utf8'
[  100.788548][ T6080] netlink: 4 bytes leftover after parsing attributes in process `syz.1.24'.
[  100.797546][ T6080] openvswitch: netlink: Unknown nsh attribute 0
[  102.215895][   T29] audit: type=1326 audit(1775569008.076:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6056 comm="syz.4.21" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  102.302028][   T29] audit: type=1326 audit(1775569008.076:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6056 comm="syz.4.21" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  102.352624][   T29] audit: type=1326 audit(1775569008.076:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6056 comm="syz.4.21" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdb0f55d04e code=0x7ffc0000
[  102.387728][   T29] audit: type=1326 audit(1775569008.076:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6056 comm="syz.4.21" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  102.437392][   T29] audit: type=1326 audit(1775569008.076:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6056 comm="syz.4.21" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  102.498716][   T29] audit: type=1326 audit(1775569008.076:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6056 comm="syz.4.21" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  102.526045][ T6085] loop2: detected capacity change from 0 to 2048
[  102.578070][   T29] audit: type=1326 audit(1775569008.076:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6056 comm="syz.4.21" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  102.622913][ T6085] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  103.075810][ T6087] netlink: 'syz.2.27': attribute type 10 has an invalid length.
[  103.084736][ T6087] veth1_macvtap: left promiscuous mode
[  103.444168][ T5846] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  103.454843][ T5846] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  103.462918][ T5846] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  103.475971][ T5846] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  103.484891][ T5846] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  105.427941][ T6088] chnl_net:caif_netlink_parms(): no params data found
[  106.059593][ T5846] Bluetooth: hci5: command tx timeout
[  108.116508][ T6128] ceph: No mds server is up or the cluster is laggy
[  108.291852][ T6133] loop3: detected capacity change from 0 to 2368
[  108.307909][ T5846] Bluetooth: hci5: command tx timeout
[  108.318371][ T5180] libceph: connect (1)[c::]:6789 error -101
[  108.326429][ T5180] libceph: mon0 (1)[c::]:6789 connect error
[  108.363338][   T79] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.425452][ T6127] loop2: detected capacity change from 0 to 512
[  108.498318][ T6135] loop4: detected capacity change from 0 to 4096
[  108.558213][ T6127] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  108.581752][ T6127] EXT4-fs (loop2): blocks per group (95) and clusters per group (32768) inconsistent
[  108.617157][ T6129] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  108.793249][   T79] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.564625][ T5846] Bluetooth: hci5: command tx timeout
[  111.008414][  T808] IPVS: starting estimator thread 0...
[  112.033103][ T6151] IPVS: using max 38 ests per chain, 91200 per kthread
[  112.306321][ T6150] ntfs3(loop4): ino=23, "file0" failed to extend initialized size to 8000c61.
[  112.592087][ T5846] Bluetooth: hci5: command tx timeout
[  112.677340][   T79] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.669967][ T6165] loop3: detected capacity change from 0 to 32768
[  113.743199][ T6165] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  114.246239][ T6165] XFS (loop3): Ending clean mount
[  114.265409][ T6165] XFS (loop3): Quotacheck needed: Please wait.
[  114.326531][   T79] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.800312][ T6088] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.812166][ T6088] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.821578][ T6088] bridge_slave_0: entered allmulticast mode
[  114.830265][ T6165] XFS (loop3): Quotacheck: Done.
[  114.937104][ T6088] bridge_slave_0: entered promiscuous mode
[  114.953439][ T6088] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.962862][ T6088] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.971611][ T6088] bridge_slave_1: entered allmulticast mode
[  114.986281][ T6088] bridge_slave_1: entered promiscuous mode
[  115.000106][   T29] kauditd_printk_skb: 26 callbacks suppressed
[  115.000119][   T29] audit: type=1804 audit(1775569024.006:39): pid=6190 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.43" name="/newroot/12/file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=4428 res=1 errno=0
[  115.093447][ T6180] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4
[  115.120767][   T29] audit: type=1800 audit(1775569024.106:40): pid=6180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.42" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  115.148431][ T6180] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4
[  115.224929][ T6088] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  115.226310][ T6180] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  115.273803][ T5850] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  115.349979][ T6088] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  115.573406][ T6088] team0: Port device team_slave_0 added
[  115.581742][ T6088] team0: Port device team_slave_1 added
[  116.040341][ T6205] loop2: detected capacity change from 0 to 2368
[  116.183565][ T6088] batman_adv: batadv0: Adding interface: batadv_slave_0
[  116.205769][ T6088] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  116.233560][ T6201] ceph: No mds server is up or the cluster is laggy
[  116.245386][  T963] libceph: connect (1)[c::]:6789 error -101
[  116.245544][  T963] libceph: mon0 (1)[c::]:6789 connect error
[  116.266256][ T6088] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  116.318990][ T6203] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  116.569722][ T6209] loop1: detected capacity change from 0 to 4096
[  117.489816][ T6088] batman_adv: batadv0: Adding interface: batadv_slave_1
[  117.497807][ T6088] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  117.690762][ T6088] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  118.252018][ T6217] xt_TPROXY: Can be used only with -p tcp or -p udp
[  118.738496][ T6088] hsr_slave_0: entered promiscuous mode
[  118.763480][   T35] ntfs3(loop1): ino=5, mi_enum_attr
[  118.773192][   T29] audit: type=1326 audit(1775569027.786:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6208 comm="syz.1.50" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb1c379c819 code=0x0
[  118.820988][ T6088] hsr_slave_1: entered promiscuous mode
[  118.845390][ T6088] debugfs: 'hsr0' already exists in 'hsr'
[  118.859608][ T6088] Cannot create hsr debugfs directory
[  118.869638][   T79] bridge_slave_1: left allmulticast mode
[  118.909819][   T79] bridge_slave_1: left promiscuous mode
[  118.937403][   T79] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.273614][   T79] bridge_slave_0: left allmulticast mode
[  119.291006][   T79] bridge_slave_0: left promiscuous mode
[  119.306649][   T79] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.554824][ T6247] netlink: 180 bytes leftover after parsing attributes in process `syz.1.55'.
[  123.217553][   T79] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  123.251847][   T79] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  123.273428][   T79] bond0 (unregistering): Released all slaves
[  125.115971][ T6293] Zero length message leads to an empty skb
[  126.244009][ T6299] autofs: Unknown parameter 'fd00000000000000000000'
[  126.440520][ T6300] loop2: detected capacity change from 0 to 16
[  126.614345][ T6300] erofs (device loop2): mounted with root inode @ nid 36.
[  127.113541][   T10] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  127.344843][ T6306] capability: warning: `syz.2.65' uses deprecated v2 capabilities in a way that may be insecure
[  127.402842][ T6300] syz.2.65: attempt to access beyond end of device
[  127.402842][ T6300] loop2: rw=524288, sector=256, nr_sectors = 8 limit=16
[  127.438962][ T6300] syz.2.65: attempt to access beyond end of device
[  127.438962][ T6300] loop2: rw=524288, sector=0, nr_sectors = 1024 limit=16
[  127.559060][ T6300] syz.2.65: attempt to access beyond end of device
[  127.559060][ T6300] loop2: rw=524288, sector=0, nr_sectors = 1792 limit=16
[  127.617439][ T6300] syz.2.65: attempt to access beyond end of device
[  127.617439][ T6300] loop2: rw=0, sector=256, nr_sectors = 8 limit=16
[  127.637249][ T6300] erofs (device loop2): read error -5 @ 1 of nid 89
[  127.649179][   T29] audit: type=1800 audit(1775569036.656:42): pid=6300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.65" name="file2" dev="loop2" ino=89 res=0 errno=0
[  128.031248][ T6311] loop3: detected capacity change from 0 to 128
[  128.034989][ T6311] vfat: Unknown parameter 'ÿÿÿÿÿÿÿÿ0xffffffffffffffffÿ0xffffffffffffffff18446744073709551615ÿÿÿÿÿÿÿÿ'
[  128.975016][ T6320] openvswitch: netlink: Unexpected mask (mask=840, allowed=10048)
[  129.345251][ T6300] syz.2.65 (6300) used greatest stack depth: 17928 bytes left
[  129.409320][ T6311] xt_hashlimit: size too large, truncated to 1048576
[  129.652671][   T79] hsr_slave_0: left promiscuous mode
[  129.672751][   T79] hsr_slave_1: left promiscuous mode
[  130.151372][   T79] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  130.167434][   T79] batman_adv: batadv0: Removing interface: batadv_slave_0
[  130.201035][   T79] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  130.235843][   T79] batman_adv: batadv0: Removing interface: batadv_slave_1
[  130.489956][   T79] veth1_macvtap: left promiscuous mode
[  130.516513][   T79] veth0_macvtap: left promiscuous mode
[  130.524130][   T79] veth1_vlan: left promiscuous mode
[  130.529603][   T79] veth0_vlan: left promiscuous mode
[  130.659247][ T6343] Device name cannot be null; rc = [-22]
[  131.472087][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  131.700491][ T6359] loop4: detected capacity change from 0 to 128
[  132.146578][ T6359] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  132.165884][ T6359] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.268478][ T6357] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:375: inode #2: comm syz.4.75: No space for directory leaf checksum. Please run e2fsck -D.
[  132.284091][ T6357] EXT4-fs error (device loop4): htree_dirblock_to_tree:1051: inode #2: comm syz.4.75: Directory block failed checksum
[  132.344789][   T79] team0 (unregistering): Port device team_slave_1 removed
[  132.364643][ T5837] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  132.387592][   T79] team0 (unregistering): Port device team_slave_0 removed
[  132.448488][ T6368] loop4: detected capacity change from 0 to 512
[  132.455979][ T6368] EXT4-fs: Ignoring removed mblk_io_submit option
[  132.474970][ T6368] EXT4-fs: inline encryption not supported
[  132.485877][ T6368] EXT4-fs (loop4): Test dummy encryption mode enabled
[  132.503711][ T6368] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  132.526807][ T6368] EXT4-fs (loop4): 1 truncate cleaned up
[  132.551293][ T6368] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.709839][ T6088] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  132.753766][   T29] audit: type=1800 audit(2000000000.560:43): pid=6370 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.76" name="file1" dev="loop4" ino=15 res=0 errno=0
[  132.837563][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  132.847713][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  132.922256][ T6368] netlink: 'syz.4.76': attribute type 5 has an invalid length.
[  132.947668][ T6088] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  133.180993][ T6088] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  133.744197][ T6368] xt_CT: You must specify a L4 protocol and not use inversions on it
[  133.744858][ T6088] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  136.334676][ T6397] loop2: detected capacity change from 0 to 32768
[  136.364979][ T5837] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.970733][ T6088] 8021q: adding VLAN 0 to HW filter on device bond0
[  136.985090][ T6413] sctp: [Deprecated]: syz.3.85 (pid 6413) Use of int in maxseg socket option.
[  136.985090][ T6413] Use struct sctp_assoc_value instead
[  137.593557][ T6415] loop4: detected capacity change from 0 to 8
[  137.663949][ T6088] 8021q: adding VLAN 0 to HW filter on device team0
[  137.715754][ T5963] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.724071][ T5963] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.017336][ T6415] SQUASHFS error: Failed to read block 0xdfa: -5
[  138.037409][ T6415] SQUASHFS error: Unable to read metadata cache entry [dfa]
[  138.098464][ T6415] SQUASHFS error: Failed to read block 0x4e8: -5
[  138.173553][ T6415] SQUASHFS error: Failed to read block 0x4de: -5
[  138.182251][ T6415] SQUASHFS error: Failed to read block 0x4de: -5
[  138.190073][ T6415] SQUASHFS error: Failed to read block 0x4de: -5
[  138.193316][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  138.196640][ T6415] SQUASHFS error: Failed to read block 0x4de: -5
[  138.212129][ T6415] SQUASHFS error: Failed to read block 0x4de: -5
[  138.220231][ T6415] SQUASHFS error: Failed to read block 0x4de: -5
[  138.229073][ T6415] SQUASHFS error: Failed to read block 0x4de: -5
[  138.244571][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.251875][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.254762][ T6415] SQUASHFS error: Failed to read block 0x4de: -5
[  138.270873][ T6415] SQUASHFS error: Failed to read block 0x4e8: -5
[  138.641022][   T29] audit: type=1800 audit(2000000006.090:44): pid=6415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.83" name="file1" dev="loop4" ino=5 res=0 errno=0
[  138.986854][ T6428] loop3: detected capacity change from 0 to 32768
[  140.882041][ T6452] loop4: detected capacity change from 0 to 32768
[  140.883541][ T6449] loop2: detected capacity change from 0 to 2048
[  140.956446][ T6452] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  140.956839][ T6088] 8021q: adding VLAN 0 to HW filter on device batadv0
[  141.007180][ T6452] XFS (loop4): Ending clean mount
[  141.018370][ T6452] XFS (loop4): Quotacheck needed: Please wait.
[  141.075705][ T6449] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  141.086112][ T6452] XFS (loop4): Quotacheck: Done.
[  141.232060][   T29] audit: type=1800 audit(2000000009.040:45): pid=6452 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.93" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop4" ino=4430 res=0 errno=0
[  141.515288][ T6452] XFS (loop4): Metadata CRC error detected at xfs_refcountbt_read_verify+0x42/0xe0, xfs_refcountbt block 0x28 
[  141.528375][ T6452] XFS (loop4): Unmount and run xfs_repair
[  141.534371][ T6452] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  141.542430][ T6452] 00000000: 52 ff ff ff 7f 00 00 00 ff ff ff ff ff ff ff ff  R...............
[  141.551531][ T6452] 00000010: 00 00 00 00 00 00 00 28 00 00 00 00 00 00 00 00  .......(........
[  141.560570][ T6452] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  141.569587][ T6452] 00000030: 00 00 00 00 bd e7 de 5d 00 00 00 00 00 00 00 00  .......]........
[  141.579429][ T6452] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  141.588681][ T6452] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  141.597940][ T6452] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  141.606927][ T6452] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  141.617229][ T6452] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x2b0/0x490" at daddr 0x28 len 8 error 74
[  141.960908][ T6452] XFS (loop4): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x518/0x8f0 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  141.975821][ T6452] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  142.209691][ T5837] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  144.674389][ T6473] loop4: detected capacity change from 0 to 4096
[  146.422619][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  146.468069][ T6088] veth0_vlan: entered promiscuous mode
[  146.480498][ T6088] veth1_vlan: entered promiscuous mode
[  146.797759][ T6088] veth0_macvtap: entered promiscuous mode
[  147.808141][ T6088] veth1_macvtap: entered promiscuous mode
[  148.027701][ T6491] ntfs3(loop4): ino=22, "file0" failed to extend initialized size to 8000c61.
[  148.771901][ T6088] batman_adv: batadv0: Interface activated: batadv_slave_0
[  148.834941][ T6088] batman_adv: batadv0: Interface activated: batadv_slave_1
[  148.908955][ T6241] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  148.939555][ T6241] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  149.392229][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  149.802309][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  150.077780][ T5963] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  150.136613][ T5963] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  151.049836][ T5963] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.110996][ T5963] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.269414][ T5963] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.595472][ T5963] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.683591][ T6530] loop2: detected capacity change from 0 to 512
[  154.231240][ T6549] tipc: Started in network mode
[  154.236524][ T6549] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  154.246763][ T6549] tipc: Enabled bearer <udp:syz0>, priority 10
[  154.512380][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  155.591825][   T24] tipc: Node number set to 1
[  155.902332][ T6557] warning: `syz.4.112' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  157.077191][ T6542] overlayfs: failed lookup in lower (newroot/0, name='file1', err=-40): overlapping layers
[  157.234833][ T6551] overlayfs: failed lookup in lower (newroot/0, name='file1', err=-40): overlapping layers
[  157.885705][ T5846] Bluetooth: hci3: command tx timeout
[  157.929190][ T6570] loop4: detected capacity change from 0 to 512
[  157.952858][ T5960] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  158.072678][ T6570] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.092171][ T6570] ext4 filesystem being mounted at /21/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  158.930465][ T5960] usb 6-1: device descriptor read/all, error -71
[  158.956445][ T5837] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.372920][ T6591] loop5: detected capacity change from 0 to 32768
[  160.448490][ T6591] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  160.649027][ T6591] JBD2: Ignoring recovery information on journal
[  160.719614][ T6591] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  160.741553][ T6607] netlink: 12 bytes leftover after parsing attributes in process `syz.2.119'.
[  162.954557][ T6621] loop2: detected capacity change from 0 to 2048
[  163.005703][ T6621] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  163.312800][ T6619] tipc: Started in network mode
[  163.319751][ T6619] tipc: Node identity ac14140f, cluster identity 4711
[  163.326977][ T6619] tipc: New replicast peer: 255.255.255.255
[  163.333759][ T6619] tipc: Enabled bearer <udp:syz2>, priority 10
[  163.360280][   T29] audit: type=1800 audit(2000000031.160:46): pid=6621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.122" name="file2" dev="loop2" ino=1347 res=0 errno=0
[  163.576576][ T6625] loop4: detected capacity change from 0 to 128
[  163.597946][ T6625] ext4: Unknown parameter 'subj_role'
[  164.344586][ T5960] tipc: Node number set to 2886997007
[  165.232188][ T6088] ocfs2: Unmounting device (7,5) on (node local)
[  165.290775][ T6643] loop4: detected capacity change from 0 to 4096
[  165.662194][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  166.220877][ T6643] syz.4.127 uses obsolete (PF_INET,SOCK_PACKET)
[  167.945691][ T6662] block device autoloading is deprecated and will be removed.
[  168.281411][ T6665] loop3: detected capacity change from 0 to 1024
[  168.460772][ T6665] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.722766][ T6675] loop4: detected capacity change from 0 to 4096
[  168.755192][ T6672] loop5: detected capacity change from 0 to 64
[  168.894930][ T6677] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  168.914905][ T5960] IPVS: starting estimator thread 0...
[  169.182116][ T6676] IPVS: using max 29 ests per chain, 69600 per kthread
[  169.471998][ T6683] syz.2.134 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  170.141606][ T6682] ubi31: attaching mtd0
[  170.149556][ T6682] ubi31: scanning is finished
[  170.155556][ T6682] ubi31: empty MTD device detected
[  170.515111][ T6688] netlink: 20 bytes leftover after parsing attributes in process `syz.3.133'.
[  170.524801][ T6688] netlink: 20 bytes leftover after parsing attributes in process `syz.3.133'.
[  170.534194][ T6688] netlink: 20 bytes leftover after parsing attributes in process `syz.3.133'.
[  170.543573][ T6688] netlink: 20 bytes leftover after parsing attributes in process `syz.3.133'.
[  170.554232][ T6688] netlink: 20 bytes leftover after parsing attributes in process `syz.3.133'.
[  170.564932][ T6688] netlink: 20 bytes leftover after parsing attributes in process `syz.3.133'.
[  170.574908][ T6688] netlink: 20 bytes leftover after parsing attributes in process `syz.3.133'.
[  170.585260][ T6688] netlink: 20 bytes leftover after parsing attributes in process `syz.3.133'.
[  170.595569][ T6688] netlink: 20 bytes leftover after parsing attributes in process `syz.3.133'.
[  170.611053][ T6688] netlink: 20 bytes leftover after parsing attributes in process `syz.3.133'.
[  170.685497][ T6682] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[  171.230050][ T6694] loop2: detected capacity change from 0 to 2048
[  171.368356][ T6694] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.461746][ T6694] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.675541][ T5850] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.909069][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.262634][   T12] kworker/u8:0: attempt to access beyond end of device
[  173.262634][   T12] loop5: rw=1, sector=65, nr_sectors = 1 limit=64
[  173.284750][   T29] audit: type=1326 audit(2000000041.100:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6725 comm="syz.2.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814cd9c819 code=0x7ffc0000
[  173.317316][   T12] Buffer I/O error on dev loop5, logical block 65, lost async page write
[  173.328522][   T12] kworker/u8:0: attempt to access beyond end of device
[  173.328522][   T12] loop5: rw=1, sector=66, nr_sectors = 1 limit=64
[  173.365716][   T12] Buffer I/O error on dev loop5, logical block 66, lost async page write
[  174.182243][   T29] audit: type=1326 audit(2000000041.100:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6725 comm="syz.2.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814cd9c819 code=0x7ffc0000
[  174.215610][   T29] audit: type=1326 audit(2000000041.100:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6725 comm="syz.2.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f814cd9c819 code=0x7ffc0000
[  174.238697][   T29] audit: type=1326 audit(2000000041.100:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6725 comm="syz.2.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814cd9c819 code=0x7ffc0000
[  174.270469][   T29] audit: type=1326 audit(2000000041.100:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6725 comm="syz.2.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814cd9c819 code=0x7ffc0000
[  174.272497][   T12] kworker/u8:0: attempt to access beyond end of device
[  174.272497][   T12] loop5: rw=1, sector=67, nr_sectors = 1 limit=64
[  174.294087][   T29] audit: type=1326 audit(2000000041.100:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6725 comm="syz.2.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f814cd9c819 code=0x7ffc0000
[  174.360625][   T29] audit: type=1326 audit(2000000041.100:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6725 comm="syz.2.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814cd9c819 code=0x7ffc0000
[  174.400231][   T12] Buffer I/O error on dev loop5, logical block 67, lost async page write
[  174.439359][   T12] kworker/u8:0: attempt to access beyond end of device
[  174.439359][   T12] loop5: rw=1, sector=68, nr_sectors = 1 limit=64
[  174.477426][   T29] audit: type=1326 audit(2000000041.100:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6725 comm="syz.2.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f814cd9c819 code=0x7ffc0000
[  174.568117][   T12] Buffer I/O error on dev loop5, logical block 68, lost async page write
[  174.595821][   T12] kworker/u8:0: attempt to access beyond end of device
[  174.595821][   T12] loop5: rw=1, sector=72, nr_sectors = 1 limit=64
[  174.596793][   T29] audit: type=1326 audit(2000000041.100:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6725 comm="syz.2.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f814cd9c819 code=0x7ffc0000
[  174.645944][   T12] Buffer I/O error on dev loop5, logical block 72, lost async page write
[  174.669788][   T12] kworker/u8:0: attempt to access beyond end of device
[  174.669788][   T12] loop5: rw=1, sector=73, nr_sectors = 1 limit=64
[  174.731826][   T12] Buffer I/O error on dev loop5, logical block 73, lost async page write
[  174.825907][   T12] kworker/u8:0: attempt to access beyond end of device
[  174.825907][   T12] loop5: rw=1, sector=76, nr_sectors = 1 limit=64
[  174.857283][   T29] audit: type=1800 audit(2000000042.270:56): pid=6728 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.141" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  175.307007][   T12] Buffer I/O error on dev loop5, logical block 76, lost async page write
[  175.402522][   T12] kworker/u8:0: attempt to access beyond end of device
[  175.402522][   T12] loop5: rw=1, sector=77, nr_sectors = 1 limit=64
[  175.486755][   T12] Buffer I/O error on dev loop5, logical block 77, lost async page write
[  175.510686][   T12] kworker/u8:0: attempt to access beyond end of device
[  175.510686][   T12] loop5: rw=1, sector=78, nr_sectors = 91 limit=64
[  176.888332][  T808] IPVS: starting estimator thread 0...
[  176.933844][ T6755] netlink: 'syz.5.142': attribute type 4 has an invalid length.
[  177.048780][ T6756] IPVS: using max 40 ests per chain, 96000 per kthread
[  177.551985][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  177.639390][ T6767] loop3: detected capacity change from 0 to 8
[  177.776089][ T6769] input: syz1 as /devices/virtual/input/input7
[  177.881383][ T6767] SQUASHFS error: xz decompression failed, data probably corrupt
[  177.889917][ T6767] SQUASHFS error: Failed to read block 0x108: -5
[  177.896408][ T6767] SQUASHFS error: Unable to read metadata cache entry [106]
[  177.903936][ T6767] SQUASHFS error: Unable to read inode 0x11f
[  179.266709][ T6776] loop2: detected capacity change from 0 to 32768
[  179.447956][ T6776] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  179.460010][ T6776] JBD2: Ignoring recovery information on journal
[  179.487350][ T6776] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  181.372154][ T6797] loop3: detected capacity change from 0 to 32768
[  181.425903][ T6797] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  181.434388][ T6797] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  181.478906][ T6797] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  181.498969][ T5960] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  181.510859][ T5960] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  181.596297][ T5960] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 85ms
[  181.608121][ T5960] gfs2: fsid=syz:syz.0: jid=0: Done
[  181.615469][ T6797] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  181.694907][ T6797] gfs2: fsid=syz:syz.0: found 1 quota changes
[  181.859997][ T6803] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 11 2339, function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 402
[  182.280388][ T6803] gfs2: fsid=syz:syz.0: G:  s:EX n:2/923 f:aqonN t:EX d:EX/0 a:0 v:0 r:2 m:20 p:1
[  182.292754][ T6803] gfs2: fsid=syz:syz.0:  H: s:EX f:H e:0 p:6803 [gfs2_quotad/syz] gfs2_quota_sync+0x370/0x470
[  182.315354][ T6803] gfs2: fsid=syz:syz.0:  I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0
[  182.316530][ T5842] ocfs2: Unmounting device (7,2) on (node local)
[  182.325469][ T6803] CPU: 0 UID: 0 PID: 6803 Comm: gfs2_quotad/syz Not tainted syzkaller #0 PREEMPT(full) 
[  182.325490][ T6803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  182.325510][ T6803] Call Trace:
[  182.325520][ T6803]  <TASK>
[  182.325527][ T6803]  dump_stack_lvl+0xe8/0x150
[  182.325555][ T6803]  gfs2_withdraw+0xc3/0x1b0
[  182.325578][ T6803]  inode_go_instantiate+0xdd8/0x1220
[  182.325601][ T6803]  ? preempt_schedule_common+0x82/0xd0
[  182.325627][ T6803]  ? __pfx_inode_go_instantiate+0x10/0x10
[  182.325656][ T6803]  gfs2_instantiate+0x168/0x220
[  182.325680][ T6803]  gfs2_glock_wait+0x1d4/0x2a0
[  182.325703][ T6803]  do_sync+0x49a/0xcb0
[  182.325719][ T6803]  ? _raw_spin_unlock+0x28/0x50
[  182.325736][ T6803]  ? gfs2_quota_sync+0x370/0x470
[  182.325760][ T6803]  ? __pfx_do_sync+0x10/0x10
[  182.325785][ T6803]  ? gfs2_quota_sync+0x370/0x470
[  182.325804][ T6803]  ? do_raw_spin_unlock+0xf5/0x210
[  182.325827][ T6803]  gfs2_quota_sync+0x370/0x470
[  182.325852][ T6803]  gfs2_quotad+0x2b9/0x6e0
[  182.325881][ T6803]  ? __pfx_gfs2_quotad+0x10/0x10
[  182.325898][ T6803]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  182.325918][ T6803]  ? __kthread_parkme+0x7a/0x1f0
[  182.325942][ T6803]  kthread+0x388/0x470
[  182.325959][ T6803]  ? __pfx_gfs2_quotad+0x10/0x10
[  182.325974][ T6803]  ? __pfx_kthread+0x10/0x10
[  182.325993][ T6803]  ret_from_fork+0x514/0xb70
[  182.326018][ T6803]  ? __pfx_ret_from_fork+0x10/0x10
[  182.326040][ T6803]  ? __switch_to+0xc79/0x1410
[  182.326062][ T6803]  ? __pfx_kthread+0x10/0x10
[  182.326080][ T6803]  ret_from_fork_asm+0x1a/0x30
[  182.326110][ T6803]  </TASK>
[  182.326117][ T6803] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  182.698904][ T5850] gfs2: fsid=syz:syz.0: gfs2_evict_inode: -5
[  182.811716][ T5850] gfs2: fsid=syz:syz.0: gfs2_evict_inode: -5
[  182.892862][ T5850] gfs2: fsid=syz:syz.0: gfs2_evict_inode: -5
[  183.837775][ T6823] fuse: Bad value for 'fd'
[  184.504110][ T6832] loop4: detected capacity change from 0 to 512
[  184.574038][ T6832] EXT4-fs (loop4): invalid first ino: 0
[  187.309608][ T6846] loop5: detected capacity change from 0 to 32768
[  187.413390][ T6846] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  187.448790][ T6846] XFS (loop5): Ending clean mount
[  187.467068][ T6846] XFS (loop5): Quotacheck needed: Please wait.
[  187.713896][ T6846] XFS (loop5): Quotacheck: Done.
[  187.889745][ T6864] __nla_validate_parse: 134 callbacks suppressed
[  187.889784][ T6864] netlink: 180 bytes leftover after parsing attributes in process `syz.1.162'.
[  188.173926][ T5850] gfs2: fsid=syz:syz.0: warning: assertion "gfs2_log_is_empty(sdp)" failed - function = gfs2_make_fs_ro, file = fs/gfs2/super.c, line = 566
[  188.213860][   T29] audit: type=1804 audit(2000000055.960:57): pid=6866 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.161" name="/newroot/6/file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop5" ino=4428 res=1 errno=0
[  188.269998][ T5850] CPU: 0 UID: 0 PID: 5850 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  188.270020][ T5850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  188.270030][ T5850] Call Trace:
[  188.270036][ T5850]  <TASK>
[  188.270044][ T5850]  dump_stack_lvl+0xe8/0x150
[  188.270072][ T5850]  gfs2_assert_warn_i+0x194/0x2c0
[  188.270100][ T5850]  gfs2_make_fs_ro+0x30d/0x320
[  188.270127][ T5850]  ? __pfx_gfs2_make_fs_ro+0x10/0x10
[  188.270148][ T5850]  ? do_raw_spin_lock+0x12b/0x2f0
[  188.270170][ T5850]  ? __pfx_autoremove_wake_function+0x10/0x10
[  188.270196][ T5850]  ? do_raw_spin_unlock+0xf5/0x210
[  188.270218][ T5850]  gfs2_put_super+0x220/0x860
[  188.270247][ T5850]  ? __pfx_gfs2_put_super+0x10/0x10
[  188.270270][ T5850]  generic_shutdown_super+0x13d/0x2d0
[  188.270297][ T5850]  kill_block_super+0x44/0x90
[  188.270314][ T5850]  deactivate_locked_super+0xbc/0x130
[  188.270339][ T5850]  cleanup_mnt+0x437/0x4d0
[  188.270363][ T5850]  ? _raw_spin_unlock_irq+0x23/0x50
[  188.270387][ T5850]  task_work_run+0x1d9/0x270
[  188.270410][ T5850]  ? __pfx_task_work_run+0x10/0x10
[  188.270436][ T5850]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.270454][ T5850]  exit_to_user_mode_loop+0xed/0x480
[  188.270474][ T5850]  ? rcu_is_watching+0x15/0xb0
[  188.270491][ T5850]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.270509][ T5850]  do_syscall_64+0x33e/0xf80
[  188.270529][ T5850]  ? trace_irq_disable+0x3b/0x140
[  188.270548][ T5850]  ? clear_bhb_loop+0x40/0x90
[  188.270568][ T5850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.270584][ T5850] RIP: 0033:0x7fb17ef9da57
[  188.270612][ T5850] Code: a2 c7 05 9c fc 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  188.270625][ T5850] RSP: 002b:00007ffe65d9a988 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  188.270646][ T5850] RAX: 0000000000000000 RBX: 00007fb17f032048 RCX: 00007fb17ef9da57
[  188.270657][ T5850] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe65d9aa40
[  188.270667][ T5850] RBP: 00007ffe65d9aa40 R08: 00007ffe65d9ba40 R09: 00000000ffffffff
[  188.270677][ T5850] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe65d9bad0
[  188.270687][ T5850] R13: 00007fb17f032048 R14: 000000000002c96e R15: 00007ffe65d9bb10
[  188.270713][ T5850]  </TASK>
[  188.666612][ T5850] gfs2: fsid=syz:syz.0: gfs2_evict_inode: -5
[  188.870351][ T6088] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  189.426902][ T6873] netlink: 8 bytes leftover after parsing attributes in process `syz.2.165'.
[  189.643621][ T6873] netlink: 12 bytes leftover after parsing attributes in process `syz.2.165'.
[  190.366850][ T6890] netlink: 'syz.1.168': attribute type 6 has an invalid length.
[  190.376009][ T6890] netlink: 'syz.1.168': attribute type 6 has an invalid length.
[  191.794547][ T6897] loop4: detected capacity change from 0 to 1024
[  191.878565][ T6897] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  191.891311][ T6897] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  191.951164][   T29] audit: type=1326 audit(2000000059.760:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6906 comm="syz.2.171" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f814cd9c819 code=0x0
[  193.720584][ T6921] kvm: emulating exchange as write
[  194.285049][ T6930] tipc: New replicast peer: 255.255.255.255
[  194.293382][ T6930] tipc: Enabled bearer <udp:syz2>, priority 10
[  194.362207][ T5846] Bluetooth: hci3: command tx timeout
[  194.368878][ T5837] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  194.384558][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  194.387438][ T6929] EXT4-fs (nbd5): unable to read superblock
[  194.415270][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  195.690316][ T6941] loop5: detected capacity change from 0 to 512
[  195.751380][ T6941] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #12: comm syz.5.181: missing EA_INODE flag
[  195.922445][ T6941] loop5: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[  195.923721][ T6946] mmap: syz.3.182 (6946) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  195.942007][    C0] EXT4-fs (loop5): error count since last fsck: 1
[  195.954400][    C0] EXT4-fs (loop5): initial error at time 2000000063: ext4_xattr_inode_iget:441: inode 12
[  195.964316][    C0] EXT4-fs (loop5): last error at time 2000000063: ext4_xattr_inode_iget:441: inode 12
[  196.138818][   T29] audit: type=1326 audit(2000000063.890:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6936 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  196.501016][   T29] audit: type=1326 audit(2000000063.890:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6936 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  196.538458][   T29] audit: type=1326 audit(2000000063.890:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6936 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  196.560624][   T29] audit: type=1326 audit(2000000063.890:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6936 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  196.596755][ T6941] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.181: error while reading EA inode 12 err=-117
[  196.652292][ T6941] loop5: lost filesystem error report for type 5 error -117
[  196.658983][   T29] audit: type=1326 audit(2000000063.890:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6936 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  196.669282][ T6941] EXT4-fs (loop5): 1 orphan inode deleted
[  196.758516][   T29] audit: type=1326 audit(2000000063.900:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6936 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  196.786868][ T6941] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.801729][ T6953] loop4: detected capacity change from 0 to 1024
[  196.818602][ T6953] hfsplus: Unknown parameter 'de'
[  196.853518][   T29] audit: type=1326 audit(2000000063.900:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6936 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  197.692964][   T29] audit: type=1326 audit(2000000063.900:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6936 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  197.920025][   T29] audit: type=1326 audit(2000000063.910:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6936 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  198.424041][   T29] audit: type=1326 audit(2000000063.910:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6936 comm="syz.4.179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  198.685425][ T6964] loop4: detected capacity change from 0 to 32768
[  198.699868][ T6088] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.746868][ T6964] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  198.769094][ T6964] XFS (loop4): Ending clean mount
[  198.777609][ T6964] XFS (loop4): Quotacheck needed: Please wait.
[  198.891240][ T6964] XFS (loop4): Quotacheck: Done.
[  200.617067][ T6978] loop5: detected capacity change from 0 to 8
[  200.728110][ T6978] SQUASHFS error: xz decompression failed, data probably corrupt
[  200.736266][ T6978] SQUASHFS error: Failed to read block 0x108: -5
[  200.742940][ T6978] SQUASHFS error: Unable to read metadata cache entry [106]
[  200.750311][ T6978] SQUASHFS error: Unable to read inode 0x11f
[  200.901241][ T6980] loop2: detected capacity change from 0 to 1024
[  200.918638][ T6980] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  200.929085][ T6980] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  200.943134][ T6980] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  200.951743][ T6980] EXT4-fs (loop2): orphan cleanup on readonly fs
[  200.959318][ T6980] EXT4-fs error (device loop2): ext4_read_inode_bitmap:167: comm syz.2.189: Inode bitmap for bg 0 marked uninitialized
[  200.972109][ T6980] loop2: lost filesystem error report for type 5 error -117
[  200.976841][ T6980] EXT4-fs (loop2): Remounting filesystem read-only
[  200.984669][    C1] EXT4-fs (loop2): error count since last fsck: 1
[  200.984690][    C1] EXT4-fs (loop2): initial error at time 2000000068: ext4_read_inode_bitmap:167
[  200.984709][    C1] EXT4-fs (loop2): last error at time 2000000068: ext4_read_inode_bitmap:167
[  201.025489][ T6980] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  201.779880][ T5852] Bluetooth: hci1: command 0x0406 tx timeout
[  201.789637][ T5841] Bluetooth: hci3: command 0x0406 tx timeout
[  201.796572][ T5841] Bluetooth: hci2: command 0x0406 tx timeout
[  201.796705][ T5852] Bluetooth: hci4: command 0x0406 tx timeout
[  201.990291][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.168566][ T5837] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  202.935672][ T6993] evm: overlay not supported
[  204.584662][ T7002] loop5: detected capacity change from 0 to 32768
[  204.858251][ T7002] JBD2: Ignoring recovery information on journal
[  205.026230][ T7012] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-22)
[  205.463158][ T7002] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  205.527756][ T7010] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  206.290890][ T7023] loop4: detected capacity change from 0 to 1024
[  206.321140][ T7023] hfsplus: Unknown parameter 'de'
[  207.319938][ T7031] loop3: detected capacity change from 0 to 32768
[  207.344162][ T7031] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  207.386988][ T7031] XFS (loop3): Ending clean mount
[  207.395632][ T7031] XFS (loop3): Quotacheck needed: Please wait.
[  207.582748][ T7042] loop4: detected capacity change from 0 to 32768
[  207.615464][ T7042] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  207.688091][ T7042] XFS (loop4): Ending clean mount
[  207.700059][ T7042] XFS (loop4): Quotacheck needed: Please wait.
[  207.729275][ T6088] ocfs2: Unmounting device (7,5) on (node local)
[  207.770957][ T7031] XFS (loop3): Quotacheck: Done.
[  208.268610][   T29] kauditd_printk_skb: 14 callbacks suppressed
[  208.268625][   T29] audit: type=1804 audit(2000000075.810:83): pid=7055 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.202" name="/newroot/43/file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=4428 res=1 errno=0
[  208.576068][ T5850] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  208.666401][ T7042] XFS (loop4): Quotacheck: Done.
[  208.892427][   T29] audit: type=1804 audit(2000000076.700:84): pid=7059 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.203" name="/newroot/37/file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop4" ino=4428 res=1 errno=0
[  209.370493][ T5837] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  211.512819][ T7074] loop4: detected capacity change from 0 to 2048
[  211.576223][ T7074] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  211.884073][   T29] audit: type=1800 audit(2000000079.690:85): pid=7073 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.209" name="file2" dev="loop4" ino=1347 res=0 errno=0
[  211.935699][ T7074] tipc: Started in network mode
[  211.940617][ T7074] tipc: Node identity ac14140f, cluster identity 4711
[  211.947696][ T7074] tipc: New replicast peer: 255.255.255.255
[  211.954063][ T7074] tipc: Enabled bearer <udp:syz2>, priority 10
[  213.025445][ T7085] loop4: detected capacity change from 0 to 1024
[  213.036550][ T7085] hfsplus: Unknown parameter 'de'
[  213.066602][ T7084] loop3: detected capacity change from 0 to 512
[  213.072185][   T24] tipc: Node number set to 2886997007
[  213.208160][ T7087] loop5: detected capacity change from 0 to 1024
[  213.782438][ T7087] hfsplus: Unknown parameter 'de'
[  214.560261][ T7095] loop2: detected capacity change from 0 to 1024
[  214.569171][ T7095] hfsplus: Unknown parameter 'de'
[  214.583679][ T7084] netlink: 28 bytes leftover after parsing attributes in process `syz.3.212'.
[  215.676719][ T7108] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  216.067685][ T7098] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  219.935172][ T7130] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  221.063305][ T7134] loop2: detected capacity change from 0 to 4096
[  221.072101][ T7134] EXT4-fs: inline encryption not supported
[  221.104873][ T7143] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 2, id = 0
[  221.114374][ T7134] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[  221.434452][ T7145] loop3: detected capacity change from 0 to 1024
[  222.002351][ T7149] loop4: detected capacity change from 0 to 1024
[  222.011742][ T7145] hfsplus: Unknown parameter 'de'
[  222.061660][ T7149] hfsplus: Unknown parameter 'de'
[  223.400830][ T5161] Bluetooth: hci4: hardware error 0x09
[  224.193950][ T7166] fuse: Bad value for 'fd'
[  225.947484][ T7175] loop4: detected capacity change from 0 to 32768
[  226.034610][ T7175] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  226.087402][ T7175] XFS (loop4): Ending clean mount
[  226.098903][ T7175] XFS (loop4): Quotacheck needed: Please wait.
[  226.258182][ T7186] loop3: detected capacity change from 0 to 2048
[  226.336611][ T7186] udf: Unknown parameter 'ioc#Ûharset'
[  226.473332][ T5161] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  227.145624][ T7175] XFS (loop4): Quotacheck: Done.
[  227.631610][ T5161] Bluetooth: hci5: command 0x0406 tx timeout
[  227.745835][ T5837] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  228.776604][ T7192] loop2: detected capacity change from 0 to 131072
[  229.063204][ T7192] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  229.081066][ T7192] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  229.122329][   T29] audit: type=1804 audit(2000000096.930:86): pid=7192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.235" name="/newroot/54/file1/bus" dev="loop2" ino=10 res=1 errno=0
[  233.103775][ T7213] loop5: detected capacity change from 0 to 1024
[  233.149447][ T7213] hfsplus: Unknown parameter 'de'
[  235.323379][ T7230] netlink: 'syz.4.244': attribute type 27 has an invalid length.
[  235.794972][ T7239] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  235.810438][ T7239] netlink: 28 bytes leftover after parsing attributes in process `syz.3.236'.
[  237.071781][ T7245] IPVS: set_ctl: invalid protocol: 255 100.1.1.2:20000
[  237.163433][ T5854] Bluetooth: hci5: unexpected event for opcode 0x203c
[  237.321275][ T7255] batadv_slave_0: entered promiscuous mode
[  237.344943][ T7255] xt_l2tp: missing protocol rule (udp|l2tpip)
[  237.850632][ T7242] batadv_slave_0: left promiscuous mode
[  238.110335][   T29] audit: type=1326 audit(2000000105.910:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7259 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  238.314743][   T29] audit: type=1326 audit(2000000105.920:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7259 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  238.833125][   T29] audit: type=1326 audit(2000000105.940:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7259 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  238.884968][   T29] audit: type=1326 audit(2000000105.940:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7259 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  238.969838][   T29] audit: type=1326 audit(2000000105.940:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7259 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  239.127637][   T29] audit: type=1326 audit(2000000105.940:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7259 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  239.181805][   T29] audit: type=1326 audit(2000000105.940:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7259 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  239.677460][   T29] audit: type=1326 audit(2000000105.940:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7259 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  239.700098][   T29] audit: type=1326 audit(2000000105.940:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7259 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  239.766744][   T29] audit: type=1326 audit(2000000105.940:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7259 comm="syz.4.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb0f59c819 code=0x7ffc0000
[  240.096993][ T7278] loop2: detected capacity change from 0 to 32768
[  240.950902][ T7282] read_mapping_page failed!
[  245.145740][ T7314] netlink: 72 bytes leftover after parsing attributes in process `syz.5.261'.
[  246.447567][ T7317] faux_driver vgem: [drm] Unknown color mode 9; guessing buffer size.
[  247.122557][ T7319] loop4: detected capacity change from 0 to 32768
[  247.160251][ T7319] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  247.180093][ T7319] JBD2: Ignoring recovery information on journal
[  247.222647][ T7319] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  247.864116][ T7329] 9p: Bad value for 'rfdno'
[  248.483220][ T5837] ocfs2: Unmounting device (7,4) on (node local)
[  250.893927][ T7355] wlan1 speed is unknown, defaulting to 1000
[  250.900543][ T7355] wlan1 speed is unknown, defaulting to 1000
[  250.926327][ T7355] wlan1 speed is unknown, defaulting to 1000
[  250.944985][ T7355] smbdirect: ib_dev[óyz2]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[  250.960574][ T7355] smbdirect: ib_dev[óyz2]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[  250.978799][ T7355] smbdirect: ib_dev[óyz2]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[  251.015966][ T7355] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  251.087920][ T7355] infiniband óyz2: RDMA CMA: cma_listen_on_dev, error -98
[  251.278166][ T7355] wlan1 speed is unknown, defaulting to 1000
[  251.301732][ T7355] wlan1 speed is unknown, defaulting to 1000
[  251.322292][ T7355] wlan1 speed is unknown, defaulting to 1000
[  251.343469][ T7355] wlan1 speed is unknown, defaulting to 1000
[  251.363814][ T7355] wlan1 speed is unknown, defaulting to 1000
[  252.831478][ T7349] fuse: Bad value for 'fd'
[  252.937895][ T7366] loop3: detected capacity change from 0 to 2048
[  252.959527][ T7366] udf: Unknown parameter 'ioc#Ûharset'
[  254.300957][ T7381] xt_NFQUEUE: number of total queues is 0
[  255.707310][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  255.713882][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  256.716415][   T29] kauditd_printk_skb: 24 callbacks suppressed
[  256.716433][   T29] audit: type=1326 audit(2000000124.130:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1c379c819 code=0x7ffc0000
[  257.242951][ T7408] tmpfs: Bad value for 'nr_blocks'
[  257.255369][ T7407] loop5: detected capacity change from 0 to 128
[  257.262833][ T7407] EXT4-fs: Ignoring removed i_version option
[  257.665635][ T7407] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a842c018, mo2=0003]
[  257.673739][ T7407] System zones: 1-3, 19-19, 35-36
[  257.708923][ T7407] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  257.714243][   T29] audit: type=1326 audit(2000000124.130:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1c379c819 code=0x7ffc0000
[  257.723271][ T7407] ext4 filesystem being mounted at /29/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  257.791678][   T29] audit: type=1326 audit(2000000124.140:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fb1c379c819 code=0x7ffc0000
[  257.855802][   T29] audit: type=1326 audit(2000000124.150:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1c379c819 code=0x7ffc0000
[  258.703854][   T29] audit: type=1326 audit(2000000124.150:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1c379c819 code=0x7ffc0000
[  258.759840][ T6088] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  258.835330][   T29] audit: type=1326 audit(2000000124.480:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb1c379c819 code=0x7ffc0000
[  258.888003][   T29] audit: type=1326 audit(2000000124.480:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1c379c819 code=0x7ffc0000
[  259.005653][ T7417] kvm: requested 130742 ns i8254 timer period limited to 200000 ns
[  259.040794][ T7417] kvm: requested 110628 ns i8254 timer period limited to 200000 ns
[  259.061584][ T7417] kvm: requested 113142 ns i8254 timer period limited to 200000 ns
[  259.081657][   T29] audit: type=1326 audit(2000000124.480:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1c379c819 code=0x7ffc0000
[  259.104473][   T29] audit: type=1326 audit(2000000124.640:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7fb1c379c819 code=0x7ffc0000
[  259.157564][   T29] audit: type=1326 audit(2000000124.640:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1c379c819 code=0x7ffc0000
[  259.920396][ T5917] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  261.038583][ T5917] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 576, setting to 64
[  261.100319][ T5917] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  261.132118][ T5917] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.170708][ T5917] usb 5-1: Product: syz
[  261.182014][ T5917] usb 5-1: Manufacturer: syz
[  261.192043][ T5917] usb 5-1: SerialNumber: syz
[  261.244499][ T7424] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  263.563214][ T5917] usblp 5-1:1.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 2 vid 0x0525 pid 0xA4A8
[  263.711414][ T5917] usb 5-1: USB disconnect, device number 2
[  264.211139][ T5917] usblp0: removed
[  264.680940][ T7469] netlink: 'syz.5.294': attribute type 2 has an invalid length.
[  265.791801][ T7476] dummy0: mtu less than device minimum
[  265.838449][ T7476] loop2: detected capacity change from 0 to 512
[  265.863480][ T7476] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.876140][ T7476] ext4 filesystem being mounted at /64/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  270.077598][ T7508] 9pnet_virtio: no channels available for device syz
[  270.089714][ T7504] loop5: detected capacity change from 0 to 512
[  271.007519][ T7504] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  271.028173][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.074234][ T7504] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=42c028, mo2=0002]
[  271.100631][ T7504] EXT4-fs (loop5): orphan cleanup on readonly fs
[  271.154896][ T7504] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4222: comm syz.5.300: Allocating blocks 41-42 which overlap fs metadata
[  271.168928][ T7504] loop5: lost filesystem error report for type 5 error -117
[  271.172347][    C0] EXT4-fs (loop5): error count since last fsck: 1
[  271.186156][    C0] EXT4-fs (loop5): initial error at time 2000000138: ext4_mb_mark_diskspace_used:4222
[  271.195785][    C0] EXT4-fs (loop5): last error at time 2000000138: ext4_mb_mark_diskspace_used:4222
[  271.209059][ T7504] EXT4-fs (loop5): Remounting filesystem read-only
[  271.218573][ T7504] __quota_error: 10 callbacks suppressed
[  271.218585][ T7504] Quota error (device loop5): write_blk: dquota write failed
[  271.234681][ T7504] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  271.245948][ T7504] EXT4-fs (loop5): 1 truncate cleaned up
[  271.283454][ T7504] EXT4-fs (loop5): pa ffff8880351dbae0: logic 1, phys. 41, len 23
[  271.352276][ T5917] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  271.377491][ T7504] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  271.523549][ T7523] netlink: 'syz.2.306': attribute type 4 has an invalid length.
[  271.553066][ T5917] usb 5-1: Using ep0 maxpacket: 8
[  271.576490][ T5917] usb 5-1: config 65 has too many interfaces: 73, using maximum allowed: 32
[  271.594332][ T5917] usb 5-1: config 65 has 3 interfaces, different from the descriptor's value: 73
[  271.662109][ T5917] usb 5-1: config 65 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  271.744948][ T5917] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b1, bcdDevice= 0.40
[  271.776805][ T5917] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.815764][ T5917] usb 5-1: Product: syz
[  271.838487][ T5917] usb 5-1: Manufacturer: syz
[  271.860487][ T5917] usb 5-1: SerialNumber: syz
[  271.913939][ T6088] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.358006][ T5917] snd-usb-audio 5-1:65.0: probe with driver snd-usb-audio failed with error -71
[  274.472229][ T5917] usb 5-1: USB disconnect, device number 3
[  274.794979][ T7542] input: syz1 as /devices/virtual/input/input11
[  280.672736][ T5161] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  280.687974][ T5161] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  280.697802][ T5161] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  280.716632][ T5161] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  280.737995][ T5161] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  281.447213][ T7592] pimreg: entered allmulticast mode
[  282.314554][ T7584] wlan1 speed is unknown, defaulting to 1000
[  283.495929][ T5854] Bluetooth: hci0: command tx timeout
[  284.669142][ T7599] overlayfs: failed to clone lowerpath
[  284.683097][ T7601] 8021q: VLANs not supported on ip_vti0
[  284.934452][ T7600] loop2: detected capacity change from 0 to 8192
[  285.541973][ T5854] Bluetooth: hci0: command tx timeout
[  288.022775][ T5854] Bluetooth: hci0: command tx timeout
[  288.260945][ T7625] ceph: No mds server is up or the cluster is laggy
[  288.270235][    T9] libceph: connect (1)[c::]:6789 error -101
[  288.309298][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  288.315228][ T7626] loop4: detected capacity change from 0 to 2368
[  289.548187][   T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.660940][ T7584] chnl_net:caif_netlink_parms(): no params data found
[  289.773698][ T7624] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  290.446827][ T5854] Bluetooth: hci0: command tx timeout
[  290.670165][   T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.868640][ T7645] loop4: detected capacity change from 0 to 64
[  290.883730][ T7645] bfs: Unknown parameter ''
[  293.044573][ T7641] dummy0: mtu less than device minimum
[  293.445394][   T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.239835][   T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.426706][ T7584] bridge0: port 1(bridge_slave_0) entered blocking state
[  294.444442][ T7584] bridge0: port 1(bridge_slave_0) entered disabled state
[  294.473804][ T7584] bridge_slave_0: entered allmulticast mode
[  294.507291][ T7584] bridge_slave_0: entered promiscuous mode
[  294.539941][ T7584] bridge0: port 2(bridge_slave_1) entered blocking state
[  294.572075][ T7584] bridge0: port 2(bridge_slave_1) entered disabled state
[  294.587297][ T7584] bridge_slave_1: entered allmulticast mode
[  294.604563][ T7584] bridge_slave_1: entered promiscuous mode
[  296.271568][ T7584] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  296.329350][ T7584] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  296.578119][ T5854] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  296.621589][ T5854] CPU: 0 UID: 0 PID: 5854 Comm: kworker/u9:7 Not tainted syzkaller #0 PREEMPT(full) 
[  296.621615][ T5854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  296.621628][ T5854] Workqueue: hci1 hci_rx_work
[  296.621653][ T5854] Call Trace:
[  296.621660][ T5854]  <TASK>
[  296.621671][ T5854]  dump_stack_lvl+0xe8/0x150
[  296.621704][ T5854]  sysfs_create_dir_ns+0x271/0x2a0
[  296.621733][ T5854]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  296.621760][ T5854]  ? do_raw_spin_unlock+0xf5/0x210
[  296.621785][ T5854]  kobject_add_internal+0x62b/0xd00
[  296.621811][ T5854]  kobject_add+0x163/0x240
[  296.621845][ T5854]  ? __pfx_kobject_add+0x10/0x10
[  296.621872][ T5854]  ? _raw_spin_unlock+0x28/0x50
[  296.621896][ T5854]  ? get_device_parent+0x366/0x3a0
[  296.621920][ T5854]  device_add+0x408/0xb70
[  296.621943][ T5854]  hci_conn_add_sysfs+0xd5/0x210
[  296.621974][ T5854]  le_conn_complete_evt+0x10e6/0x16b0
[  296.622006][ T5854]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  296.622030][ T5854]  ? irqentry_exit+0x61a/0x700
[  296.622055][ T5854]  ? trace_irq_disable+0x3b/0x140
[  296.622083][ T5854]  ? skb_pull_data+0xfb/0x200
[  296.622112][ T5854]  hci_le_conn_complete_evt+0x187/0x470
[  296.622141][ T5854]  hci_event_packet+0x659/0xef0
[  296.622167][ T5854]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  296.622188][ T5854]  ? __pfx_hci_event_packet+0x10/0x10
[  296.622209][ T5854]  ? kcov_remote_start+0x49a/0x7a0
[  296.622233][ T5854]  ? hci_send_to_monitor+0xe2/0x590
[  296.622262][ T5854]  hci_rx_work+0x3ee/0x1040
[  296.622286][ T5854]  ? process_scheduled_works+0xa70/0x1860
[  296.622315][ T5854]  process_scheduled_works+0xb5d/0x1860
[  296.622368][ T5854]  ? __pfx_process_scheduled_works+0x10/0x10
[  296.622398][ T5854]  ? assign_work+0x3d5/0x5e0
[  296.622428][ T5854]  worker_thread+0xa53/0xfc0
[  296.622481][ T5854]  kthread+0x388/0x470
[  296.622513][ T5854]  ? __pfx_worker_thread+0x10/0x10
[  296.622539][ T5854]  ? __pfx_kthread+0x10/0x10
[  296.622561][ T5854]  ret_from_fork+0x514/0xb70
[  296.622592][ T5854]  ? __pfx_ret_from_fork+0x10/0x10
[  296.622619][ T5854]  ? __switch_to+0xc79/0x1410
[  296.622645][ T5854]  ? __pfx_kthread+0x10/0x10
[  296.622667][ T5854]  ret_from_fork_asm+0x1a/0x30
[  296.622700][ T5854]  </TASK>
[  297.444852][ T5854] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  297.475660][ T5854] Bluetooth: hci1: failed to register connection device
[  298.258938][ T7681] netlink: 20 bytes leftover after parsing attributes in process `syz.4.340'.
[  298.549121][ T7681] workqueue: Failed to create a rescuer kthread for wq "nbd64-recv": -EINTR
[  298.552744][ T7681] block (null): Could not allocate knbd recv work queue.
[  298.580656][ T7584] team0: Port device team_slave_0 added
[  298.581370][ T7688] loop5: detected capacity change from 0 to 64
[  298.619713][ T7584] team0: Port device team_slave_1 added
[  298.704445][ T7681] nbd: failed to add new device
[  299.282038][ T7688] fuse: Unknown parameter '0xffffffffffffffff00000000000000000000'
[  299.363678][ T7688] Trying to free block not in datazone
[  299.377730][ T7688] syz.5.342: attempt to access beyond end of device
[  299.377730][ T7688] loop5: rw=2049, sector=412, nr_sectors = 2 limit=64
[  299.395545][ T7688] Buffer I/O error on dev loop5, logical block 206, lost async page write
[  299.550512][ T5854] Bluetooth: hci1: command 0x0406 tx timeout
[  300.139938][ T7584] batman_adv: batadv0: Adding interface: batadv_slave_0
[  300.153639][ T7584] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  300.199944][ T7584] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  300.671350][ T7584] batman_adv: batadv0: Adding interface: batadv_slave_1
[  300.682346][ T7584] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  300.722250][ T5854] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  300.771553][ T7584] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  300.942997][ T7584] hsr_slave_0: entered promiscuous mode
[  300.951336][ T7584] hsr_slave_1: entered promiscuous mode
[  300.963787][ T7584] debugfs: 'hsr0' already exists in 'hsr'
[  300.970551][ T7584] Cannot create hsr debugfs directory
[  300.977625][   T13] bridge_slave_1: left allmulticast mode
[  301.001118][   T13] bridge_slave_1: left promiscuous mode
[  301.068088][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.622286][ T5854] Bluetooth: hci1: command 0x0406 tx timeout
[  301.789705][   T13] bridge_slave_0: left allmulticast mode
[  301.802206][   T13] bridge_slave_0: left promiscuous mode
[  301.813210][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  302.625436][ T7712] loop4: detected capacity change from 0 to 512
[  302.675334][ T7712] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  302.731747][ T7712] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  303.085247][ T7718] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  303.103506][ T7718] Quota error (device loop4): write_blk: dquota write failed
[  303.113754][ T7718] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota
[  303.124074][ T7718] EXT4-fs error (device loop4): ext4_acquire_dquot:7028: comm syz.4.348: Failed to acquire dquot type 0
[  303.526938][ T5837] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.557723][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  303.592088][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  303.625513][   T13] bond0 (unregistering): Released all slaves
[  307.282826][ T7752] dummy0: entered allmulticast mode
[  307.938985][ T7749] dummy0: left allmulticast mode
[  308.045664][ T7763] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  309.601461][ T5917] wlan1 speed is unknown, defaulting to 1000
[  309.614713][ T7584] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  309.646558][ T7765] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[  309.729830][ T7765] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[  309.747237][ T7584] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  309.778685][ T7765] netdevsim netdevsim5: Falling back to sysfs fallback for: .
[  309.834636][ T7584] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  309.881341][ T7584] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  310.049182][ T1029] smbdirect: ib_dev[óyz2] removed
[  310.160960][ T1029] ==================================================================
[  310.169064][ T1029] BUG: KASAN: invalid-free in gid_table_release_one+0x384/0x470
[  310.176714][ T1029] Free of addr ffff888077dd3cd8 by task kworker/u8:8/1029
[  310.183855][ T1029] 
[  310.186192][ T1029] CPU: 1 UID: 0 PID: 1029 Comm: kworker/u8:8 Not tainted syzkaller #0 PREEMPT(full) 
[  310.186214][ T1029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  310.186226][ T1029] Workqueue: ib-unreg-wq ib_unregister_work
[  310.186252][ T1029] Call Trace:
[  310.186258][ T1029]  <TASK>
[  310.186265][ T1029]  dump_stack_lvl+0xe8/0x150
[  310.186290][ T1029]  print_address_description+0x55/0x1e0
[  310.186312][ T1029]  print_report+0x58/0x70
[  310.186330][ T1029]  ? gid_table_release_one+0x384/0x470
[  310.186347][ T1029]  kasan_report_invalid_free+0xea/0x110
[  310.186366][ T1029]  ? gid_table_release_one+0x384/0x470
[  310.186384][ T1029]  ? gid_table_release_one+0x384/0x470
[  310.186407][ T1029]  __kasan_slab_pre_free+0x104/0x120
[  310.186421][ T1029]  kfree+0x173/0x640
[  310.186439][ T1029]  ? gid_table_release_one+0x384/0x470
[  310.186457][ T1029]  gid_table_release_one+0x384/0x470
[  310.186479][ T1029]  ib_device_release+0xd2/0x1c0
[  310.186501][ T1029]  ? __pfx_ib_device_release+0x10/0x10
[  310.186522][ T1029]  device_release+0xc4/0x1f0
[  310.186542][ T1029]  kobject_put+0x228/0x560
[  310.186566][ T1029]  ? process_scheduled_works+0xa70/0x1860
[  310.186588][ T1029]  process_scheduled_works+0xb5d/0x1860
[  310.186619][ T1029]  ? __pfx_process_scheduled_works+0x10/0x10
[  310.186638][ T1029]  ? assign_work+0x3d5/0x5e0
[  310.186658][ T1029]  worker_thread+0xa53/0xfc0
[  310.186686][ T1029]  kthread+0x388/0x470
[  310.186702][ T1029]  ? __pfx_worker_thread+0x10/0x10
[  310.186720][ T1029]  ? __pfx_kthread+0x10/0x10
[  310.186734][ T1029]  ret_from_fork+0x514/0xb70
[  310.186755][ T1029]  ? __pfx_ret_from_fork+0x10/0x10
[  310.186773][ T1029]  ? __switch_to+0xc79/0x1410
[  310.186791][ T1029]  ? __pfx_kthread+0x10/0x10
[  310.186807][ T1029]  ret_from_fork_asm+0x1a/0x30
[  310.186827][ T1029]  </TASK>
[  310.186833][ T1029] 
[  310.210919][ T7791] loop5: detected capacity change from 0 to 64
[  310.212236][ T1029] Allocated by task 7355:
[  310.212248][ T1029]  kasan_save_track+0x3e/0x80
[  310.212273][ T1029]  __kasan_kmalloc+0x93/0xb0
[  310.212286][ T1029]  __kmalloc_noprof+0x35c/0x760
[  310.212306][ T1029]  ib_cache_setup_one+0x198/0x570
[  310.212320][ T1029]  ib_register_device+0xfbd/0x13e0
[  310.212337][ T1029]  siw_newlink+0x8fe/0xde0
[  310.212356][ T1029]  nldev_newlink+0x5bc/0x650
[  310.212371][ T1029]  rdma_nl_rcv+0x6d1/0xa10
[  310.212393][ T1029]  netlink_unicast+0x80f/0x9b0
[  310.212412][ T1029]  netlink_sendmsg+0x813/0xb40
[  310.212426][ T1029]  ____sys_sendmsg+0x972/0x9f0
[  310.212442][ T1029]  ___sys_sendmsg+0x2a5/0x360
[  310.212458][ T1029]  __x64_sys_sendmsg+0x1bd/0x2a0
[  310.212475][ T1029]  do_syscall_64+0x15f/0xf80
[  310.212494][ T1029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.212509][ T1029] 
[  310.212514][ T1029] The buggy address belongs to the object at ffff888077dd3c00
[  310.212514][ T1029]  which belongs to the cache kmalloc-256 of size 256
[  310.212526][ T1029] The buggy address is located 216 bytes inside of
[  310.212526][ T1029]  224-byte region [ffff888077dd3c00, ffff888077dd3ce0)
[  310.212540][ T1029] 
[  310.212545][ T1029] The buggy address belongs to the physical page:
[  310.485389][ T1029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x77dd2
[  310.494144][ T1029] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  310.502719][ T1029] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  310.510255][ T1029] page_type: f5(slab)
[  310.514287][ T1029] raw: 00fff00000000040 ffff88813fe25b40 dead000000000100 dead000000000122
[  310.522868][ T1029] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  310.531442][ T1029] head: 00fff00000000040 ffff88813fe25b40 dead000000000100 dead000000000122
[  310.540203][ T1029] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  310.548952][ T1029] head: 00fff00000000001 ffffffffffffff81 00000000ffffffff 00000000ffffffff
[  310.557608][ T1029] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  310.566259][ T1029] page dumped because: kasan: bad access detected
[  310.572665][ T1029] page_owner tracks the page as allocated
[  310.578454][ T1029] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5980, tgid 5977 (syz.0.8), ts 85739633153, free_ts 85728316859
[  310.599446][ T1029]  post_alloc_hook+0x231/0x280
[  310.604237][ T1029]  get_page_from_freelist+0x24ba/0x2540
[  310.609772][ T1029]  __alloc_frozen_pages_noprof+0x18d/0x380
[  310.615563][ T1029]  allocate_slab+0x77/0x660
[  310.620087][ T1029]  refill_objects+0x339/0x3d0
[  310.624752][ T1029]  __pcs_replace_empty_main+0x321/0x720
[  310.630287][ T1029]  __kmalloc_noprof+0x474/0x760
[  310.635142][ T1029]  iter_file_splice_write+0x1da/0x10f0
[  310.640591][ T1029]  direct_splice_actor+0x101/0x160
[  310.645788][ T1029]  splice_direct_to_actor+0x53a/0xc70
[  310.651408][ T1029]  do_splice_direct+0x195/0x290
[  310.656369][ T1029]  do_sendfile+0x535/0x7d0
[  310.660786][ T1029]  __se_sys_sendfile64+0x144/0x1a0
[  310.665961][ T1029]  do_syscall_64+0x15f/0xf80
[  310.670546][ T1029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.676424][ T1029] page last free pid 5850 tgid 5850 stack trace:
[  310.682814][ T1029]  __free_frozen_pages+0xbc7/0xd30
[  310.687944][ T1029]  __slab_free+0x274/0x2c0
[  310.692524][ T1029]  qlist_free_all+0x99/0x100
[  310.697134][ T1029]  kasan_quarantine_reduce+0x148/0x160
[  310.702598][ T1029]  __kasan_slab_alloc+0x22/0x80
[  310.707449][ T1029]  kmem_cache_alloc_noprof+0x2bc/0x650
[  310.712910][ T1029]  do_getname+0x2e/0x250
[  310.717154][ T1029]  __se_sys_unlink+0x1e/0x140
[  310.721829][ T1029]  do_syscall_64+0x15f/0xf80
[  310.726472][ T1029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.732459][ T1029] 
[  310.734774][ T1029] Memory state around the buggy address:
[  310.740385][ T1029]  ffff888077dd3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  310.748431][ T1029]  ffff888077dd3c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  310.756481][ T1029] >ffff888077dd3c80: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc
[  310.764608][ T1029]                                                     ^
[  310.771527][ T1029]  ffff888077dd3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  310.779573][ T1029]  ffff888077dd3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  310.787614][ T1029] ==================================================================
[  310.829684][ T7584] 8021q: adding VLAN 0 to HW filter on device bond0
[  310.863291][ T7584] 8021q: adding VLAN 0 to HW filter on device team0
[  310.903732][ T7793] loop4: detected capacity change from 0 to 16
[  310.918044][ T7793] erofs (device loop4): mounted with root inode @ nid 36.
[  310.919845][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.932479][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  310.935536][ T1029] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  310.935565][ T1029] CPU: 1 UID: 0 PID: 1029 Comm: kworker/u8:8 Not tainted syzkaller #0 PREEMPT(full) 
[  310.935583][ T1029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  310.935594][ T1029] Workqueue: ib-unreg-wq ib_unregister_work
[  310.935621][ T1029] Call Trace:
[  310.935628][ T1029]  <TASK>
[  310.935634][ T1029]  vpanic+0x56c/0xa60
[  310.935660][ T1029]  ? __pfx_vpanic+0x10/0x10
[  310.935685][ T1029]  panic+0xc5/0xd0
[  310.935705][ T1029]  ? __pfx_panic+0x10/0x10
[  310.935726][ T1029]  ? preempt_schedule_thunk+0x16/0x30
[  310.935746][ T1029]  ? preempt_schedule_thunk+0x16/0x30
[  310.935765][ T1029]  check_panic_on_warn+0x89/0xb0
[  310.935784][ T1029]  end_report+0x73/0x170
[  310.935801][ T1029]  ? gid_table_release_one+0x384/0x470
[  310.935818][ T1029]  kasan_report_invalid_free+0xfa/0x110
[  310.935835][ T1029]  ? gid_table_release_one+0x384/0x470
[  310.935853][ T1029]  ? gid_table_release_one+0x384/0x470
[  310.935889][ T1029]  __kasan_slab_pre_free+0x104/0x120
[  310.935905][ T1029]  kfree+0x173/0x640
[  310.935925][ T1029]  ? gid_table_release_one+0x384/0x470
[  310.935944][ T1029]  gid_table_release_one+0x384/0x470
[  310.935966][ T1029]  ib_device_release+0xd2/0x1c0
[  310.935988][ T1029]  ? __pfx_ib_device_release+0x10/0x10
[  310.936009][ T1029]  device_release+0xc4/0x1f0
[  310.936036][ T1029]  kobject_put+0x228/0x560
[  310.936060][ T1029]  ? process_scheduled_works+0xa70/0x1860
[  310.936083][ T1029]  process_scheduled_works+0xb5d/0x1860
[  310.936116][ T1029]  ? __pfx_process_scheduled_works+0x10/0x10
[  310.936139][ T1029]  ? assign_work+0x3d5/0x5e0
[  310.936162][ T1029]  worker_thread+0xa53/0xfc0
[  310.936193][ T1029]  kthread+0x388/0x470
[  310.936210][ T1029]  ? __pfx_worker_thread+0x10/0x10
[  310.936231][ T1029]  ? __pfx_kthread+0x10/0x10
[  310.936247][ T1029]  ret_from_fork+0x514/0xb70
[  310.936270][ T1029]  ? __pfx_ret_from_fork+0x10/0x10
[  310.936289][ T1029]  ? __switch_to+0xc79/0x1410
[  310.936308][ T1029]  ? __pfx_kthread+0x10/0x10
[  310.936325][ T1029]  ret_from_fork_asm+0x1a/0x30
[  310.936346][ T1029]  </TASK>
[  310.940130][ T1029] Kernel Offset: disabled