last executing test programs:

2m55.07098173s ago: executing program 2 (id=606):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x84}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x1, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
pread64(r6, &(0x7f00000000c0)=""/30, 0x1e, 0x800000000004)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x320, 0x0, 0x2b8, 0xb0000010, 0x0, 0x5c8f0200, 0x250, 0x3a8, 0x3a8, 0x250, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private1, @local, [0x0, 0x0, 0xffffffff], [], 'vlan1\x00', 'veth0_to_team\x00', {0xff}}, 0x0, 0xa8, 0xf0, 0x700}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000206, 'syz1\x00'}}}, {{@uncond, 0x0, 0x138, 0x160, 0x0, {}, [@common=@srh1={{0x90}, {0x87, 0x80, 0x2, 0xfe, 0x7, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, @private0, @empty, [0x49fc5045ed3ae8ef, 0xff000000, 0x6675841787364651, 0xff], [0xff, 0xff000000, 0xff000000, 0xff], [0xffffff00, 0xffffff00, 0x8000007f, 0xff], 0x202, 0x8}}]}, @common=@unspec=@CONNSECMARK={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x380)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
r8 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r8, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r9)
sendmsg$NLBL_CIPSOV4_C_ADD(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x24, r10, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0xffffffffffffffff}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

2m51.984352181s ago: executing program 2 (id=608):
setsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000280)=@assoc_value={0x0, 0x40}, 0x8)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'wlan0\x00'})
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000d80)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x10)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f00000094c0)='./file1\x00', 0x0, &(0x7f0000001940)=ANY=[], 0x1, 0xc25, &(0x7f0000002580)="$eJzs3V9oXNl9B/DfmStZY22aaLOJN2mz6UBKYpTa+F9sBZcgZxW1AccbIit0n6LRHzvDyiMjyY03bYPakhb6ErovpS9FNF1ayEPpQ7ePVZotJJRCCXlIHwqCJss+9EEPgdKWjcK9c0Ya2fJau15ZsvfzMePvnTu/OzrnntGdO6AzNwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiM9+7tKp0+mgWwEAPExXJr506myKgYNuBwDw8Fz1+R8AAAAAAAAAAAAAAA67FEUcixSDr2ykqep+R/1yq33r9uTY+O6bHU2RohZFVV/e6qfPnD33qfMXRrr55tu/0z4cz01cvdR4duHGzcW5paW52cZkuzWzMDu352d40O3vNFztgMaNF27NXru21Dhz8uyOh28PvTbwxLGhixdOnB/p1k6OjY9P9NT09b/tn36Xe83wOBJFNCPFG0Ovp2ZE1OLB98V9Xjv77WjVieGqE5Nj41VH5lvN9nL5YKrlqlpEo2ej0e4+eghj8UBGI1bK5pcNHi67N3Gzudicnp9rfLG5uNxabi20U63T2rI/jajFSIpYjYj1XSb59kcRH40UL53aSNMRUXT3wyericH3b09tH/q4B2U7G/0Rq7VHYMwOsYEo4kqk+Nmrx2Om3Gf5Fh+P+EKZr0S8XOZnIlL5wjgX8VOTxR8bfVHEv0WKhbSRZqvjQfe4cvnLjc+3ry301HaPK4/8+8PDdMiPTfUoYro64m+kt3+yAwAAAAAAAAAAAAAAAMA77WgU8e1I8UfP/E41rziqeenvuzjynud/s3fO+NP3eZ6y9mRErNT2Nie3P08dTrXy3z50jD2pRxHfyPP//uCgGwMAAAAAAAAAAAAAAAAAAPCuVsTzkeIrJ46n1aiu/XskqmuKt9rXG1eb0/Odq8J2r/3bvWb65ubmZiN1cjTnVM6VnKs513Ku54xa3j7naM6pnCs5V3Ou5VzPGUXePudozqmcKzlXc67lXM8ZfXn7nKM5p3Ku5FzNuZZzPWcckmv3AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8TmpRxM8jxbe+tpEiRcRoxFR0cm3goFsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJTqqYiTkWLt+Xp1f7UWcTUifr65udm9RcRGmQ/qoPsKAAAAAAAAAAAAAAAAAAAAh1Yq4mOR4qn/20iNiLg99NrAE8eGLl44cX6kiCJSWdJb/9zE1UuNZxdu3FycW1qam21MtlszC7Nze/1x9cut9q3bk2Pj+9KZ+zq6z+0/Wn924eaLi63rX13e9fHB+qXppeXF5szuD8fRqEVM9a4Zrho8OTZeNXq+1WxXm6baPRpYixjda2cAAAAAAAAAAAAAAAAAAAA4NAZTEZ+LFD/5z3OpO2+8rzPn/5c694qt2pd/b/u7AObvyK7e7w/Yy3Laa0OHq4n3jcmx8fGJntV9/XeXlm1KqYinI8UnXvpQNR8+xeCuc+PLuveWdTfO5bqhXynrVnZU1Ycnx8YbVxbaJy7Nzy/MNJeb0/NzjYmbzZn8xQEre+0GAAAAAAAAAAAAAAAAAAAA7GYwFfGjSPHff/vvqXvd+Tz/v69zr2f+/29UU+gr9bQzt1Rz+99bze3vLL/v4sjgR5+51/r9mP9ftimlIr4ZKc7+6EPV9fS78/+n7qgt6/4kUrz+zEdyXe1IWdfsdqfzjNda83Onytq/jBS/+ka3Nqra67n2qe3a02Xt0Ujx5xs7a7+aaz+wXXumrD0eKb73X7vXfnC79mxZ+5NI8Y9/0+jWDpa1v5trj23XnpxZmJ+9324tx/87keKvr/xW6vb5nuPf8/0PK3fklrvG/M2X36nxH+pZt5LH9Y/z+DfvM/7nI8V36h/JdZ19P50ff7L6f3v8PxEp/uNfd9Zey7Xv3649vdduHbRy/L8dKb77Fz/e6nMe//74+/+N7RHfOf6/3Lczt14lBzT+T/asG8rtmnnru+NdZ+nFr7/QnJ+fW7RgwYKFrYWDPjLxMJTv/38aKf7/WJG65zH5/f89nXvb53//843t9/+Ld+SWA3r/f3/Puov5rKW/L6K+fONm/9MR9aUXv36idaN5fe76XPvM6VOf/vT506dOn+8/0j25217a8757HJTj/4NI8cO/++HW55it87/K7uf/g3fklgMa/6d6+7TjvGbPu+JdqRz/v4oUT372x1ufN3eO/87z/+7n/+Mf25lbv38HNP4f6Fk3lNvVeov7AgAAAAAAAAAA4FEymIr4s0jx23/466k7h2gvf/83e0duOaC//zrWs272Ic1r2PNOBgA4RMrzvw9Gin/a/P7WXO6d53/xa93a3vO/ezkM1/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBHXYoifj9SDL6ykdYGyvsd9cut9q3bk2Pju292NEWKWhRVfXmrnz5z9tynzl8Y6eabb/9O+3A8N3H1UuPZhRs3F+eWluZmG5Pt1szC7Nyen+FBt7/TcLUDGjdeuDV77dpS48zJszsevj302sATx4YuXjhxfqRTO9CYHBsfn+ip6et/2z/9Luke649EEd+PFG8MvZ6+OxBRiwffF/d57ey3o1UnhqtOTI6NVx2ZbzXby+WDqZarahGNno1Gu/soj9t+jsUDGY1YKZtfNni47N7EzeZic3p+rvHF5uJya7m10E61TmvL/jSiFiMpYjUi1gfufrr+KOKbkeKlUxvpnwciiu5++OSViS+dOnv/9tT2oY97ULaz0R+xWnsExuwQG4gi/iFS/OzV4/G9gYi+6Nzi4xFfKPOViJfL/ExEKl8Y5yJ+usvriEdTXxRxLlIspI306kB5POgeVy5/ufH59rWFntruceWRf394mA75sakeRfygOuJvpH/xew0AAAAAAAAAAAAAAABwiBSxGim+cuJ4quYHb80pbrWvN642p+c70/q6c/+6c6Y3Nzc3G6mTozmncq7kXM25lnM9Z9Ty9jlHc07lXMm5mnMt53rOKPL2OUdzTuVcybmacy3nes7oy9vnHM05lXMl52rOtZzrOeOQzN0DAAAAAAAAAAAAAAAAAAAeL7Uoqqu4f+trG2lzoHN96ano5JrrgT72fhEAAP//gMd2Mw==")
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200)='./file0\x00')
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x5, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.idle_time\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, 0x0)
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x30000c6, &(0x7f0000000180)={[{@errors_continue}, {@jqfmt_vfsv0}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x5}}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@max_batch_time={'max_batch_time', 0x3d, 0x9}}]}, 0x2, 0x574, &(0x7f0000000600)="$eJzs3UtrG1cbAOB3ZDn377MDIbSlFEMWTUkjx3YvKXSRLksbGmj3qZAVEyxHwZJD7AaaLJpNNyUUSmmgdN/uswz9A/0VgSYQSjDtohuXkUe+RJIvUWw50fOAwjk+I51558x7ckYjoQD61kj6Ty7i1Yj4LokYiogka8tH1jiyvN3ikxul9JHE0tLnfyWN7dJ687WazzucVV6JiN+/iTiVa+23Nr8wXaxUyrNZfbQ+c3W0Nr9w+vJMcao8Vb4yPjFx9t2J8Q/ef++5xfrWhX9+/Oz+x2e/PbH4w2+Pjt5J4lwcydrWxrGpAx1bbq6tjMRIdkwG49xTG45tZ8dfAEmvd4BnMpDl+WCkc8BQDGRZD7z8vo6IJaBPJfIf+lRzHdC8tt/WdfBL4PFHyxdArfHnl98biQONa6NDi8m6K6P0enf4OfSf9nHv4d076SO2+z4EQBdu3oqIM/l86/yXZPPfszuzhW2e7sP8B7vnfrr+ebvd+ie3sv6JNuufw8u5u6/b/jfP/9yj1WK3vbVK138ftl3/rnQ2PJDV/tdY8w0mly5Xyunc9v+IOBmD+9P6Rvdzzi4+WOrUtnb9dy891E9ulJprwWw/HuX3r3/OZLFe7CbmtR7finit7fo3WRn/pM34p8fjwhb7OF6++0antnXxP7x7Z7El/p219EvEm23Hf/WOVrLx/cnRxvkw2jwrWv19+/gfnfrvdfzp+B/aOP7hZO392tr2+/j5wL/lTm3r4o928bc///clXzTKzQnoerFenx2L2Jd82vr38dXnNuvN7dP4T57YeP5rd/4fjIgvtxj/7WO/vr6l+Hs0/pPbGv/tFx588tVPnfrfPP50/N9plE5mf8nmv6GN4trqDnZ7/AAAAAAAAGAvyUXEkUhyhZVyLlcoLH++41gcylWqtfqpS9W5K5PR+K7scAzmmne6h9Z8HmIs+zxssz7+VH0iIo5GxPcDBxv1Qqlamex18AAAAAAAAAAAAAAAAAAAALBHHO7w/f/UnwO93jtgx/nJb+hfm+Z/t78EB+xZ/v+H/iX/oX/Jf+hf8h/6l/yH/iX/oX/Jf+hf8h8AAAAAAAAAAAAAAAAAAAAAAAAAAACeqwvnz6ePpcUnN0ppffLa/Nx09drpyXJtujAzVyqUqrNXC1PV6lSlXChVZzZ7vUq1enVsPOauj9bLtfpobX7h4kx17kr94uWZ4lT5YnlwV6ICAAAAAAAAAAAAAAAAAACAF0ttfmG6WKmUZ3eqkOx8Fwq9LOT3xm70TyEfu9JXr2cmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFj1XwAAAP//3vwzFw==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x8a141, 0x91)
syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x135642)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000001a40)=""/102392, 0x18ff8)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x2, &(0x7f0000001040)=@ccm_128={{0x303}, "d0cabc754f771b4d", "c37b294fbf570dd80e8ef4bc1b586ee4", "0bea5394", "9a6fbbff8ee397ec"}, 0x1)
pwrite64(r2, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)
creat(&(0x7f0000002380)='./file1\x00', 0x0)
getpeername(r1, &(0x7f0000000040)=@l2tp={0x2, 0x0, @remote}, &(0x7f00000000c0)=0x80)

2m50.121363759s ago: executing program 2 (id=612):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x0, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0xe7e, 0x0)
read$msr(r2, &(0x7f0000009b80)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xd0}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x5, 0x0, 0x7, 0x9, 0x0, 0x2, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0xf1}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x9, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe5}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x14, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
ioctl$RTC_ALM_SET(r6, 0x40247007, &(0x7f0000000300)={0xf, 0x37, 0xb, 0x6, 0x3, 0xc, 0x1, 0xcf, 0x1})

2m47.818432167s ago: executing program 2 (id=615):
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000004c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0xa}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0xfe9e, 0x3, 0x6361, 0x5, 0xfffffffe, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x40a4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x7fffe, {0x0, 0x0, 0x0, r2, {0x0, 0xffe0}, {0xb, 0xb}, {0x2, 0xb}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8c5}, 0x8000)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000001c0)={'syzkaller0\x00', <r6=>0x0})
sendto$packet(r4, &(0x7f00000002c0)="0503d6fcd3fc140000004788031c09102c28", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x88a8, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)

2m45.44511468s ago: executing program 2 (id=619):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, 0x0, 0x0)
setreuid(0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)=0x20)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r3, 0x4b47, &(0x7f0000000080)={0x0, 0x7a, 0x20f})

2m43.219552832s ago: executing program 2 (id=622):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @empty, 0x4}, 0x1c)
connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e1d, 0x9, @local, 0x2}, 0x1c)
connect$netlink(r0, &(0x7f00000000c0)=@unspec, 0xc)
syz_emit_ethernet(0x7e, &(0x7f00000001c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @multicast, @void, {@ipv6={0x86dd, @udp={0xa, 0x6, '\x00', 0x48, 0x11, 0x0, @local, @local, {[], {0x4e1d, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "dc521c259b538a2bf2a113dc2eeec0a072edf20b6d59027f", "d646c098cfc27eb8549d66e7b219c2c3b85e4508546e551af9e59631718ba089"}}}}}}}, 0x0)
r1 = accept$alg(0xffffffffffffffff, 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x406, r1)
sendmmsg$sock(r2, &(0x7f0000004fc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x18000)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'macvtap0\x00', <r4=>0x0})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000900)=[{{&(0x7f0000000580)={0xa, 0x4e23, 0x1, @loopback}, 0x1c, 0x0}}], 0x1, 0x8020)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="c4000000190001000000000000004000e000000200000607192ac416652b826f8702350000000000000000000000000000000000000000000a00000087000000", @ANYRES32=0x0, @ANYRES32=0x0], 0xc4}, 0x1, 0x0, 0x0, 0x40100}, 0xc000010)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x188}}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x6, 0x13, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020200008500000072000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000017000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0xfca804a0, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="280000001d0001008a0000000000000007000000", @ANYRES32=r4, @ANYBLOB="080012000a0002"], 0x28}}, 0x10)
socket$unix(0x1, 0x1, 0x0)
syz_mount_image$reiserfs(&(0x7f0000000140), &(0x7f0000001140)='./file6\x00', 0x98, &(0x7f0000000280), 0x1, 0x10ef, &(0x7f00000022c0)="$eJzs2DGLE0EYBuB3dg/kqshcvx5oYSHHHfEPXKGQxsLaLljZmUrJz/HnyFX2R3pTBOyVTQwJEhDJYuB4Hlh252Vmvp1yvgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvLPlekosmqdusSVKSrrubLJJ02/zx17ZJydv3k9mrj+PXs8209FmT0q9aj+vN01rHdVxv6suL22d19unzh3avZEmX+9V8ev5mOehR+trtoDsCAADAw/DzaKMT1wcAAAD+ZrBGAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAA6vajSVKSrrubLJJ0p/0tAAAA4EglTd6NDuWbNsDOi3wblZRHu+RH6edc58uB9QAAAMC/KXv38ec5z5O9/DJnubrajH+/srxN2iTXf+xzv5pP18/lfFr+5wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAGCqAAAA//9TGNII")
r8 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x100)
truncate(&(0x7f00000002c0)='./file0\x00', 0x8000000)
ftruncate(r8, 0x3)

2m27.326375681s ago: executing program 32 (id=622):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @empty, 0x4}, 0x1c)
connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e1d, 0x9, @local, 0x2}, 0x1c)
connect$netlink(r0, &(0x7f00000000c0)=@unspec, 0xc)
syz_emit_ethernet(0x7e, &(0x7f00000001c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @multicast, @void, {@ipv6={0x86dd, @udp={0xa, 0x6, '\x00', 0x48, 0x11, 0x0, @local, @local, {[], {0x4e1d, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "dc521c259b538a2bf2a113dc2eeec0a072edf20b6d59027f", "d646c098cfc27eb8549d66e7b219c2c3b85e4508546e551af9e59631718ba089"}}}}}}}, 0x0)
r1 = accept$alg(0xffffffffffffffff, 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x406, r1)
sendmmsg$sock(r2, &(0x7f0000004fc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x18000)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'macvtap0\x00', <r4=>0x0})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000900)=[{{&(0x7f0000000580)={0xa, 0x4e23, 0x1, @loopback}, 0x1c, 0x0}}], 0x1, 0x8020)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="c4000000190001000000000000004000e000000200000607192ac416652b826f8702350000000000000000000000000000000000000000000a00000087000000", @ANYRES32=0x0, @ANYRES32=0x0], 0xc4}, 0x1, 0x0, 0x0, 0x40100}, 0xc000010)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x188}}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x6, 0x13, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020200008500000072000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000017000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0xfca804a0, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="280000001d0001008a0000000000000007000000", @ANYRES32=r4, @ANYBLOB="080012000a0002"], 0x28}}, 0x10)
socket$unix(0x1, 0x1, 0x0)
syz_mount_image$reiserfs(&(0x7f0000000140), &(0x7f0000001140)='./file6\x00', 0x98, &(0x7f0000000280), 0x1, 0x10ef, &(0x7f00000022c0)="$eJzs2DGLE0EYBuB3dg/kqshcvx5oYSHHHfEPXKGQxsLaLljZmUrJz/HnyFX2R3pTBOyVTQwJEhDJYuB4Hlh252Vmvp1yvgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvLPlekosmqdusSVKSrrubLJJ02/zx17ZJydv3k9mrj+PXs8209FmT0q9aj+vN01rHdVxv6suL22d19unzh3avZEmX+9V8ev5mOehR+trtoDsCAADAw/DzaKMT1wcAAAD+ZrBGAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAA6vajSVKSrrubLJJ0p/0tAAAA4EglTd6NDuWbNsDOi3wblZRHu+RH6edc58uB9QAAAMC/KXv38ec5z5O9/DJnubrajH+/srxN2iTXf+xzv5pP18/lfFr+5wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAGCqAAAA//9TGNII")
r8 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x100)
truncate(&(0x7f00000002c0)='./file0\x00', 0x8000000)
ftruncate(r8, 0x3)

27.129425671s ago: executing program 3 (id=829):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000000c0)=@bpf_lsm={0x6, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff}, [@ldst={0x3, 0x0, 0x3, 0x0, 0x3, 0x10}]}, &(0x7f0000000180)='GPL\x00', 0xc, 0xd2, &(0x7f00000001c0)=""/210, 0x41100, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)

26.037689055s ago: executing program 3 (id=832):
seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, &(0x7f0000000180)=0x7fff0000)

25.948791102s ago: executing program 3 (id=833):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f0000000100)={0x20, r1, 0x2, 0x0, &(0x7f0000000140)=[{}, {}]})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000180)={0x20, r1, 0x2, 0x0, &(0x7f00000001c0)=[{0x0, 0x1}, {0x3, 0x5}]})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000200)={0x28, 0x7, r1, 0x0, &(0x7f0000000240)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1c, 0x1c})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000280)={0x18, r1})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f00000002c0)={0x28, 0x7, r1, 0x0, &(0x7f0000000300)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1c, 0x2})
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000340)={0x18, r1, 0x2, 0x1c})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000380)={0x28, 0x7, r1, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f00000003c0)={0x18, r1})
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000400)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000440)={0x28, 0x7, r1, 0x0, &(0x7f0000000480)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1c, 0x2})
ioctl$IOMMU_IOAS_COPY(r0, 0x3b83, &(0x7f00000004c0)={0x28, 0x7, r2, r1, 0x1c, 0x3, 0x2})
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000500)={0x18, r2, 0x3, 0x1c})
ioctl$IOMMU_DESTROY$ioas(r0, 0x3b80, &(0x7f0000000540)={0x8, r2})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000580)={0x18, r1})
ioctl$IOMMU_OPTION$IOMMU_OPTION_RLIMIT_MODE(r0, 0x3b87, &(0x7f00000005c0)={0x18, 0x0, 0x1})
ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r0, 0x3b87, &(0x7f0000000600)={0x18, 0x1, 0x1, 0x0, r1})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000640)={0x20, r1, 0x0, 0x0, &(0x7f0000000680)})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f00000006c0)={0x48, 0x1, r1, 0x0, 0x1000, 0x2000})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r1, 0x0, <r3=>0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000007c0)={0x28, 0x7, r1, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1004000})
ioctl$IOMMU_TEST_OP_MD_CHECK_MAP(r0, 0x3ba0, &(0x7f0000000800)={0x48, 0x3, r4, 0x0, 0x1004000, 0x1000, &(0x7f0000ffc000)})
ioctl$IOMMU_TEST_OP_MD_CHECK_REFS(r0, 0x3ba0, &(0x7f0000000880)={0x48, 0x4, 0x0, 0x0, 0x1000, &(0x7f0000ffc000), 0x1})
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000900)={0x18, r1, 0x1000, 0x1004000})
ioctl$IOMMU_DESTROY$stdev(r0, 0x3b80, &(0x7f0000000940)={0x8, r3})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000980)={0x48, 0x5, r1, 0x0, <r5=>0x0, 0x1})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000a00)={0x28, 0x7, r1, 0x0, &(0x7f00000a0000)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1000})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r0, 0x3ba0, &(0x7f0000000a40)={0x48, 0x7, r5, 0x0, 0x0, <r6=>0x0, 0x0, 0x1000})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r0, 0x3ba0, &(0x7f0000000ac0)={0x48, 0x8, r5, 0x0, 0x0, 0x10, &(0x7f0000000b40)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL'})
ioctl$IOMMU_TEST_OP_DESTROY_ACCESS_PAGES(r0, 0x3ba0, &(0x7f0000000b80)={0x48, 0x6, r5, 0x0, r6})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000c00)={0x18, r1})
close(r5)
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000c40)={0x18, r1})
ioctl$IOMMU_TEST_OP_SET_TEMP_MEMORY_LIMIT(r0, 0x3ba0, &(0x7f0000000c80)={0x48, 0x9, 0x0, 0x0, 0x10})
ioctl$IOMMU_DESTROY$ioas(r0, 0x3b80, &(0x7f0000000d00)={0x8, r1})
close(r0)

25.657885932s ago: executing program 3 (id=834):
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$dri(&(0x7f0000000240), 0xd21, 0x4000)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000040)={0x0, &(0x7f0000000480)=[@uexit={0x0, 0x18, 0x8001}, @wr_drn={0x68, 0x20, {0x3, 0xc4}}, @nested_amd_invlpga={0x17d, 0x20, {0x0, 0xdaae}}, @code={0xa, 0x56, {"f20f108100680000470f0966b808018ed80f2043410f01d166ba400066ed66baa100b000eec744240051000000c74424020d000000ff1c242ef30fc7b680ffffff410f01f8"}}, @nested_create_vm={0x12d, 0x18, 0x8}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x2, @save_area=0x457, 0x10, 0xffff, 0x2}}, @uexit={0x0, 0x18, 0x2}, @nested_amd_inject_event={0x180, 0x38, {0x3, 0x56, 0x2, 0x4, 0x2}}], 0x14e})
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f0000002100)={0x2020, 0x0, <r4=>0x0}, 0x2020)
syz_fuse_handle_req(r3, &(0x7f00000062c0)="23db5037805f177d136115e6a1a5903469af39c1fb9cb38215fe64cff9f2f0444a57e22b0cc5cb4f74c9792365400d9e1c68539ea5eff0a5ed0864814d39251bee8dfea69aa052d900bc0c792e1c9752b7d3a3222f6a1ad3e44c1f65617b128aea51911861ca36ba7c96b96b2fba0fdaa49ffb2612f3e81fe565327dd9965a60046442c9dcd0d552c6a00388be3b438a08883c7349761531880294ad9887db97d8c2f74921c57910cf1f5cc528e17bd5c3746b6202f26d621535aac5f7872c2cb3295e42524b5acb249b2d1ac1b53a4e31271decfca3fad2e2f740768adf00875c18cb7d115150f83ceb73f77a1f61f1666c2bb9f6bd9f0fb55b3a619446e32bae2a1d99aa49e5f3822e048f8be44b707f2db10d7916ec9a10a695d573d871cf24959c3d15e61344a68309d186956537c6ea8532fc2e1c7649f8409d8dcde4c8ee1530470ac9c870f9f1837574e444ba6addf5ddb2dec67c0e76df79f265b403818dddb4efc27c90985ed69a48b12056e548f9c99edf80d2b195d26acb1127661727a0600257f4b2546513d03930a0638a71bd3223e51fbb75c832ef737907f2f4d3f0505f431ea02783c798b5c4579c99961fb73dc623a0d99c1b306435464d413b537d42c6444851b36482597140b22fbc0ebc7e795b2f96739bf139f5823bc869ede547da4f394fa1b1787836095e1013264042e53d5006ea059d0488cb2f5ccd44b30d25ea53c2dda71d112d7d441dbfc9f8462c99c098b1958c80b237d83c32f2759c9a9c081d7d7666a477cfda59354309b09f2a8b9f6c3077b0df1e8d0c71ac07232de4f437107cb0eb9b47b2267efe31938a337cf11cadad72ced56895bb14763cca5bdadd245d801e829a1eb3bb4ed851a345918efd2dcf8d38f66badc773068e6a2ef59b2bb838abd8b043cf6ac54550f3fde1bbb9e761095e4b8ef1891757d376be1f778142610c0acbbfc697f51fbb7a1602ed46e82813c74f41ee2bae818174809f3692084bea7310ebec3d6166702ae62aad84313e19b4d145167185ea8d53cb21d099fb592d7d7f8bc305dd375b5c0cd73be44f49ff53cee220085d4706bbf50c6f63b02e7e805e8fa4c73046a57a8700886da29ea53e5a316e7b011c44a0f7be5cc5cb5641ba0069ff591eee18966c7f005ef40046a5fe2bf325b2545b009867761264aa9611d184fa372ba3c5c33d9a50717210f7cec7f6dc4418a87a797eb6aaf6ab3892bd3f559547c88d8c29646c8173fad1588f52beb34ff863be65e7ec1598cfb465f270bd5532fa7035aae077eedbc846058fa19f58ffb1cf0f1863f6d33f2e5c454d18b66be766ca369af2cc9656fa34c6c10e4d4da44ce5e2370aaf60c4e130da331d3489e8f44c600246323409fdd35d11da27128c9d64be65dd3a90c1546a6eb9185cb6d3a4a9cfad0e41ea03896fd2346f745eb3563d7a79fd345b037c040e56f0677840bf9b0d295bcfa98b931464c5ce9fcaf745720deac2d8b4edeffc0fe6f089ed7c3880959fcf8e31f7b7054bc4f5c9d3ed3f66c968d0bc20b2d66c374f030f3f1965f43a98519e527caf693362412d523eeb38c8b016ff77f78f833d7513e4b5a53d5ed5143916673f822ceac9967b8788bc6428283181eaf8d99e48286aacf4f658a903e9f08659450f7f9483807c2e013a1d9d199f18886a8cb4e14d41c71e5731455a4394551281eca12a1bb6ae717f5da2949175d0f1f3d718b761dfc1099c7d9d8928c899ac8e936e69d19fcbfcfdee83b68ef8e15eed41a8ac0d54aa92d7d2ee58bb4799f378225ec9ba4709e5ce2b77208ecc85c22c64967a9ef3360c54d311b8917ceb7b432c90cc5e98de9327c1400f8ec89261b1d77d8874b0bbdd2c5eb59df415705de52b08b0e12c07fb7367c6d461c19f282d51e482cb4fb9ceb0249ac2d6400ca170fbd6c0063224179c616bb030a5c10102aa2eea92f1e6f5828590b250b09e6d1a9535c298a68160b7c281fecdd295dc3396c4e6eb3395d5a677d5fa95a732dfdef81f4346545dd1a74bb3aa9b516699bdf0a59165077ab459a5ffe0dbb3ef8afa7a8382a8441e0c36ffabbed8f93f4bbeb97e5f6a704bf63a0de9ccf8fef643ebc530a80920931002003b027014de317c42f861d98ef4fef66d232d9706e6bd263347384dadadaa43a7e106bbb21bd822d468ace171b3f04b996112135b63dcbd612b5888ec40da583ab549c340ddaf5d7406c3e99322c68874214356c1fd9b5f84348e629cc3487a901d1b7a2fa531b1509ac1c93de3da9f1c3773e3a2aba2b29d2419f240ae6d24ed9f14bf0b9b0f1e740a2db06dab64d6386f950bff4e4c94160ef4b832bbde3af4937b7528658b5c16a51cb22193fe99385721ce5b048d9338e289dcb40683140c413eca52c8e4b64b306f47569477379c864cfb3aa3e349262407d3935ab9a0916eb0f6db2be71a7eb8f9968dfac44995d5bff8ef617fceeaa448f5e5f8d4b39e3512fe7ae9ee1d8a0d5912b6148969ab0325f3f76e2340fbd67ce156bdf638140b3ccdb08e5049db15957915cb05db8901249b10c59cc5c3ff836290e3334eee2df387e44c57b4d6198c3749f5dc57f6c3de115ced6b43cbddd762b58f1fb40b2baf3b381febdc073142e30d2e9a1a69e8d86314221e540f195509d223b206173dc5406865d8064817c30c284c034035a63190ab86df3bae4168c58e01d2251748fd5d9d610024129e83a5730fe83cf0918790e6854ab765c78649b91c06655f0cb9e26d8432df78bbadd99583b6a8afcf177ed6f339e08c0b36a16c6d31d8a24cb6f2bc3ba58d7711b6f8b988dc3e3144be619548457d4f40509f17eeb186cb93a2928ecb951593d1907c8bbb9f4c8999caba3059c8e73dce54ad6f87bcd51d559f7759902b14e68d3b845c0b179b38f4e6f0bd3a89cbcd5ebed9972102048647da1eda5c8456442369f4ae871d4037ba26f27d27371ce57e23adca5af8dc93f934f2ef8d69ad3b2db66657b3868dd839c2b522f5461f24407ef091b77242fc70a48b7eec45f3bcbcfbc6bdc36e4b67295020a345233a32a0a0af4d03a53ef67e69716d5ae35342722afbe7558946475a9ebf5b39c18558a0011f68bc8a78590b0cb63618379a512790c42d94bb239dd3ef5b8d1036cf0391aded8802a7a447c38f231ae611aeeab9bba44cd14369473758b64108d0bc9b6bc9e9b497c2d1d2acbae7c620a55c226cf371331688eaddec61fe961c5fcef71dad45820ed0ac8dc7641d82150f1318ac15aa41e7be585b6a50da1b3cd95239ee61cfde15aba80ae8ebc21ba4540883c6f44cd35b6b97da4640c97f5a2b6efa8d184fec823abc754ab8a0db6c45c2293e90d9c154c4a3e0b9ec2b6113ce6583b80f0d234dec9a9815067244733e2134b9ba93bb9692fb44200bb5501bb109f2401e8baaf0115d795bb0346dfafaf953bed8e9a52a5b9b02d490c55fd89daf311ad5e08b070a9571f696d6df4715c8b69b840e4e03d6f361326e20d9546c47b3a63163e7df9bd260621358c166177ee7c69ed63a8c43dd4a78543aa9f922c0ef527f4aa61ff65bb14595f518412ce25a1e103df89cd4b363593da16c11d80a23a9b5ad8e3a7be8f697cecf82c8fbd889a4f743c839b67f7ba5453b10bbf59b1e4f4e821872c061a4125c0c15c1ca5164efe61a58bb54dcedc849800a6021a448d4660c3b85e2362b7cd8ce95156fbf408a09a30a8ccfc3554004e9f9a35382907eec00617e2ae1f8803146bc8c28b4f3bf3c6b183ae9248e7f05c4adce3e0b7ff29252b5be9b19431e3fe612d471f52c5c34cc12c83049189f4d2e5ca516df78766ba3449d07ef9436c68052c986d9dde8802c931194e2ce34acb8cc26663a09348b15c6c145d26306bded0d1f482803ae6dee26562b03fcb183b69ee4a0491e8776ecdadfca395cb4eac2948d4d64321a4e669f2f663eb54f05f12ed9c685835c3e79f982152dbe701073b9a4ab2932b46ee2424a5e18bbe5f25ce0b898ff6937927f4670defe430ac86021226ae055daf39b535cdc0899fcc99d15e67d66bd2dd89bb21b8d2689a8af10a1b0bd44103c469922c36fc0228d7b6febf5e366dceecf8bb1db385c8ab95d86ff09b76c2fa6282de81fd6864c495a4c8295df61a2548e1b81c3e3f30d7a41216801d6c2d1743f66ae2055756083e8bf403d436b8244ac214f4d84a693d13f299ba267401d094f2df70840e8a980622794212f0992ecf5a47980ab2cf7d5a6f12b0a489af3c3c847ac59bc89f36fbb0e08bf283b68213a17de38b3a45eade6f0b198def408f7711c16367bcc0ded794a9a323c7e7f07fad96ea9c4d7344c26e43844a27c21076b8d7cd07677602d91eac825eb5fd0631755c2dd1dbf7bce3eb3c3f7377fc6080ecd0b894e29769845725943e25932d4249abb4ab78d4e2ff2e2df42c8d884cd6bd13886cef080c6491c217abae0eec6e9d4d49eab6657f15cfd38e6cd6d0bd33198c4685ab302d0f46e42f4a5d5bb7d2840a0a8817b98a856700d4de74351896fe7d7d5a0d1bc57fb4c828aa51f9637807aeb905780f239527ed4affd83f68be8b7ad1e10d9e797ba39cdee24f7be0a0ab0ac22ea3968dac61eb4bdd522c9ce570edf63a439abfd9954bf6a16c88d86157d05477200a83255cde279b454979cee4de00e81cb44acdc4295c877566a749ab5b91d250f03d46ecc14210c196700338eea028c930ce104f20a9e7fabb0ad1d314ec1a2d97d1d1b9e09114dee0e3e513eacede01971ff85dc98634156073df4e8acd6c3aadd615adaffa7a81573813bc4ca21886ddd532021bba5c84b34c34665534db48d61903a03c1cca4ed955ca92c1e33b7664b494e3db6d1e637a49e537808a2669ebeca301691acd4fab0af197b9c7db01b7862466b568ab3a4712a25210264fb297a6b679dfc3fceb65bddd1a23d5b507a0d6da83d73b716d971c5179a92e57b9b93451eb943845a549de737f2d082a83682c32649b4941e787758ead9d2c256b2b4ed1e0255952ce83cccecc39e5bbdd38490f1960b26e5379943be3d9a64b5149c84d577e5fd099560baa292befa06ce9065fb03ed432a9e055ca4ad0e952f8368b3d230fd5239726f79f4c98a0b4a9648382b245d324cb61049562f765f923fc657ef36747658494d78590a1e27a2d09856acf50c3b26271c6d5aa96e8ff9bdb9043859665e21ea53a050c335cac414bbf27b0328ac2c7450acb26b093bf232358afd1135ee50ac3fb26b5f0256ccdd37033c8a59740607cfd549d4c6540afe4a6b4425ae1f633872dcfb5da8d0547cf0c4888817b71fbc7c45b2a641e9c1a76b6a6be124402422ada35edc02ed997d6b87b361aee95a16d2c528d89a52fe40dfd83434969bd86f02e63fc1ae72941209af39a08cfbb4c320bc47d853f5dbaf0cd60ec54608aadbc382fa6b5cab3e9cac57bea26609f4c79f6a6b4eb4a9336fa95783b0c0c366f36d5d6b8310b3cfdb800207919a131bc7f984f7fa11fd0bf2c89e060e9d1286e453fe97363ef72bd6eba29a85ffeccdc3bee72e12284333a5a40622c01619558d2750fc45abfa22059ebdf743f8e50ad29770d19f84d8a34232d6918514769b3bb2a1ea5e59e9556332ba669675764458e9349a1835c501a93e91dd3b31018979880a9913f54ec1e8526b8cffcb776b97fbb9424faa5c5eb60d2ac74955bba4b5182571d0d9f84f0df1baa722b20a78c9c0011c667f688b58489c9e450d83e40ac5eb41c5564b6d76a226448abe4a3f499927074125aa9c0e7e704c36df5bb110a0f15f8433a470e81db414827d5ce21ca1da1c8d51d746d1e1ca110127c15e92afd75d3cd05ce0b632cfa03745de3cdd4b57373d46676583c89f045c26c6fc5793e5489555ced08f83ba351135834a2028113c319af30cc85bc01a7f8208822d7d607aed0d2e12c80aa009100441b75beaccfe0adbda7e8bb870edf4963158794c8c3a5baacf6eec7b5efaefb7602dab8409d161beeb281cba21f1da0ccdc092d0433fb940d79699ffeb87ea775829a6e7e3b308a2ee0b7aec8ac5f35eed61be374c7c77196f7119a8882deff68230f461cb917b0ccb2b8597efcbdd1003b7b77b2c601ebd4b45c35b8426f7b9138ab3df0ec00819604ab8e1e64cf2aa2282b1269585af127a268cd207f964edff172e555398a16df44bdc52889538c3a27f8fbfffb61f7aeb55b259952bbfea81d73058d8b0f78ece9dc08e660437d21d4e3ec38b19e5afda7a6e33023f9158db8a1c14dabd9b8b307ddc66927f7b19df5e0da2237d98ddd890b81f1963808977d02198e8ae2e97419dbb1f8e51cad36a3424b955500fbdaab6ff8dbf028708b1f951fe43864b59b6c2368b816c98023d4480a91b3f1059e9c214bf55a7f8c7da907f79ff5568fd787d3aa022ab9d03cde551f7e3295f02c4f3aa37e4cebdd968c0f82f09eb004fbdb1a4ef3a0d426691bde3964c29ea65622f5d3ffd854053545ba1ec164495e4bef4845439c058f9438d13be7922b656db499c246ee6176a15b97e6a68e42f0c703033b699504e1f92b43054c7237199bd013d96faab47433b6b3f91dc66368706439d4ef7da3942ce8b9c1c9a9d0643fc4540e7d3f1c3821267e866cacd3e904be9f9df80381eec09eb2b0d745ff03ffb199b917a14fdd8fbfbffe8bfb0cf7023aa7183301a8a41e7097ff9f5247f8b78f7d08bbfc596a81047807cf0929677222e7e9e921b294e04088c3746d8dc19294645f1c093a21b4c5e6d92e54dd90465b11dd5d9d42af849070edff4ec63970f4088daaa33afdebb28d01df5ee043a8150ab1b25d864ef31e20c84696596cfbea92d02ea29c4a3933c41ec68aee7d68d7eea7f30d8920e14e62be42bcf856d7a58f46fdb2438b023e974f77281c5a462553627e9614504cbd3f1cae6e0fd9f7e89d9bce48946d0508616fbe542303dc542982c61d7bb4afbf3e76bf1fb2381cdc99f2175ef944dcd826aabdca2b7678db5262733c69ce504c38e7deb7adfb9b6d8bb00d8e4251e0438417ea615cde58bd76c2427b3d7a0578bbbff9fde2abbc5d60307aff0050b18176158aaedb34e283886378ff798b4f74e0a0c95d64271f1916280dd247304d9201c67f5e2640d9706add8703cac81795a0190107e2bb2941ed13738595da1c86ba0f68e2283a435cb5f162c74071a13dfe2266d05abaef080dd6b1dade115e883e04f0bb4be4d91f535ae6f822b02e814e65d2b7807d199a23d3f26209f6c9f93602a3a93ccfdebb5f8161b7928059674e15820d1848a980c8d1af5a73aadc5c402fbb6e730ba51227913ca27f0d78d331d6325d0a7926c238296b2a22b10a69cdffeb087dfe175511ed8e2cde8d7dae140e4ce92f892b129d9940e4a30b19f822ef7611b8750eaea8e55502604b7d2358c09a217af8be6c86d67cf6ff6130c971c9765d56631fe6224fbe1e833d497b534fbf6b030af93691f59295279aa1bdfb5d5d9d4668d5aea70e2b8fc117df0042e91c7e6225f27329727ed6e14a87c7943c040dfee4e5c06a20251c39a45ab4865951b0daefb9c05571fdcc21d1761945bd2b8047ccedd6f1e708646fbe61e75bb2728e8cee893d7e6f642119e786155a6cbab057d6d83b77716145119e974ad7355179d2adc3d748fa249cb58e32e6791d646240c05da4427b2f359976c8fd1486c604cb7ee647e24633d8fca8314cf1f85110ca6351156a2b26e44b040f7d2810acd36f45a3969c1fafd1a7e0bc14fd9b26593375be8e750c3f6534ffb85904d15d75fba05dac4a673de97f7543ee931724cd35474cd7ff5cf3e8abaf206f3030e92895633fa9d8499ea763601560260109dad18bd64b990531fc5377e6eaa5da050b98e1c6515ea48c7de1a15b63283d4a694cbad379356bfdac50e6c343879e29f6b9ab425600d51f257ceb35d0ca00f83cf5bd734223de716747614666ba1f1a8fa756e5f3ff0fc94fa4bd4073bddb0098cf565ee40af5732ee9218d262e5b64ad6b8118c54eeaf7072f2e15514a401779b425fa89d8abb1750e56cc3108dffdcf2d3fd86b8af4560d56f7ff0702154211f9949e3992d93e66892b297fa2d4bfe18de3fd74e96c9d30eb14fd458fdbc9e9a34e00f3280dd732520147fa2a8fa83e91dd0687501466a300015bf888c03fc08190c2753d7719acf6f84885c4c5642f466c1984f15a7716a9b608ee5f1b395726bcc8519766667d24d11e396e62ea39640c9e73e4e9e9e5076d7019ca1bebbd7097807f46b3b6fcb96ed4b433b25ec551fb176a5fa252ed1d81b0350cfdfb8069c9916495bef3a262b6668910896c0b37eee40547c663a901e92f41b417ac50e88d058d021a8f9a5783bd936cca4962bec1c9886689cc547970f9215232596392515182e563f720bb79d29baaabf0e2697de6500bc677e346847011ee3450358c0b16ca528368b5cbb8df5ab974a3cef072d20c9906fa585e0f3083ec6d8507b8561f64e65aa1aecf825fc47ad1459c87771549fd5c9a9cc094e7b1179ee1e90eff7158f28f59f029d90e708f4ec50b4f67d8b4bb7140065528354a7e25d63e92977183a0284ec22aa923210f0bfea89cca53547137381e5de0f60bc484bc2daf129b0380244f1ed4bfb674eb2791e76dce33cae684ad36620d5d67cb587f840caed316b7439b0e8c3de0e065e62680f3997369be3466670278168c9a1a644d870e3a8d0a79b2b720e8c3c51bb9133532beee64319e98714bb2e6d5c0b723962d923b0ef454361d4b3cb470bf8c39031ed4a75267f499741be15aacac92d8e6afdcb01a2e7d2dbf549ceb2a2108c4079c620f05ca1bd31d631c2c8d35ca0d73155f56ed020c25e389db356edf510ae088d11b5e4fed51d0dce4d3aa04924b09c28200ede5bec1a8f38cc5f081055e0f28d75afc4d588ca0e828d00085d150beafdda17b8df9e7d9218ea7d81f2e076412901c5ae04d6929d717fea2fcc8e5a1e69dbd7b5258799a2fa5eb108b6cc35dfab599fb27e6d75f1030b83f452af8137830337141f031942eba83123d3f87b5f01623d4613e5a44b4952c300baf3d4d3dbbfb0ad024a19b3810a174ef8453d85a25822f66e45eba2490f29de1077683ccc32e3517f88b51e010672a982f7c8591450c9ab1573143aefb61c17ebb0c92dcb0494d116b970c2a827a6b3608ae10d583d1f7d092263fa873de9f31cd59bc9491ff012059b63a9120af89477f2ccc34eee7bd66de60af64730c879128b49d31da6400c2471e0d5abf707e560574b477b8e20ca45d92182d639eb434e14aea1a3f91ad8fb60e4859b77389753990513181ea3a82884235e8520294359435cfba220502b591fc28ac36ec697442657d290bd7aad7fce53a3f1766f2bf7d55c24d7c0e9c7a71d6f1282ea1478e0a36378b50e4fee281f686bc53f50138036e2a5d6199d40caff084fde7b63b3c0a47da0791107c3218330f7c2e2c7609aba202fae5290243b6033379eb15edc572eee452008e04c9b53efd5f3d88327317b38934745bc3de4c55bd818febc7a7953bf03c4029f77177c2a974310f0485aa46252f1000dc71934947287c38ea5854f29c7b82f630afb8caf1fd880670307b155a6e7feddc019cfbbbdc18f3bc03da3bd371d93ccbf56bcb39eea55c2d113efc148127c30089d21ce6a5088dbfbcf8f8d75c19456bc962c371548634a95382acb5a0886efc46a87bdc111dc0d1e54084cea0d58054f00762c91d7fe0f0fbcf4c280f29f9cd5999a5e8c6f507f8080d7c7ea9a8685be50722cf1a082f3728dec8d6152cdc72f8da6b1805643c042f4f6780ba79cc8a2165d9d7acec8ab2f421bc3e77b51c62c4bbb262b5674ea7d2dcf9acb894d050e91b052364322a5b08bd9667249571c004fb495da7e24fc5620adda3af6848ccf238911a52bdbff766e4e279ac274afa2c2302faba25b5fe98d972a04aa13f77c0c05d7dd82b0a19f1ded8cf5f99c80e392b0aab1264a29e9fbcf0b69f6b0a9f2332e09ab74dea7277106d0883bb264e279c67e5bc69009225bf4fd1a8532f9392a011b55a73a7cf8d16a59d695b2a65b57fad64a2041f8c28804ee1a48845c5dab757d04f1d95520aa9ddb69904d6529c0e14bd789dfe37067073b3e0e136ae2aebb1c34c55b94ce942f786be4b45f801f35f7c768d91a460b92ffa57ff675f0b4b00437a07f871a8650f21b2bf7c722c1d9e860e8955fef5699ee53a5f6fe46fb9e5e17a1c69fe2538af4718b7215ad2c00c3d420589a8653ee511b809945451fb8205b19ce377c8d0253b05493c557cf2bd8ef208e8fc01beceea1acca38d025f328f28d69bcfaa3adc6d9573a3832dc3f3c758fe08cf9cd0c32acfddae81b3682869e8aa9725b64336252aeb2ee8eb78f0721aa3158217a3009948adb297c5ea45ec26cb6d963c7be47ee1b93fa136ebe73a21936df0148fa311206f8bca2e80719aeca8745ff74ddaad5182644762c66333f942d9a93c467d5f9fd5d0dbbe57480362d4bb0f760294f4eba3e1b08047d256dbda157635d21a43aff3a71f6ad574b402bb36e5270d7ed082c6fbae07771721513ae9ddb22d23b00733046c898ee6ac05ef8a51ce41919e1f241cb98e0592ace68214620ba1a748ef81131661f58f1635713ca2873e150a3e848c8d2ebd039769fda112b73050efa4d1c35dbb46ca5a7b7ccbed1dcded36af272f6838b4c1e7e6778e7e9ca3d794f275d49c9e32e768097349118d2337e7c031ada38d0cc5c04c286ff93083f6d58d73a821118c93432fda9a8c76fa2cbcc093a7decac8e4f001ecc9f67faf1c2f102120f0618469cf653bbd5fcefd4ef2bae86dc4f5393b840f9f47140cf7f46a186c21878a43612a71d3b540b9994f010ab623f878264cf46c7366d0bec5d43d481b47846091fd3cda73a9a28ceb7f839eca695c9f084a16c812475f6575ef2368c88cc6655f47663ef69ce4779fe3ccc4dd85a07a9e4c6f39f42690d231f5727f45c247a53fd8df029fcefda4f328658435892519c17205a3c715ad6bb7387d09a5e387c83f008daf626f5977c66203af1143ef7b59ccd8e3c17bb156bca317861f0b9f222ea63c044075a3a74beaf05c23d0a75caa60397d831bbe507234fff154960faf0f02776d3f9038c955bf0c1ec9c92523cf0b855c18d6ac3b35d437796420ba3dfd581dc6adac64315c1cb1a2c3a45ec4655bb2bd6e0b4a3082281ed0697a213d1d93142e96b4fd57431d2f4547451d008ab58bcd9765ccf3ca3297becd5de9e2be0263cfca09935c9334b5e687bc7e7057dc2ed03873be22200c9fe32a9497dd00a336cf4c723ead302340b5cd1fef8cd88330a9089fc93af4ef739295b94407b291bf33f4f39c936736e1166106428f8796a4b92805f4dfcf46d8692b54e40a9e8584c0eaac4caada87bb33f553eafeef5051b889402176ab766936a38ddd7e5205d2c87e133a02e84ab24ba2d889a4c4db8cbe18b271455e84da716f4a32acdbc0a5aaba25a2ec757c73847dd1c4ccb2967c651e5257692a4553dde227846bfe2977021805f46a287c835ea8dc5", 0x2000, &(0x7f00000015c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x10, 0xffffffffffffffda, 0x3ff, {0x0, 0xb}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r3, &(0x7f0000000180)={0x50, 0x0, r4, {0x7, 0x2b, 0xffffffde, 0x2040d00c, 0x0, 0xfffe, 0x2, 0x1, 0x0, 0x0, 0x100, 0x100}}, 0x50)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40242, 0x1)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r6, 0x42, 0x1ff)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000004, 0x10011, r5, 0x78e17000)
creat(0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
syz_clone(0x100011, 0x0, 0x0, 0x0, 0x0, 0x0)

24.005587485s ago: executing program 3 (id=846):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0xa}, 0x28)

23.611990821s ago: executing program 3 (id=849):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket(0x1e, 0x1, 0x0)
connect$tipc(r4, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(0xffffffffffffffff, 0x3ba0, 0x0)
r5 = socket(0x1, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40, &(0x7f0000000200)={0x9, 0xffffffff})
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
socket(0x23, 0x80805, 0x0)
setrlimit(0x7, 0x0)
ioctl$SIOCGETLINKNAME(r5, 0x89e0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xe, 0x10, &(0x7f0000000180)=@framed={{0x18, 0x8}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {0x7, 0x0, 0xb, 0x9}}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x76}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

21.370395305s ago: executing program 33 (id=849):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket(0x1e, 0x1, 0x0)
connect$tipc(r4, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(0xffffffffffffffff, 0x3ba0, 0x0)
r5 = socket(0x1, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40, &(0x7f0000000200)={0x9, 0xffffffff})
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
socket(0x23, 0x80805, 0x0)
setrlimit(0x7, 0x0)
ioctl$SIOCGETLINKNAME(r5, 0x89e0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xe, 0x10, &(0x7f0000000180)=@framed={{0x18, 0x8}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {0x7, 0x0, 0xb, 0x9}}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x76}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

9.705537985s ago: executing program 4 (id=926):
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x2, @local, @remote, @remote, @remote}}}}, 0x0)

9.570265264s ago: executing program 4 (id=927):
r0 = syz_open_dev$amidi(&(0x7f0000000080), 0x39b437c8, 0x100)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x40045730, &(0x7f0000000780))

9.305375602s ago: executing program 4 (id=930):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000001440)=@framed={{0x18, 0x2, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffff9}, [@call={0x85, 0x0, 0x0, 0x23}, @call={0x85, 0x0, 0x0, 0xd0}]}, &(0x7f0000000000)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x23}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000380)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

9.079183747s ago: executing program 4 (id=933):
r0 = socket$inet6(0xa, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x185842, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
capset(0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff, 0xe})
socket$nl_generic(0x10, 0x3, 0x10)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r4 = mq_open(&(0x7f0000000000)='!selinu\xff\x7f\x00\x00inux\x00T\x8b\xb5\xf3\xcb\xdd\xe3\xbf2\x86\x01\x84\xdd\x8a\x8f_l\xa1L\xb1\xef\xb2\xc9\xf7+C\xb2\x8e9\xb8\xec\x1a\xe5\xaeq\x8fZ\xff\xbcY+\xaf0<\xa3\xb8\"Zm\x1c\x18\x11\x93\xb5z \xc2\x8b\xa9\xc5\x9es\t\xfe\x002\xa0-\xaf\xcdP\x9f\xe5Iv\xce*\xa8\xa3\x14i\x05\x8f\x9b\x1eB\x9f\x9d#E\x19\xdc\xfe\xc7\xeb\xb5\xcd\xc8\xe2U\xce\x00\x00', 0x6e93ebbbcc0884f2, 0x2c, &(0x7f0000000300)={0x0, 0x1, 0x3})
creat(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)='ub\xce\x00\x00\x00')
mount(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='ubifs\x00', 0x8000, 0x0)
mq_timedsend(r4, 0x0, 0x0, 0x5f8, 0x0)
mq_timedsend(r4, 0x0, 0x0, 0xa, 0x0)
connect$inet6(r0, &(0x7f0000000600)={0x2, 0x4e23, 0x0, @private0, 0x5}, 0x1c)

5.162315127s ago: executing program 4 (id=943):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)

4.918730333s ago: executing program 4 (id=946):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0x1, 0x7, 0x7fffffff}]})
sync()

4.721540757s ago: executing program 0 (id=947):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140), 0x8002, 0x0)
ioctl$SNDCTL_SEQ_THRESHOLD(r0, 0x4004510d, &(0x7f0000000240)=0xcf0)

4.567555617s ago: executing program 0 (id=950):
r0 = syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x1204408, &(0x7f00000003c0)={[{@compress_force}, {@clear_cache}, {@nodatasum}, {@nossd}, {}, {@space_cache_v1}]}, 0x0, 0x51ab, &(0x7f000000a440)="$eJzs3V9oVFceB/Az+aPxDyY+xV32wX1YWcUFWRF2UdggGF2Whdn1YVnYrFlZxT+7JUgDwb5YS2lBxGCgthSKD33pS0mlUFqqBAsthYogVloUW0teWiiESsGXlpK590xmzvVmxlQbq5+PJHfO/d1z7pnhPsx3zLkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwcM3Kv+xaPb2urD7dP3bq6LLt507vP3ljaGjLlRAqtf2VvL5n+66/79+95689scPw37JtX1/ZkFnXz7PGkqads/2af/4TQuhOBujMtzs6G/pW0hOEI8UB53XgZv/o5u7BaxN3zmy8eP3QhuJTZ1bPYk9gseTX1fTctTRQ+92RHFFvN1x6laZLNOufXnA/yZMAAO7JpmptU387mr/FrbePpfWkPZC0x5N2fIcw3thYiGzcJWXzXJvWF2meA1lUWFo6z6Sev/71djXtn7STqHEP82w+NI80PWXzHEnqizVPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfJqx9euvTcy+u3ldWn+8dOHV22/dzp/SdvDA1tuRJCX21/JStXlv+q8w+fLtt57fiRN36zr+ftk515v7jtajg4fBIf/LE3hL0Nlek47JerQqg2F2rN8FKxcLD24M+xAAAAwKPkF7XfHfV2Fge7m9qVWpqs1P5FWVg8cLN/dHP34LWJO2c2Xrx+aMPCx6uWjDdw1/Hq7b65n0pDMI7xNx1vrh4PPVIYZ37piGme/2zmyVsXJn7777L+hfzfN3/+j6+c/A8AAMCPIf+n48yvVf6/+s7zT3UN7n2vrH8h/69tOmUh/8cZx/zfERaW/wEAAOBh9qDz/0BhnPm1yv/fnZ86f/nb46+U9S/k/03t5f+uxmnHnR/FCR/uDWFTq6kDAAAAJeL/u899tBDzevbJQZrXO2ZGe6d6blwtG6+Q/wfay//d9/2ZAQAAAAv1v7F/Hb8wNn6zrF7I/9X28v/SBz5zAAAAoF37Tvz/3PoNIyvL6oX8P9xe/l+eb/OVD1mn9+NfIUz0htAz+2AkK3wQxv9ULwAAAAD3SczpX41u/f7jwel3y44r5P+R+e//H+90ENf/N93/r7D+v6GQ3fVvqxsDAAAA8DgqruePt8fPvrmg7Pv3213/f+uXO3b9d+c/vig7fyH/H2sv/3c2bu/n9/8BAADAAvzcvv/vn4Vx5tfq/v/fDN36et3hZwfL+hfy/3h7+T9uVzQ+van4+jzTG8Ka2Qf53QRfi6c7nBQmuxsK2Quf9Ngde+SFyaUNhZqRpMfve0P49eyDY0lhdSyMJ4WZVXnhbFK4HAv59VAvvJ4UpuKV9sKqfLpp4a1YyBdYTMYVFCvqSyKSHrfLeswW7trjev3kAAAAj5UYnvMs293cDGmUnay0OmB5qwM6Wh3Q2eqAruSA9MCy/WG4uRD3v7jtd7evPPHm06FEIf+fbS//x5diSbYpW/8f4vr//HsN6+v/h2OhLylMxkI1vWNANZ4jC7sn4jn6qnmPmTX1AgAAADzS4ucCnYs8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5g7/6D7KrqA4Cf/f0jm91FHAFJNYqA6ZDNJjFKK1MC1UFxpi4OdZw60UR2g9ssJCZhICnthEA7U5hUVKa1o0NDHUdpkUY6jlK1pEyBcaRTm7ZMxWhl/EFtaxnGSodSm87be8/d+87dm/dCdiFLP58/9p33vufnfT/2nXvvOxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/h38ZWPMb+1f89Py6+PfPuOHDewcuve+jWw8c3bRpw5EQJmYf78jCHYMrui785sBlj+3f+flzp/rvP9Cbl8vjYVnjT2d+55ai1uUhfLEjhO40sHooC/Tk94difSuGQjgtzAWKElODWYm04fDQQAgHw1ygqOr+gRCGSoErjzz4wIFG4o6BEM4NIfSlbXy7L2tjIA2c15sFBtPA9u4s8F/HMkXgS51ZAE5afDMUL/pDE80ZRucvV/P661mwjr240uF1xcRofb4fX7LInSrpTR+YOKmnrVIdi6Ly9jjs3bYE3m2V7Xy7p638RSr/hnJsLtQXOientm65bmZ3fKQzjI111dW0SM/z40/feNWJpJfM6zB2YHRBXofP3vme68+afMuNt24/54m177vg6Ml2s27zLra+kL/mlszzGG30ebIE3n6Vb0krfekKIfzcB7tv6vrtI5+qi1fm/6PHn//Hl3O87WzKHWt9bjibm8dHhmLiqeFsbg4AAABLxlLYa/qjs1/xe6s61zxeV19l/r+yveP/8ZB/PpnPRns4hI2ziZtHQjhz9vEscHds7gMjIbxmNjXRHLgkCRwO4azZxKqiqqREfyyxMgk8OZwHNiaBh2NgIgl8OgZuTwK3xMChJHBVDBxOApfGQJhuHsfPD+fjaDswEAObs414KJ6F8JPh2Fqyrb5VVAUAALBA8tlhT/Pd0rkOJ5shTi8PDbTKEM/Ars3Ql9SQzmCLaVVtDd2tauhsVUMx7n3HH36l5o5WNVdOw+hoznDpK/7w/BVfu+ELoUZl/j9+/Pl/3zwd6agc/w/hitm/MXdnHpkp4psnmjIAAAAAJ2HtG2a+9idnv+nNdfHK/H9je+f/x30iXaXM4dG4G2LbSAjjzYGs2jdXA9lR72V5AAAAAJaC4nh8cSx8Or/NTtFO59PV/BMnmD8e+N84b/5fCpOnb/vBUxvq+luZ/0+0d/7/YPNt1omHYy8+NhJCfynwSOxlIzBrZQx89+LmQD7+h+MGuC1WlZ+YUFR1WyyxOQbGk8DBuhLfKEqc2RzIn6yi8ZuLcUznJUoBAAAAeMHF3QHxuHw8///Ctd/70KaP7/1cXbnK/H/ziZ3/PzsPrpzeP7MshDXdIXSlPwx4dDBbGDAGhjryxFcHs7q60qpuGgzhosbA0qqeyNf/707XGDwykFUVA2e+9rNPn9dIfGoghDXlwGPvvWt2x8juJFA0/qsDIby6Mdq08S/0Z433pI3/QX8IryoFiqo+0B9Co7HetKoH+/LrGKRV/VlfCKeXAkVVb+wLYU8AYImK/0onyw/u2rN325aZmamdi5iI+/AHwtbpmamxq7bPTPbV9Gky6XPTMkY3VcfU2ebYj+ZLFN1z+dhIO+nid4Lj5b7k+/ErJw7m9+N3oZ7Zca7rabq7Ph3y68+pNpEO6cUY8mC5krknsVJ/zN8bloX+63ZN7Ry7Ycvu3TvXZn/bzb4u+xsPM2Xbam26rQbn61sbL492F0N/vtuq6TJXa3Zfs2PNrj17V09fs+Xqqaunrn3D+LrxdevHN7zpwjWNUY1nf1sM9fz5qk6Geuyu6hDavQbU8x3qK7tLlbwQnxoSEhJLLbHl4q/+5b1nfWJZ3cdPZf6/4/jz//ipEz/58/UZ6o7/j8bD/Nnjc4f5N8fAwXaP/4/WHc0vTgxYmQT2xcA+h/kBAAB4aYi7G+PezLhXuuem1WN//MlHnqwrV5n/72vv9/8LtP5/sXT95XXL/K+KJcbr1v9Pl/kv1v/fV7f+f7rMf7H+/8EXYf3/64pAskl+Yv1/AADgpeCFW/+/5fL+6QUCKhlaLu+fXiCgkqHlMv7tXiDghNf/f/tzr+u55iOvviXUqMz/b29v/m/hfgAAADh13HVkQ8eD//o/D9XFK/P/g+3N/1/49f9C3fn/K+sCE3ULA1r/DwAAgCWqbv2/9a/78ebP/WzFD+vKVeb/h9qb/8fTLjqbcsdanxvO1rQL6Zp2Tw0XPxkAAACApaEzjI21u6Jp08qolzz/Nh/PlwI9Xrrsr758zT8+8tb39tfVV5n/H25v/t/0u4xn73zP9WdNvuXG527dfs4Ta993wdG54/8AAADA4ml3vwQAAAAAAAAAAAAAAPDie3rv5Lv++ew7P1MXr/z+P1wx+3jd7//jdf/i7wte3pQ71tp6/b/8/pXvuHfP7JKFjw6HcE45sG3/ttNCfm3+88uBBzatOqOR2J+W+Mp3Lv1BI/H+NPC21S97ppG4KAlsjosknpUG4lUVn1meBOLyin+fBuL2OJQGevPA7y7PxtGRbqsfDWXbqiPdVo8PhTBSChTb6otDWRsd6QDvSALFAD+UBuIAfyUPdKa9undZ1qsYGIpF/2hZ1isAAE5Z8VtgT9g6PTM1Hr/Cx9tXdjffRk1Llt1UrbajzeaP5kuT3XP52Eg76a70u+jctcZ7Ql9jCGsrX1fLWTpmR7kwtbTYdC+vGXKr1d7a/XX2iW663voRDWQjGrtq+8xkT8uBr2+dZV13yyxrK5OdcpbO2U3aRi1t9KWNEbW5bdrocrzfGcbGupJcvxiDo6HJQr0iyuv81b0Kynn2Tb7xb75x7Nihuvoq8//R9ub/feVxPZNfDGBfvLLezSMhnNnmiAAAAIB2fevL/7Ru+yd+55709ort1956weCPLq4rV5n/r2xv/h93jOWHgrO9HYfj9f+L+f9oFrg7NveBkRBeM5uaiCWyC+pfHkuMZ4G74w6TVbHE5onmqvpj4FASeHI4DxxOAg/HQL6X4rMh35XzkeEQNsymrmgusSOWGE0C74yBlUlgLAbGk8DyGNiYBP59eR6YSAJfj4Ew3byt/ny5vSsAAMDzkM+zeprvhnSed6i7VYaOVhkGW2XobJWhr1WGulHE+/fFDD3JySsdpUw9aa0DSS2VDPFi+Cfcr0qG8I3mnGnBStPx/IPifIOO5gz/dtnrv33erlXtX/9/vL35/2Dzbdb6w3H+P3f9vyzwSOzex+Kp4ytj4LsXNwfyHQMPx8nubUVVE3mJfNJ+WyyxMQZWJoEdMbAxCWy+Ig8cPKM5kM+0i8ZvLhqfzkuUAgAAAPCCizsI4m6aOP//0/+++3MH/uHav64rV5n/b2xv/h/bW1Zu7Jai1uUhfLFjrjdFYPVQFoj7MYbiz+NXDIVwWmkHR1FiajAr0Zs0HB4ayH6h3ptWdf9AtsZAvH/lkQcfONBI3DEQwrmlvS9FG9/uy9oYSAPn9WaBwTSwvTsLxD0/ReBLnVkATlqxVzC+oPJTXQqj85eref29VK4Jmg6vsg90nnzz/eZqsfSlD+T7VAsn9rRVqmNRVN4eh73bluK7bdS7rfxFKv+Gcmwu1Bc6J6e2brluZnd8pPxL1opFep7Lv1JtJ70Ar8N9z7+3rfWlHRhPPj7G5y83/+uwI1b37J3vuf6sybfceOv2c55Y+74LjrbdjRrxh8Lv/uTLRsubd7H1hfw1t+Q+TyZ8nizFfwMrPW2NGexTv//V//jp4z+ri1fm/xPtzf+7k9tZz8aNuWskhNeXNu6jcfP/8kj2OVgKZJ+Sp1cD2SH37w3XfnICAADAQit2dxT7C6bz2+yE8HSeXM0/cYL54/6KjfPmb7ffW29+aP8P/+6Or9TFK/P/zcef//cn3XT83/F/Fonj//M61XdF96cP7DupXdGV6lgUjv/P61R/tzn+Py/H/x3/n4/j/y04/j+vU/1pq3xL2uFLVwjh6++/8+33bP+18+rilfn/jvbm/9b/m3/RvmL9v8116//tqFv/b5/1/wAAgEVVs9BcOs+rrN5XyZCu3lfJ0HKBwJZLDFr/74TX/3vrO//3+mOvuGRnqFGZ/+9rb/4fXw7Lyq0vlfX/Vl5RU9XtMbDDwoAAAACciup2EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDievcvPLl8029eOF0X//4ZN3x478Cl931064GjmzZtOBJClrUjC3cMrui68JsDlz22f+fnz53qv/9AX16uJ789uyl3rPW54RAOlh4Ziomnhht35gJXvuPePd2NxKPDIZxTDmzbv+20RuLTwyGcXw48sGnVGY3E/rTEV75z6Q8aifengbetftkzjcRFeaAj7e4nl2fd7Ui7e2B5CCOlQNHdX1/eXFXRxmV5oDNt4zNDWRsxMBSLfnwoayMGZmKJ6f4Q1nSH0JVW9bW+rKqutKq/6Muq6kqr+q2+EC4KIXSnVX2nN6uqOx353/ZmVcXAma/97NPnNRIHe0NYUw489t67NjQSH0oCRePv6g3h1Y2XTNr4fT1Z4z1p43f0hPCqEEJvWuI/u7MSvWmJJ7pDOL0UKBr/YHcIewIvCfHDZ7L84K49e7dtmZmZ2rmIid68rYGwdXpmauyq7TOTfUmf6nSU0sduOn78eI4+feNVjdt7Lh8baSfdnZfrme3yup6mu+sXqvftOtHex34NliuZez4q9cf8vWFZ6L9u19TOsRu27N69c232t93s67K/XXk021ZrF2pbdbYoHz3fbXV+uZI1u6/ZsWbXnr2rp6/ZcvXU1VPXvmF83fi69eMb3nThmsaoxrO/CzHUu44fX4yhvrK7VMkL8QEgISGx1BKdTZ9u46f6P73KF/25jvaEvtkP6Mq0opylY3aUCzHoS6rxrkUadGVKUhnR2srEoZJlXess6yuTibksA1mW2e91lclhuabO2U0a73eGsbHazTLafLe8eX88z+Zt1+P5pms3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3DqNnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSAAAA//+3Rsqd")
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r0, 0x5000943f, 0x0)

3.191194071s ago: executing program 0 (id=959):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, 0x0)
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000002080)='./file0\x00', 0x0, &(0x7f0000000080)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x3e, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r2, &(0x7f0000000000)={0xc0002003})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000049c0)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

2.999521294s ago: executing program 0 (id=961):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@loopback={0xff00000000000000, 0x777fe6a4b23f}, 0x0, 0x0, 0x1, 0x9, 0xffa4, 0xc01, 0x5}, 0x20)

2.748769491s ago: executing program 0 (id=963):
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)="1ce0", 0xffeb, 0x0, &(0x7f0000001100)={0x2, 0x0, @private}, 0x10)
r0 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
unshare(0x22020600)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
fcntl$getflags(r3, 0x1)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000140)={@private2, 0x4, 0x2, 0x2, 0x3, 0x3c76, 0x4}, 0x20)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000007040)={0x0, 0x0, &(0x7f0000007000)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000100001002a000000000000000000000a28000000000a010800000000000000000a00000008000240000000010900010073797a300000000f20000000000a01040000000000000000070000000900010073797a310000000028000000000a030000000000000000000a00000008000240000000000900010073797a300000000014000000110001ffde000000000000000000000a328a44464dac54fa283aab1474ac1eec12bea3d7f2977a58244f7f7f767e3fca62d900c1112e1ecaab68700d5b99a4f1f721274febc9824afe9713c9948cc9440e5c"], 0x98}}, 0x0)
fsetxattr$security_capability(r2, 0x0, 0x0, 0xfffffe04, 0x1)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r5, 0xc008561c, &(0x7f0000000040)={0xf0f002, 0x4})
openat$sequencer2(0xffffff9c, &(0x7f0000000080), 0x143240, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0x1, 0x1, 0x40}, 0xc)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000080)=0x6, 0x4)

2.420862524s ago: executing program 5 (id=850):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000040)='./file1\x00', 0x800810, &(0x7f0000000080)={[{@usebackuproot}, {@nodatasum}, {@ssd_spread}, {@user_subvol_rm}, {@flushoncommit}, {@compress_force}, {@acl}, {@nodiscard}]}, 0xfb, 0x5107, &(0x7f000000a240)="$eJzs3U2IVeUfB/Dnzp1x5q/8nZsQ2CqLQKqFg5uIiK4yQUXRLReDETi1CNKFkyDRQhBb9LbwlhS1kFxJLZJZGEFtXEhhBG5Dw1y4UQwkF+007j3nuXPvc+aee2fUxpfPR2bOec7vPM957uUs7vc655wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIYQX//j8UFn91LXpM+dm6jsPbJm5vG963ekQKu3tlby+Y+tzr761bcdLE7HD7CvZslbrN2TW9XzWWNWzsdWv9+eNEMJYMkA1Xz67pjBq9+qe4oClrl/cfXTT3vrG44eb1auXzp4svnRaJlZ6AislP68uLJxL9fbvkWSPTrvr1Kv0nKJZ//SE+09eBACwJFON9qLzcTT/iNtp70/rSbuetJtJO35CaHY3liMbd1W/eW5I6ys0z3oWFcb7zjOp5+9/p91I+yftJGosYZ69u+aRZqLfPOeS+krNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB28ug7ow+X1U9dmz5zbqa+88CWmcv7ptedDqHW3l7JypXVHxyu//3d1mMHftr89fELLzxezfvF5WjXzuH3uPLkZAhvdlUuxGEvrg2h0VtoN8NXxcLb7ZXnYwEAAIC7yQPt3yOddhYHx3ralXaarLT/RVlYvH5x99FNe+sbjx9uVq9eOnty+eM1wvz/Fxuvvuh4nXZt4afSFYxj/E3HW6jHXfcUximXjpjm+SfOT/1T1r+Q/2vl+T++c/I/AAAAN+L2yf+Lj3en5f/vX//z07L+hfy/oeeQhfwfZxzz/0hYXv4HAACA29mtzv/1wjjlBuX/8ZfHvinrX8j/U8Pl/9HuaceNv8UJ75oMYWrQ1AEAAIA+4v+7L3y1EPN69s1BmteffuzgubLxCvm/Plz+H7uprwoAAAC4EUe+3P5IWb2Q/xvD5f/xWzprAAAAYCne/Wjiw7J6If/PDpf/V+fL/MqHrNPP8a8QDk2GMNFamcsKv4TmM50CAAAAcJPEnP7XZzt/LNuvkP/nyu//H+90EK//77n/X+H6/65Cdte/p9wYAAAAgHtR8Xr+eHv87MkF/Z6/P+z1/w/+7+BrZccv5P/9w+X/avfyZj7/DwAAAJbhTnv+3/bCOOUG3f///o/f+7WsfyH/N4fL/3G5pvvlnahUsvfn/ckQ1rdW8rsJfhsPtyspzI91FdoaSY9tsUdemB/vKrTNJT02T4bwUGtlf1K4LxaaSeHK2rxwJCmcjoX8fOgUjiWFE/FM+2JtPt208EMs5BdYzMcrKNZ0LolIelzt16NVWLTH2c7BAQAA7ikxPOdZdqy3GdIoO18ZtMPqQTuMDNqhOmiH0WSHdMd+28NsbyFub57ZuLTn/x8ZLv/Ht2JVtuh3/X+I1//nzzXsXP8/Gwu1pDAfC430jgGNeIws7H4Sj1Fr5D2urO8UAAAA4K4WvxeorvA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Je9e42Rq7oPAH72Od6HdxeSKoRGySapcdzE67VNHmqpsqZUjUjTrBsaVEUUG3tNFi/YsU2JUYiMTUQjBKUNUvKhCKMoqvkAtQIRSQHhIsURKo+IqiiAQKE1REGklCQiTZBCNXvvmb1z7s7DjzVe+vtJ3jkz//O88/Cce++cCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8P/Doa9c9bfN4g//9rynn7tw4rK96y58+ZrzTn88hMnZxzuycEf/9bdO/PzOc+/ae9+a2+45cv4He/NyeTwMVP905neui7UeWRrCvR0hdKeBlYNZoCe/Pxjre9dgCKeFuUCtxFR/ViJtOHy/L4T9YS5Qq+p7fSEMFgIXPPHQgzdWE7f0hbAshFBJ23i2krXRlwbO6s0C/WlgW3cW+NUbmVrgu51ZAI5bfDPUXvQHJ+szjMxfrsHrr+eEdezNlQ6vKyZGGuf72boF7lRBb/rA5HE9baXqWBClt8ch77ZF8G4rbeebPW3FL1L5N5Q35kKV0Ll5asvGK2d2xUc6w9hYV6OaFuh5furVL206mvSieR3GDoyckNfhTY8tu7NrxacevWflshcPfGjfS8fbzR8VNmkxvdAqIX/NLZrnMZrwebII3n6lb0mjvnSFELZ8/vc+3Sxemv+PNJ//x5dzvO2syx1rfX0om5vHRwZj4pWhbG4OAAAAi8Zi2Gu6beyBjxWKD1eS+krz/9H2jv/HQ/75ZD4b7aEQJmYT+4ZDOGP28SxwR2zukuEQ3jubmqwPrEsCh0J452xiRa2qpMSSWGI0CfxkKA9MJIHDMTCZBL4VAzcngeti4GAS2BQDh5LAuTEQpuvH8ftD+TjaDvTFwIZsIx6MZyH8Yii2lmyrZ2pVAQAAnCD57LCn/m7hXIfjzRCnlwf7WmWIZ2A3zFBJakhnsLVpVcMaulvV0Nmqhtq49zQffqnmjlY1l07D6KjPcOsv/+YzoYnS/H+8+fy/Mk9HOkrH/0NYP/s35u7MIzO1+IbJugwAAADAcRj43+e/2Sxemv9PtHf+f9wn0lXIHB6JuyG2DocwXh/Iqv3DciA76j2QBwAAAGAxqB2Prx0Ln85vs1O00/l0Of/kUeaPB/4n5s3fe+j+Dc36W5r/T7Z3/n9//W3WicOxF18bDmFJIfCD2MtqYNZoDPz44/WBfPyH4wa4IVaVn5hQq+qGWGJDDIwngf2NSvywVuKM+kD+ZNUa31cbx3ReohAAAACAky7uDojH5eP5/+/7zZqrmpUrzf83HN35/7Pz4NLp/TMDIazqDqEr/WHAI/3ZwoAxMNiRJx7oz+rqSqu6tj+Ec6oDS6t6Pl//vztdY/CJvqyqGDjjfQdePaua+GZfCKuKgSc/d/uHq4ldSaDW+F/2hfCe6mjTxr+zJGu8J23860tCeHchUKvqkiUhVBvrTat6qJJfxyCt6p8rIbytEKhV9ZFKCLsDAItU/K90c/HBnbuv3rpxZmZqxwIm4j78vrBlemZqbNO2mc2VBn3anPS5bhmja8tjavfKN8/kSxR99u71g+2ka78THC+2le/HL504mN+P34V6Zse5pqfu7tp0yB94f7mJUPgm1WjInQs85P5iJXNPYqn+mL83DIQlV+6c2jH2xY27du1Ynf1tN/ua7G88zJRtq9Xptuqfr29tvDwarpaVONZttbxYyapdl29ftXP31SunL9946dSlU1es/sia8bPH145/9OxV1VGNZ39bDHX5fFUnQ33j9jbHdQKHemZ3oZKT8akhcbISS0+Nbki8BRLbBpY3/T+5NP/f3nz+Hz914id/vj5Do+P/I/Ewf/b43GH+DTGwv93j/yONjubXTgwYTQJ7YmCPw/wAAAC8NcRJftybGfdK/3TFd15sVq40/9/T3u//T9D6/7Wl689vtMz/ilhivNH6/+ky/7X1//c0Wv8/Xea/tv7//jdh/f8ra4Fkk/zC+v8AAMBbwclb/7/l8v7pBQJKGVou759eIKCUoeUy/u1eIOCo1/9/9j//6r9DE6X5/83tzf8t3A8AAACnji//2VW/0yxemv/vb2/+f/LX/wuNzv8fbRSYbLQwoPX/AAAAWKQarf83cn3/xc3Kleb/B9ub/8fTLjrrcsdaXx/K1rQL6Zp2rwzVfjIAAAAAi0NnGBvraTNv3cqo6469zafypUCbpYue/5MjR3f+/6H25v91v8u46bFld3at+NSjr9+zctmLBz6076W54/8AAADAwml3vwQAAAAAAAAAAAAAAPDme/4/9q5tFi/9/j+sn3280e//43X/4u8L3l6XO9baev2//P4Fn7xr9+yShY8MhfD+YmDr3q2nhfza/MuLgQcvWvGOamJvWuL+5859oZq4OA18YuXpr1UT5ySBDXGRxHemgXhVxdeWJoG4vOK/p4G4PQ6mgd488NWl2Tg60m3108FsW3Wk2+rpwRCGC4Hatrp3MGujIx3gLUmgNsAvpIE4wD/PA51pr+4ayHoVA4Ox6G0DWa8AADhlxW+BPWHL9MzUePwKH2/P7K6/jeqWLLu2XG1Hm80/ky9N9tm71w+2k+5Kv4vOXWu8J1SqQ1hd+rpazNIxO8oTU0uLTff2BkNutdpbZ4NyqaPddL2NR9SXjWhs07aZzT0tB762dZY13S2zrC5NdopZOmc3aRu1tNGXNkbU5rZpo8vxfmcYG+tKcv1BDI6EOq1eEe3+Xr+4zl+jV0ExzxVH9v2qWX2l+f9Ie/P/SnFcr+UXA9gTr6z3d8OW+QcAAICF9dV1v/5G/PeZ6x9+slne0vx/tL35f9yDlR8KzvZ2HIrX/983HMLspfVHssAdsblLhkN472xqMpbILqh/fiwxngXuiDtMVsQSGybrq1oSAweTwE+G8sChJHA4BvK9FAdCvivn74dC+PBsan19ie2xxEgS+HQMjCaBsRgYTwJLY2AiCby8NA9MJoF/i4EwXb+t7l6abysAAICjkc+zeurvhnSed7C7VYaOVhn6W2XobJWh0ipDo1HE+9+OGXqSk1c6Cpl60lr7klpKGeLF8I+6X6UM4Yf1OdOCpabj+Qe18w066jPc97HuSmiiNP8fb2/+319/m7V+OM7/567/lwV+ELv3tXjq+GgM/Pjj9YF8x8DhONm9oVbVZF4in7TfEEtMxMBoEtgeAxNJYMP6PLD/HfWBfKZda3xfrfHpvEQhAAAAACdd3EEQd9PE+f9tO78y0Kxcaf4/0d78P7Y3UGzsuljrkaUh3Nsx15taYOVgFoj7MQbjz+PfNRjCaYUdHLUSU/1Zid6k4fD9vuwX6r1pVd/ry358EO9f8MRDD95YTdzSF8Kywt6XWhvPVrI2+tLAWb1ZoD8NbOvOAnHPTy3w3c4sAMettlcwvqDyU11qRuYv1+D191a5Jmg6vNI+0Hnyzfebq4VS2uGa71OtObqnren+W06Y0tvjkHfbYny3jXi3Fb9I5d9Q3pgLVULn5qktG6+c2RUfKf6StWSBnufir1TbSZ+A1+GeY+9ta5W0A+PJx8f4/OXmfx12xOpuemzZnV0rPvXoPSuXvXjgQ/tearsbDcQfCj90zb8O/qiweRdaJeSvuUX3eTLp82RR/DeQvLtHPW0hhPUvf/2GZvHS/H+yvfl/d3I769dxY+4cDuEDhY37SNz8fzycfQ4WAtmn5NvKgeyQ+38NNfrkNMsGAADghKvt7qjNOqfz2+yE8HSeXM4/eZT54/6KiXnzt9vv/r++aFmzeGn+v6H5/H9J0k3H/x3/Z4E4/j+vU31X9JL0gT3HtSu6VB0LwvH/eZ3q7zbH/+fl+L/j//Nx/L8Fx//ndao/baVvSdt96QohvPhHDzzdLF6a/29vb/5v/b/5F+2rrf+3odH6f9sbrf+3x/p/AADAgmqw0Fw6zyut3lfKkK7eV8rQcoHAlksMWv/vqNf/e+HMZ38TmijN//e0N/+PL4eBYuuLZf2/0fUNqro5BrZbGBAAAIBTUaMdBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALy57vuH/9ncLP7wb897+rkLJy7bu+7Cl6857/THQ5iefbwjC3f0X3/rxM/vPPeuvfetue2eI+d/sJKX68lvf7cud6z19aEQ9hceGYyJV4aqd+YCF3zyrt3d1cQjQyG8vxjYunfradXEt4ZCWF4MPHjRindUE3vTEvc/d+4L1cTFaeATK09/rZo4Jw90pN39x6VZdzvS7t64NIThQqDW3cuW1ldVa+NP80Bn2sY/DWZtxMBgLPqNwayNGJiJJaaXhLCqO4SutKqHK1lVXWlV/1LJqupKq/pyJYRzQgjdaVXP9WZVdacjf7w3qyoGznjfgVfPqib294awqhh48nO3f7ia+EISqDX+F70hvKf6kkkb/3ZP1nhP2vgtPSG8O4TQm5b4ZXdWojct8Xx3CG8rBGqNf747hN2Bt4T44VP3ibZz99VbN87MTO1YwERv3lZf2DI9MzW2advM5krSp0Y6Cuk3rj32sT/z6pc2VW8/e/f6wXbS3Xm5ntkur+mpu7v2VO997Fd/sZK556NUf8zfGwbCkit3Tu0Y++LGXbt2rM7+tpt9Tfa3K49m22r1YtlWy4uVrNp1+fZVO3dfvXL68o2XTl06dcXqj6wZP3t87fhHz15VHdV49vdEDPX2kz/UM7sLlZyMDwAJCYnFluis+3QbP9U/yEtf9Oc62hMqsx/QpWlFMUvH7ChPxKDXHeOIj+V7SssRrS5NHEpZ1syT5dr6LGtLk4m5WvqyLLPf60qTw2JjnbObNN7vDGNjXY22w0j93eLm/dlxbN6n8k3XbhoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP9jBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1mH0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADApQAAAP//EEkkgA==")

1.590782671s ago: executing program 1 (id=969):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000004c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0xa}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0xfe9e, 0x3, 0x6361, 0x5, 0xfffffffe, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x40a4)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x7fffe, {0x0, 0x0, 0x0, r3, {0x0, 0xffe0}, {0xb, 0xb}, {0x2, 0xb}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8c5}, 0x8000)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000001c0)={'syzkaller0\x00', <r7=>0x0})
sendto$packet(r5, &(0x7f00000002c0)="0503d6fcd3fc140000004788031c09102c28", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x88a8, r7, 0x1, 0x0, 0x6, @multicast}, 0x14)

929.491736ms ago: executing program 1 (id=970):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000140)={[{@grpquota_block_hardlimit}]})

741.204979ms ago: executing program 1 (id=971):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e23, 0x1, @local, 0x53b9}}, 0xfffffffd, 0x0, 0x400, 0x0, 0xb2}, 0x9c)

532.526353ms ago: executing program 1 (id=972):
syz_mount_image$minix(&(0x7f0000000080), &(0x7f00000001c0)='./file1\x00', 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="0049cef4df796851925f86c004000000e4cf62dc777d55387afc4a70d087ede499a199c4d7e87a07cdb3e45fc513a1f97b0b9047144790d8f3affa2044cbd987208cf1dcd4ec17f5138b1f4efbdc2a7be39782db000000000000002c2e5cf00c404f4a3246fb740282b4265c2c2c686173682c00181f302d7cd22530b02054463a3dd16b847ce0f9c3bd119a1498eb8cc1ae04dee8bfa77d492c96fd54cb0abb83366c6b4d4785b8103b6ea5ce14afc0ebaae0f62832e93c0cd17b2130111d313bea3d9ab4738453538e448d770b602e104974e6cd92f7d589103fde2331f870b425e8776f9e2152dec6551ec1f61ced64b19c9e56"], 0x5, 0x18e, &(0x7f0000002780)="$eJzs299ummAYx/EfCurcZtzcTpYdkOxgO5lOzf54tt3DbsAoM0ZcTe2JpknTi+gF9KwXV5P2BmoDERqxTRMrYPX7OeLHI/CivviQiADsLVu2DBmyvPCxUD6pGGkPCUBC5pJu5gD2U/bq3rXetQHATpv9kUaSLq+PO8pa0fbgrCTpd1DP5FZeMDuVPpiLupFXIdpfnEufg+2NF6sNSFkqhvXiStnb/5dPwfFf6pVeqyTvHuWN3i7q3XD7909th4C9YqgazUsrMvrXd51vYbb8XA9zzs+NSG6GOe/naufA7cZ1CgDWlHlk/mcj89+MzH8Az9d4Mh20Xdc53N4Fw5S2YBiT6SDJYeQkxX8sO8n30FY6H1xw15n692ejC+ZG9nNhPVRK+cIEIHa1o+GoNp5Mv/aH7Z7Tc/43fjVaP5rf6z9bNb/zz2up/wewO+5+9NMeCQAAAAAAAAAAAAAAWFdF79IeAgAAAICE+P///RvvE0tpnyMAAAAAAAAAAAAAAAAAAACwK24DAAD//3/aFdo=")
rename(&(0x7f0000001bc0)='./file1\x00', &(0x7f0000001c00)='./file0\x00')

201.497296ms ago: executing program 1 (id=973):
iopl(0x3)
setrlimit(0x6, 0x0)

26.053398ms ago: executing program 1 (id=974):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x117, 0x5, 0x101, 0x200}})

0s ago: executing program 0 (id=975):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000880)={0x2, 0x400000000000003, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, [@sadb_lifetime={0x4, 0x3, 0x0, 0xfffffffffffffffd, 0x7}, @sadb_address={0x5, 0x6, 0x6c, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}, @sadb_lifetime={0x4, 0x4, 0x0, 0x7}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x6}, @sadb_address={0x5, 0x5, 0x0, 0x80, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}]}, 0xb0}}, 0x0)

kernel console output (not intermixed with test programs):

81379][   T23] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  110.913759][   T23] cdc_wdm 4-1:1.0: Unknown control protocol
[  111.030912][ T5904] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18'.
[  111.067315][   T23] usb 4-1: USB disconnect, device number 2
[  111.184277][ T5903] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18'.
[  111.196268][ T5903] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18'.
[  111.206179][ T5903] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18'.
[  112.325461][ T5910] syzkaller0: entered promiscuous mode
[  112.334115][   T23] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  112.347320][ T5910] syzkaller0: entered allmulticast mode
[  112.497005][ T5915] syzkaller0: entered promiscuous mode
[  112.554207][   T23] usb 4-1: device descriptor read/all, error -71
[  113.636858][ T5928] loop2: detected capacity change from 0 to 512
[  113.676450][ T5928] =======================================================
[  113.676450][ T5928] WARNING: The mand mount option has been deprecated and
[  113.676450][ T5928]          and is ignored by this kernel. Remove the mand
[  113.676450][ T5928]          option from the mount to silence this warning.
[  113.676450][ T5928] =======================================================
[  113.712519][    C0] vkms_vblank_simulate: vblank timer overrun
[  113.861789][ T5928] EXT4-fs: Ignoring removed i_version option
[  113.920201][ T5924] ip6t_REJECT: ECHOREPLY is not supported
[  113.954683][ T5934] loop3: detected capacity change from 0 to 16
[  113.960663][ T5928] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2853: Unable to expand inode 17. Delete some EAs or run e2fsck.
[  113.961102][ T5928] EXT4-fs (loop2): 1 truncate cleaned up
[  114.000221][ T5928] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.119766][ T5934] erofs: (device loop3): mounted with root inode @ nid 36.
[  114.950984][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.070731][ T5934] syz.3.27: attempt to access beyond end of device
[  115.070731][ T5934] loop3: rw=0, sector=1936876908, nr_sectors = 1 limit=16
[  115.086105][ T5934] syz.3.27: attempt to access beyond end of device
[  115.086105][ T5934] loop3: rw=0, sector=3955228672, nr_sectors = 1 limit=16
[  116.886489][ T5954] syzkaller0: entered promiscuous mode
[  116.908790][ T5954] syzkaller0: entered allmulticast mode
[  117.558703][    T0] NOHZ tick-stop error: local softirq work is pending, handler #1c0!!!
[  117.968643][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  119.375742][ T5965] warning: `syz.1.35' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  123.273218][ T5991] loop0: detected capacity change from 0 to 32768
[  123.593797][ T5991] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  123.952584][ T6001] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  123.973323][ T6001] loop3: detected capacity change from 0 to 64
[  124.003710][ T5991] XFS (loop0): Ending clean mount
[  124.025312][ T5991] XFS (loop0): Quotacheck needed: Please wait.
[  124.596588][ T5991] XFS (loop0): Quotacheck: Done.
[  125.047484][   T28] audit: type=1800 audit(1775497033.896:2): pid=6009 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.45" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=4429 res=0 errno=0
[  125.410034][ T6003] syz.3.36: attempt to access beyond end of device
[  125.410034][ T6003] loop3: rw=0, sector=268435468, nr_sectors = 2 limit=64
[  125.435439][ T6003] Buffer I/O error on dev loop3, logical block 134217734, async page read
[  125.571262][ T5770] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  125.625612][ T6003] syz.3.36: attempt to access beyond end of device
[  125.625612][ T6003] loop3: rw=0, sector=268435468, nr_sectors = 2 limit=64
[  125.870588][ T6003] Buffer I/O error on dev loop3, logical block 134217734, async page read
[  127.911722][ T6026] loop0: detected capacity change from 0 to 128
[  129.238457][ T6032] futex_wake_op: syz.0.47 tries to shift op by -1; fix this program
[  130.787119][ T6041] syzkaller0: entered promiscuous mode
[  130.828330][ T6044] netlink: 16 bytes leftover after parsing attributes in process `syz.3.54'.
[  130.852990][ T6041] 0: reclassify loop, rule prio 0, protocol 800
[  130.885332][ T5770] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF
[  130.895087][ T5770] FAT-fs (loop0): Filesystem has been set read-only
[  131.080349][ T6047] loop2: detected capacity change from 0 to 1024
[  131.377673][ T6047] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.581468][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.353546][ T6083] syzkaller0: entered promiscuous mode
[  134.408707][ T6083] syzkaller0: entered allmulticast mode
[  135.485361][ T6099] syzkaller0: entered promiscuous mode
[  135.505317][ T6099] syzkaller0: entered allmulticast mode
[  138.995484][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  139.008580][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  141.321573][ T6103] syz.2.65 (6103): drop_caches: 2
[  145.823738][ T6163] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  147.489903][ T6168] netlink: 8 bytes leftover after parsing attributes in process `syz.2.77'.
[  147.819559][ T6168] netlink: 8 bytes leftover after parsing attributes in process `syz.2.77'.
[  147.836490][ T6168] netlink: 8 bytes leftover after parsing attributes in process `syz.2.77'.
[  147.848643][ T6168] netlink: 8 bytes leftover after parsing attributes in process `syz.2.77'.
[  148.366345][ T6173] netlink: 4 bytes leftover after parsing attributes in process `syz.3.75'.
[  157.978486][ T6227] loop1: detected capacity change from 0 to 128
[  158.096837][ T6227] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  158.170973][ T6227] ext4 filesystem being mounted at /23/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  158.275082][ T6227] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:406: inode #2: comm syz.1.87: No space for directory leaf checksum. Please run e2fsck -D.
[  158.364972][ T6227] EXT4-fs error (device loop1): __ext4_find_entry:1696: inode #2: comm syz.1.87: checksumming directory block 0
[  158.527398][ T6234] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:406: inode #2: comm syz.1.87: No space for directory leaf checksum. Please run e2fsck -D.
[  158.552894][ T6237] loop3: detected capacity change from 0 to 128
[  158.618787][ T6234] EXT4-fs error (device loop1): __ext4_find_entry:1696: inode #2: comm syz.1.87: checksumming directory block 0
[  158.671869][ T6237] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  158.717806][ T6237] ext4 filesystem being mounted at /20/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  158.731554][ T6227] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:406: inode #2: comm syz.1.87: No space for directory leaf checksum. Please run e2fsck -D.
[  158.749686][ T6227] EXT4-fs error (device loop1): __ext4_find_entry:1696: inode #2: comm syz.1.87: checksumming directory block 0
[  158.830064][ T6234] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:406: inode #2: comm syz.1.87: No space for directory leaf checksum. Please run e2fsck -D.
[  158.899401][ T6234] EXT4-fs error (device loop1): __ext4_find_entry:1696: inode #2: comm syz.1.87: checksumming directory block 0
[  159.001537][ T6227] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:406: inode #2: comm syz.1.87: No space for directory leaf checksum. Please run e2fsck -D.
[  159.046104][ T6227] EXT4-fs error (device loop1): __ext4_find_entry:1696: inode #2: comm syz.1.87: checksumming directory block 0
[  159.174544][ T6227] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:406: inode #2: comm syz.1.87: No space for directory leaf checksum. Please run e2fsck -D.
[  159.251128][ T6227] EXT4-fs error (device loop1): __ext4_find_entry:1696: inode #2: comm syz.1.87: checksumming directory block 0
[  159.280236][ T6235] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:406: inode #2: comm syz.1.87: No space for directory leaf checksum. Please run e2fsck -D.
[  159.383104][ T6235] EXT4-fs error (device loop1): __ext4_find_entry:1696: inode #2: comm syz.1.87: checksumming directory block 0
[  159.384205][ T6237] fscrypt: Error allocating hmac(sha512): -2
[  159.512690][ T6234] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:406: inode #2: comm syz.1.87: No space for directory leaf checksum. Please run e2fsck -D.
[  159.608807][ T6234] EXT4-fs error (device loop1): __ext4_find_entry:1696: inode #2: comm syz.1.87: checksumming directory block 0
[  159.688880][ T6251] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:406: inode #2: comm syz.1.87: No space for directory leaf checksum. Please run e2fsck -D.
[  159.754306][ T6251] EXT4-fs error (device loop1): __ext4_find_entry:1696: inode #2: comm syz.1.87: checksumming directory block 0
[  159.804699][ T6235] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:406: inode #2: comm syz.1.87: No space for directory leaf checksum. Please run e2fsck -D.
[  160.002485][ T6235] EXT4-fs error (device loop1): __ext4_find_entry:1696: inode #2: comm syz.1.87: checksumming directory block 0
[  160.074872][ T5772] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  162.722992][ T5769] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  174.610403][ T6335] binder: 6334:6335 ioctl c0306201 2000000003c0 returned -14
[  174.880519][   T27] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  175.074166][   T27] usb 1-1: config 0 has no interfaces?
[  175.080819][   T27] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  175.090651][   T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.125472][   T27] usb 1-1: config 0 descriptor??
[  175.560274][   T27] usb 1-1: USB disconnect, device number 2
[  177.833178][ T6351] loop1: detected capacity change from 0 to 32768
[  179.236235][ T6355] loop0: detected capacity change from 0 to 4096
[  182.868693][    T8] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  182.908703][   T27] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  183.088938][   T27] usb 4-1: Using ep0 maxpacket: 16
[  183.096114][   T27] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  183.109972][   T27] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  183.124904][    T8] usb 2-1: Using ep0 maxpacket: 32
[  183.137546][    T8] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  183.164561][    T8] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  183.178610][    T8] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  183.203377][    T8] usb 2-1: Product: syz
[  183.218353][    T8] usb 2-1: Manufacturer: syz
[  183.223626][    T8] usb 2-1: SerialNumber: syz
[  183.228553][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  183.286515][   T27] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  183.296697][   T27] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.309427][    T8] usb 2-1: config 0 descriptor??
[  183.314741][   T27] usb 4-1: Product: syz
[  183.319870][   T27] usb 4-1: Manufacturer: syz
[  183.325011][   T27] usb 4-1: SerialNumber: syz
[  183.335779][ T6368] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  183.564218][   T27] usb 4-1: 0:2 : does not exist
[  183.603665][   T27] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  183.757238][   T27] usb 4-1: USB disconnect, device number 5
[  185.761408][ T6381] loop3: detected capacity change from 0 to 40427
[  185.850719][ T6381] F2FS-fs (loop3): Invalid segment/section count (24 != 24 * 3)
[  185.859519][ T6381] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  185.874021][ T6381] F2FS-fs (loop3): Image doesn't support compression
[  185.881349][ T6381] F2FS-fs (loop3): Unrecognized mount option "whint_mode=user-based" or missing value
[  187.225817][ T5811] usb 2-1: USB disconnect, device number 2
[  189.331529][ T5778] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  189.340719][ T5778] Bluetooth: hci3: Injecting HCI hardware error event
[  189.350420][ T5780] Bluetooth: hci3: hardware error 0x00
[  191.718832][ T5780] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  195.800468][ T6411] sctp: failed to load transform for md5: -2
[  196.556701][ T6426] binder_alloc: 6425: binder_alloc_buf, no vma
[  196.588764][   T27] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[  196.811700][   T27] usb 1-1: config 0 interface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  196.845719][   T27] usb 1-1: config 0 interface 0 has no altsetting 0
[  196.869035][   T27] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  196.906131][   T27] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  196.941163][   T27] usb 1-1: Product: syz
[  196.957546][   T27] usb 1-1: Manufacturer: syz
[  196.973715][   T27] usb 1-1: SerialNumber: syz
[  197.019494][   T27] usb 1-1: config 0 descriptor??
[  197.112134][   T27] snd-usb-audio: probe of 1-1:0.0 failed with error -22
[  197.215792][ T6195] udevd[6195]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  197.410586][ T6436] syz.1.132 uses obsolete (PF_INET,SOCK_PACKET)
[  200.325404][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  200.338626][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  200.429631][ T6454] syzkaller0: entered promiscuous mode
[  200.435372][ T6454] syzkaller0: entered allmulticast mode
[  202.531549][  T786] usb 1-1: USB disconnect, device number 3
[  208.045091][ T6493] syzkaller0: entered promiscuous mode
[  208.057094][ T6493] 0: reclassify loop, rule prio 0, protocol 800
[  209.031095][ T6502] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  209.094246][ T6502] netlink: 12 bytes leftover after parsing attributes in process `syz.1.155'.
[  210.873397][ T6506] syz.0.156 (6506) used greatest stack depth: 17896 bytes left
[  211.268833][  T786] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  211.519104][  T786] usb 3-1: Using ep0 maxpacket: 32
[  211.530989][  T786] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[  211.546442][  T786] usb 3-1: config 0 has no interface number 0
[  211.570029][  T786] usb 3-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  211.608719][  T786] usb 3-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  211.642627][  T786] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  211.665483][  T786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.698678][  T786] usb 3-1: Product: syz
[  211.702951][  T786] usb 3-1: Manufacturer: syz
[  211.707709][  T786] usb 3-1: SerialNumber: syz
[  211.761365][  T786] usb 3-1: config 0 descriptor??
[  211.774380][  T786] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  211.994937][  T786] usb 3-1: qt2_setup_urbs - submit read urb failed -90
[  212.008982][  T786] quatech2: probe of 3-1:0.51 failed with error -90
[  213.852419][ T6513] loop2: detected capacity change from 0 to 64
[  214.601123][ T6529] netlink: 'syz.1.162': attribute type 13 has an invalid length.
[  214.687706][ T5812] usb 3-1: USB disconnect, device number 2
[  214.858773][ T6536] syzkaller0: entered promiscuous mode
[  214.879061][ T6536] syzkaller0: entered allmulticast mode
[  216.755450][ T6546] overlayfs: overlapping lowerdir path
[  217.815267][ T5779] Bluetooth: hci1: command 0x0406 tx timeout
[  217.815309][   T51] Bluetooth: hci0: command 0x0406 tx timeout
[  217.821861][ T5779] Bluetooth: hci2: command 0x0406 tx timeout
[  219.707824][    T8] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  219.930825][    T8] usb 3-1: unable to get BOS descriptor or descriptor too short
[  219.965887][    T8] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  219.986963][    T8] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  220.009172][    T8] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  220.126157][    T8] usb 3-1: New USB device found, idVendor=04fa, idProduct=4201, bcdDevice= 0.40
[  220.146957][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.198733][    T8] usb 3-1: Product: syz
[  220.203035][    T8] usb 3-1: Manufacturer: syz
[  220.207697][    T8] usb 3-1: SerialNumber: syz
[  220.574908][ T6562] loop3: detected capacity change from 0 to 32768
[  220.607272][ T6562] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.172 (6562)
[  220.779867][ T6562] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  220.790710][ T6562] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  220.799889][ T6562] BTRFS info (device loop3): enabling auto defrag
[  220.806504][ T6562] BTRFS info (device loop3): use no compression
[  220.813242][ T6562] BTRFS info (device loop3): force clearing of disk cache
[  220.820592][ T6562] BTRFS info (device loop3): max_inline at 4096
[  220.827445][ T6562] BTRFS info (device loop3): disabling free space tree
[  221.296531][ T6562] BTRFS info (device loop3): enabling ssd optimizations
[  221.304210][ T6562] BTRFS info (device loop3): auto enabling async discard
[  221.327242][ T6562] BTRFS info (device loop3): rebuilding free space tree
[  221.413920][ T6562] BTRFS info (device loop3): disabling free space tree
[  221.422155][ T6562] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  221.433015][ T6562] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  221.531837][   T28] audit: type=1800 audit(1775497130.413:3): pid=6562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.172" name="file1" dev="loop3" ino=260 res=0 errno=0
[  221.691505][   T28] audit: type=1800 audit(1775497130.473:4): pid=6563 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.172" name="file1" dev="loop3" ino=260 res=0 errno=0
[  221.768641][    T8] usb 3-1: 1:1 : no or invalid class specific endpoint descriptor
[  221.850999][    T8] usb 3-1: 1:1 : sample bitwidth 62 in over sample bytes 3
[  221.858687][    T8] usb 3-1: 1:1 : unsupported format bits 0x33820006
[  221.865817][    T8] usb 3-1: parse_audio_format_rates_v2v3(): unable to find clock source (clock -22)
[  221.890689][    T8] usb 3-1: unit 2 not found!
[  221.895584][    T8] usb 3-1: unit 0 not found!
[  222.002415][    T8] usb 3-1: USB disconnect, device number 3
[  222.077465][ T5772] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  223.493170][ T6598] udevd[6598]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  223.729860][ T6597] loop2: detected capacity change from 0 to 32768
[  223.822872][ T6597] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  223.952870][ T6612] loop1: detected capacity change from 0 to 4096
[  223.981280][ T6612] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512).
[  224.020907][ T6597] XFS (loop2): Ending clean mount
[  224.073862][ T6597] XFS (loop2): Quotacheck needed: Please wait.
[  224.183970][ T6612] ntfs3: loop1: Failed to initialize $Extend/$Reparse.
[  224.237824][ T6597] XFS (loop2): Quotacheck: Done.
[  225.366237][ T5768] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  226.083902][ T6626] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.179'.
[  230.587216][ T6652] netlink: 4 bytes leftover after parsing attributes in process `syz.2.185'.
[  230.926009][ T6651] loop0: detected capacity change from 0 to 32768
[  230.971176][ T6651] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  231.103275][ T6651] XFS (loop0): Ending clean mount
[  231.114554][ T6651] XFS (loop0): Quotacheck needed: Please wait.
[  231.186971][ T6651] XFS (loop0): Quotacheck: Done.
[  232.124697][ T5770] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  232.148932][ T5816] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  232.425828][ T5816] usb 4-1: unable to get BOS descriptor or descriptor too short
[  232.474843][ T5816] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  232.487442][ T5816] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  232.497372][ T5816] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  232.555136][ T5816] usb 4-1: New USB device found, idVendor=04fa, idProduct=4201, bcdDevice= 0.40
[  232.565693][ T5816] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.611336][ T5816] usb 4-1: Product: syz
[  232.633858][ T5816] usb 4-1: Manufacturer: syz
[  232.654221][ T5816] usb 4-1: SerialNumber: syz
[  233.226892][ T5816] usb 4-1: 1:1 : no or invalid class specific endpoint descriptor
[  233.235438][ T5816] usb 4-1: 1:1 : sample bitwidth 62 in over sample bytes 3
[  233.243373][ T5816] usb 4-1: 1:1 : unsupported format bits 0x33820006
[  233.250593][ T5816] usb 4-1: parse_audio_format_rates_v2v3(): unable to find clock source (clock -22)
[  233.280320][ T5816] usb 4-1: unit 2 not found!
[  233.319239][ T5816] usb 4-1: unit 0 not found!
[  233.831640][ T5816] usb 4-1: USB disconnect, device number 6
[  235.769579][ T6598] udevd[6598]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  238.025263][ T6705] netlink: 4 bytes leftover after parsing attributes in process `syz.1.199'.
[  239.004400][ T6709] kvm: kvm [6707]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x1e88e0000
[  239.025753][ T6709] kvm: kvm [6707]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0xe88e0000
[  239.060961][ T6709] kvm: kvm [6707]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[  239.075266][ T6709] kvm: kvm [6707]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0xe88e0000
[  239.751092][ T6725] Bluetooth: hci0: invalid length 0, exp 2 for type 13
[  243.207537][ T6771] syzkaller0: entered promiscuous mode
[  243.217203][ T6771] syzkaller0: entered allmulticast mode
[  243.468775][ T5811] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  243.711604][ T5811] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  243.724364][ T5811] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  243.735152][ T5811] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.746177][ T5811] usb 4-1: config 0 descriptor??
[  243.763674][ T5811] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  243.984834][   T23] usb 4-1: USB disconnect, device number 7
[  244.463379][ T6777] loop2: detected capacity change from 0 to 40427
[  245.314276][ T6777] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  245.322695][ T6777] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  245.336194][ T6777] F2FS-fs (loop2): invalid crc value
[  245.367377][ T6777] F2FS-fs (loop2): Found nat_bits in checkpoint
[  245.479319][ T6777] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  245.486685][ T6777] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  246.048259][ T6789] syz.2.217: attempt to access beyond end of device
[  246.048259][ T6789] loop2: rw=2049, sector=53248, nr_sectors = 992 limit=40427
[  246.065049][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.074434][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.083781][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.091719][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.099170][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.106755][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.114585][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.122323][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.129746][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.138067][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.145824][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.154491][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.163490][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.170841][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.178364][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.185587][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.192991][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.200293][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.208264][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.216109][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.223559][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.231209][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.238908][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.246288][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.254254][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.261671][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.269150][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.276404][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.284041][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.291354][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.298692][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.305897][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.313608][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.321057][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.328644][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.337137][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.344515][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.353698][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.363593][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.371544][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.379655][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.387323][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.394988][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.402436][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.409808][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.417501][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.425322][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.432459][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.439667][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.446909][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.454350][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.461942][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.470180][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.477524][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.485021][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.492462][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.499742][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.506789][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.514138][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.521351][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.528734][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.535819][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.542997][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.550115][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.557480][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.565094][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.572231][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.579426][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.586712][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.594330][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.601411][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.608379][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.615682][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.622721][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.630173][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.637606][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.645379][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.652660][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.659968][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.667086][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.674132][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.681067][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.688220][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.695359][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.702374][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.710064][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.717776][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.724769][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.731830][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.739085][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.746048][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.753011][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.760498][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.768026][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.775733][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.782685][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.789911][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.796966][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.803984][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.811142][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.818202][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.825324][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.832462][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.839785][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.846893][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.854101][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.861346][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.868239][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.875311][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.882461][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.889582][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.897006][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.903962][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.912259][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.919559][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.926487][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.933742][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.941152][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.948637][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.955852][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.963618][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.970673][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.977791][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.985221][ T6789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.997837][ T6789] syz.2.217: attempt to access beyond end of device
[  246.997837][ T6789] loop2: rw=0, sector=54232, nr_sectors = 8 limit=40427
[  249.120571][ T6803] syz_tun: entered allmulticast mode
[  249.184249][ T6802] mmap: syz.3.227 (6802) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  249.725130][ T6813] loop3: detected capacity change from 0 to 2048
[  249.781754][ T6813] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  250.029358][   T23] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  251.180683][   T23] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  251.195823][   T23] usb 3-1: config 0 has no interfaces?
[  251.202466][   T23] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[  251.248789][   T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.313895][   T23] usb 3-1: config 0 descriptor??
[  255.790604][ T5816] usb 3-1: USB disconnect, device number 4
[  256.268688][ T5816] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  256.458810][ T5816] usb 3-1: Using ep0 maxpacket: 16
[  256.481321][ T5816] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  256.540730][ T5816] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  256.602483][ T5816] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  256.763702][ T5816] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  256.898170][ T5816] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.061115][ T5816] usb 3-1: config 0 descriptor??
[  258.458518][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  258.678537][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  258.698533][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  258.708525][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  258.828537][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  258.838534][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  259.038526][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  259.861438][ T5816] usbhid 3-1:0.0: can't add hid device: -71
[  259.867574][ T5816] usbhid: probe of 3-1:0.0 failed with error -71
[  259.876896][ T5816] usb 3-1: USB disconnect, device number 5
[  261.569167][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  261.600262][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  263.081265][ T6894] netlink: 'syz.1.247': attribute type 12 has an invalid length.
[  264.992810][ T6919] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.254'.
[  265.028176][ T6919] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  268.263543][ T6930] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  269.727802][ T6943] loop3: detected capacity change from 0 to 16
[  269.771774][ T6943] erofs: (device loop3): mounted with root inode @ nid 36.
[  275.545988][ T6960] loop2: detected capacity change from 0 to 32768
[  275.613082][ T6960] XFS (loop2): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  275.907405][ T6960] XFS (loop2): Starting recovery (logdev: internal)
[  275.971915][ T6960] XFS (loop2): Ending recovery (logdev: internal)
[  276.011911][ T6977] loop3: detected capacity change from 0 to 256
[  276.041362][ T6977] exfat: Deprecated parameter 'utf8'
[  276.047179][ T6977] exfat: Bad value for 'uid'
[  277.870007][ T5768] XFS (loop2): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  278.488950][ T6989] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  279.549452][    T9] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  279.848665][    T9] usb 1-1: Using ep0 maxpacket: 32
[  279.879855][    T9] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  279.902277][    T9] usb 1-1: config 0 has no interface number 0
[  279.904881][    T9] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  279.904911][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.904931][    T9] usb 1-1: Product: syz
[  279.904953][    T9] usb 1-1: Manufacturer: syz
[  279.904968][    T9] usb 1-1: SerialNumber: syz
[  279.907624][    T9] usb 1-1: config 0 descriptor??
[  280.012312][    T9] smsc95xx v2.0.0
[  280.365198][    T9] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  280.387122][    T9] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  282.361264][    T9] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000108: -71
[  282.470195][    T9] smsc95xx: probe of 1-1:0.67 failed with error -71
[  282.511709][    T9] usb 1-1: USB disconnect, device number 4
[  282.571169][ T7012] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.276'.
[  282.604248][ T7012] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  286.570836][ T7034] tipc: Started in network mode
[  286.576694][ T7034] tipc: Node identity aaa72f732d35, cluster identity 4711
[  286.586115][ T7034] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  286.601112][ T7034] syzkaller0: entered promiscuous mode
[  286.607049][ T7034] syzkaller0: entered allmulticast mode
[  286.720762][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  286.745498][ T7034] tipc: Resetting bearer <eth:syzkaller0>
[  286.773096][ T7033] tipc: Resetting bearer <eth:syzkaller0>
[  286.816782][ T7033] tipc: Disabling bearer <eth:syzkaller0>
[  293.525624][ T7074] loop0: detected capacity change from 0 to 128
[  293.541290][ T7074] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  293.566501][ T7074] hpfs: filesystem error: improperly stopped
[  293.597835][ T7074] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  293.693993][ T7074] hpfs: You really don't want any checks? You are crazy...
[  293.717341][ T7074] hpfs: hpfs_map_sector(): read error
[  293.728187][ T7077] netlink: 4 bytes leftover after parsing attributes in process `syz.1.304'.
[  293.739159][ T7074] hpfs: code page support is disabled
[  293.747229][ T7074] hpfs: hpfs_map_4sectors(): unaligned read
[  293.792028][ T7074] hpfs: hpfs_map_4sectors(): unaligned read
[  293.816032][ T7074] hpfs: filesystem error: unable to find root dir
[  294.875566][ T7074] hpfs: hpfs_map_4sectors(): unaligned read
[  295.428250][ T7086] hpfs: hpfs_map_4sectors(): unaligned read
[  295.459839][ T7086] hpfs: hpfs_map_sector(): read error
[  297.477505][ T7099] Cannot find del_set index 0 as target
[  301.576918][ T7121] syzkaller0: entered promiscuous mode
[  301.587077][ T7121] syzkaller0: entered allmulticast mode
[  306.717875][ T7143] loop2: detected capacity change from 0 to 40427
[  306.759882][ T7143] F2FS-fs (loop2): invalid crc value
[  306.787192][ T7143] F2FS-fs (loop2): Found nat_bits in checkpoint
[  307.006287][ T7143] F2FS-fs (loop2): Start checkpoint disabled!
[  307.118086][ T7143] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  309.042777][   T11] kworker/u4:0: attempt to access beyond end of device
[  309.042777][   T11] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  309.286421][   T11] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  310.113325][ T7161] syzkaller0: entered promiscuous mode
[  310.119971][ T7161] syzkaller0: entered allmulticast mode
[  311.620828][ T1207] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  311.931708][ T7175] autofs4:pid:7175:autofs_fill_super: called with bogus options
[  312.006169][ T1207] usb 4-1: config index 0 descriptor too short (expected 14385, got 96)
[  312.016081][ T1207] usb 4-1: config 52 has too many interfaces: 52, using maximum allowed: 32
[  312.895626][ T1207] usb 4-1: config 52 has an invalid descriptor of length 0, skipping remainder of the config
[  313.101372][ T1207] usb 4-1: config 52 has 0 interfaces, different from the descriptor's value: 52
[  313.207005][ T1207] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  313.227034][ T1207] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  313.241916][ T1207] usb 4-1: Product: syz
[  313.246356][ T1207] usb 4-1: Manufacturer: syz
[  314.991237][ T1207] usb 4-1: USB disconnect, device number 8
[  315.318168][ T7197] syzkaller0: entered promiscuous mode
[  315.327843][ T7197] syzkaller0: entered allmulticast mode
[  315.380720][ T7195] batman_adv: batadv0: Adding interface: macsec1
[  315.408971][ T7195] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  315.441594][ T7195] batman_adv: batadv0: Interface activated: macsec1
[  315.854387][ T7200] syzkaller0: entered promiscuous mode
[  315.860271][ T7200] syzkaller0: entered allmulticast mode
[  318.531501][ T7213] netlink: 'syz.2.339': attribute type 4 has an invalid length.
[  319.072583][ T7222] vim2m vim2m.0: vidioc_s_fmt queue busy
[  320.116174][ T7225] overlayfs: failed to resolve './file0': -2
[  322.231931][ T7259] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.343'.
[  322.260596][ T7259] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  322.889294][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  322.895767][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  327.243215][ T7282] loop2: detected capacity change from 0 to 256
[  327.280904][ T7282] exfat: Deprecated parameter 'utf8'
[  327.303097][ T7282] exfat: Bad value for 'uid'
[  327.476576][ T7287] binfmt_misc: register: failed to install interpreter file ./file0
[  328.402124][ T7289] netlink: 'syz.0.353': attribute type 1 has an invalid length.
[  330.366827][ T7291] bond1: (slave bridge1): Enslaving as a backup interface with an up link
[  332.773379][ T7309] ptrace attach of "./syz-executor exec"[7310] was attempted by "./syz-executor exec"[7309]
[  335.132627][ T7322] loop2: detected capacity change from 0 to 128
[  335.174176][ T7322] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  335.562802][ T7322] hpfs: filesystem error: improperly stopped
[  335.569378][ T7322] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  335.577341][ T7322] hpfs: You really don't want any checks? You are crazy...
[  335.589174][ T7322] hpfs: hpfs_map_sector(): read error
[  335.594840][ T7322] hpfs: code page support is disabled
[  335.600600][ T7322] hpfs: hpfs_map_4sectors(): unaligned read
[  335.608260][ T7322] hpfs: hpfs_map_4sectors(): unaligned read
[  335.614661][ T7322] hpfs: filesystem error: unable to find root dir
[  335.652221][ T7317] syzkaller0: entered promiscuous mode
[  335.657964][ T7317] syzkaller0: entered allmulticast mode
[  335.830159][ T7317] simple: basic_0
[  335.834145][ T7317] simple: basic_0
[  335.837935][ T7317] simple: basic_0
[  335.841833][ T7317] simple: basic_0
[  335.845617][ T7317] simple: basic_0
[  335.849363][ T7317] simple: basic_0
[  335.853056][ T7317] simple: basic_0
[  335.856738][ T7317] simple: basic_0
[  335.860555][ T7317] simple: basic_0
[  335.864336][ T7317] simple: basic_0
[  335.868015][ T7317] simple: basic_0
[  335.871739][ T7317] simple: basic_0
[  335.875432][ T7317] simple: basic_0
[  335.879423][ T7317] simple: basic_0
[  335.883255][ T7317] simple: basic_0
[  335.887091][ T7317] simple: basic_0
[  335.890840][ T7317] simple: basic_0
[  335.894534][ T7317] simple: basic_0
[  335.898246][ T7317] simple: basic_0
[  335.902173][ T7317] simple: basic_0
[  335.906009][ T7317] simple: basic_0
[  335.909711][ T7317] simple: basic_0
[  335.913385][ T7317] simple: basic_0
[  335.917547][ T7317] simple: basic_0
[  335.921406][ T7317] simple: basic_0
[  335.925053][ T7317] simple: basic_0
[  335.928760][ T7317] simple: basic_0
[  335.932421][ T7317] simple: basic_0
[  335.936096][ T7317] simple: basic_0
[  335.939961][ T7317] simple: basic_0
[  335.943629][ T7317] simple: basic_0
[  335.947301][ T7317] simple: basic_0
[  335.951224][ T7317] TC_ACT_REPEAT abuse ?
[  342.198915][ T5816] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  343.448537][ T5816] usb 4-1: Using ep0 maxpacket: 16
[  343.539025][ T5816] usb 4-1: device descriptor read/all, error -71
[  343.635542][ T7351] loop2: detected capacity change from 0 to 64
[  344.655489][ T7355] loop0: detected capacity change from 0 to 256
[  344.832174][ T7355] exfat: Deprecated parameter 'utf8'
[  344.868619][ T7355] exfat: Bad value for 'uid'
[  351.004952][ T7385] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  353.878650][   T28] audit: type=1326 audit(1775497262.493:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.3.383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f6f9c819 code=0x7ffc0000
[  356.119890][   T28] audit: type=1326 audit(1775497262.493:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.3.383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f6f9c819 code=0x7ffc0000
[  356.938722][   T28] audit: type=1326 audit(1775497262.493:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.3.383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f17f6f9c819 code=0x7ffc0000
[  357.008983][   T28] audit: type=1326 audit(1775497262.493:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.3.383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f6f9c819 code=0x7ffc0000
[  357.108771][   T28] audit: type=1326 audit(1775497262.493:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.3.383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f6f9c819 code=0x7ffc0000
[  357.115588][ T7405] loop3: detected capacity change from 0 to 256
[  357.193638][   T28] audit: type=1326 audit(1775497262.493:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.3.383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f17f6f9c819 code=0x7ffc0000
[  357.238097][ T7405] exfat: Deprecated parameter 'namecase'
[  357.256126][   T28] audit: type=1326 audit(1775497262.493:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.3.383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f6f9c819 code=0x7ffc0000
[  357.325111][   T28] audit: type=1326 audit(1775497262.493:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.3.383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f6f9c819 code=0x7ffc0000
[  357.407289][ T7405] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  361.540197][ T5778] Bluetooth: hci2: unexpected event for opcode 0x2023
[  361.556864][ T7431] netlink: 76 bytes leftover after parsing attributes in process `syz.0.390'.
[  367.899768][ T7453] loop3: detected capacity change from 0 to 8
[  367.921414][ T7453] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  368.004127][ T7453] cramfs: Error -5 while decompressing!
[  368.010234][ T7453] cramfs: ffffffff973f9382(26)->ffff888051dd4000(4096)
[  368.017260][ T7453] cramfs: Error -3 while decompressing!
[  368.023241][ T7453] cramfs: ffffffff973f939c(16)->ffff888051dd5000(4096)
[  368.031944][ T7453] cramfs: Error -5 while decompressing!
[  368.037710][ T7453] cramfs: ffffffff973f9382(26)->ffff888051dd4000(4096)
[  368.056244][   T28] audit: type=1800 audit(1775497276.943:13): pid=7453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.398" name="file2" dev="loop3" ino=348 res=0 errno=0
[  368.349928][ T7406] udevd[7406]: incorrect cramfs checksum on /dev/loop3
[  368.406631][ T5778] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  368.958553][ T7466] binder_alloc: 7461: binder_alloc_buf, no vma
[  370.973046][ T7480] loop3: detected capacity change from 0 to 40427
[  371.016114][ T7480] F2FS-fs (loop3): invalid crc value
[  371.187615][ T7480] F2FS-fs (loop3): Found nat_bits in checkpoint
[  371.256839][ T7480] F2FS-fs (loop3): Start checkpoint disabled!
[  371.342797][ T7480] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  371.506027][ T7484] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  372.331755][ T7493] netlink: 44 bytes leftover after parsing attributes in process `syz.1.404'.
[  372.674929][ T1095] kworker/u4:5: attempt to access beyond end of device
[  372.674929][ T1095] loop3: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  372.742026][ T1095] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  373.003705][ T7497] syzkaller0: entered promiscuous mode
[  373.751370][ T7497] syzkaller0: entered allmulticast mode
[  384.375895][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  384.410466][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  384.732456][ T7572] netlink: 4 bytes leftover after parsing attributes in process `syz.2.425'.
[  384.769779][ T7572] team_slave_0: entered promiscuous mode
[  384.776155][ T7572] team_slave_1: entered promiscuous mode
[  384.793778][ T7572] macvtap1: entered promiscuous mode
[  384.799800][ T7572] team0: entered promiscuous mode
[  384.805385][ T7572] macvtap1: entered allmulticast mode
[  384.812337][ T7572] team0: entered allmulticast mode
[  384.817618][ T7572] team_slave_0: entered allmulticast mode
[  384.823639][ T7572] team_slave_1: entered allmulticast mode
[  384.832252][ T7572] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  384.840334][ T7573] batadv_slave_0: Caught tx_queue_len zero misconfig
[  384.966601][ T7574] macvtap1: left promiscuous mode
[  384.986509][ T7574] team0: left promiscuous mode
[  385.079850][ T7574] macvtap1: left allmulticast mode
[  385.085167][ T7574] team0: left allmulticast mode
[  385.250936][ T7574] team_slave_0: left allmulticast mode
[  385.256740][ T7574] team_slave_1: left allmulticast mode
[  385.508506][ T7583] loop0: detected capacity change from 0 to 16
[  385.551548][ T7583] erofs: (device loop0): mounted with root inode @ nid 36.
[  385.595525][ T7583] syz.0.435: attempt to access beyond end of device
[  385.595525][ T7583] loop0: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  385.691909][ T7583] syz.0.435: attempt to access beyond end of device
[  385.691909][ T7583] loop0: rw=524288, sector=16, nr_sectors = 40 limit=16
[  385.710036][ T7583] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  385.968873][   T28] audit: type=1800 audit(1775497294.613:14): pid=7583 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.435" name="file2" dev="loop0" ino=89 res=0 errno=0
[  389.275330][ T7606] loop2: detected capacity change from 0 to 40427
[  389.308526][ T7606] F2FS-fs (loop2): invalid crc value
[  389.317842][ T7606] F2FS-fs (loop2): Found nat_bits in checkpoint
[  389.375102][ T7606] F2FS-fs (loop2): Start checkpoint disabled!
[  389.401242][ T7606] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  391.283451][   T76] kworker/u4:4: attempt to access beyond end of device
[  391.283451][   T76] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  391.318339][   T76] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  394.115030][ T7626] comedi comedi0: Minor 3 could not be opened
[  398.012953][ T7656] tipc: Started in network mode
[  398.036257][ T7656] tipc: Node identity eaf95d44bded, cluster identity 4711
[  398.084141][ T7656] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  398.166314][ T7657] syzkaller0: entered promiscuous mode
[  398.225796][ T7657] syzkaller0: entered allmulticast mode
[  398.277208][ T7656] tipc: Resetting bearer <eth:syzkaller0>
[  398.382335][ T7655] tipc: Resetting bearer <eth:syzkaller0>
[  398.429680][ T7661] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  398.639448][ T7655] tipc: Disabling bearer <eth:syzkaller0>
[  399.459333][ T7665] loop3: detected capacity change from 0 to 256
[  399.507784][ T7665] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf4000b1f, utbl_chksum : 0xe619d30d)
[  400.854050][ T7670] gtp0: entered promiscuous mode
[  400.859131][ T7670] gtp0: entered allmulticast mode
[  401.193043][ T7675] netlink: 28 bytes leftover after parsing attributes in process `syz.3.452'.
[  401.203184][ T7675] netlink: 28 bytes leftover after parsing attributes in process `syz.3.452'.
[  401.212905][ T7675] netlink: 28 bytes leftover after parsing attributes in process `syz.3.452'.
[  401.222387][ T7675] netlink: 28 bytes leftover after parsing attributes in process `syz.3.452'.
[  401.231844][ T7675] netlink: 28 bytes leftover after parsing attributes in process `syz.3.452'.
[  401.241572][ T7675] netlink: 28 bytes leftover after parsing attributes in process `syz.3.452'.
[  401.251188][ T7675] netlink: 28 bytes leftover after parsing attributes in process `syz.3.452'.
[  401.261090][ T7675] netlink: 28 bytes leftover after parsing attributes in process `syz.3.452'.
[  401.270770][ T7675] netlink: 28 bytes leftover after parsing attributes in process `syz.3.452'.
[  401.280451][ T7675] netlink: 28 bytes leftover after parsing attributes in process `syz.3.452'.
[  406.758581][ T5811] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  407.442582][ T7696] __nla_validate_parse: 10 callbacks suppressed
[  407.442607][ T7696] netlink: 12 bytes leftover after parsing attributes in process `syz.3.460'.
[  408.540427][ T7699] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  408.562417][ T7699] syzkaller0: entered promiscuous mode
[  408.568065][ T7699] syzkaller0: entered allmulticast mode
[  408.700211][ T7699] tipc: Resetting bearer <eth:syzkaller0>
[  408.748780][ T7698] tipc: Resetting bearer <eth:syzkaller0>
[  408.808195][ T7698] tipc: Disabling bearer <eth:syzkaller0>
[  409.040114][ T7704] netlink: 20 bytes leftover after parsing attributes in process `syz.3.463'.
[  411.802625][ T7720] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  411.815279][ T7720] syzkaller0: entered promiscuous mode
[  411.825208][ T7720] syzkaller0: entered allmulticast mode
[  412.019240][ T7720] netlink: 44 bytes leftover after parsing attributes in process `syz.2.465'.
[  412.089202][ T7720] tipc: Resetting bearer <eth:syzkaller0>
[  412.124569][ T7716] tipc: Resetting bearer <eth:syzkaller0>
[  412.392866][ T7726] loop0: detected capacity change from 0 to 40427
[  412.449369][ T7726] F2FS-fs (loop0): invalid crc value
[  412.487313][ T7726] F2FS-fs (loop0): Found nat_bits in checkpoint
[  412.511116][ T7716] tipc: Disabling bearer <eth:syzkaller0>
[  412.562394][ T7726] F2FS-fs (loop0): Start checkpoint disabled!
[  412.573089][ T7726] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  412.743897][ T7724] syzkaller0: entered promiscuous mode
[  412.758682][ T7724] syzkaller0: entered allmulticast mode
[  413.818230][ T7743] loop2: detected capacity change from 0 to 1024
[  418.161822][ T7743] EXT4-fs (loop2): stripe (4) is not aligned with cluster size (4096), stripe is disabled
[  418.172471][ T7743] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  418.172928][ T7743] EXT4-fs: failed to create workqueue
[  418.188569][ T7743] EXT4-fs (loop2): mount failed
[  418.429301][ T2930] kworker/u4:10: attempt to access beyond end of device
[  418.429301][ T2930] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  418.463263][ T2930] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  420.436688][ T7774] binder_alloc: 7772: binder_alloc_buf, no vma
[  421.351229][ T7778] overlayfs: failed to clone upperpath
[  421.922370][ T7781] misc userio: The device must be registered before sending interrupts
[  422.433545][ T7786] loop0: detected capacity change from 0 to 512
[  422.481513][ T7786] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  422.708545][ T7786] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.477: bg 0: block 473: padding at end of block bitmap is not set
[  422.757509][ T7786] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6653: Corrupt filesystem
[  422.791951][ T7786] EXT4-fs (loop0): 1 orphan inode deleted
[  422.817196][   T11] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  422.835204][ T7786] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  422.848315][   T11] EXT4-fs error (device loop0): ext4_release_dquot:6989: comm kworker/u4:0: Failed to release dquot type 1
[  422.879925][ T7786] ext4 filesystem being mounted at /120/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  423.938586][ T7795] IPVS: set_ctl: invalid protocol: 0 100.1.1.1:20002
[  424.511478][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  427.596874][ T7819] loop0: detected capacity change from 0 to 1024
[  427.631058][ T7819] EXT4-fs (loop0): bad geometry: bigalloc file system with non-zero first_data_block
[  427.631058][ T7819] 
[  427.714368][ T7821] loop3: detected capacity change from 0 to 128
[  429.289258][ T7831] syzkaller0: entered promiscuous mode
[  429.295110][ T7831] syzkaller0: entered allmulticast mode
[  430.503455][ T7839] loop0: detected capacity change from 0 to 256
[  430.603255][ T7839] exfat: Deprecated parameter 'utf8'
[  430.760032][ T7839] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  431.443950][ T7843] bond0: (slave bond_slave_1): Releasing backup interface
[  431.758070][ T7846] Core dump to core aborted: cannot preserve file owner
[  435.738948][ T7863] loop0: detected capacity change from 0 to 2048
[  436.608697][ T7863] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  437.123733][ T5778] Bluetooth: hci2: unexpected event for opcode 0x0000
[  437.333970][ T7869] loop3: detected capacity change from 0 to 512
[  437.405394][ T7869] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  437.471248][ T7869] ext4 filesystem being mounted at /118/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  437.954500][ T7880] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  437.971417][ T7880] Quota error (device loop3): write_blk: dquota write failed
[  437.979419][ T7880] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  437.989815][ T7880] EXT4-fs error (device loop3): ext4_acquire_dquot:6953: comm syz.3.497: Failed to acquire dquot type 0
[  439.128954][ T5778] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  440.368510][ T7891] Zero length message leads to an empty skb
[  441.696556][ T5778] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  441.706027][ T5778] Bluetooth: hci2: Injecting HCI hardware error event
[  441.715822][ T5778] Bluetooth: hci2: hardware error 0x00
[  443.818569][ T5812] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  443.838773][ T5778] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  443.854654][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  444.020650][ T5812] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  444.035910][ T5812] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.047562][ T5812] usb 3-1: config 0 descriptor??
[  444.699272][ T7479] usb 3-1: USB disconnect, device number 6
[  446.193262][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  446.199936][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  446.458846][    T8] IPVS: starting estimator thread 0...
[  446.568056][ T7914] IPVS: using max 27 ests per chain, 64800 per kthread
[  450.029804][ T5778] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  450.331178][ T5778] Bluetooth: hci1: unexpected event for opcode 0x0000
[  452.610447][ T7959] loop0: detected capacity change from 0 to 32768
[  452.685557][ T7959] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  452.861659][ T7959] XFS (loop0): Ending clean mount
[  453.171975][ T5770] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  454.468349][ T5778] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  454.484842][ T5778] Bluetooth: hci1: Injecting HCI hardware error event
[  454.496428][ T5778] Bluetooth: hci1: hardware error 0x00
[  454.964164][ T7975] loop2: detected capacity change from 0 to 4096
[  456.272718][ T7990] binder: 7988:7990 ioctl c0306201 2000000004c0 returned -14
[  456.714667][ T7994] loop2: detected capacity change from 0 to 2048
[  456.727981][ T7994] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  457.013693][ T5777] Bluetooth: hci0: unexpected event for opcode 0x0000
[  457.438672][ T5778] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  459.111482][ T8007] loop2: detected capacity change from 0 to 512
[  459.124324][ T8007] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  459.504219][ T8007] EXT4-fs error (device loop2): ext4_orphan_get:1430: comm syz.2.525: bad orphan inode 131083
[  460.587730][ T8007] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  461.149962][ T5778] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  461.159564][ T5778] Bluetooth: hci0: Injecting HCI hardware error event
[  461.169208][ T5778] Bluetooth: hci0: hardware error 0x00
[  461.255604][ T8022] ip6t_rpfilter: unknown options
[  461.300307][   T28] audit: type=1800 audit(1775497370.153:15): pid=8022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.525" name="bus" dev="loop2" ino=18 res=0 errno=0
[  462.850938][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  463.323762][ T5778] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  465.636327][ T8035] loop0: detected capacity change from 0 to 4096
[  466.831417][ T8046] Set syz0 is full, maxelem 0 reached
[  468.826364][ T8068] netlink: 8 bytes leftover after parsing attributes in process `syz.2.542'.
[  468.836312][ T8068] netlink: 24 bytes leftover after parsing attributes in process `syz.2.542'.
[  469.845653][ T8080] loop3: detected capacity change from 0 to 164
[  470.341255][ T7985] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  472.292352][ T8082] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  473.308801][ T8091] loop2: detected capacity change from 0 to 1024
[  473.341766][ T8091] EXT4-fs: inline encryption not supported
[  473.380713][ T8091] EXT4-fs (loop2): stripe (6) is not aligned with cluster size (16), stripe is disabled
[  473.440069][ T8091] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  474.491696][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  477.929818][ T8122] loop3: detected capacity change from 0 to 2048
[  477.964794][ T8122] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  481.158493][ T8138] program syz.3.558 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  482.283063][ T8140] netlink: 4 bytes leftover after parsing attributes in process `syz.0.559'.
[  488.264085][ T8167] loop0: detected capacity change from 0 to 2048
[  488.276703][ T8167] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  488.525881][ T8165] loop2: detected capacity change from 0 to 32768
[  488.541792][ T8165] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.568 (8165)
[  488.572312][ T8165] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  488.583439][ T8165] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  488.592359][ T8165] BTRFS info (device loop2): setting nodatacow, compression disabled
[  488.600881][ T8165] BTRFS info (device loop2): enabling auto defrag
[  488.607603][ T8165] BTRFS info (device loop2): max_inline at 0
[  488.613908][ T8165] BTRFS info (device loop2): using free space tree
[  489.333044][ T8165] BTRFS info (device loop2): auto enabling async discard
[  490.198807][ T5768] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  495.869505][ T8225] loop3: detected capacity change from 0 to 512
[  496.547302][ T8225] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.578: bg 0: block 473: padding at end of block bitmap is not set
[  496.612280][ T8225] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6653: Corrupt filesystem
[  496.779326][ T8225] EXT4-fs (loop3): 1 orphan inode deleted
[  496.800344][ T1101] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  496.812014][ T8225] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  496.842733][ T1101] EXT4-fs error (device loop3): ext4_release_dquot:6989: comm kworker/u4:6: Failed to release dquot type 1
[  496.865379][ T8235] loop0: detected capacity change from 0 to 8
[  496.888314][ T8225] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  497.527717][ T8241] SQUASHFS error: lzo decompression failed, data probably corrupt
[  497.536891][ T8241] SQUASHFS error: Failed to read block 0x0: -5
[  497.543909][ T8241] SQUASHFS error: Failed to read block 0xff: -5
[  497.551647][ T8241] SQUASHFS error: lzo decompression failed, data probably corrupt
[  497.560057][ T8241] SQUASHFS error: Failed to read block 0x0: -5
[  497.676591][   T28] audit: type=1800 audit(1775497406.453:16): pid=8241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.580" name="file2" dev="loop0" ino=3 res=0 errno=0
[  498.686838][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  498.794441][ T8249] snd_dummy snd_dummy.0: control 0:0:0:syz0:16384 is already present
[  500.927067][ T8268] loop2: detected capacity change from 0 to 32768
[  501.129049][ T8268] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  501.193319][ T8268] XFS (loop2): Ending clean mount
[  501.203368][ T8268] XFS (loop2): Quotacheck needed: Please wait.
[  501.324769][ T8268] XFS (loop2): Quotacheck: Done.
[  502.030232][   T28] audit: type=1800 audit(1775497410.533:17): pid=8284 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.588" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop2" ino=4430 res=0 errno=0
[  502.169869][ T5768] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  507.202049][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  507.214594][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  509.234010][ T8339] (syz.0.601,8339,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  509.243574][ T8339] (syz.0.601,8339,0):ocfs2_fill_super:1178 ERROR: status = -22
[  510.184352][ T8346] netlink: 4 bytes leftover after parsing attributes in process `syz.2.603'.
[  511.634506][ T8349] loop0: detected capacity change from 0 to 40427
[  511.715855][ T8349] F2FS-fs (loop0): invalid crc value
[  511.801361][ T8349] F2FS-fs (loop0): Found nat_bits in checkpoint
[  511.951303][ T8349] F2FS-fs (loop0): Start checkpoint disabled!
[  512.338673][ T8349] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  512.551214][ T8350] delete_channel: no stack
[  512.562411][   T28] audit: type=1800 audit(1775497421.423:18): pid=8356 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.604" name="bus" dev="loop0" ino=10 res=0 errno=0
[  512.648258][ T8356] syz.0.604: attempt to access beyond end of device
[  512.648258][ T8356] loop0: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  512.906665][ T8356] syz.0.604: attempt to access beyond end of device
[  512.906665][ T8356] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  512.924761][ T8356] syz.0.604: attempt to access beyond end of device
[  512.924761][ T8356] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  512.942024][ T8356] syz.0.604: attempt to access beyond end of device
[  512.942024][ T8356] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  512.958476][ T8356] syz.0.604: attempt to access beyond end of device
[  512.958476][ T8356] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  512.982774][ T8356] syz.0.604: attempt to access beyond end of device
[  512.982774][ T8356] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  513.000656][ T8356] syz.0.604: attempt to access beyond end of device
[  513.000656][ T8356] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  513.211239][ T8356] syz.0.604: attempt to access beyond end of device
[  513.211239][ T8356] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  516.664644][ T8371] loop2: detected capacity change from 0 to 2048
[  516.683489][ T1140] kworker/u4:8: attempt to access beyond end of device
[  516.683489][ T1140] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  516.708255][ T1140] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  516.722848][ T8371] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  516.751401][ T1140] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  517.233075][ T8376] loop0: detected capacity change from 0 to 256
[  517.439479][ T8376] futex_wake_op: syz.0.609 tries to shift op by -1; fix this program
[  520.702994][ T8396] syzkaller0: entered promiscuous mode
[  520.703020][ T8396] syzkaller0: entered allmulticast mode
[  520.876140][ T8400] loop3: detected capacity change from 0 to 2048
[  520.891949][ T8400] UDF-fs: bad mount option "ioc#Ûharset=iartition=00000000000000000006" or missing value
[  525.362136][ T8417] netlink: 12 bytes leftover after parsing attributes in process `syz.2.622'.
[  525.495335][   T28] audit: type=1800 audit(1775497434.383:19): pid=8413 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.621" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  525.839677][ T8422] netlink: 16 bytes leftover after parsing attributes in process `syz.0.623'.
[  525.918853][ T8422] netlink: 4 bytes leftover after parsing attributes in process `syz.0.623'.
[  525.966602][ T8417] loop2: detected capacity change from 0 to 8192
[  526.096122][ T8417] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  526.198870][ T8422] bond_slave_0: entered promiscuous mode
[  526.205498][ T8422] bond_slave_1: entered promiscuous mode
[  526.238467][ T8417] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[  526.248135][ T8417] REISERFS (device loop2): using ordered data mode
[  526.279634][ T8422] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  526.318455][ T8417] reiserfs: using flush barriers
[  526.349774][ T8417] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  526.427344][ T8417] REISERFS (device loop2): checking transaction log (loop2)
[  526.552005][ T8422] bond_slave_0: left promiscuous mode
[  526.557697][ T8422] bond_slave_1: left promiscuous mode
[  526.815916][ T8417] REISERFS (device loop2): Using tea hash to sort names
[  527.056954][ T8417] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  527.696903][ T8434] syz_tun: entered allmulticast mode
[  527.727816][ T8431] syz_tun: left allmulticast mode
[  528.125243][ T8439] Driver unsupported XDP return value 0 on prog  (id 21) dev N/A, expect packet loss!
[  533.885356][ T8463] loop0: detected capacity change from 0 to 40427
[  533.923782][ T8463] F2FS-fs (loop0): invalid crc value
[  533.944136][ T8463] F2FS-fs (loop0): Found nat_bits in checkpoint
[  533.990320][ T8463] F2FS-fs (loop0): Start checkpoint disabled!
[  534.003448][ T8463] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  534.069517][   T28] audit: type=1800 audit(1775497442.963:20): pid=8463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.632" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  534.151116][   T28] audit: type=1800 audit(1775497443.033:21): pid=8466 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.632" name="bus" dev="loop0" ino=10 res=0 errno=0
[  534.223722][ T8466] syz.0.632: attempt to access beyond end of device
[  534.223722][ T8466] loop0: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  534.775766][ T8466] syz.0.632: attempt to access beyond end of device
[  534.775766][ T8466] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  535.489650][ T8474] syz_tun: entered allmulticast mode
[  536.835033][ T2930] kworker/u4:10: attempt to access beyond end of device
[  536.835033][ T2930] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  536.868488][ T2930] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  536.876190][ T2930] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  538.843187][ T8494] hub 8-0:1.0: USB hub found
[  538.854140][ T8494] hub 8-0:1.0: 1 port detected
[  539.714609][ T8500] netlink: 193500 bytes leftover after parsing attributes in process `syz.3.639'.
[  539.760008][ T8500] netlink: 6332 bytes leftover after parsing attributes in process `syz.3.639'.
[  542.634780][ T8526] binder: BINDER_SET_CONTEXT_MGR already set
[  543.578121][ T8526] binder: 8522:8526 ioctl 4018620d 200000004a80 returned -16
[  543.970376][ T5777] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  543.980755][ T8538] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  543.999280][ T8538] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  544.009035][ T8538] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  544.017511][ T8538] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  544.026535][ T8538] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  546.838038][ T5778] Bluetooth: hci4: command tx timeout
[  548.305848][ T8564] overlayfs: failed to clone upperpath
[  548.377705][ T8536] chnl_net:caif_netlink_parms(): no params data found
[  548.878649][ T5778] Bluetooth: hci4: command tx timeout
[  549.142818][ T8536] bridge0: port 1(bridge_slave_0) entered blocking state
[  549.167079][ T8536] bridge0: port 1(bridge_slave_0) entered disabled state
[  549.180643][ T8536] bridge_slave_0: entered allmulticast mode
[  549.192729][ T8536] bridge_slave_0: entered promiscuous mode
[  549.206797][ T8536] bridge0: port 2(bridge_slave_1) entered blocking state
[  549.220978][ T8536] bridge0: port 2(bridge_slave_1) entered disabled state
[  549.232485][ T8536] bridge_slave_1: entered allmulticast mode
[  549.244481][ T8536] bridge_slave_1: entered promiscuous mode
[  549.340049][ T8536] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  549.363171][ T8536] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  549.465432][ T8536] team0: Port device team_slave_0 added
[  549.479925][ T8536] team0: Port device team_slave_1 added
[  549.566174][ T8536] batman_adv: batadv0: Adding interface: batadv_slave_0
[  549.575258][ T8536] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  549.602216][ T8536] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  549.634953][ T8536] batman_adv: batadv0: Adding interface: batadv_slave_1
[  549.642443][ T8536] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  549.676249][ T8536] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  549.776982][ T8536] hsr_slave_0: entered promiscuous mode
[  549.794838][ T8536] hsr_slave_1: entered promiscuous mode
[  549.821611][ T8536] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  549.829529][ T8536] Cannot create hsr debugfs directory
[  550.023618][ T8582] netlink: 16 bytes leftover after parsing attributes in process `syz.1.659'.
[  550.037774][ T8582] netlink: 40 bytes leftover after parsing attributes in process `syz.1.659'.
[  550.964433][ T5778] Bluetooth: hci4: command tx timeout
[  551.111202][ T8536] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  551.125629][ T8536] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  551.138654][ T8536] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  551.150190][ T8536] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  551.363311][ T8536] 8021q: adding VLAN 0 to HW filter on device bond0
[  551.424270][ T8536] 8021q: adding VLAN 0 to HW filter on device team0
[  551.455801][ T8587] loop3: detected capacity change from 0 to 40427
[  551.465686][ T8587] F2FS-fs (loop3): invalid crc value
[  551.473479][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  551.480867][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  551.493300][ T8587] F2FS-fs (loop3): Found nat_bits in checkpoint
[  551.516231][ T2930] bridge0: port 2(bridge_slave_1) entered blocking state
[  551.523658][ T2930] bridge0: port 2(bridge_slave_1) entered forwarding state
[  551.556640][ T8587] F2FS-fs (loop3): Start checkpoint disabled!
[  551.569731][ T8587] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  551.790069][   T28] audit: type=1800 audit(1775497460.683:22): pid=8588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.660" name="bus" dev="loop3" ino=10 res=0 errno=0
[  551.893424][ T8588] syz.3.660: attempt to access beyond end of device
[  551.893424][ T8588] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  551.909016][ T8588] syz.3.660: attempt to access beyond end of device
[  551.909016][ T8588] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  551.925367][ T8588] syz.3.660: attempt to access beyond end of device
[  551.925367][ T8588] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  551.941197][ T8588] syz.3.660: attempt to access beyond end of device
[  551.941197][ T8588] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  551.960831][ T8588] syz.3.660: attempt to access beyond end of device
[  551.960831][ T8588] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  551.979671][ T8588] syz.3.660: attempt to access beyond end of device
[  551.979671][ T8588] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  551.994029][ T8588] syz.3.660: attempt to access beyond end of device
[  551.994029][ T8588] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  552.019038][ T8588] syz.3.660: attempt to access beyond end of device
[  552.019038][ T8588] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  552.037758][ T8588] syz.3.660: attempt to access beyond end of device
[  552.037758][ T8588] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  552.054079][ T8588] syz.3.660: attempt to access beyond end of device
[  552.054079][ T8588] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  552.925712][ T8536] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  553.119445][ T5778] Bluetooth: hci4: command tx timeout
[  555.743620][ T1101] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  555.768887][ T1101] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  555.983634][ T8536] 8021q: adding VLAN 0 to HW filter on device batadv0
[  556.971429][ T8536] veth0_vlan: entered promiscuous mode
[  557.023179][ T8536] veth1_vlan: entered promiscuous mode
[  557.217755][ T8536] veth0_macvtap: entered promiscuous mode
[  557.230390][ T8536] veth1_macvtap: entered promiscuous mode
[  558.112758][ T8536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  558.172307][ T8536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  558.269193][ T8536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  558.368935][ T8630] loop0: detected capacity change from 0 to 4096
[  558.388133][ T8536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  558.469142][ T8630] NILFS (loop0): mounting unchecked fs
[  558.475622][ T8630] NILFS (loop0): recovery required for readonly filesystem
[  558.483533][ T8630] NILFS (loop0): write access will be enabled during recovery
[  558.499199][ T8630] NILFS (loop0): invalid segment: Checksum error in segment payload
[  558.507738][ T8630] NILFS (loop0): trying rollback from an earlier position
[  558.592105][ T8536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  558.619290][ T8630] NILFS (loop0): norecovery option specified, skipping roll-forward recovery
[  558.702453][ T8536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  558.818251][ T8536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  558.946026][ T8536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  559.088589][ T8536] batman_adv: batadv0: Interface activated: batadv_slave_0
[  559.144896][ T8536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  559.311915][ T8536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  559.340514][ T8536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  559.393246][ T8536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  559.735197][ T8536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  560.032031][ T8536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  560.065323][ T8536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  560.080481][ T8536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  560.150159][ T8536] batman_adv: batadv0: Interface activated: batadv_slave_1
[  560.217768][ T8536] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  560.234834][ T8536] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  560.244442][ T8536] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  560.260052][ T8536] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  560.463326][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  560.488749][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  560.531876][ T2930] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  560.541640][ T2930] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  562.606252][ T8660] loop3: detected capacity change from 0 to 32768
[  566.917671][ T8670] loop3: detected capacity change from 0 to 40427
[  566.938963][ T8670] F2FS-fs (loop3): invalid crc value
[  566.968690][ T8670] F2FS-fs (loop3): Found nat_bits in checkpoint
[  567.023985][ T8670] F2FS-fs (loop3): Start checkpoint disabled!
[  567.041588][ T8670] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  567.210603][   T28] audit: type=1800 audit(1775497476.103:23): pid=8670 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.677" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  567.323786][   T28] audit: type=1800 audit(1775497476.203:24): pid=8679 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.677" name="bus" dev="loop3" ino=10 res=0 errno=0
[  567.393853][ T8679] bio_check_eod: 182 callbacks suppressed
[  567.393884][ T8679] syz.3.677: attempt to access beyond end of device
[  567.393884][ T8679] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  567.420469][ T8679] syz.3.677: attempt to access beyond end of device
[  567.420469][ T8679] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  567.436507][ T8679] syz.3.677: attempt to access beyond end of device
[  567.436507][ T8679] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  567.644712][ T8679] syz.3.677: attempt to access beyond end of device
[  567.644712][ T8679] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  567.660937][ T8679] syz.3.677: attempt to access beyond end of device
[  567.660937][ T8679] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  567.677631][ T8679] syz.3.677: attempt to access beyond end of device
[  567.677631][ T8679] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  567.691901][ T8679] syz.3.677: attempt to access beyond end of device
[  567.691901][ T8679] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  567.707867][ T8679] syz.3.677: attempt to access beyond end of device
[  567.707867][ T8679] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  567.724240][ T8679] syz.3.677: attempt to access beyond end of device
[  567.724240][ T8679] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  567.739947][ T8679] syz.3.677: attempt to access beyond end of device
[  567.739947][ T8679] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  568.647612][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  568.658567][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  568.885515][ T2930] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  568.892758][ T2930] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  568.966028][ T8686] 9pnet_fd: Insufficient options for proto=fd
[  569.994667][ T8695] syz_tun: entered allmulticast mode
[  570.701325][ T8692] syz_tun: left allmulticast mode
[  570.819555][ T8701] netlink: 33 bytes leftover after parsing attributes in process `syz.0.686'.
[  571.786014][ T8710] loop4: detected capacity change from 0 to 2048
[  574.350072][ T8710] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  574.367095][ T8710] EXT4-fs: failed to create workqueue
[  574.469140][ T8710] EXT4-fs (loop4): mount failed
[  576.140091][ T8721] netlink: 'syz.1.689': attribute type 10 has an invalid length.
[  576.156789][ T8721] team0: Device vxcan1 is of different type
[  576.259489][ T8723] loop3: detected capacity change from 0 to 1024
[  576.755461][ T8719] loop0: detected capacity change from 0 to 40427
[  578.155878][ T8719] F2FS-fs (loop0): invalid crc value
[  578.165045][ T8719] F2FS-fs (loop0): Found nat_bits in checkpoint
[  578.216605][ T8719] F2FS-fs (loop0): Start checkpoint disabled!
[  578.246822][ T8719] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  578.288688][ T8723] EXT4-fs warning (device loop3): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop3.
[  578.892216][   T28] audit: type=1800 audit(1775497487.783:25): pid=8719 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.691" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[  579.056502][ T8726] bio_check_eod: 182 callbacks suppressed
[  579.056578][ T8726] syz.0.691: attempt to access beyond end of device
[  579.056578][ T8726] loop0: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  579.080116][ T8726] syz.0.691: attempt to access beyond end of device
[  579.080116][ T8726] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  579.098935][ T8726] syz.0.691: attempt to access beyond end of device
[  579.098935][ T8726] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  579.115904][   T28] audit: type=1800 audit(1775497487.873:26): pid=8726 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.691" name="bus" dev="loop0" ino=10 res=0 errno=0
[  579.140261][ T8726] syz.0.691: attempt to access beyond end of device
[  579.140261][ T8726] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  579.158155][ T8726] syz.0.691: attempt to access beyond end of device
[  579.158155][ T8726] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  579.175661][ T8726] syz.0.691: attempt to access beyond end of device
[  579.175661][ T8726] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  579.190864][ T8726] syz.0.691: attempt to access beyond end of device
[  579.190864][ T8726] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  579.208050][ T8726] syz.0.691: attempt to access beyond end of device
[  579.208050][ T8726] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  579.224585][ T8726] syz.0.691: attempt to access beyond end of device
[  579.224585][ T8726] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  579.240599][ T8726] syz.0.691: attempt to access beyond end of device
[  579.240599][ T8726] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  580.355592][ T8739] loop3: detected capacity change from 0 to 1024
[  580.471354][ T8742] x_tables: duplicate underflow at hook 3
[  580.979971][ T8739] EXT4-fs: Ignoring removed nomblk_io_submit option
[  581.544839][ T8739] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  582.079819][ T1101] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  582.087944][ T1101] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  582.862465][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  583.949447][ T8764] hub 8-0:1.0: USB hub found
[  583.958803][ T8764] hub 8-0:1.0: 1 port detected
[  587.659167][ T8788] loop4: detected capacity change from 0 to 40427
[  587.692971][ T8788] F2FS-fs (loop4): invalid crc value
[  587.721182][ T8788] F2FS-fs (loop4): Found nat_bits in checkpoint
[  587.805387][ T8788] F2FS-fs (loop4): Start checkpoint disabled!
[  588.033784][ T8788] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  588.245010][   T28] audit: type=1800 audit(1775497497.123:27): pid=8788 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.704" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  588.359392][ T8797] bio_check_eod: 182 callbacks suppressed
[  588.359414][ T8797] syz.4.704: attempt to access beyond end of device
[  588.359414][ T8797] loop4: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  588.380695][ T8797] syz.4.704: attempt to access beyond end of device
[  588.380695][ T8797] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  588.397167][ T8797] syz.4.704: attempt to access beyond end of device
[  588.397167][ T8797] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  588.416642][ T8797] syz.4.704: attempt to access beyond end of device
[  588.416642][ T8797] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  588.432411][ T8797] syz.4.704: attempt to access beyond end of device
[  588.432411][ T8797] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  588.449115][ T8797] syz.4.704: attempt to access beyond end of device
[  588.449115][ T8797] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  588.463455][ T8797] syz.4.704: attempt to access beyond end of device
[  588.463455][ T8797] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  588.480917][ T8797] syz.4.704: attempt to access beyond end of device
[  588.480917][ T8797] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  588.497251][ T8797] syz.4.704: attempt to access beyond end of device
[  588.497251][ T8797] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  588.512972][ T8797] syz.4.704: attempt to access beyond end of device
[  588.512972][ T8797] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  589.335513][   T28] audit: type=1800 audit(1775497497.213:28): pid=8797 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.704" name="bus" dev="loop4" ino=10 res=0 errno=0
[  589.440508][ T8800] netlink: 33 bytes leftover after parsing attributes in process `syz.3.706'.
[  589.839812][ T7746] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  589.846985][ T7746] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  590.889660][ T8815] netlink: 8 bytes leftover after parsing attributes in process `syz.1.710'.
[  590.898900][ T8815] netlink: 12 bytes leftover after parsing attributes in process `syz.1.710'.
[  590.913249][ T8815] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  590.922857][ T8815] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  590.931733][ T8815] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  590.940600][ T8815] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  590.955384][ T8815] netlink: 8 bytes leftover after parsing attributes in process `syz.1.710'.
[  590.964435][ T8815] netlink: 12 bytes leftover after parsing attributes in process `syz.1.710'.
[  592.784295][   T28] audit: type=1800 audit(1775497501.673:29): pid=8826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.713" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0
[  593.203531][ T8833] nvme_fabrics: missing parameter 'transport=%s'
[  593.211117][ T8833] nvme_fabrics: missing parameter 'nqn=%s'
[  597.932210][   T28] audit: type=1800 audit(1775497506.813:30): pid=8850 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.718" name="SYSV00000000" dev="hugetlbfs" ino=4 res=0 errno=0
[  598.410891][ T8859] fuse: Unknown parameter '0xffffffffffffffff00000000000000000000'
[  602.635844][ T8881] fuse: Bad value for 'fd'
[  603.249345][ T8884] bridge0: port 2(bridge_slave_1) entered disabled state
[  603.259398][ T8884] bridge0: port 1(bridge_slave_0) entered disabled state
[  606.676424][ T8904] overlayfs: failed to clone upperpath
[  607.045934][ T5778] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  607.055575][ T5778] Bluetooth: hci4: Injecting HCI hardware error event
[  607.066127][ T5778] Bluetooth: hci4: hardware error 0x00
[  607.900157][ T8919] overlayfs: failed to clone upperpath
[  607.935514][ T8915] loop4: detected capacity change from 0 to 2048
[  608.300299][ T8915] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  608.519098][ T8915] UDF-fs: error (device loop4): udf_read_inode: (ino 1345) failed !bh
[  608.551702][ T8915] UDF-fs: error (device loop4): udf_read_inode: (ino 1345) failed !bh
[  608.626136][ T8923] UDF-fs: error (device loop4): udf_read_inode: (ino 1345) failed !bh
[  608.827983][ T8915] UDF-fs: error (device loop4): udf_read_inode: (ino 1345) failed !bh
[  608.846870][ T8923] UDF-fs: error (device loop4): udf_read_inode: (ino 1345) failed !bh
[  609.818560][ T5778] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  609.871900][ T8915] UDF-fs: error (device loop4): udf_read_inode: (ino 1345) failed !bh
[  612.698888][ T8933] fuse: Bad value for 'fd'
[  613.325043][ T8939] loop4: detected capacity change from 0 to 4096
[  613.359462][ T8939] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512).
[  613.390286][ T8939] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  614.659210][ T8946] loop6: detected capacity change from 0 to 7
[  614.748978][ T8447] Dev loop6: unable to read RDB block 7
[  614.755334][ T8447]  loop6: unable to read partition table
[  614.898851][ T8447] loop6: partition table beyond EOD, truncated
[  615.477451][ T8946] Dev loop6: unable to read RDB block 7
[  615.512478][ T8946]  loop6: unable to read partition table
[  615.578058][ T8946] loop6: partition table beyond EOD, truncated
[  615.635234][ T8946] loop_reread_partitions: partition scan of loop6 (úùƒå¡™‰ü�¾SêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆŠ5) failed (rc=-5)
[  616.202675][ T8954] binder: 8949:8954 unknown command 3221233667
[  616.216160][ T8954] binder: 8949:8954 ioctl c0306201 2000000004c0 returned -22
[  623.465000][ T8986] loop4: detected capacity change from 0 to 128
[  623.484195][ T8986] EXT4-fs: Ignoring removed nobh option
[  624.095858][ T8986] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  624.118030][ T8986] ext4 filesystem being mounted at /23/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  625.210318][ T8536] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  627.714608][ T9014] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  627.766165][ T9012] netlink: 28 bytes leftover after parsing attributes in process `syz.0.763'.
[  628.905426][ T9014] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  628.990521][ T9014] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  629.175697][ T9014] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  629.294039][ T9014] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  629.312816][ T9014] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  629.332413][ T9014] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  629.351899][ T9014] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  630.190040][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  630.196639][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  630.470366][   T28] audit: type=1326 audit(1775497539.363:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.4.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f134339c819 code=0x7ffc0000
[  630.507505][ T9032] pim6reg: entered allmulticast mode
[  630.512985][   T28] audit: type=1326 audit(1775497539.363:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.4.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f134339c819 code=0x7ffc0000
[  630.598738][   T28] audit: type=1326 audit(1775497539.363:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.4.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f134335d04e code=0x7ffc0000
[  631.471180][ T9038] overlayfs: failed to clone upperpath
[  631.548723][   T28] audit: type=1326 audit(1775497539.363:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.4.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f134339c819 code=0x7ffc0000
[  631.679196][ T9045] pim6reg: left allmulticast mode
[  631.712930][   T28] audit: type=1326 audit(1775497539.383:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.4.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f134339c819 code=0x7ffc0000
[  631.768427][   T28] audit: type=1326 audit(1775497539.383:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.4.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f134339c819 code=0x7ffc0000
[  631.791754][   T28] audit: type=1326 audit(1775497539.383:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.4.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f134339c819 code=0x7ffc0000
[  631.868603][   T28] audit: type=1326 audit(1775497539.383:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.4.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f134339c819 code=0x7ffc0000
[  632.116375][   T28] audit: type=1326 audit(1775497539.383:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.4.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f134339c819 code=0x7ffc0000
[  632.908492][   T28] audit: type=1326 audit(1775497539.383:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9026 comm="syz.4.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f134339c819 code=0x7ffc0000
[  633.523990][ T9057] trusted_key: encrypted_key: insufficient parameters specified
[  636.852867][ T9073] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 0
[  638.183263][ T9081] loop3: detected capacity change from 0 to 256
[  638.386362][ T9083] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  640.141007][ T9081] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d)
[  642.892136][ T9105] IPVS: set_ctl: invalid protocol: 0 10.1.1.1:20001
[  642.904285][ T9105] loop3: detected capacity change from 0 to 16
[  642.924531][ T9105] erofs: (device loop3): mounted with root inode @ nid 36.
[  642.938088][ T9105] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  642.955703][ T9105] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -29 in[58, 4038] out[1851]
[  642.967517][ T9105] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 43 of nid 36
[  643.054217][ T9104] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  643.066340][ T9104] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -29 in[58, 4038] out[1851]
[  643.078076][ T9104] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 43 of nid 36
[  644.931214][ T9122] netlink: 8 bytes leftover after parsing attributes in process `syz.3.786'.
[  645.052353][ T9125] overlayfs: failed to clone upperpath
[  645.540035][ T9132] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  645.678457][ T9133] Error parsing options; rc = [-22]
[  646.716131][ T9135] netlink: 20 bytes leftover after parsing attributes in process `syz.4.791'.
[  646.746202][ T9122] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  647.858535][ T1207] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  648.085931][ T1207] usb 5-1: config 0 has an invalid interface number: 128 but max is 0
[  648.105119][ T1207] usb 5-1: config 0 has no interface number 0
[  648.141808][ T1207] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  648.168765][ T1207] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  648.192200][ T1207] usb 5-1: Product: syz
[  648.196639][ T1207] usb 5-1: Manufacturer: syz
[  648.211316][ T1207] usb 5-1: SerialNumber: syz
[  648.224744][ T1207] usb 5-1: config 0 descriptor??
[  648.542817][ T9145] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  648.559842][ T9145] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  649.468712][ T1207] usb 5-1: Firmware version (0.0) predates our first public release.
[  649.518213][ T1207] usb 5-1: Please update to version 0.2 or newer
[  649.591473][ T1207] usb 5-1: USB disconnect, device number 2
[  650.715356][ T9169] lo: Caught tx_queue_len zero misconfig
[  651.156973][ T9176] Bluetooth: hci0: invalid length 0, exp 2 for type 26
[  651.806690][ T9181] netlink: 52 bytes leftover after parsing attributes in process `syz.4.802'.
[  654.581794][   T28] kauditd_printk_skb: 5 callbacks suppressed
[  654.581810][   T28] audit: type=1326 audit(1775497563.463:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9201 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f6f9c819 code=0x7ffc0000
[  654.634075][   T28] audit: type=1326 audit(1775497563.463:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9201 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f6f9c819 code=0x7ffc0000
[  654.657486][   T28] audit: type=1326 audit(1775497563.463:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9201 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f6f9c819 code=0x7ffc0000
[  654.683152][   T28] audit: type=1326 audit(1775497563.463:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9201 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f17f6f9c819 code=0x7ffc0000
[  654.709372][   T28] audit: type=1326 audit(1775497563.463:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9201 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f6f9c819 code=0x7ffc0000
[  654.733410][   T28] audit: type=1326 audit(1775497563.463:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9201 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f6f9c819 code=0x7ffc0000
[  654.758787][   T28] audit: type=1326 audit(1775497563.463:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9201 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f6f9c819 code=0x7ffc0000
[  654.781832][ T9203] bridge: RTM_NEWNEIGH with unconfigured vlan 2 on bridge0
[  654.791403][   T28] audit: type=1326 audit(1775497563.463:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9201 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f6f9c819 code=0x7ffc0000
[  654.821494][   T28] audit: type=1326 audit(1775497563.463:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9201 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f17f6f9c819 code=0x7ffc0000
[  654.850370][   T28] audit: type=1326 audit(1775497563.463:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9201 comm="syz.3.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f6f9c819 code=0x7ffc0000
[  654.972471][ T9210] netlink: 52 bytes leftover after parsing attributes in process `syz.0.815'.
[  655.645616][ T9221] tipc: Started in network mode
[  655.651369][ T9221] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  655.662191][ T9221] tipc: Enabled bearer <udp:syz0>, priority 10
[  656.682213][ T5857] tipc: Node number set to 1
[  656.742235][ T9223] loop3: detected capacity change from 0 to 4096
[  656.776319][ T9227] loop4: detected capacity change from 0 to 4096
[  656.825725][ T8967] I/O error, dev loop3, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  656.862859][ T9162] I/O error, dev loop4, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  657.584262][ T9235] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  657.593475][ T9235] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  657.643821][ T9236] process 'syz.3.823' launched './file1' with NULL argv: empty string added
[  658.606994][ T9238] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  660.634982][ T9248] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  660.992968][ T9251] loop3: detected capacity change from 0 to 512
[  662.517669][ T9268] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  664.625280][ T6366] syz_tun (unregistering): left allmulticast mode
[  666.447290][ T9307] tipc: Started in network mode
[  666.452613][ T9307] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  666.462261][ T9307] tipc: Enabled bearer <udp:syz0>, priority 10
[  666.629467][ T1095] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.760927][ T1095] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.937813][ T1095] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  667.101456][ T1095] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  667.583065][   T27] tipc: Node number set to 1
[  667.599408][ T1095] tipc: Left network mode
[  667.922629][ T8538] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  667.936026][ T8538] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  667.946476][ T8538] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  667.972576][ T8538] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  667.982116][ T8538] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  668.000516][ T8538] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  668.539492][ T9347] loop4: detected capacity change from 0 to 1024
[  668.567917][ T9347] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  668.628552][ T9347] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  668.666327][ T9347] EXT4-fs (loop4): invalid journal inode
[  668.672650][ T9347] EXT4-fs (loop4): can't get journal size
[  668.691294][ T9347] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  668.936952][ T8536] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  669.097355][ T9356] Error parsing options; rc = [-22]
[  669.801983][ T9358] loop4: detected capacity change from 0 to 4096
[  669.911950][ T9358] __ntfs_error: 139 callbacks suppressed
[  669.911972][ T9358] ntfs: (device loop4): ntfs_read_inode_mount(): Incorrect mft record size 1024 in superblock, should be 4096.
[  669.963932][ T9358] ntfs: (device loop4): ntfs_read_inode_mount(): Failed. Marking inode as bad.
[  669.987014][ T9358] ntfs: (device loop4): ntfs_fill_super(): Failed to load essential metadata.
[  670.056473][ T9327] chnl_net:caif_netlink_parms(): no params data found
[  670.078686][ T5778] Bluetooth: hci3: command tx timeout
[  671.800542][ T9327] bridge0: port 1(bridge_slave_0) entered blocking state
[  671.808688][ T9327] bridge0: port 1(bridge_slave_0) entered disabled state
[  671.815996][ T9327] bridge_slave_0: entered allmulticast mode
[  671.873380][ T9327] bridge_slave_0: entered promiscuous mode
[  671.901886][ T9327] bridge0: port 2(bridge_slave_1) entered blocking state
[  671.918058][ T9404] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  671.938786][ T9327] bridge0: port 2(bridge_slave_1) entered disabled state
[  671.975452][ T9327] bridge_slave_1: entered allmulticast mode
[  671.992396][ T9405] delete_channel: no stack
[  672.003573][ T9327] bridge_slave_1: entered promiscuous mode
[  672.163041][ T5778] Bluetooth: hci3: command tx timeout
[  672.519918][ T9327] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  672.830460][ T9415] futex_wake_op: syz.0.883 tries to shift op by -1; fix this program
[  672.924839][ T9327] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  673.117754][ T9327] team0: Port device team_slave_0 added
[  673.318048][ T9327] team0: Port device team_slave_1 added
[  673.499032][ T9327] batman_adv: batadv0: Adding interface: batadv_slave_0
[  673.506150][ T9327] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  673.587029][ T9327] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  673.688689][ T1095] hsr_slave_0: left promiscuous mode
[  673.703677][ T1095] hsr_slave_1: left promiscuous mode
[  673.734856][ T1095] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  673.780153][ T1095] batman_adv: batadv0: Removing interface: batadv_slave_0
[  673.804925][ T1095] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  673.822165][ T1095] batman_adv: batadv0: Removing interface: batadv_slave_1
[  673.871802][ T1095] bridge_slave_1: left allmulticast mode
[  673.877716][ T1095] bridge_slave_1: left promiscuous mode
[  673.902234][ T1095] bridge0: port 2(bridge_slave_1) entered disabled state
[  673.942864][ T1095] bridge_slave_0: left allmulticast mode
[  673.952315][ T1095] bridge_slave_0: left promiscuous mode
[  673.966353][ T1095] bridge0: port 1(bridge_slave_0) entered disabled state
[  674.032617][ T1095] veth1_macvtap: left promiscuous mode
[  674.040094][ T1095] veth0_macvtap: left promiscuous mode
[  674.046050][ T1095] veth1_vlan: left promiscuous mode
[  674.052754][ T1095] veth0_vlan: left promiscuous mode
[  674.190178][ T5816] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  674.239300][ T5778] Bluetooth: hci3: command tx timeout
[  674.436024][ T9456] trusted_key: encrypted_key: insufficient parameters specified
[  674.506348][ T5816] usb 5-1: config 0 has an invalid interface number: 41 but max is 0
[  674.552090][ T5816] usb 5-1: config 0 has no interface number 0
[  674.646065][ T5816] usb 5-1: config 0 interface 41 has no altsetting 0
[  674.765423][ T5816] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  674.916652][ T5816] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  674.956552][ T5816] usb 5-1: Product: syz
[  674.974055][ T5816] usb 5-1: Manufacturer: syz
[  675.002538][ T5816] usb 5-1: SerialNumber: syz
[  675.035220][ T5816] usb 5-1: config 0 descriptor??
[  675.524448][ T5816] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): set LINK LED failed : -71
[  675.557689][ T5816] CoreChips: probe of 5-1:0.41 failed with error -71
[  675.586845][ T5816] usb 5-1: USB disconnect, device number 3
[  675.620073][   T28] audit: type=1326 audit(1775497840.516:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9474 comm="syz.0.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8c899c819 code=0x7ffc0000
[  675.667261][   T28] audit: type=1326 audit(1775497840.516:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9474 comm="syz.0.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8c899c819 code=0x7ffc0000
[  675.724026][   T28] audit: type=1326 audit(1775497840.536:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9474 comm="syz.0.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7fe8c899c819 code=0x7ffc0000
[  675.755564][   T28] audit: type=1326 audit(1775497840.536:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9474 comm="syz.0.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8c899c819 code=0x7ffc0000
[  675.791609][   T28] audit: type=1326 audit(1775497840.536:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9474 comm="syz.0.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8c899c819 code=0x7ffc0000
[  676.332659][ T5778] Bluetooth: hci3: command tx timeout
[  676.913323][ T1095] team0 (unregistering): Port device team_slave_1 removed
[  677.046152][ T1095] team0 (unregistering): Port device team_slave_0 removed
[  677.374798][ T1095] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  678.094925][ T1095] bond0 (unregistering): Released all slaves
[  678.314759][ T9327] batman_adv: batadv0: Adding interface: batadv_slave_1
[  678.328530][ T9327] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  678.397300][ T9327] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  678.492007][ T9503] netlink: 8 bytes leftover after parsing attributes in process `syz.4.922'.
[  678.508938][ T9503] netlink: 20 bytes leftover after parsing attributes in process `syz.4.922'.
[  678.709847][ T9327] hsr_slave_0: entered promiscuous mode
[  678.722588][ T9327] hsr_slave_1: entered promiscuous mode
[  678.756926][ T9327] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  678.778419][ T9327] Cannot create hsr debugfs directory
[  679.605266][ T1095] IPVS: stop unused estimator thread 0...
[  679.830895][ T9327] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  681.428687][ T9547] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  681.608551][ T9327] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  681.681454][ T9327] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  681.752265][ T9327] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  682.212642][ T9327] 8021q: adding VLAN 0 to HW filter on device bond0
[  682.331096][ T9327] 8021q: adding VLAN 0 to HW filter on device team0
[  682.364663][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state
[  682.372252][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state
[  682.443266][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state
[  682.450704][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state
[  683.397485][ T9327] 8021q: adding VLAN 0 to HW filter on device batadv0
[  683.666093][ T9599] netlink: 32 bytes leftover after parsing attributes in process `syz.1.948'.
[  684.313726][ T9327] veth0_vlan: entered promiscuous mode
[  684.377370][ T9327] veth1_vlan: entered promiscuous mode
[  684.493034][ T9327] veth0_macvtap: entered promiscuous mode
[  684.523869][ T9327] veth1_macvtap: entered promiscuous mode
[  684.581244][ T9327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  684.614265][ T9327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  684.645177][ T9327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  684.698369][ T9327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  684.738510][ T9327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  684.764789][ T9327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  684.789414][ T9327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  684.818376][ T9327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  684.850130][ T9327] batman_adv: batadv0: Interface activated: batadv_slave_0
[  684.914820][ T9327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  684.945855][ T9327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  684.972586][ T9327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  684.998521][ T9327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  685.018449][ T9327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  685.048754][ T9327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  685.064153][ T9327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  685.085932][ T9327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  685.131251][ T9327] batman_adv: batadv0: Interface activated: batadv_slave_1
[  685.172846][ T9327] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  685.197139][ T9327] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  685.234941][ T9327] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  685.253786][ T9327] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  685.266871][ T9641] fuse: Bad value for 'fd'
[  685.546820][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  685.581615][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  685.680785][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  685.710253][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  685.882656][   T28] audit: type=1326 audit(1775497850.776:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.0.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8c899c819 code=0x7ffc0000
[  686.021594][   T28] audit: type=1326 audit(1775497850.806:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.0.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8c899c819 code=0x7ffc0000
[  686.071498][ T9659] pim6reg: entered allmulticast mode
[  686.102940][   T28] audit: type=1326 audit(1775497850.806:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.0.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe8c895d04e code=0x7ffc0000
[  686.174644][   T28] audit: type=1326 audit(1775497850.806:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.0.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8c899c819 code=0x7ffc0000
[  686.208664][ T9659] pim6reg: left allmulticast mode
[  686.282590][   T28] audit: type=1326 audit(1775497850.826:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.0.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe8c899c819 code=0x7ffc0000
[  686.348407][   T28] audit: type=1326 audit(1775497850.826:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.0.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8c899c819 code=0x7ffc0000
[  686.450314][   T28] audit: type=1326 audit(1775497850.836:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.0.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe8c899c819 code=0x7ffc0000
[  686.531851][   T28] audit: type=1326 audit(1775497850.836:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.0.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8c899c819 code=0x7ffc0000
[  686.622365][   T28] audit: type=1326 audit(1775497850.856:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.0.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe8c899c819 code=0x7ffc0000
[  686.701054][   T28] audit: type=1326 audit(1775497850.866:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.0.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8c899c819 code=0x7ffc0000
[  687.020360][ T9664] loop5: detected capacity change from 0 to 32768
[  687.077817][ T9664] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.850 (9664)
[  687.199849][ T9664] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  687.231398][ T9664] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  687.259394][ T9664] BTRFS warning (device loop5): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  687.294229][ T9664] BTRFS info (device loop5): trying to use backup root at mount time
[  687.338438][ T9664] BTRFS info (device loop5): setting nodatasum
[  687.344806][ T9664] BTRFS info (device loop5): enabling ssd optimizations
[  687.388625][ T9664] BTRFS info (device loop5): using spread ssd allocation scheme
[  687.396523][ T9664] BTRFS info (device loop5): turning on flush-on-commit
[  687.453772][ T9664] BTRFS info (device loop5): force zlib compression, level 3
[  687.473720][ T9664] BTRFS info (device loop5): using free space tree
[  687.491887][ T9691] tmpfs: Bad value for 'grpquota_block_hardlimit'
[  687.704273][ T2930] BTRFS warning (device loop5): checksum verify failed on logical 5328896 mirror 1 wanted 0x51ec978b found 0xa18d28f8 level 0
[  687.772767][ T9664] BTRFS warning (device loop5): failed to read root (objectid=4): -5
[  687.791549][ T9664] BTRFS warning (device loop5): try to load backup roots slot 1
[  687.835549][ T2930] BTRFS warning (device loop5): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  687.898544][ T9664] BTRFS warning (device loop5): couldn't read tree root
[  687.908818][ T9664] BTRFS warning (device loop5): try to load backup roots slot 2
[  687.920275][ T2930] BTRFS error (device loop5): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  687.951854][ T9664] BTRFS warning (device loop5): couldn't read tree root
[  687.968555][ T9664] BTRFS warning (device loop5): try to load backup roots slot 3
[  687.992609][ T9664] BTRFS warning (device loop5): global root 2 0 already exists
[  688.031356][ T9664] BTRFS error (device loop5): failed to load root extent
[  688.180130][ T9664] BTRFS error (device loop5): open_ctree failed: -17
[  688.323537][   T29] INFO: task kworker/0:1:9 blocked for more than 143 seconds.
[  688.385701][   T29]       Not tainted syzkaller #0
[  688.396506][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  688.415959][   T29] task:kworker/0:1     state:D stack:22856 pid:9     ppid:2      flags:0x00004000
[  688.441947][   T29] Workqueue: events_long flush_old_commits
[  688.461633][   T29] Call Trace:
[  688.470878][   T29]  <TASK>
[  688.482484][   T29]  __schedule+0x1553/0x45a0
[  688.495346][   T29]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  688.507581][   T29]  ? lock_chain_count+0x20/0x20
[  688.525584][   T29]  ? asan.module_dtor+0x20/0x20
[  688.541674][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  688.565139][   T29]  ? asm_sysvec_call_function_single+0x1a/0x20
[  688.585881][   T29]  ? _raw_spin_unlock_irq+0x29/0x50
[  688.605827][   T29]  schedule+0xbd/0x170
[  688.615310][   T29]  schedule_preempt_disabled+0x13/0x20
[  688.627571][   T29]  __mutex_lock+0x6a9/0xcc0
[  688.634121][   T29]  ? __mutex_lock+0x4f9/0xcc0
[  688.642885][   T29]  ? reiserfs_write_lock+0x79/0xd0
[  688.652338][   T29]  ? mutex_lock_nested+0x20/0x20
[  688.657676][   T29]  ? dquot_writeback_dquots+0x868/0x940
[  688.671594][   T29]  ? dqput+0x440/0x440
[  688.681516][   T29]  reiserfs_write_lock+0x79/0xd0
[  688.686839][   T29]  flush_old_commits+0x1ff/0x320
[  688.694858][   T29]  ? reiserfs_fill_super+0x23b0/0x23b0
[  688.705400][   T29]  ? _raw_spin_unlock_irq+0x23/0x50
[  688.713639][   T29]  ? process_scheduled_works+0x96f/0x15d0
[  688.736441][   T29]  ? process_scheduled_works+0x96f/0x15d0
[  688.743399][   T29]  process_scheduled_works+0xa5d/0x15d0
[  688.755457][   T29]  ? worker_attach_to_pool+0x380/0x380
[  688.763044][   T29]  ? assign_work+0x3d2/0x5d0
[  688.767997][   T29]  worker_thread+0xa55/0xfc0
[  688.782713][   T29]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  688.793524][   T29]  ? _raw_spin_unlock+0x40/0x40
[  688.801023][   T29]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  688.807552][   T29]  kthread+0x2fa/0x390
[  688.816834][   T29]  ? pr_cont_work+0x560/0x560
[  688.823448][   T29]  ? kthread_blkcg+0xd0/0xd0
[  688.832486][   T29]  ret_from_fork+0x48/0x80
[  688.840055][   T29]  ? kthread_blkcg+0xd0/0xd0
[  688.855467][   T29]  ret_from_fork_asm+0x11/0x20
[  688.863186][   T29]  </TASK>
[  688.898830][   T29] INFO: task syz.2.622:8417 blocked for more than 144 seconds.
[  688.934080][   T29]       Not tainted syzkaller #0
[  688.954870][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  688.974279][   T29] task:syz.2.622       state:D stack:24296 pid:8417  ppid:5768   flags:0x00004004
[  688.995317][   T29] Call Trace:
[  689.002741][   T29]  <TASK>
[  689.005904][   T29]  __schedule+0x1553/0x45a0
[  689.014142][   T29]  ? asan.module_dtor+0x20/0x20
[  689.026899][   T29]  ? mark_lock+0x94/0x320
[  689.035238][   T29]  ? lock_chain_count+0x20/0x20
[  689.047721][   T29]  ? _raw_spin_lock_irq+0xbb/0xf0
[  689.056950][   T29]  ? _raw_spin_lock_irqsave+0x100/0x100
[  689.066778][   T29]  schedule+0xbd/0x170
[  689.073917][   T29]  io_schedule+0x80/0xd0
[  689.082105][   T29]  folio_wait_bit_common+0x714/0xfa0
[  689.087671][   T29]  ? folio_wait_bit+0x30/0x30
[  689.095162][   T29]  ? filemap_get_entry+0x379/0x3f0
[  689.104388][   T29]  ? _compound_head+0x120/0x120
[  689.113010][   T29]  __filemap_get_folio+0xbc/0xbb0
[  689.124764][   T29]  ? __kmem_cache_free+0xba/0x1e0
[  689.147278][   T29]  pagecache_get_page+0x2a/0x250
[  689.152689][   T29]  reiserfs_get_block+0x2df8/0x4060
[  689.164350][   T29]  ? make_le_item_head+0x5a0/0x5a0
[  689.169765][   T29]  ? mod_objcg_state+0x511/0x8a0
[  689.175000][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  689.185841][   T29]  ? verify_lock_unused+0x140/0x140
[  689.191311][   T29]  ? lockdep_init_map_type+0x9c/0x8e0
[  689.197104][   T29]  ? folio_create_empty_buffers+0x538/0x720
[  689.208560][   T29]  ? __lock_acquire+0x7d40/0x7d40
[  689.214387][   T29]  ? __rwlock_init+0x150/0x150
[  689.224402][   T29]  ? do_raw_spin_unlock+0x121/0x230
[  689.231487][   T29]  ? _raw_spin_unlock+0x28/0x40
[  689.236443][   T29]  ? folio_create_empty_buffers+0x538/0x720
[  689.249688][   T29]  __block_write_begin_int+0x57f/0x1af0
[  689.255637][   T29]  ? folio_batch_add_and_move+0x168/0x2b0
[  689.267641][   T29]  ? make_le_item_head+0x5a0/0x5a0
[  689.273306][   T29]  ? folio_zero_new_buffers+0x550/0x550
[  689.284930][   T29]  ? __block_write_begin+0x64/0x150
[  689.290656][   T29]  reiserfs_write_begin+0x20a/0x4c0
[  689.295981][   T29]  ? __asan_memset+0x22/0x40
[  689.306709][   T29]  ? inode_newsize_ok+0x17d/0x1b0
[  689.312402][   T29]  generic_cont_expand_simple+0x141/0x200
[  689.318210][   T29]  ? inode_owner_or_capable+0x1c0/0x1c0
[  689.324765][   T29]  ? submit_bh+0x20/0x20
[  689.335060][   T29]  ? setattr_prepare+0x1e6/0xac0
[  689.340773][   T29]  reiserfs_setattr+0x558/0x1230
[  689.346028][   T29]  ? reiserfs_commit_write+0x620/0x620
[  689.364608][   T29]  ? ktime_get_coarse_real_ts64+0x110/0x120
[  689.371036][   T29]  ? current_time+0x1bf/0x280
[  689.375817][   T29]  ? inode_set_ctime_current+0x2e0/0x2e0
[  689.387642][   T29]  ? evm_inode_setattr+0x94/0x6a0
[  689.393371][   T29]  ? bpf_lsm_inode_setattr+0x9/0x10
[  689.404637][   T29]  ? try_break_deleg+0x79/0x120
[  689.410008][   T29]  ? reiserfs_commit_write+0x620/0x620
[  689.415816][   T29]  notify_change+0xb0d/0xe10
[  689.426670][   T29]  do_truncate+0x1b0/0x240
[  689.432393][   T29]  ? put_page_bootmem+0x2c0/0x2c0
[  689.437775][   T29]  ? bpf_lsm_path_truncate+0x9/0x10
[  689.448702][   T29]  vfs_truncate+0x266/0x300
[  689.453695][   T29]  do_sys_truncate+0xf6/0x1c0
[  689.471131][   T29]  ? lock_chain_count+0x20/0x20
[  689.476268][   T29]  ? break_lease+0xd0/0xd0
[  689.484607][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  689.492448][   T29]  do_syscall_64+0x55/0xa0
[  689.496973][   T29]  ? clear_bhb_loop+0x40/0x90
[  689.502507][   T29]  ? clear_bhb_loop+0x40/0x90
[  689.507404][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  689.520054][   T29] RIP: 0033:0x7ff7edd9c819
[  689.524678][   T29] RSP: 002b:00007ff7eec39028 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  689.537676][   T29] RAX: ffffffffffffffda RBX: 00007ff7ee015fa0 RCX: 00007ff7edd9c819
[  689.547760][   T29] RDX: 0000000000000000 RSI: 0000000008000000 RDI: 00002000000002c0
[  689.561706][   T29] RBP: 00007ff7ede32c91 R08: 0000000000000000 R09: 0000000000000000
[  689.576708][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  689.592401][   T29] R13: 00007ff7ee016038 R14: 00007ff7ee015fa0 R15: 00007ffe3e1c4498
[  689.602565][   T29]  </TASK>
[  689.621436][   T29] INFO: task syz.2.622:8418 blocked for more than 145 seconds.
[  689.630002][   T29]       Not tainted syzkaller #0
[  689.635106][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  689.645164][   T29] task:syz.2.622       state:D stack:24200 pid:8418  ppid:5768   flags:0x00004006
[  689.655024][   T29] Call Trace:
[  689.658692][   T29]  <TASK>
[  689.661886][   T29]  __schedule+0x1553/0x45a0
[  689.666979][   T29]  ? asan.module_dtor+0x20/0x20
[  689.672961][   T29]  ? __mutex_lock+0x6a4/0xcc0
[  689.678143][   T29]  ? __mutex_trylock_common+0x8a/0x260
[  689.695581][   T29]  ? trace_raw_output_contention_end+0xd0/0xd0
[  689.702618][   T29]  schedule+0xbd/0x170
[  689.707541][   T29]  schedule_preempt_disabled+0x13/0x20
[  689.715749][   T29]  __mutex_lock+0x6a9/0xcc0
[  689.724932][   T29]  ? __mutex_lock+0x4f9/0xcc0
[  689.731551][   T29]  ? reiserfs_write_lock_nested+0x60/0xd0
[  689.737663][   T29]  ? mutex_lock_nested+0x20/0x20
[  689.747792][   T29]  reiserfs_write_lock_nested+0x60/0xd0
[  689.754005][   T29]  do_journal_end+0x3c6/0x4890
[  689.775594][   T29]  ? journal_begin+0x1f5/0x360
[  689.780897][   T29]  ? reiserfs_update_inode_transaction+0x20/0x130
[  689.787533][   T29]  ? reiserfs_delete_object+0x1a0/0x1a0
[  689.800365][   T29]  ? journal_mark_dirty+0xe00/0xe00
[  689.810738][   T29]  ? _compound_head+0x120/0x120
[  689.816151][   T29]  ? journal_end+0x1ff/0x2b0
[  689.823218][   T29]  reiserfs_truncate_file+0x48b/0x7d0
[  689.832319][   T29]  ? reiserfs_new_symlink+0x580/0x580
[  689.838275][   T29]  ? _raw_read_unlock+0x28/0x40
[  689.846611][   T29]  ? ima_file_free+0x34f/0x4b0
[  689.855126][   T29]  ? journal_end+0x1ff/0x2b0
[  689.862487][   T29]  reiserfs_file_release+0x946/0xad0
[  689.868090][   T29]  ? reiserfs_file_open+0x110/0x110
[  689.874461][   T29]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  689.880898][   T29]  ? reiserfs_file_open+0x110/0x110
[  689.886370][   T29]  __fput+0x234/0x970
[  689.890578][   T29]  task_work_run+0x1d4/0x260
[  689.895363][   T29]  ? task_work_cancel+0x220/0x220
[  689.900764][   T29]  get_signal+0x1235/0x13f0
[  689.905646][   T29]  arch_do_signal_or_restart+0xc2/0x800
[  689.911825][   T29]  ? __phys_addr+0xba/0x170
[  689.923879][   T29]  ? get_sigframe_size+0x20/0x20
[  689.929180][   T29]  ? exit_to_user_mode_loop+0x3b/0x110
[  689.934939][   T29]  exit_to_user_mode_loop+0x70/0x110
[  689.940760][   T29]  exit_to_user_mode_prepare+0xee/0x180
[  689.946544][   T29]  syscall_exit_to_user_mode+0x1a/0x50
[  689.952855][   T29]  do_syscall_64+0x61/0xa0
[  689.957427][   T29]  ? clear_bhb_loop+0x40/0x90
[  689.962856][   T29]  ? clear_bhb_loop+0x40/0x90
[  689.967744][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  689.974628][   T29] RIP: 0033:0x7ff7edd9c819
[  689.979860][   T29] RSP: 002b:00007ff7eec18028 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[  689.989140][   T29] RAX: 0000000000000000 RBX: 00007ff7ee016090 RCX: 00007ff7edd9c819
[  689.997330][   T29] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000009
[  690.006837][   T29] RBP: 00007ff7ede32c91 R08: 0000000000000000 R09: 0000000000000000
[  690.015339][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  690.031433][   T29] R13: 00007ff7ee016128 R14: 00007ff7ee016090 R15: 00007ffe3e1c4498
[  690.043648][   T29]  </TASK>
[  690.066389][   T29] 
[  690.066389][   T29] Showing all locks held in the system:
[  690.090657][   T29] 1 lock held by pool_workqueue_/3:
[  690.096627][   T29] 4 locks held by kworker/0:1/9:
[  690.102256][   T29]  #0: ffff888017c71138 ((wq_completion)events_long){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  690.114692][   T29]  #1: ffffc900000e7d00 ((work_completion)(&(&sbi->old_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  690.129186][   T29]  #2: ffff88807c8540e0 (&type->s_umount_key#25){++++}-{3:3}, at: flush_old_commits+0xd2/0x320
[  690.146184][   T29]  #3: ffff88805f362090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x79/0xd0
[  690.155960][   T29] 1 lock held by khungtaskd/29:
[  690.166541][   T29]  #0: ffffffff8d1320a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290
[  690.178155][   T29] 3 locks held by kworker/u4:4/76:
[  690.191452][   T29]  #0: ffff88801ce7b538 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  690.205144][   T29]  #1: ffffc900015d7d00 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  690.218233][   T29]  #2: ffff88807c8540e0 (&type->s_umount_key#25){++++}-{3:3}, at: super_trylock_shared+0x20/0xf0
[  690.234900][   T29] 2 locks held by kworker/0:3/1207:
[  690.240518][   T29]  #0: ffff888017c72538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  690.264330][   T29]  #1: ffffc900049cfd00 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  690.278180][   T29] 2 locks held by getty/5529:
[  690.288389][   T29]  #0: ffff8880316d20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  690.304257][   T29]  #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x433/0x1390
[  690.314675][   T29] 3 locks held by syz.2.622/8417:
[  690.325832][   T29]  #0: ffff88807c854418 (sb_writers#30){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  690.335568][   T29]  #1: ffff888074229030 (&sb->s_type->i_mutex_key#39){+.+.}-{3:3}, at: do_truncate+0x19c/0x240
[  690.346794][   T29]  #2: ffff88805f362090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock_nested+0x60/0xd0
[  690.362589][   T29] 3 locks held by syz.2.622/8418:
[  690.367798][   T29]  #0: ffff888074228df8 (&ei->tailpack){+.+.}-{3:3}, at: reiserfs_file_release+0xe1/0xad0
[  690.388673][   T29]  #1: ffffc9000faa90f0 (&journal->j_mutex){+.+.}-{3:3}, at: do_journal_end+0x3bc/0x4890
[  690.404737][   T29]  #2: ffff88805f362090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock_nested+0x60/0xd0
[  690.415177][   T29] 2 locks held by syz.4.946/9594:
[  690.426022][   T29]  #0: ffff88807c8540e0 (&type->s_umount_key#25){++++}-{3:3}, at: super_lock+0x17f/0x3a0
[  690.436407][   T29]  #1: ffff888140fd67d0 (&bdi->wb_switch_rwsem){+.+.}-{3:3}, at: sync_inodes_sb+0x1ad/0xa10
[  690.446894][   T29] 4 locks held by dhcpcd-run-hook/9739:
[  690.458147][   T29]  #0: ffff8880b8e3c018 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xa9/0x140
[  690.474367][   T29]  #1: ffff8880b8e289c0 (psi_seq){-.-.}-{0:0}, at: __schedule+0x2176/0x45a0
[  690.483540][   T29]  #2: ffff8880b8e289c0 (psi_seq){-.-.}-{0:0}, at: enqueue_task+0x26d/0x2b0
[  690.493077][   T29]  #3: ffff88807a5da818 (&p->pi_lock){-.-.}-{2:2}, at: try_to_wake_up+0x60/0x1190
[  690.520632][   T29] 
[  690.523051][   T29] =============================================
[  690.523051][   T29] 
[  690.532546][   T29] NMI backtrace for cpu 0
[  690.536953][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  690.544691][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  690.554841][   T29] Call Trace:
[  690.558268][   T29]  <TASK>
[  690.561283][   T29]  dump_stack_lvl+0x18c/0x250
[  690.566038][   T29]  ? show_regs_print_info+0x20/0x20
[  690.571317][   T29]  ? load_image+0x420/0x420
[  690.575999][   T29]  nmi_cpu_backtrace+0x3a6/0x3e0
[  690.581138][   T29]  ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0
[  690.587888][   T29]  ? _printk+0xde/0x130
[  690.592225][   T29]  ? load_image+0x420/0x420
[  690.597078][   T29]  ? load_image+0x420/0x420
[  690.601745][   T29]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  690.607908][   T29]  nmi_trigger_cpumask_backtrace+0x17a/0x2f0
[  690.614051][   T29]  watchdog+0xf3d/0xf80
[  690.618364][   T29]  ? watchdog+0x1e1/0xf80
[  690.622876][   T29]  kthread+0x2fa/0x390
[  690.627063][   T29]  ? hungtask_pm_notify+0x90/0x90
[  690.632178][   T29]  ? kthread_blkcg+0xd0/0xd0
[  690.636951][   T29]  ret_from_fork+0x48/0x80
[  690.641478][   T29]  ? kthread_blkcg+0xd0/0xd0
[  690.646218][   T29]  ret_from_fork_asm+0x11/0x20
[  690.651179][   T29]  </TASK>
[  690.655637][   T29] Sending NMI from CPU 0 to CPUs 1:
[  690.661035][    C1] NMI backtrace for cpu 1
[  690.661048][    C1] CPU: 1 PID: 2930 Comm: kworker/u4:10 Not tainted syzkaller #0
[  690.661064][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  690.661075][    C1] Workqueue: bat_events batadv_nc_worker
[  690.661098][    C1] RIP: 0010:trace_hardirqs_on+0x23/0x40
[  690.661126][    C1] Code: 1f 84 00 00 00 00 00 f3 0f 1e fa 65 8b 05 0d b4 75 7e 85 c0 74 14 48 8b 3c 24 e8 08 ff ff ff 65 c7 05 f5 b3 75 7e 00 00 00 00 <e8> d8 5d da ff 48 8b 3c 24 e9 7f 91 f8 08 66 2e 0f 1f 84 00 00 00
[  690.661140][    C1] RSP: 0018:ffffc9000bb87a18 EFLAGS: 00000002
[  690.661153][    C1] RAX: 0000000000000001 RBX: 0000000000000201 RCX: 41b1acecab101500
[  690.661164][    C1] RDX: 0000000000000000 RSI: ffffffff8b1c8dc0 RDI: ffffffff8b1c8d80
[  690.661181][    C1] RBP: ffffc9000bb87ab8 R08: ffffffff8e8b0c2f R09: 1ffffffff1d16185
[  690.661195][    C1] R10: dffffc0000000000 R11: fffffbfff1d16186 R12: ffffffff8a4df781
[  690.661207][    C1] R13: dffffc0000000000 R14: dffffc0000000000 R15: 1ffff92001770f44
[  690.661220][    C1] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  690.661234][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  690.661244][    C1] CR2: 00007f6025194a90 CR3: 000000000cf32000 CR4: 00000000003506e0
[  690.661260][    C1] Call Trace:
[  690.661266][    C1]  <TASK>
[  690.661271][    C1]  __local_bh_enable_ip+0x13a/0x1c0
[  690.661293][    C1]  ? _local_bh_enable+0xa0/0xa0
[  690.661311][    C1]  ? do_raw_spin_unlock+0x121/0x230
[  690.661334][    C1]  ? batadv_nc_purge_paths+0x311/0x3a0
[  690.661350][    C1]  ? batadv_nc_to_purge_nc_path_coding+0x120/0x120
[  690.661369][    C1]  batadv_nc_purge_paths+0x311/0x3a0
[  690.661393][    C1]  batadv_nc_worker+0x369/0x610
[  690.661412][    C1]  ? process_scheduled_works+0x96f/0x15d0
[  690.661435][    C1]  process_scheduled_works+0xa5d/0x15d0
[  690.661471][    C1]  ? worker_attach_to_pool+0x380/0x380
[  690.661495][    C1]  ? assign_work+0x3d2/0x5d0
[  690.661518][    C1]  worker_thread+0xa55/0xfc0
[  690.661539][    C1]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  690.661561][    C1]  ? _raw_spin_unlock+0x40/0x40
[  690.661579][    C1]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  690.661610][    C1]  kthread+0x2fa/0x390
[  690.661625][    C1]  ? pr_cont_work+0x560/0x560
[  690.661645][    C1]  ? kthread_blkcg+0xd0/0xd0
[  690.661661][    C1]  ret_from_fork+0x48/0x80
[  690.661680][    C1]  ? kthread_blkcg+0xd0/0xd0
[  690.661696][    C1]  ret_from_fork_asm+0x11/0x20
[  690.661727][    C1]  </TASK>
[  690.701947][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[  690.702007][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  690.702083][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  690.702123][   T29] Call Trace:
[  690.702138][   T29]  <TASK>
[  690.702168][   T29]  dump_stack_lvl+0x18c/0x250
[  690.702270][   T29]  ? show_regs_print_info+0x20/0x20
[  690.702359][   T29]  ? load_image+0x420/0x420
[  690.702452][   T29]  panic+0x2dc/0x730
[  690.702519][   T29]  ? schedule_preempt_disabled+0x20/0x20
[  690.702617][   T29]  ? bpf_jit_dump+0xd0/0xd0
[  690.702684][   T29]  ? __irq_work_queue_local+0x13a/0x3b0
[  690.702761][   T29]  ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0
[  690.702838][   T29]  watchdog+0xf7c/0xf80
[  690.702914][   T29]  ? watchdog+0x1e1/0xf80
[  690.702996][   T29]  kthread+0x2fa/0x390
[  690.703049][   T29]  ? hungtask_pm_notify+0x90/0x90
[  690.703124][   T29]  ? kthread_blkcg+0xd0/0xd0
[  690.703182][   T29]  ret_from_fork+0x48/0x80
[  690.703247][   T29]  ? kthread_blkcg+0xd0/0xd0
[  690.703303][   T29]  ret_from_fork_asm+0x11/0x20
[  690.703462][   T29]  </TASK>
[  690.705543][   T29] Kernel Offset: disabled
[  691.038691][   T29] Rebooting in 86400 seconds..