last executing test programs:

3m53.72322274s ago: executing program 2 (id=6):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x35}}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
r2 = socket$pppoe(0x18, 0x1, 0x0)
getsockopt$sock_buf(r2, 0x1, 0x1c, 0x0, &(0x7f0000000040))
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x54, 0x2, 0x6, 0x401, 0x0, 0x2000000, {0x0, 0x0, 0x5}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x0}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000014}, 0x0)
connect$inet(r1, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
r4 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000080), 0x3, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=")
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x1810754, &(0x7f00000001c0)={[{@jqfmt_vfsold}, {@errors_continue}, {@delalloc}, {@prjquota}, {@usrquota}, {@resuid={'resuid', 0x3d, 0xee00}}, {@usrjquota, 0x5}, {@min_batch_time={'min_batch_time', 0x3d, 0xfffffffc}}, {@nodiscard}, {@test_dummy_encryption}]}, 0xff, 0x46e, &(0x7f0000000e40)="$eJzs281vFOUfAPDvzG7L249fKyIKgjSisfGlpQWVgxeNJh40MdEDHmtbCLJQQ2sihGg1Bo+GxLvxaOJf4MmTUU8mXvVuSIgSE9CYsGZmZ9ruslsK3bKE/XySaZ9n59mZ57vzPDPPzLMbQN8ayf4kEf+LiF8jYqiRbS4w0vh37cr56b+vnJ9Ool5/84/BvNzVK+eny6Ll+7YVmdE0Iv00KXbSbP7suZNTtdrsmSI/vnDqvfH5s+eeOXFq6vjs8dnTk0eOHD408fxzk892Jc4svqt7Ppzbu/vVty++Pn304js/fpPVd9e+xvqVcXTLSBb4n/Vc67rHu72zHrteX44zqfa6NqxVJSKywzWQ9/+hqMTywRuKVz7paeWADZWdsze1ebn4v1gH7mFJ9LoGQG+UF/zs/rdc7uDwo+cuv9i4AcrivlYsjTXVSIsyAxu4/5GIOLr4z5fZEi3PIZaOz+AGVgAA6DvfZeOfp9uN/9LYtaLc/4u5oeGIuC8idkTE/RGxMyIeiMjLPhgRD93i/lunhm4cf6aXbiuwNcrGfy8Uc1vN479y9BfDlSK3PY9/IDl2ojZ7sPhMRmNgU5afaLfxchMv//J5p/2vHP9lS7b/cixYbORSteUB3czUwlS3BqWXP47YU20Xf7I0E5BExO6I2LPmrS5G8fHkTjz59d5OJW8e/yq6MM9U/yriicbxX4yW+EvJ6vOT45ujNntwvGwVN/rp5wtvdNp/2/ivb19/YGuUHf+tze1/aV0l/zv0V7JyvnY+bvmG5MJvn3W8p6zeZvsfTN7K53TLmnwwtbBwZiJiMHktovX1yeX3lvmyfBb/6IH2/X9H8Z4s/ocjImvE+yLikYjYHxH/FvfQj0bEgVXi/+Glx97ttG5d7T9iyxrLdZTFP9P2/LfU/oebj/+tJyonv//29uPPjv/hPDVavJKf/26ic3U2FyWWWzMAAADc69L8u/FJOraUTtOxscZ3+HfG1rQ2N7/w1LG590/PNL5DPxwDafmka2jF89CJZLHYYiM/WTwrLtcfKp4bf1HZkufHpudqMz2OHfrdtub+v7/s/5nfK72uHbDh/F4L+ldr/097VA/gznP9h/6l/0P/0v+hf7Xr/x+15M0FwL3J9R/6l/4P/Uv/h/6l/0NfWs/v+jcqUV3l1/sSd0si0ruiGhItiUgaF/RN6+zdvT4zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMd/AQAA///gq/is")
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0xe1, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000))
sendmmsg$inet(r1, &(0x7f0000004d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x1, 0x4044f01)
ioctl$BTRFS_IOC_GET_FEATURES(r4, 0x80189439, &(0x7f00000000c0))
sendmsg$nl_generic(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="1400000034000107000000000000000005"], 0x14}, 0x1, 0x0, 0x0, 0x4044840}, 0x0)

3m49.774376558s ago: executing program 2 (id=9):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000a80), 0x3f50cb9d075d319a, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$set_reqkey_keyring(0xf, 0xfffffffb)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000040)={0x0, 0x120, 0x1, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r4, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x1, 'queue0\x00'})
syz_open_dev$usbmon(0x0, 0x2, 0x101800)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0x100f, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x9, 0x3c5b, 0x1, 0x24, 0x6, 0x1, 0x5, 0xffffffff, 0xe661, 0x4, 0xb, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8f, 0x4006, 0x6, 0x0, 0x5, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0x9, 0x10000, 0x6, 0x7, 0x6, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x9, 0x420, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x2, 0xb, 0x4, 0x8, 0x8, 0x9, 0xb, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x0, 0xbc45, 0x1, 0x42, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x0, 0x2, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x3b, 0x800003, 0x200, 0x80, 0x5, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0x5, 0xa9, 0x5, 0x9, 0xac8, 0xbf, 0xc, 0x3, 0x7ff, 0x9, 0x4, 0x1, 0x0, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2eb, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0x80b, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0xf142, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0x80000003, 0x5, 0x4, 0xc8, 0x9, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x10000226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x1fd, 0xffff343e, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x2202, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
r6 = accept4(r5, 0x0, 0x0, 0x800)
sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000002c0)=""/86, 0x56}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0)
lchown(&(0x7f0000000080)='./file1\x00', 0x0, 0xffffffffffffffff)

3m47.639020429s ago: executing program 2 (id=12):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SFACILITIES(r0, 0x89e3, &(0x7f00000000c0)={0x42, 0x800000, 0x8, 0x7, 0xfffffffd})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r2 = semget$private(0x0, 0x5, 0x30)
semctl$IPC_STAT(r2, 0x0, 0x2, &(0x7f0000000240)=""/206)
semctl$IPC_RMID(r2, 0x0, 0x0)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a1810039000000000bf0fffffefdff0e000a000f00000002800200", 0x2c}], 0x1}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x14)
r5 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$VFIO_CHECK_EXTENSION(r5, 0x3b65, 0x1)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCADDDLCI(r4, 0x8980, &(0x7f00000001c0)={'lo\x00', 0x7})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000000))
r8 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f00000000c0)={'fscrypt:', @desc2}, &(0x7f0000000100)={0x0, "4b0a00c13cd6cfef5df35e1d5c2cd83ec8331c81a09875c137d35494701f22acbd1c110c6ab4c8829dfb7154e1476a3cfeab3096b43788d7c435b4a89e2fdc93"}, 0x48, 0xffffffffffffffff)
r9 = add_key$keyring(&(0x7f0000000480), &(0x7f00000004c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x1d, r8, 0xfffffffffffffffe, r9, 0x0)
sendmsg$BATADV_CMD_TP_METER(r4, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x3c, r7, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x80)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)

3m46.114205591s ago: executing program 2 (id=16):
syz_open_dev$ptys(0xc, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d40)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000700)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x50cd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000780)='contention_end\x00', r0}, 0x18)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f00000022c0), 0x2, 0x0)
write$vhost_msg_v2(r1, &(0x7f0000002240)={0x2, 0x0, {0x0, 0xe0749d04fc370ad3, 0x0, 0x2, 0x2}}, 0x48)
r2 = syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="1201000000000008ef0ec4720000000000010902240001000090000904000001030000f3082103000001220500090581ab3eba5fd00867ca69030000070000a359a672dbedc2bec517720d2681f4dab59fe3278f7c036c6fe46070883578c029478209ea0990ab5c5468cb58496f38ce8230fe063a3c3a7284607bfc31fae122f634ecfcb1f961bb7b14fcfcf93d8cadfd1323c5dc1b98d0f7d4b92d60432dff04885353ae9bb5a7865477a62c934b1525da53a771c128d8bd167b68d692731c3ae723d2e96292195d811a858b2a6ba8d5639ebac6d05c251eaf8a92d31d99117af75f0193a45af7484500400bfa9cb4c7efae4d05732176769d3a8b54721cef71342c9459e7def8b84569b1a334e2f7d03973a029cb3cf6ec8c1a021007a9f23c4cea7b2f6273e740"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io(r2, &(0x7f0000000000)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="0003050000001408b1"], 0x0, 0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000604000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000007c0)=ANY=[@ANYBLOB="300000000b06010200c300000000000005000008050001000700000009000200737d7a3200fb760e4e811422000078f30d743b2f2be400f9677c207dac48c81a22fad18a82eba6a7d00a51c7e34a8960ada3ada7a1f71666dd0da1102ff2c59b10b37b"], 0x30}, 0x1, 0x0, 0x0, 0x2000c020}, 0x814)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000060000000a00000000000000", @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="0200000001000000000000000000000000c8475050502ddba7dc5254571eb7eb45000000000000000000"], 0x50)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0xb, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x61)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(r5, 0x0, 0x0)
mount$9p_rdma(&(0x7f00000000c0), &(0x7f0000000140)='.\x00', &(0x7f00000001c0), 0x10000, &(0x7f0000000480)={'trans=rdma,', {'port', 0x3d, 0x4e23}})
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r5)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000004c0)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r7, &(0x7f00000005c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000580)={&(0x7f0000000980)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="ba756082afef0a0095064fb7cf3bcf81ad45f2499badcc5a3ed8ae4e5270e65b69b3b8a96b6f9cfb69c4f195cca65c4768d50a91da4689e2029447d82b8cac13a3ef845c3e591cb16b49060000008aa466c5117c3748cb79a5809974a370d8eac20686e664a323e773a322ae18f9fe7358d9851426c193ef1b6dec798ec090dbc571f21d29d53bfd6981f34dc0262d55e5e833a98acf36c4114cd54a479a0257cb89e99a66632ddd796bf86c789bfeece2b765dba46d07cccbf03e88cf929ddcbe4997d24b7c6cc3faf578caf7c365ac3452a6bdf2ce1cc03edb98df2ba4f78665cdc8ad9517e7656dd051c8ccba69882397157d5d1c9c9102f9f545adda3d65ce577f9ac81b8c2d8ab75d28e31db3b0aebce5d5acbeae89c083e11bfcab2f64224c0c8a806f96680032caaf38c6969dfcf4a453a1dc8c48b2e15da45bef55a56dd977f7e6ba8110b97ad285823e25f6d3bcc3e01bc5244edbb70d476880ab474af7ca3f685e1fdb500fd6d83a4097fa90f20682b7aeacabcf8cb82b870382d9c2157a83371156ce3890fb309d6e6093ff044c4b17d25b", @ANYRES32=r9, @ANYBLOB="0a00180003030303030300000800050006000000050053000100000008000500010000000a0018000303030303030000080005000c0000000a0018000303030303030000"], 0x60}, 0x1, 0x0, 0x0, 0x40004}, 0x24000011)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000100)={'team0\x00', <r10=>0x0})
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtaction={0x68, 0x30, 0xb, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0x4, 0x6, 0x6}, 0x4, r10}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x2000a804)

3m42.531015444s ago: executing program 2 (id=22):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000a80), 0x3f50cb9d075d319a, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$set_reqkey_keyring(0xf, 0xfffffffb)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000040)={0x0, 0x120, 0x1, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r4, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x1, 'queue0\x00'})
syz_open_dev$usbmon(0x0, 0x2, 0x101800)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0x100f, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x9, 0x3c5b, 0x1, 0x24, 0x6, 0x1, 0x5, 0xffffffff, 0xe661, 0x4, 0xb, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8f, 0x4006, 0x6, 0x0, 0x5, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0x9, 0x10000, 0x6, 0x7, 0x6, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x9, 0x420, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x2, 0xb, 0x4, 0x8, 0x8, 0x9, 0xb, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x0, 0xbc45, 0x1, 0x42, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x0, 0x2, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x3b, 0x800003, 0x200, 0x80, 0x5, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0x5, 0xa9, 0x5, 0x9, 0xac8, 0xbf, 0xc, 0x3, 0x7ff, 0x9, 0x4, 0x1, 0x0, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2eb, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0x80b, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0xf142, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0x80000003, 0x5, 0x4, 0xc8, 0x9, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x10000226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x1fd, 0xffff343e, 0xfff]}, 0x45c)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r6 = accept4(r5, 0x0, 0x0, 0x800)
sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000002c0)=""/86, 0x56}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0)
lchown(&(0x7f0000000080)='./file1\x00', 0x0, 0xffffffffffffffff)

3m37.078185893s ago: executing program 2 (id=28):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f00000012c0)={{0x0, 0x989680}}, 0x0)
r2 = socket$kcm(0x1e, 0x5, 0x0)
syz_read_part_table(0x105e, &(0x7f0000000000)="$eJzsz0FKw0AYBeCXYSaJILj3EDmHC8GVN/EqrryBl3MpLZQpSdMrtF183+bNg8fAH+6r5Nh77+Xax0MyvM5ZUvLTkrSPJbVvUqd9VUu7PPp0Gtv3Xsb8PW2RtuZzkuF9mpOvt5Sk1nX08j/vnwz5/L3xtQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwkM4BAAD//02nFHk=")
getresuid(&(0x7f00000011c0), &(0x7f0000001200), &(0x7f0000001240))
sendmsg$kcm(r2, &(0x7f0000000540)={&(0x7f0000000280)=@tipc=@id={0x1e, 0x3, 0x2, {0x4e21, 0x2}}, 0x80, &(0x7f0000001180)=[{&(0x7f0000001080)="e4e4b1e65954b2e9880087edec05ef3b8d8a76dd2bdd6cce4b5e2befc75c99f9859965c44416e8b11bc7757e94097b6cdbbfcce3e33ba2e26e4ac3a3af442c9725bab256405e66526ecfd77d7f83c4643f7bc44c0ab81ccc6482361e3368c51052e50cfeeda5a9e066773c06a83761c404d70cfebceeeacd356868c8812a9c390b1b62", 0x83}, {&(0x7f0000001140)="d8fbd2493d6c465042865ac41a226f39f0f0679e0b4dbe1f5365f16c179bdb02fc68b14d0183747b98a3a063c8d3", 0xfffffda8}], 0x2}, 0xc001)

3m21.288888182s ago: executing program 32 (id=28):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f00000012c0)={{0x0, 0x989680}}, 0x0)
r2 = socket$kcm(0x1e, 0x5, 0x0)
syz_read_part_table(0x105e, &(0x7f0000000000)="$eJzsz0FKw0AYBeCXYSaJILj3EDmHC8GVN/EqrryBl3MpLZQpSdMrtF183+bNg8fAH+6r5Nh77+Xax0MyvM5ZUvLTkrSPJbVvUqd9VUu7PPp0Gtv3Xsb8PW2RtuZzkuF9mpOvt5Sk1nX08j/vnwz5/L3xtQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwkM4BAAD//02nFHk=")
getresuid(&(0x7f00000011c0), &(0x7f0000001200), &(0x7f0000001240))
sendmsg$kcm(r2, &(0x7f0000000540)={&(0x7f0000000280)=@tipc=@id={0x1e, 0x3, 0x2, {0x4e21, 0x2}}, 0x80, &(0x7f0000001180)=[{&(0x7f0000001080)="e4e4b1e65954b2e9880087edec05ef3b8d8a76dd2bdd6cce4b5e2befc75c99f9859965c44416e8b11bc7757e94097b6cdbbfcce3e33ba2e26e4ac3a3af442c9725bab256405e66526ecfd77d7f83c4643f7bc44c0ab81ccc6482361e3368c51052e50cfeeda5a9e066773c06a83761c404d70cfebceeeacd356868c8812a9c390b1b62", 0x83}, {&(0x7f0000001140)="d8fbd2493d6c465042865ac41a226f39f0f0679e0b4dbe1f5365f16c179bdb02fc68b14d0183747b98a3a063c8d3", 0xfffffda8}], 0x2}, 0xc001)

2m46.327560321s ago: executing program 1 (id=119):
syz_usb_connect$uac1(0x7, 0x71, &(0x7f0000000040)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x3, 0x80, 0xf4, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xf, 0x3}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0xf7, 0x9, 0x6, {0x7, 0x25, 0x1, 0x83, 0x2, 0xc}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0x26, 0x6, 0x1, {0x7, 0x25, 0x1, 0x3, 0x8, 0xdd60}}}}}}}]}}, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[@ANYBLOB="12011003020000182505a1a44000010203010902bf0002010650000900000000020d00000524060001082400a9b30d240f010a0000000300ff000606241a05001407240a050905580c240c00000000a90c0900030424020204240200042402024424"], 0x0)
r0 = syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0)
syz_usb_ep_write(r0, 0xf8, 0xa8, &(0x7f0000000280)="1b0b033d2c3106d447e83b4d4fd2b5e44dd5ccb1746e0140a5544a77a2d72dd23f4d43245f00d6f0dc261148e060a23661687ab8800177d8ae34f7806dc713602020aa125118d433827eb4226296dac7c2ca1723e2814bfc9bf3e4f832e14bf238657ebeceb51faea065e68f4e6926bd8ef978b59c6a286a3763fd8a0f70833f509301e44c15cee4a7fb61f29348b699e0b5861ac2066abb0f9147d6850cae23b3aed596c6a1e903")
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000ac0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0x4, 0x8}, {}, {0xfff3, 0x2}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0x401}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

2m42.775835832s ago: executing program 1 (id=130):
r0 = socket(0x2, 0x2, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
writev(0xffffffffffffffff, &(0x7f0000001500)=[{&(0x7f00000013c0)}], 0x1)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$unix(r0, &(0x7f0000000000)=@abs={0x0, 0x0, 0xa000000}, 0x6e)
openat$fb0(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)

2m41.367584063s ago: executing program 1 (id=132):
r0 = syz_open_dev$video4linux(&(0x7f0000000180), 0x5, 0x1)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mprotect(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x5, [@enum={0x3, 0x1, 0x0, 0xf, 0x4000000, [{0x8, 0xfffffffc}]}, @struct]}, {0x0, [0x0, 0x0, 0x61]}}, &(0x7f0000002200)=""/4110, 0x3d, 0x100e, 0x1, 0xfffffffb, 0x0, @void, @value}, 0x28)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$VIDIOC_TRY_EXT_CTRLS(r0, 0xc0205649, &(0x7f0000000240)={0xa20000, 0xe, 0x3, 0xffffffffffffffff, 0x0, &(0x7f0000000200)={0xa10907, 0x574a, '\x00', @p_u32=0x0}})
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000018c0)={&(0x7f0000001680)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@struct={0x0, 0x2, 0x0, 0x4, 0x0, 0x1, [{0x0, 0x2, 0x6}, {0x0, 0x4}]}]}}, &(0x7f0000001800)=""/148, 0x3e, 0x94, 0x1, 0x0, 0x0, @void, @value}, 0x20)
openat$tun(0xffffffffffffff9c, 0x0, 0x80, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x20702, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'pim6reg1\x00', 0xe511})
r5 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_MMAP_OFFSETS(r5, 0x11b, 0x1, &(0x7f0000000140), &(0x7f0000000000)=0x80)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xe, 0x4, 0x4, 0x20006, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_usb_connect(0x0, 0x2d, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000965d06403e131508667e0102030109021b0001000000000904000001ff8728000905050300000000008bcfd25ed115cbf25446d0f7ad2c34b158e98bff0431eb91a1be1166cda53bc5eab8042d414918261d7121cbcdeaf0d5de91fd3bcb8727f8d48ce56096cf07aaca8fbba150fba6db66ab53fcde009d12efb6faeee3ae46fc26413c133a32521616b15dfadcdd4517ff57e06bbc33fcf4d333922129cc491eae33906e8b93c125eb8caf26440619b9942d29e08b10f49c7fc2d33a7cc0fc18f7553253caf3f935fe0e6502106902018178442430c1bc0c7df1be3b502974c1edf6f0a579143d2e6fbae44b54c1e4c946a3069879dce334c412ca14ca5e78696df9281019f4643184f59cc9adcb3260b08c8c19afd11cc8d105e10dc6108d861f0d4afc06653e19d51a829bd47665a8c38f385e1da7af"], 0x0)
r6 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(r6, 0x0, &(0x7f00000010c0)={0x44, &(0x7f0000000080)=ANY=[@ANYBLOB="00000100000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r6, 0x0, 0x0)
syz_usb_control_io$hid(r6, 0x0, &(0x7f0000000540)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB="200f4a000000d5d987b0f21cca22801f37b673670c790ad0834fbda51c5f2edb4bd53011f5010f044e4b73e7959f3126b3e33c02f29d93f2df20fe237729cbf20977dc98b3a40e5f57"], 0x0, 0x0, 0x0, 0x0})
close(r4)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, 0x0)

2m34.272184156s ago: executing program 1 (id=149):
mkdir(0x0, 0x0)
mkdir(&(0x7f00000008c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
chdir(&(0x7f00000001c0)='./bus\x00')
r0 = creat(&(0x7f0000001200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa)
r1 = fanotify_init(0xf00, 0x0)
fanotify_mark(r1, 0x105, 0x40009975, r0, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
mknodat(r2, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)

2m31.113583942s ago: executing program 1 (id=151):
timer_create(0xfffffffc, 0x0, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x1, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_settime(r0, 0x1, &(0x7f0000000140)={{}, {0x77359400}}, &(0x7f0000001840))
syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="005901e3fd18fb9c322293c67dcde48bfeffd1843c336e09b34af65ad26aafded7da5cfeeda2b8d8d900c2195f00f646f699eeb47813177405a6a6baf786c0d14f2079a9efa9db8973bcca25eb2973856c6760a483c41d0980c78a4cb096a5affa6b980600000000000000a1eacd2c820176737d4eb55dca564820dd769d8742f6d9ab243775a67afcdf845f978e95365cdf6f30aa43423b381881433e00ccbe6353b21300d8f0ca972589398eef9487db78486fcf174990c488031f8b39cc01bb509f3ea4bcde33d4c9e305ecb4dd88204c5d7bb5e469cabfda0feca3ce70c0acbc34d13e5a5c796eab23abfe3b717834f8e9d7120e1e925c4e210b4152c75210b3e979fbe8ddf23eef2d53733209b22206e0a4afc354c33d7ca2a00116a14d686e4aa86b6ec6a4130178c3ad8c723c0d8506bd7bff780000000000000000004b2ec61cfde813cc124715aaaf5508b93d8cf0860042108b660b74f94b1e4851eeec09fdb7a617eabeeeff8ce8bb99f4b1f9c2896cf31e19c3c24155b0ea7dc3cae1b56acb1946830cad94af3f1caf43ea03b38fc08a7e19480e283a4c0d", @ANYRESDEC, @ANYRESHEX, @ANYRESOCT, @ANYRES16, @ANYRES8, @ANYBLOB="eae535d4c5cd41b584d3bdb8d3fb3e37666220165c8aec9c235bc9af137d4058a50551a5b228bbbcf6cd1275ef3732adfeaebdf711988cbe9d1da671f8bbaac371392e227f548006163fc9aaf3d55e97410ccacb7df3444c03ac4170da3fbc69ae1c8a590318a7a33a774debbcc54bb6d6025bc65458b94791d5a8bcd898b75cce569e2c6fd55928c5084aab22c8196fb436916cff76302fd8c4b69ca674271f5db630ffad103ad9286287759d0d5470d0b54f701a713e8803665b87799065f31bb0cff21d9c109c1fbfffb640facdacd569f158f694c34ffb4c405b186aa90e8be7b47c56e6e439ae953605d89c131c711ff56f0adb96e5ee0d269b4cfc9d089794f60bdd06e845b5ffdccfefee032ecfd92f6cba5920130f685e807f88de4a2e595ea37f39a92dcbaeb2de15dab62a5a199d4666578eb1707e88ebb0b98140fdb62d60005fd6721f18a2054b2ba2ed308813164f8dbc7e1d26a11a707adc6978a25cca2fca5d62e51794447f656b92f8372ebf98934a0bc057b901080da81ef02ccfa18a29c9b82c90fd38eb554b83428948f3608cd8fd5845bed25a0d96b146f09bd4cce20efc1ecc7bf64bd88e7a460b372a298cb776eb1d78cc334da71dc6056b2d1119cdad3af9092a42c184e9d487076399f0be65a442fdc06901089e6b5178ecb57aa4b98ff1f538696e8510551dbb5cbd36b125efa2a3e719f22b96eeec80a178dae9c894a7dd170419c33817baedfc132cde868a1c55192b9c8a332772fc40fed9f6fee1aea0e2001752caeb58afb55ea7c421cd0eb5e6ea301f8e2f6b68484849f5d3e7bd1b4aa865d2cd049dfc773bb4281f5f8dd2a3f1563c8cd3655dd9e391424151dadf7415afb242cb99b9b9541b6780beafc6a8c2c0bd109749dde1e8535040d8d2cda8393abaa6cdae24e13917e867d6d301f6f39619bcbd70acc747e093ef3c22f0b1a8b8a4d8bd11bc19c7102e11a8603d563507423c96d1653a42d02ff1ee390934927f037d2022cbbf86cb605e82e2b6e2c2fa1d523f72b47738f318836defed1f898271bdd4fcbe7863e5aa7c7e468d9bad908de3c6851c696df710da87771840f46e63fc4c3d5d9b13b663ed2fef2e56a8690cdee9e6ac0a9824c9fe458ad29614f9485f9c18caf2d5c229f24a220ab84daa26ddb2a0d4059b43e073b703148d82fe4d91ae24db7224df2ee4e10d596846466d6a62faa9da7d24f9dd1e3b5cc291f4840b6603d1173204a452a9b05a5efcf4f9e09c2a3c38f2fd49322e718ddc8278ea182a359043387705c0be61be7e62ba7bb85dfa0f24400f89087f78d84d2296844944d186fb55045eb016dd3d602c85211d7b19dbebe3247313283da5bcbba09a3a74c590fdce8cdbef49a73b11413a9df4aaefc356e94f838cef801ba2380d7e5fdc8865140311f071c82bc1482c2033b8ad70d08a5a71e1c949f93cd8743b0bd4eefdaf45f5246efcf800444c8e9b8c2a01b76b6eb4e0639ee7381971172c53e165f14946fb56896e40424a3b981d97b4b01504806d797bb9e3405a7326d2ba7bfa6efc923c4c68d0165aea2d80ae953c7e2ec6534d0da7c28bbe255d81097e84254ff7bd065caa84fa7455885e1b28ab7d6243d0f02903860049935a764ebfe5384bdf9ae0b71f1641e457780da2071a84937dd88d2e4aec7ddaab66e335887f555a724ad9692ee996521ccaa35e2358aea1ab6a8c9845af8af552520fdec7ecb635d230074aa532c3efe6677c79b1328451a779501eccb4c11750744cfce16ba2ced0fc6dd2b75a5ff1770f3851c93bcf8850adf496012d94b8dd6a00d1f9f0c96989979b89838a29875072e0b678a2a55338f21625165c350134d7cb9119ac4dcc77f13a153fe6819d1bdc6b357e93531a68813913daf65d2e62d4bd09da6bb16e8d686518f6faff70dc0804b4b6810117d8698a4d27f0482f9adf9be3aae179dbcad90ab1fbd6b1ba15cdc78ee7686bd15a8fe1cf5af00fcc0a6981a77ac5c3485518921a1b4ea90b02e0059c2c71850d517bddc12bd61a5571da765a34b53e5f06a2b8bb122bf9d642f1ad50a0eb7afe34ef6fd2474d25f314adbf276a895b80b8de6e31eaee5fe4544f4709bf6416f26ec52d517dd3a350cb68df6791dc671495e0f056de8b158095b32ec8b43f65b1f3110cf7da37d2383e99a5bd9a0e0d5684a5b15246170bd11909ef22ee740aa5556dbc0f9dacc8ce440c137bf0ec673651067ef1146004701376116986c49b10226141bea12f679c3f53eaea945b1bb92e6c922a85a2221f768ff4f1c188dc82f9e8d947e140f43c4950430f88a47fb15dcd8ef8491ff08d7b287b280eab99e44a7fba6d4fe20fcb2c2cfa1a6f4d59b51755e66a3d9a325a08a286185c2bdac8c8c2910ed3ff8e047f28b2bf1827e0829f8ec8459241300583f1880c96b2e405b253af5f7e9ee91e34c3fa2cd5c53a71bc3b4b1a5741c17a7b73c8e7d3e8ec9e51a90772b8eb38f23fcb9e07eff8b0f68d4f7d4d68bfb8fbc8d90be681166fe5ed220e3a425c65c0e678e8b7470a99d7fccc7a3be07189ee02e1f8c81549b0b8c0113ef602d10d5d2429e8b60fa5aaddd55cb86141609bae35c185c5ad743d0fb0a1244ba6d67755e46073f3d428926c0d9033f8180120deab78a4b42664e36b6723039457195bff897760ede28bf2661a95715dd20bc744ae2a06bcb12ef8b7a373f3a5557f20256446ba95d45b7810d68494f954d1802aa8986279adc368c2365168c0619bc8952ec6ac60840d9968302edb8809d36f6b0c83dc6941193fb8eb2adcef36db70cbe51fd533ee108eaedebc05ab363058feecfb51e294419695019d0ba50a660ecbe3fd1b43ac973141b7e4c423c062f63ad24468ca79740502716b10a823821429d53f34409cc0757587a5de21663c33a8b194c988a3c209cec76b9fc18805649d9cc109635271c968972f4328e561b562ad6c32a71b269718a303ae3635e5b06717152817a11589d3efa0f803d7bb560c08132827333ada867d1a870e2feb3a5e7851363fc333bb681018764aab63eb740978994f62ec3147d4d6a40e099ada0c50c1a5f6a8196549be226508055aef349c76af40596f6c9b7217423628bb6dc07d9382f6d4c87c962ec97bee6384ba3e2522b76ee8619093500a75bcc8fd0fb9bb5093650ec0ca9c867a22260e2668ecf46047e3df87f5d82d992a558e45fb852be616c030edf6aeeae70848403dc1166e6a16776e8660f90449f297224f667563850480f259f6a59039b1a3ea5488971b5e4bcbf380c527c937055dbf4f5a676bacc09f4dde33c50a1286f6024980df1064a9dc4b3f101b129fa1fc141e54f52d4b7322a0cb1c2567205016f5ede0794122fcaa2d11fa77f5fddb3a5f3c7b3d85f0cb6f32cd11d752f755687fb8d93d40711a4c8873ec7c794f0f781bb9c10f9df22fa8f40cca06a48c37e66ea4480fcdd686526be62915ebe36e0bdf7dafd3940f698469ecdc792ca6105a37499a19382247a85bb734e4ba325dd307be8444b5860f99f9dbc7aa28c26747c89041bde3c10c459406786e10792078a52f4bcc32aff61b3f5798cb5dc2927f260f70a41d8e5fc38498b02d0053a86ae408d2efdc1aca9a8508ef9128dfd1fc6a92ba72f940ee469a3111e2cf6c28e77e5a206db6f09139db812fa4e4cfe33c8d184e4763bd8e54e0e473346215b8905d101463dd2ca855747c81c7ffd6c2625e0b59273a9516ec96a5cd8d9078c974980a16b6b87563986ba287821cd41f417792e42dd24e796e313b9cd943f1b9dd6ee35676ff4ad46dbd52db83abbc78f5dad11b6e7bd09a4ace8c246d0a52c36dcb1f0c6025f6ed2868f4b918b6e4e645c63689b7e7bc369dbe44725993b3b43f4572a7136b6e610adc161f45fc307c0937f2338ebc4fd571852b229b80ccd071e1a29c927f88b8b45efa503691758125d29463e742e2ef508babf30ae39ff8bb3a94cfee379f84348c002fdef77b410bee9f47f8119388b3fc159b409b9d9c9af97a4b75c38ca5fc0665cd975df293370de64714cefdd470c1d05a5d3e0f257182889d7a2d797ebf42d6935d1c6b5ef8cd1e2783cef3a316dbd4768510f26ee5b1c481bcac3e1608458d4b5ec6411cb3c921a131140440561931ca51b92231de91d1f950d992eec74c6500a6ecc9e8bc26eec367dba82720accd6dee234db88c132ec649baeef23a16ebb18c8e5b68b95aac984d8322a01b39636baf16911e458242730ea8b22c686bd01bc451e91c34f81fafe88485bbe97ec99299940ca897c3f802d080ecf8ca7e5032c728b8b33f162ab26a6805db239b88103c19ff8160a28268f8f7ac66593c67251fb0f3fa3004d5ad08107f48e0ecc1e4e910554f49ca72e3fd7e212d828fc3c0c40203e4642a3a372f36cfd13a037fd4dd107d6b386659b379c4c41813c8599cb71fd08e4b80f22dbb088d3d0257f30493b1c4d54201a00e049d998d291ecb659e65e2eed9776b367afc9b84b03957701bcbef289b0eea8e5722a63e1bd748d5af209c5ebff7df185d0d68e7ceabbf9a63bba55946cd3b52a09383fd9b9d2d956dc4e5af16986c5600dfd0db89e0e478420557d001c3716350c3e6ba0bbec1e5888435d296d8666f455d22205ea407a95eb60bc68a184e95ae3259f3783c594d3e550c018369df677ea11a37c757a3bd3c19eb257f5e228ad760562e431754a0c620004548962c3a4fb42d49259dafc1b9d365323fa2ace81876728a24f70b06e1198d5f863bfd00a04d5393b3adb15f4191d374c607c7ccb6b7ef84303454b6655392a23dccca41f55cb314a3bfbb637f57178cc9df4fe0645a8dc1ca0386d1fb0ff2cfc3e149991f97264d893fba0b013c027ce753c3e1f907a2988b1507eecd0e5e26368155ff5c55f616ffec31a613be450ee048955a46d68c272aa53f1db6ce199e2765f4be20933799d96f13b3a65f33cb60da1929023ff5d820172c423f83210a992264a37854033cd43c88129fabb5146367d2b748d84be96dc3a4ad95279ec7ed78dcb57056597a9f46a948708b0e9915b22f28216d94554db2082f4b9782a5802bf6700ef9017168a68304b6573f46c78a0a3be302e096b4f5b87313a2ef9a2b5f51956d9e315b08ee89a59aeec225227f3ece808c451e1103df7887f944138af1b93235bc93121fb84591d065d5f245c035c238a1c30d510be5db14725148919e8d57f1e3a36ead8be870e2505e3c9935c4461741c4a8dc4dff7e0e042167a7228bf218c9d8dd9c0be9e5ff4a79968d8f34cfc3206e0ade5889e9c5e44c918ed3755063d4148e7f1da9d2ce7aa45b9fc873f85cb92160b8a4d5b219884d0c43cc1194259ec4a6127887470d2fabbc1983b1bcc51e931f131d1238333c09740b43802fc5b1c01a942c5d08693b81e59429cb7d49f454f517cddc160d563a243182083008f2481e35312b4b35a2688468f18f4733f4b40d2f298c0b88ec2ad51e2efa509905233e3bbb9e172a1e697ab379f500c8c791aa97623bc8faa7f0468e02e6bc6f9bc40c75b4c01b92731fc371ad7c90928bead62a74580bb2d0aa1d8972fa857766ebe8aa00cd9eae79a591ea3e87a5ce636dc865b992c98a6fafe478973665936ad477558dac400fe179e86e6fef41aa074d0812f0c14f3992edb76358d02a2b763512ca9abc0940dd711670deb4d9abf196de9106efa5e1c14a673de86193908206ab9f72afd6ef1b05355f06ad0b9bc83750bb196654566b56e13e6e820d12bc34920b45c3"], 0xfd, 0x200, &(0x7f00000002c0)="$eJzskr9rFEEUx7+zO3fuaUIOORBFEDVoLJLbbDT+KBRsDCoIohADgsfdJS5u/JE90DsOXKsUNoIiJIiFIElhIf4DLqiN2CgEuxBJnSKFjSSsvNm3mwnY28ynuO/NvLfvve/M3A4fhDsAbK5360AZhEQF338JSAAHhNpCw07VYb3MWuT4BSvVmPUP6+bJzvgEIPxDy6NWvKdxUJTRU/n9dQV19N3E6deX3v24WnixtHvt7UfKv3i9/QHiaKPvzav3z87P9ary4saEXseO9887VAjA843x5RW5165ktfxoiVoXkPFyEsKddwAMfR6cO+v2PrW4Ztju3KkFQXMmPPfEwppq9XO9W6c/twAkBPsbA6DnkP1FzqG9fRK4BsBGkudIbFFtTd+vhu3OoD9dm2pONe963sioe9x1T3jVST9ouvQLcDf1OZ8gSI8BoGsq0QhCxXdRbINzdmI7VIfmivK496XE45fQrRe1qxs4jHRb65fZylQgZluOmgPKKlk+Ajrah5HQdvtVFQllbAwCNi+GpTZf2stRgaFP94LGLMgbf7YAmdcYXkUhX3j6YuRU5hCzrP3YujFigXWVNXvR2UuVqoLF73kgAop4VGu1kiR5jMUeXPmWRmhvxivm/8qRfmDUtWxvN3fG/setGAwGg8FgMBgMBsN/4m8AAAD//4Hjlpw=")
open(&(0x7f0000000140)='./file2\x00', 0x0, 0x0)

2m29.136597631s ago: executing program 1 (id=158):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/cgroups\x00', 0x0, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
flock(0xffffffffffffffff, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000500)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x1, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001740)={@cgroup=r6, 0x14, 0x1, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f0000000040)=0x1)
ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f0000000080)=0x2)
getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000001000390400"/20, @ANYRES32=r7, @ANYBLOB="059900f3ffffff111800128008000100677470000c000280050005"], 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x8000)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {}, {0x0, 0xfff3}}}, 0x24}}, 0x20000000)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001b00)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a3200000000a0000000060a010400000000000000000100000008000b400000000078000480340001800b000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000400001800c0001006269747769736500300002800800034000000002080001400006001408000240000000120c000780060001002b66000008000640000000030900010073797a30"], 0x114}}, 0x0)

2m13.611377716s ago: executing program 33 (id=158):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/cgroups\x00', 0x0, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
flock(0xffffffffffffffff, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000500)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x1, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001740)={@cgroup=r6, 0x14, 0x1, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f0000000040)=0x1)
ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f0000000080)=0x2)
getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000001000390400"/20, @ANYRES32=r7, @ANYBLOB="059900f3ffffff111800128008000100677470000c000280050005"], 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x8000)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {}, {0x0, 0xfff3}}}, 0x24}}, 0x20000000)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001b00)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a3200000000a0000000060a010400000000000000000100000008000b400000000078000480340001800b000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000400001800c0001006269747769736500300002800800034000000002080001400006001408000240000000120c000780060001002b66000008000640000000030900010073797a30"], 0x114}}, 0x0)

16.109065366s ago: executing program 5 (id=415):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x102})
socket$netlink(0x10, 0x3, 0x0)
ioctl$NBD_PRINT_DEBUG(0xffffffffffffffff, 0xab06)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, &(0x7f00000027c0)={<r2=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(0xffffffffffffffff, 0xc02064cc, &(0x7f0000002840)={0x0, r2, 0xf, 0xfe})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(0xffffffffffffffff, 0xc02064cc, &(0x7f0000002840)={0x0, 0x0, 0xf, 0xfe})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000180)={<r3=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(0xffffffffffffffff, 0xc03064ca, &(0x7f0000000340)={&(0x7f0000000240)=[r2, 0x0, 0x0, r3], &(0x7f0000000540)=[0x6, 0x80, 0x100000000, 0x6, 0x8, 0x2, 0x10000000, 0x4, 0x10, 0x5], 0x2, 0x4, 0x2})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, 0x0)
r5 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r5, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r5, &(0x7f00000002c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r5, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceec7cb8702b1b4a0ff322839e69b507d7478e0706b00408dc59283f5c0159b8e3c0289dcb182504844ef8e6972cdb3f50680fc9602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12ae64a5a521aa83080b7672c4e1566a61a0ade4b6c9d78151053d9fb31fd2cfc77f269f873e14e5fe3c46c0acbb22d40391ae31d2025dcd947adf76739ae4ecbe3b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b9", @ANYRESHEX, @ANYRES16], 0x1, 0x61d0, &(0x7f000000cb40)="$eJzs3c2OHFfZB/Cn+ms+8saxsojyWghNEgMJIf4MxhAgyQIWbFggb5GtySSycADZBjmRhSeaDQsuAoTEEhBLVlxAFmzZcQFYspGArFKoZs4Z1zTd7rGd6eqZ8/tJk6qnTtX0qfy7prtdVX0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIjvffcHZ6uIuPzztOB4xP9FP6IXsdLUaxGxsnY8rz+IiOdjuzmei4jhUkSVG5+JeD0iPj4Wce/+7fVm0bl99uM7f/zbb3/41Pf/+vvh6X//6Wb/jWnr3br1q3/9+c7j7y8AAACUqK7rukof80+kz/e9rjsFAMxFfv2vk7xcvXD15oL1R61Wq9WHsG6rJ7vTLiJis71N857B6XgAOGQ245Ouu0CH5F+0QUQ81XUngIVWdd0BDsS9+7fXq5Rv1X49WNtpz9eC7Ml/s9q9v2PadJbxa0zm9fzain48O6U/K3PqwyLJ+ffG87+80z5K6x10/vMyLf/Rzq1Pxcn598fzH3N08u9NzL9UOf/BI+Xflz8AAAAAACyw/O//xzs+/7v05LuyLw87/7s2pz4AAAAAAAAAwGftScf/21UZ/w8AAAAWVfNZvfHrYw+WTfsutmb5pSri6bH1gcKkm2VWu+4HAAAAAAAAAAAAAJRksHMN76UqYhgRT6+u1nXd/LSN14/qSbc/7ErffyhZ13/kAQBgx8fHxu7lryKWI+JS+q6/4erqal0vr6zWq/XKUn4/O1parldan2vztFm2NNrHG+LBqG5+2XJru7ZZn5dntY//vuaxRnV/Hx2bjw4DB4CI2Hk1uucV6Yip62ei63c5HA6O/6PH8c9+dP08BQAAAA5eXdd1lb7O+0Q659/rulMAwFzk1//x8wJqtVqtVquPXt1WT3anXUTEZnub5j2D4fgB4JDZjE+67gIdkn/RBhHxfNedABZa1XUHOBD37t9er1K+Vfv1II3vnq8F2ZP/ZrW9Xd5+0nSW8WtM5vX82op+PDulP8/NqQ+LJOffG8//8k77KK130PnPy7T8m/083kF/upbz74/nP+bo5N+bmH+pcv6DR8q/L38AAAAAAFhg+d//jy/U+d/R4+7OTA87/7t2YI8KAAAAAAAAAAfr3v3b6/m+13z+/3MT1nP/59GU86/kX6Scf7r/f/fCm5fH1uu35u++/SD/f96/vf67m//4/zzdb/5LeaZKz6wqPSOq9EjVIE0fc8em2Br2R80jDatef5Cu+amH78bVuBYbcWbPur10PDxoP7unvenpcLu97u+0n9vTPthtz9uf39M+TFc61Su5/VSsx0/iWryz3d60Lc3Y/+UZ7fWM9px/3/FfpJz/oPXT5L+a2quxaePuR73/Oe7b00mP89bVz//yzMHvzkxb0d/dt7Zm/17soD/b/0+eGsXPbmxcP3Xrys2b189GmuxZei7S5DOW8x+mn5z/yy/ttOe/++3j9e5Ho0fOf1FsxWBq/i+15pv9fWXOfetCzn+UfnL+76T2ycf/Yc5/+vH/agf9AQAAAAAAAAAAAAAAgIep63r7FtG3IuJCuv+nq3szAYD5yq//dZKXz6vuP+72f9i7H131X62ec10tWH/mWn9aL1Z/1AtZ/2fB+rNwdVs92ZvtIiL+0t6mec/wi0m/DABYZJ9GxN+77gSdkX/B8vf9NdOTXXcGmKsbH3z4oyvXrm1cv9F1TwAAAAAAAACAx5XH/1xrjf98sq7rO2Pr7Rn/9e1Ye9LxPwd5ZneA0SkDVfcffZ8eZqs36vdaw42/ENPG/x7uzj1s/O/BjMcbzmgfzWhfmtG+PKN94o0eLTn/F1rjnZ+MiBNjw6+XMP7r+Jj3Jcj5v9h6Pjf5f2lsvXb+9W8Oc/69Pfmfvvn+T0/f+ODD166+f+W9jfc2fnz+7Nkz5y9cuHjx4ul3r17bOLPz3w57fLBy/nnsa9eBliXnnzOXf1ly/l9ItfzLkvP/YqrlX5acf36/J/+y5PzzZx/5lyXn/0qq5V+WnP+XUy3/suT8X021/MuS8/9KquVflpz/a6mWf1ly/qdSLf+y5PxPp3qf+a8cdL+Yj5x/PsPl+C9Lzj9f2SD/suT8z6Va/mXJ+Z9PtfzLkvN/PdXyL0vO/6upln9Zcv4XUi3/suT8v5Zq+Zcl538x1fIvS87/66mWf1ly/t9ItfzLkvN/I9XyL0vO/5upln9Zcv7fSrX8y5Lz/3aq5V+WnP+bqZZ/WR58/78ZM2bM5Jmu/zIBAAAAAAAAAAAAAOPmcTlx1/sIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB/2YEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUV9u4tRq67vgP4mb1540BiIKROasLGMcY4m+z6El9oXUy4NtxKQij0gu1612bBN7x2CTSqHQVKJIyKKtqGh7aAUJuXCqvigVaA8oBaVaoE7QN9QVSoPERVQAGpKq0gW82c//+/M7OzM7ve8ebMOZ+PlPyyM2fmnDnzn9n92vnuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM3ufMPsp2pZltVqtfyCTVn2ovq8YWJT45LXvrDHBwAAAKzdLxr/fu7mdMHhFdyoaZt/uuPbX11YWFjI3jf8p6OfW1hIV0xk2eiGLGtcF139wftrzdsEj2fjtaGmr4d67H64x/UjPa4f7XH9WI/rN/S4frzH9UtOwBI3ZLV0Z9sa/7kpP6XZLdlo47ptHW71eG3DUP3cpdtmtcZtFkZPZHPZqWw2m27ZPt+21tj+63fW9/XWLO5rqGlfW+or5CePHo/HUAvneFvLvhbvM/rR67OJn/7k0eN/feHZ2zrNnqeh5f7y49yxtX6cnwiX5MdayzakcxKPc6jpOLd0eE6GW46z1rhd/b/bj/O5FR7n8OJhrqv253w8G2r893ca52mklnU4T1vCZT+7K8uyy4uH3b7Nkn1lQ9nGlkuGFp+f8XxF1u+jvpRemo2sap3euYJ1Wp8z21rXaftrIj7/d4bbjSxzDM1P048eG2t63n++cC3rNKo/6uVeK+1rsN+vlaKswbguvtN40E90XIPbwuN/dPvya7Dj2umwBtPjblqDW3utwaGx4cYxpyeh1rjN4hrc1bL9cGNPtcZ8Znv3NTh14fS5qfmPffyeudPHTs6enD2zZ9eu6T379h04cGDqxNyp2en839d4totvYzaUXgNbw7mLr4FXt23bvFQXvji25P33Wl+H411eh5vatu3363Ck/cHV1ucFuXRN56+N99RP+viVoWyZ11jj+dm59tdhetxNr8ORptdhx+8pHV6HIyt4Hda3ObdzZT+zjDT90+kYlv9esLY1uKlpDbb/PNK+Bvv980hR1uB4WBff27n894It4XifmFztzyPDS9Zgerjhvad+Sfp5f/xAY3Ral7fXr7hxLLs4P3v+3keOXbhwflcWxrp4WdNaaV+vG5seU7ZkvQ6ter0enrvjids7XL4pnKvxe+r/Gl/2uapvs/fe7s9V47tb5/PZcunuLIw+W+/z2em7ef18jmXZ57/12IPfePTzb1j2fNbz5iem1v6zeMqlTe+/o8u8/8bc/3y+v3RXjw+PjuSv3+F0dkZb3o9bn6qRxntXrbHv56ZW9n48Gv5Z7/fjW7q8H29u27bf78ej7Q8uvh/Xev1px9q0P5/jYZ2cmu7+flzfZvPu1a7Jka7vx3eFWQvn/zUhKaRc1LR2llu3aV8jI6PhcY3EPbSu0z0t24+GbFbf11O7r22d7rgrv6/h9OgWrdc6nWjbtt/rNP3Z13LrtNbrT9+uTfvzOR7WxS17uq/T+jZP7137e+cN8T+b3jvHeq3B0eGx+jGPpkXYeL/PFm6Ia/De7Hh2NjuVzTSuHWusp1pjX5P3rWwNjoV/1vu9cnOXNbijbdt+r8H0fWy5tVcbWfrg+6D9+RwP6+LJ+7qvwfo2b9zf359dd4RL0jZNP7u2//nacn/mdXvbabpea2UkHOe39nf/s9n6NqcOrDZndj9Pd4dLbuxwntpfv8u9pmay9TlPm8NxPntg+fNUP576Np87uML1dDjLsksfub/x573h71f+7uJ3v9ry9y6d/k7n0kfu//GLT/zjao4fgMH3fD425t/rmv5maiV//w8AAAAMhJj7h8JM5H8AAAAojZj74/8Vnsj/AAAAUBox94+EmVQk/29+47Nzz1/KUjN/IYjXp9PwQL5d7LhOh68nFhbVL7//y7P//Q+XVrbvoSzLfv7AH3TcfvMD8bhyE+E4r76p9fIlvnrPivZ99OFLab/N/fUvhPuPj2ely6BTBXc6y7Kv3/yZxn4m3n+lMZ9+4GhjPnj5icfr2zx3MP863v6Zl+Xb/0Uo/x4+cazl9s+E8/DDMKff1vl8xNt95cprtux/7+L+4u1qW29qPOwnP5Dfb/w9OZ99PN8+nufljv8bn37qK/XtH3lV5+O/NNT5+J8K9/vlMP/3Ffn2zc9B/et4u0+G44/7i7e790vf7Hj8Vz+Vb3/uzfl2R8OM+98Rvt725mfnms/XI7VjLY8re0u+Xdz/9Hf/uHF9vL94/+3HP37kSsv5aF8fT/9bfj9TbdvHy+N+or9v23/9fprXZ9z/U390tOU899r/1QefeUX9ftv3f3fbduc+srOx/8X7a/2NTX/5yc903F88nsN/e67l8Rx+d3gdh/0/+YGwHsP1/3c1v7/2365w9N2t7z9x+y9sutTyeKK3/jTf/9XXnWzMDeM3bLzxRS++6fIr6+cuy76zIb+/Xvs/+VdnW47/i7fm5yNeHzv67ftfTtz/+Y9Onjk7f3FuJp3VR29u/O6ct+fHE4/35vDe2v71kbMXPjh7fmJ6YjrLJsr7K/Su2ZfC/HE+LnffemHJO+jOh8Pzefuff33j9n/9dLz839+TX37lbfn3rVeH7T4bLt8Unr/V7X+pJ++8tfH6rj0djnBh6e8LXost2/7rwIo2DI+//eeCuN7PvfyDjfNQv67xfSO+rtd4/N+fye/na+G8LoTfzLz11sX9NW8ffzfClYfy1/uaz194m4vP69+E5/sdP8zvPx5XfLzfDz/HfHNz6/tdXB9fuzTUfv+N3+JxObyfZJfz6+NW8Xxfee7WjocXfw9Jdvm2xtd/ku7ntlU9zOXMf2x+6tTcmYuPTF2Ynb8wNf+xjx85ffbimQtHGr/L88iHet1+8f1pY+P9aWZ2396s8W51Nh/X2Qt9/OcePj6zf3r7zOyJYxdPXHj43Oz5k8fn54/PzsxvP3bixOxHe91+bubQrt0H9+zfPXlybubQgYMH9xycnDtztn4Y+UH1sG/6w5Nnzh9p3GT+0N6Du+67b+/05OmzM7OH9k9PT17sdfvG96bJ+q1/f/L87KljF+ZOz07Oz3189tCug/v27e752wBPnzsxPzF1/uKZqYvzs+en8scycaFxcf17X6/bU07z/5H/PNuulv8ivuxdd+9Lv5+17suPLXtX+SZtv0D02fC7aP75JecOrOTrmPtHw0wqkv8BAACgCmLuHwszkf8BAACgNGLu3xBmIv8DAABAacTcPx5mUpH8X7r+/+ZLK9q//r/+f/P50v+vWP//oaL1//P3C/3//lhr/17/P9D/1//X/9f/1/+nD4rW/4+5/4Ysq2T+BwAAgCqIuX9jmIn8DwAAAKURc/+NYSbyPwAAAJRGzP0vCjOpSP7X/9f/1//X/9f/77x//f/BpP/fnf5/D/r/U1m1+v+X+3n8+v/6/yxVtP5/zP0vDjOpSP4HAACAKoi5/6YwE/kfAAAASiPm/pvDTOR/AAAAKI2Y+zeFmVQk/+v/6//r/+v/6/933r/+/2DS/+9O/78H/X+f/6//r/9PXxWt/x9z/0vCTCqS/wEAAKAKYu5/aZiJ/A8AAADFM3JtN4u5/2VhJkvy/zXuAAAAAHjBxdx/S9ZWBK/I3//r/+v/F7//vyFdp/+v/58Vsv8/nOn/F4f+f3f6/z3o/+v/6//r/9NXRev/N3J/Np69PMykIvkfAAAAqiDm/lvDTOR/AAAAKI2Y+38pzET+BwAAgNKIuX9zmElF8r/+v/5/8fv/Pv9f/7/o/X+f/18k+v/d6f/3oP+v/6//r/9PXxWt/x9z/21hJhXJ/wAAAFAFMfffHmYi/wMAAEBpxNz/y2Em8j8AAACURsz9W8JMKpL/9f8L3v+PzVH9f/1//X/9f/3/FdH/707/vwf9f/1//X/9f/qqaP3/mPtfEWZSkfwPAAAAVRBz/x1hJvI/AAAAlEbM/a8MM5H/AQAAoDRi7p8IM6lI/tf/L3j/P+/Bj/n8f/1//X/9f/3/ldH/707/vwf9f/3/vvT/Fy7p/+v/kyta/z/m/jvDTCqS/wEAAKAKYu7fGmYi/wMAAEBpxNx/V5iJ/A8AAAClEXP/tjCTiuR//f+B6P9n+v/6//r/+v/6/yuj/9+d/n8P+v/6/z7/X/+fvipa/z/m/leFmVQk/wMAAEAVxNy/PcxE/gcAAIDSiLn/1WEm8j8AAACURsz9O8JMKpL/9f/1//X/9f/1/zvvX/9/MOn/d6f/34P+v/6//r/+P31VtP5/zP2vCTOpSP4HAACAKoi5f2eYifwPAAAApRFz/91hJvI/AAAAlEbM/ZNhJhXJ//r/+v/6//r/+v+d96//P5j0/7vT/+9B/1//X/9f/5++Klr/P+b+e8JMKpL/AQAAoApi7r83zET+BwAAgNKIuX8qzET+BwAAgNKIuX86zKQi+V//X/9f/1//f1X9/1cu3q/+f07/v1j0/7vT/+9B/1///wXv/4/q/1MqRev/x9y/K8ykIvkfAAAAqiDm/t1hJvI/AAAAlEbM/XvCTOR/AAAAKI2Y+/eGmVQk/+v/6//r/+v/+/z/zvvX/x9M+v/d9b//Hx+i/r/+v/6/z//X/2epovX/Y+6/L8ykIvkfAAAAqiDm/n1hJvI/AAAAlEbM/fvDTOR/AAAAKI2Y+w+EmVQk/+v/6//r/+v/6/933r/+/2DS/+/O5//3oP+v/6//r//PGj30h81fFa3/H3P/wTCTiuR/AAAAqIKY+18bZiL/AwAAQGnE3P8rYSbyPwAAAJRGzP2/GmZSkfyv/9/SPa8/XP1//X/9f/3/Bv3/waT/353+fw/6//r/+v/6//TVsv3/EL3Xu/8fc/+hMJOK5H8AAACogpj7fy3MRP4HAACA0oi5/3VhJvI/AAAAlEbM/YfDTCqS//X/ff6//r/+v/5/5/2vd/9/LN6v/v+a6P93p//fg/6//r/+v/4/fVW0z/+Puf/1YSYVyf8AAABQBTH33x9mIv8DAABAacTc/4YwE/kfAAAASiPm/jeGmVQk/+v/6//r/+v/6/933r/P/x9M+v/d6f/3oP+v/6//r/9PXxWt/x9z/5vCTCqS/wEAAKAKYu5/c5iJ/A8AAAClEXP/W8JM5H8AAAAojZj73xpmUpH8r/+v/6//r/+v/995//r/g0n/vzv9/x70//X/9f/1/+mrovX/Y+7/9TCTiuR/AAAAqIKY+x8IM5H/AQAAoDRi7n9bmIn8DwAAAKURc//bw0wqkv/1//X/9f/1//X/O+9f/38w6f93N2D9/1/cFC7X/8/p/xf7+Ffb/x9p+/q69P9/sFz/f2FD++31/7keitb/j7n/HWEmFcn/AAAAUAUx978zzET+BwAAgNKIuf9dYSbyPwAAAJRGzP2/EWZSkfyv/18/jsX2sv5/Wfv/Q/r/+v/6/xWh/9/dgPX/ff5/G/3/Yh+/z//X/2epovX/Y+5/d5hJRfI/AAAAVEHM/Q+Gmcj/AAAAUBox9z8UZiL/AwAAQGnE3P+eMJOK5H/9f5//X43+v8//z/T/9f8rQv+/O/3/HvT/9f+L1v//T/1/BlvR+v8x9z8cZlKR/A8AAABVEHP/e8NM5H8AAAAojZj7fzPMRP4HAACA0oi5/31hJhXJ//r/g9L/nxjQ/v9j+v/Xsf9/x035dvr/+v8s0v/vTv+/B/1//f+i9f99/j8Drmj9/5j73x9msvL8P77iLQEAAIAXRMz9vxVmUpG//wcAAIAqiLn/t8NM5H8AAAAojZj7fyfMpCL5X/9/UPr/Pv8/0//3+f9tj0f/X/+/k/Xr/8d3Hv1//X/9/0j/X/9f/592Rev/x9z/u2EmFcn/AAAAUAUx938gzET+BwAAgIHQ6f/Jbhdz/5EwE/kfAAAASiPm/qNhJhXJ//r/+v/6/wXt///Z1n/53rffeXSX/r/+v/7/qqzr5//XX/w+/1//X/8/0f/X/9f/p13R+v8x9x8LM6lI/gcAAIAqiLn/98JM5H8AAAAojZj7j4eZyP8AAABQGjH3z4SZVCT/6//r/+v/F7T/P8Cf/x/Ph/5/q771/+Obrv5/R3n/Pq2i69v/f+9iT1z/f7X9/7GOl+r/6/8P8vHr/+v/s1TR+v8x98+GmVQk/wMAAEAVhNw/dCKfi1fI/wAAAFAaMfefDDOR/wEAAKA0Yu7/YJhJRfK//r/+v/6//r/P/++8/279/9qIz/8vqtS//1njhaL/36Y4/f/O9P/1/wf5+PX/9f9Zqmj9/5j758JMKpL/AQAAoApi7v9QmIn8DwAAAKURc/+Hw0zkfwAAACiNmPtPhZlUJP/r/+v/6//r/+v/d95/YT//X/+/q7X27/X/A/3/avf//0f/X/9f/5/+KFr/P+b+02EmFcn/AAAAUAUx958JM5H/AQD+n707abKzLvs4fvp5wpNO8SzcuXBjlUtfAgtd6wtw4caNVZYLJ1ScCc4jioqzIjgPOIAgooLzAE4ozqDiPA84IUrFonNdV9Ldd9+nOzndfd///+ezyCVtmnOkUgm/dL7eANCM3P2PjVvsfwAAAGhG7v7HxS2d7H/9/9n0/6cqZf3/5vc/if7/Qfr/nV5f/6//b5n+f5z+fwn9v+f/6//1/6zU1Pr/3P2Pj1s62f8AAADQg9z9T4hb7H8AAABoRu7+8+MW+x8AAACakbv/iXFLJ/t/S/+/tuiz/8+M1/P/W+r/Pf9/x9fX/+v/W3aw/f9F9/7Mp//X/+v/g/5/V/3/0Z0+X/9Pi6bW/+fuf1Lc0sn+BwAAgB7k7n9y3GL/AwAAQDNy918Qt9j/AAAA0Izc/U+JWzrZ/6t7/v+xjY/PtP8v+n/9/8YH9P/6f/3/bHn+/7ie+v/zbz33MXdee7/r9vL6+n/9v+f/6/9Zran1/7n7nxq3dLL/AQAAoAe5+58Wt9j/AAAA0Izc/U+PW+x/AAAAaEbu/mfELZ3s/9X1/7N+/n/R/+v/Nz6g/9f/6/9nS/8/rqf+/0xeX/+v/9f/6/9Zran1/7n7nxm3dLL/AQAAoAe5+58Vt9j/AAAA0Izc/RfGLfY/AAAANCN3//G4pZP9r//f//7/Hv2//j+u/l//r//ff/r/cfr/JfT/+n/9v/6flZpa/5+7/6K4pZP9DwAAAD3I3f/suMX+BwAAgGbk7n9O3GL/AwAAQDNy9z83bulk/+v/Pf9f/6//1/8Pv77+f570/+P0/0vo/8+2nz9H/6//1/9zuj32/3eP/LS9kv4/d//z4pZO9j8AAAD0IHf/8+MW+x8AAACakbv/BXGL/Q8AAADNyN3/wrilk/2v/9f/6//1/2fc/2//obdB/z9M/38w9P/jJtP/rx0Z/LD+f/b9v+f/6//1/2wytef/5+5/UdzSyf4HAACAHuTuf3HcMrL/9/yb+QAAAMChyt3/krjF1/8BAABg9rI6y93/0rilk/2v/9f/6//1/57/P/z6Y/3/dae9P/3/tOj/x02m/9+B/l//P+f3r//X/7Pd1Pr/3P0vi1s62f8AAADQg9z9F8ct9j8AAAA0I3f/y+MW+x8AAACakbv/FXFLJ/t/uP8/9d/r/3dH/7/5/ev/h398rKr/z7+j/n+0/3+w5//3Sf8/7uD7/6P6/81/f/3/Pjrs9994/39s2efr/xkytf4/d/8lcUsn+x8AAAB6kLv/lXGL/Q8AAADNyN3/qrjF/gcAAIBm5O5/ddzSyf73/H/9v/5/fv2/5/+fdJjP/18ceP9/RP+/S/r/cZ7/v4T+X/+v//f8f1Zqav1/7v5L45ZO9j8AAAD04NK7Fhu7/zWLhf0PAAAAc3T6nx3Y+gdKQ+7+18Yt9j8AAAA0I3f/6+KWTva//l//r//X/+v/h19/Wv2/5//vlv5/nP5/Cf3/fvTzRxrr/y/b6fOn0P9fqP9nYjb1/zec+vhh9f+5+18ft3Sy/wEAAKAHufvfELfY/wAAANCM3P1vjFvsfwAAAGhG7v43xS2d7P997/+P7fza+n/9v/5f/6//1/+vmv5/nP5/Cf2/5/97/r/+n5U61f9v/vnwsPr/3P1vjls62f8AAADQg9z9b4lb7H8AAABoRu7+y+IW+x8AAACakbv/rXFLJ/vf8//1//p//b/+f/j19f/zpP8fp/9fQv+v/9f/6/9ZqU3P/z/NYfX/ufsvj1s62f8AAADQg9z9V8Qt9j8AAAA0I3f/2+IW+x8AAACakbv/7XFLJ/tf/7+//X9+XP+v/1/o//X/+v8D0W3/vzb0K9F2O/T/Nz/q+EM3f0T/r//X/+v/9f+swCT6/xOn/u0yd/874pZO9j8AAAD0IHf/O+MW+x8AAACakbv/XXGL/Q8AAADNyN3/7rhlj/v/Pit9VwdH/+/5//p//b/+f/j19f/z1G3/v0ue/7+E/l//r//X/7NSk+j/T/vr3P3viVt8/R8AAACakbv/vXGL/Q8AAADNyN3/vrjF/gcAAIBm5O5/f9zSyf7X/+v/9f/6f/3/8Oufaf+/vhim/z8Y+v9x+v8l9P/6f/2//p+Vmlr/n7v/yrilk/0PAAAAPcjd/4G4xf4HAACAZuTu/2DcYv8DAABAM3L3fyhu6WT/6//1//p//b/+f/j1Pf9/nvT/4/T/i8XiqpE3MNT/nziq/9f/6//1/5yhqfX/ufs/HLd0sv8BAACgB7n7r4pb7H8AAABoRu7+q+MW+x8AAACakbv/I3FLJ/tf/6//1//r//X/w6+v/58n/f84/f8Snv+v/9f/6/9Zqan1/7n7r4lbOtn/AAAA0IPc/dfGLfY/AAAANCN3/0fjFvsfAAAAmpG7/7q4pZP9r//X/+v/9f/70v8f1/9vpf8/GPvX/y/0//p//f8S+n/9v/6frQ6q/787fr5f1v/n7v9Y3NLJ/gcAAIAe5O6/Pm6x/wEAAKAZufs/HrfY/wAAANCM3P2fiFs62f/6f/2//l//7/n/w6+v/58nz/8fp/9fQv+v/9f/6/9ZqYPq/3fq/bf+de7+T8Ytnex/AAAA6EHu/hviFvsfAAAAmpG7/8a4xf4HAACAZuTu/1Tc0sn+1//r/zf3/4uF/l//r/8/6QD6//WF/n/l9P/j9P9L6P/b7P//Z9FQ/39sx8/X/zNFU+v/c/d/Om7pZP8DAABAD3L3fyZusf8BAACgGbn7Pxu32P8AAADQjNz9n4tbWtr/9+ycvs2//z+65RP1/4vF4rYLPP9f/z/y+vr/yfT/9U9V/786+v9x+v8l9P9t9v+e/6//59BMrf/P3f/5uKWl/Q8AAACdy93/hbjF/gcAAIBm5O7/Ytxi/wMAAEAzcvd/KW7pZP/Pv//f+on6/8VZPf9f/7/xAf2//l//P1tn299fvh6/pun/9f/6/8F+fm2Hf+9Z6P/1//p/Bkyt/8/d/+W4pZP9DwAAAD3I3X9T3GL/AwAAQDNy998ct9j/AAAA0Izc/V+JWzrZ//p//b/+f579/7r+X/+v/x80lef/n3feQ27R/+v/W+z/x+j/9f/6f7aaWv+fu/+rcUsn+x8AAAB6kLv/a3GL/Q8AAADNyN3/9bjF/gcAAIBm5O7/RtzSyf7f3v+fszhZqJ401P9Ho6b/P43+f/P71/8P//jw/H/9v/5//02l//f8/zN7//p//f+c3/+e+v/7b/98/T8tmlr/n7v/lrilk/0PAAAAPcjd/824xf4HAACAZuTu/1bcYv8DAABAM3L33xq3dLL/Pf9f/6//1//r/4dfX/8/T/r/cfr/JfT/Z9/P58+q+v/5Pv//f/X/rM7U+v/c/d+OWzaG3wP+/wz/ZwIAAAATkrv/O3FLJ1//BwAAgB7k7v9u3GL/AwAAQDNy938vbulk/+v/9f/6f/2//n/49fX/86T/H6f/X6Kf/n996IOH3c+frcN+/830/57/zwpNrf/P3f/9uKWT/Q8AAABtu2vj29z9P4hb7H8AAABoRu7+H8Yt9j8AAAA0I3f/bXFLJ/tf/6//b7//f4T+f8vr6//1/y3T/+ev6MP0/0v00/8POux+fu7vX/+v/2e7qfX/uftvj1s62f8AAADQg9z9P4pb7H8AAABoRu7+H8ct9j8AAAA0I3f/T+KWTva//r+v/n9t0WP/7/n/+n/9f0/m0/9fcWToo57/r//X/8/3/ev/9f9sN7X+P3f/HWtHutz/AAAAMFcPe+Cjb9/t971j49v1xU/jFvsfAAAAmpG7/2dxi/0PAAAAzcjd//O4pZP9r//vq//v8/n/+n/9v/6/J/Pp/4fp//X/+v/5vn/9v/6f7abW/+fu/0XcctrwG/w/6AEAAAAOz//t7bvn7v9l3NLJ1/8BAACgB7n7fxW3bNv/J3b5p9oBAACAqcnd/+u4pZOv/+v/J97/L/ap/4/vp/8/Sf+v/x96ff3/POn/x51l/39iTf+v/x+h/9f/6//Zamr9f+7+669ZdLn/AQAAoFGbfkfhNxvfri9+G7fY/wAAANCM3P2/i1vsfwAAAGhG7v7fxy2d7H/9/8T7/zN6/v+x+k+e/995/3/x+uDr6//1/y3T/4/z/P8l9P/6f/2//p+V2kP/vzFI97v/z93/h7ilk/0PAAAAPcjd/8e4xf4HAACAZuTu/1PcYv8DAABAM3L3/zlu6WT/6/8Pof+/5Ohisa/9/y6e/6//76P/3+H12+n/73vu8Zse/sirr9T/c8pB9v/5Y0H/r//X/5+k/9f/6//ZamrP/8/d/5e4pZP9DwAAAD3I3X9n3GL/AwAAQDNy9/81brl3/994WO8KAAAAWKXc/X+LWzr5+r/+v8Xn/8+z/89/1ofQ/x+fX/+fTXHv/b/n/+v/t/P8/3H6/yX0//p//b/+n5WaWv+fu//vcUsn+x8AAAB6kLv/H3FL7v+1Pf/WPQAAADAxufv/Gbf4+j8AAAA0I3f/XXFLJ/tf/6//n0r/nzz//9Tnef7/Sfp//f9e6P/H6f+X0P/r//X/+n9Wamr9f+7+f8Utnex/AAAA6EHu/rvjFvsfAAAAmpG7/99xi/0PAAAAzcjd/5+4pZP9r//X/+v/9f/6/+HX1//Pk/5/nP5/Cf2//l//r/9npabW/+fu/28AAAD//xDQcaQ=")
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x128)
open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000500)='./binderfs/binder1\x00', 0x800, 0x0)
r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VIDIOC_DQBUF(r6, 0xc0585611, &(0x7f0000000280)=@multiplanar_userptr={0x1000, 0x9, 0x4, 0x20, 0x7, {0x0, 0xea60}, {0x3, 0x2, 0xd6, 0x8, 0x7, 0x80, "6185a231"}, 0xffffffff, 0x2, {&(0x7f00000001c0)=[{0x6, 0xfffffffc, {0x0}, 0x4}, {0x400, 0xf8000000, {0x0}, 0x5}]}, 0x3})
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

13.01567025s ago: executing program 3 (id=416):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
add_key$fscrypt_v1(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0xfffffffe, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@bridge_delneigh={0x38, 0x1e, 0x1, 0x0, 0x4, {0x2}, [@NDA_CACHEINFO={0x14, 0x3, {0x5, 0x6000000, 0x0, 0x8}}, @NDA_DST_IPV4={0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x38}, 0x1, 0x0, 0x0, 0x93}, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x2004cb], 0xeeee0000, 0x202})
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000300)={[{0x1, 0x7fff, 0xe0, 0x5, 0x0, 0x2, 0x4, 0x1, 0x0, 0xfe, 0x81, 0xd, 0x7f}, {0x0, 0x0, 0xff, 0xff, 0x4, 0x0, 0x81, 0x0, 0x60, 0x2, 0x0, 0x4, 0x200000000000009}, {0x7, 0x81, 0x0, 0x11, 0x5, 0x9, 0xf8, 0x2, 0xfd, 0x7, 0x0, 0x8, 0x100000e0ee}]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

8.939086279s ago: executing program 3 (id=420):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
munlockall()
syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd5e, 0x240000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000040), 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x66, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x7}, 0x1c)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x2, @in=@broadcast, 0x6, 0x4, 0x3}]}]}, 0xfc}}, 0x0)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x20, 0x4001c00)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, 0x0, 0x48000)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'tunl0\x00'})

8.938120879s ago: executing program 6 (id=430):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x35}}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x54, 0x2, 0x6, 0x401, 0x0, 0x2000000, {0x0, 0x0, 0x5}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x0}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000014}, 0x0)
connect$inet(r1, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
r3 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000080), 0x3, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=")
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x1810754, &(0x7f00000001c0)={[{@jqfmt_vfsold}, {@errors_continue}, {@delalloc}, {@prjquota}, {@usrquota}, {@resuid={'resuid', 0x3d, 0xee00}}, {@usrjquota, 0x5}, {@min_batch_time={'min_batch_time', 0x3d, 0xfffffffc}}, {@nodiscard}, {@test_dummy_encryption}]}, 0xff, 0x46e, &(0x7f0000000e40)="$eJzs281vFOUfAPDvzG7L249fKyIKgjSisfGlpQWVgxeNJh40MdEDHmtbCLJQQ2sihGg1Bo+GxLvxaOJf4MmTUU8mXvVuSIgSE9CYsGZmZ9ruslsK3bKE/XySaZ9n59mZ57vzPDPPzLMbQN8ayf4kEf+LiF8jYqiRbS4w0vh37cr56b+vnJ9Ool5/84/BvNzVK+eny6Ll+7YVmdE0Iv00KXbSbP7suZNTtdrsmSI/vnDqvfH5s+eeOXFq6vjs8dnTk0eOHD408fxzk892Jc4svqt7Ppzbu/vVty++Pn304js/fpPVd9e+xvqVcXTLSBb4n/Vc67rHu72zHrteX44zqfa6NqxVJSKywzWQ9/+hqMTywRuKVz7paeWADZWdsze1ebn4v1gH7mFJ9LoGQG+UF/zs/rdc7uDwo+cuv9i4AcrivlYsjTXVSIsyAxu4/5GIOLr4z5fZEi3PIZaOz+AGVgAA6DvfZeOfp9uN/9LYtaLc/4u5oeGIuC8idkTE/RGxMyIeiMjLPhgRD93i/lunhm4cf6aXbiuwNcrGfy8Uc1vN479y9BfDlSK3PY9/IDl2ojZ7sPhMRmNgU5afaLfxchMv//J5p/2vHP9lS7b/cixYbORSteUB3czUwlS3BqWXP47YU20Xf7I0E5BExO6I2LPmrS5G8fHkTjz59d5OJW8e/yq6MM9U/yriicbxX4yW+EvJ6vOT45ujNntwvGwVN/rp5wtvdNp/2/ivb19/YGuUHf+tze1/aV0l/zv0V7JyvnY+bvmG5MJvn3W8p6zeZvsfTN7K53TLmnwwtbBwZiJiMHktovX1yeX3lvmyfBb/6IH2/X9H8Z4s/ocjImvE+yLikYjYHxH/FvfQj0bEgVXi/+Glx97ttG5d7T9iyxrLdZTFP9P2/LfU/oebj/+tJyonv//29uPPjv/hPDVavJKf/26ic3U2FyWWWzMAAADc69L8u/FJOraUTtOxscZ3+HfG1rQ2N7/w1LG590/PNL5DPxwDafmka2jF89CJZLHYYiM/WTwrLtcfKp4bf1HZkufHpudqMz2OHfrdtub+v7/s/5nfK72uHbDh/F4L+ldr/097VA/gznP9h/6l/0P/0v+hf7Xr/x+15M0FwL3J9R/6l/4P/Uv/h/6l/0NfWs/v+jcqUV3l1/sSd0si0ruiGhItiUgaF/RN6+zdvT4zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMd/AQAA///gq/is")
sendmmsg$inet(r1, &(0x7f0000004d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x1, 0x4044f01)
ioctl$BTRFS_IOC_GET_FEATURES(r3, 0x80189439, &(0x7f00000000c0))
sendmsg$nl_generic(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="1400000034000107000000000000000005"], 0x14}, 0x1, 0x0, 0x0, 0x4044840}, 0x0)

8.866023871s ago: executing program 4 (id=421):
syz_open_dev$ptys(0xc, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d40)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000700)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x50cd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000780)='contention_end\x00', r0}, 0x18)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f00000022c0), 0x2, 0x0)
write$vhost_msg_v2(r1, &(0x7f0000002240)={0x2, 0x0, {0x0, 0xe0749d04fc370ad3, 0x0, 0x2, 0x2}}, 0x48)
r2 = syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="1201000000000008ef0ec4720000000000010902240001000090000904000001030000f3082103000001220500090581ab3eba5fd00867ca69030000070000a359a672dbedc2bec517720d2681f4dab59fe3278f7c036c6fe46070883578c029478209ea0990ab5c5468cb58496f38ce8230fe063a3c3a7284607bfc31fae122f634ecfcb1f961bb7b14fcfcf93d8cadfd1323c5dc1b98d0f7d4b92d60432dff04885353ae9bb5a7865477a62c934b1525da53a771c128d8bd167b68d692731c3ae723d2e96292195d811a858b2a6ba8d5639ebac6d05c251eaf8a92d31d99117af75f0193a45af7484500400bfa9cb4c7efae4d05732176769d3a8b54721cef71342c9459e7def8b84569b1a334e2f7d03973a029cb3cf6ec8c1a021007a9f23c4cea7b2f6273e740"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io(r2, &(0x7f0000000000)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="0003050000001408b1"], 0x0, 0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000604000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000007c0)=ANY=[@ANYBLOB="300000000b06010200c300000000000005000008050001000700000009000200737d7a3200fb760e4e811422000078f30d743b2f2be400f9677c207dac48c81a22fad18a82eba6a7d00a51c7e34a8960ada3ada7a1f71666dd0da1102ff2c59b10b37b"], 0x30}, 0x1, 0x0, 0x0, 0x2000c020}, 0x814)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000060000000a00000000000000", @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="0200000001000000000000000000000000c8475050502ddba7dc5254571eb7eb45000000000000000000"], 0x50)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0xb, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x61)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(r5, 0x0, 0x0)
mount$9p_rdma(&(0x7f00000000c0), &(0x7f0000000140)='.\x00', &(0x7f00000001c0), 0x10000, &(0x7f0000000480)={'trans=rdma,', {'port', 0x3d, 0x4e23}})
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r5)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r7, &(0x7f00000005c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000580)={&(0x7f0000000980)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="ba756082afef0a0095064fb7cf3bcf81ad45f2499badcc5a3ed8ae4e5270e65b69b3b8a96b6f9cfb69c4f195cca65c4768d50a91da4689e2029447d82b8cac13a3ef845c3e591cb16b49060000008aa466c5117c3748cb79a5809974a370d8eac20686e664a323e773a322ae18f9fe7358d9851426c193ef1b6dec798ec090dbc571f21d29d53bfd6981f34dc0262d55e5e833a98acf36c4114cd54a479a0257cb89e99a66632ddd796bf86c789bfeece2b765dba46d07cccbf03e88cf929ddcbe4997d24b7c6cc3faf578caf7c365ac3452a6bdf2ce1cc03edb98df2ba4f78665cdc8ad9517e7656dd051c8ccba69882397157d5d1c9c9102f9f545adda3d65ce577f9ac81b8c2d8ab75d28e31db3b0aebce5d5acbeae89c083e11bfcab2f64224c0c8a806f96680032caaf38c6969dfcf4a453a1dc8c48b2e15da45bef55a56dd977f7e6ba8110b97ad285823e25f6d3bcc3e01bc5244edbb70d476880ab474af7ca3f685e1fdb500fd6d83a4097fa90f20682b7aeacabcf8cb82b870382d9c2157a83371156ce3890fb309d6e6093ff044c4b17d25b", @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x40004}, 0x24000011)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000100)={'team0\x00', <r9=>0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtaction={0x68, 0x30, 0xb, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0x4, 0x6, 0x6}, 0x4, r9}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x2000a804)

8.828564411s ago: executing program 0 (id=422):
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mkdir(&(0x7f00000008c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
r0 = creat(&(0x7f0000001200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa)
r1 = fanotify_init(0xf00, 0x0)
fanotify_mark(r1, 0x105, 0x40009975, r0, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
mknodat(r2, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)

8.816832262s ago: executing program 5 (id=423):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SFACILITIES(r0, 0x89e3, &(0x7f00000000c0)={0x42, 0x800000, 0x8, 0x7, 0xfffffffd})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = semget$private(0x0, 0x5, 0x30)
semctl$IPC_STAT(r1, 0x0, 0x2, &(0x7f0000000240)=""/206)
semctl$IPC_RMID(r1, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a1810039000000000bf0fffffefdff0e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x14)
r4 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$VFIO_CHECK_EXTENSION(r4, 0x3b65, 0x1)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCADDDLCI(r3, 0x8980, &(0x7f00000001c0)={'lo\x00', 0x7})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000000))
add_key$fscrypt_v1(&(0x7f0000000000), 0x0, &(0x7f0000000100)={0x0, "4b0a00c13cd6cfef5df35e1d5c2cd83ec8331c81a09875c137d35494701f22acbd1c110c6ab4c8829dfb7154e1476a3cfeab3096b43788d7c435b4a89e2fdc93"}, 0x48, 0xffffffffffffffff)
sendmsg$BATADV_CMD_TP_METER(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x3c, r6, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x80)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)

8.567136705s ago: executing program 6 (id=424):
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x3)
syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0)
syz_open_dev$sndpcmp(0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'syztnl0\x00', &(0x7f0000000180)={'syztnl1\x00', <r1=>0x0, 0x2f, 0xe1, 0x7, 0xd220, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1, 0x7, 0x20, 0x3, 0x4}})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001640)=@newqdisc={0x23c, 0x24, 0x10, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0xe, 0x88a06bbbaeab0cf8}, {0x4}, {0xe, 0x1}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x0, 0xffffffff, 0x80400000}}}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x7}, @qdisc_kind_options=@q_blackhole={0xe}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x3}, @qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x80000001}}, @TCA_STAB={0x100, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x2, 0x5, 0x4, 0x2, 0x2, 0x8, 0x1, 0x6}}, {0x10, 0x2, [0x7, 0x8, 0x7a5b, 0x3, 0x332c, 0x0]}}, {{0x1c, 0x1, {0x4, 0x3a, 0x0, 0xffff, 0x1, 0x18, 0x6, 0x3}}, {0xa, 0x2, [0x7, 0xc, 0x6]}}, {{0x1c, 0x1, {0x5, 0xf4, 0xffff, 0x2, 0x0, 0x80, 0x417, 0x7}}, {0x12, 0x2, [0x9, 0x60, 0xfffa, 0x9f4a, 0x9, 0x1, 0x4]}}, {{0x1c, 0x1, {0x10, 0xc, 0x9, 0xf, 0x2, 0x2, 0x0, 0x5}}, {0xe, 0x2, [0x4, 0x2, 0x4, 0x2, 0x6]}}, {{0x1c, 0x1, {0x2, 0x4, 0x3, 0xfffffc00, 0x0, 0x5, 0xe, 0x3}}, {0xa, 0x2, [0xa, 0x2, 0x100]}}, {{0x1c, 0x1, {0x9, 0x9, 0x9a54, 0x7, 0x2, 0x4, 0xc7, 0x2}}, {0x8, 0x2, [0xd, 0x68eb]}}]}, @TCA_STAB={0xac, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x4, 0x7, 0x9, 0x7ff, 0x2, 0x6, 0x1, 0x5}}, {0xe, 0x2, [0x8, 0x8001, 0x10, 0x7995, 0x2]}}, {{0x1c, 0x1, {0x3, 0x7, 0x3, 0xa20, 0x1, 0xeb, 0x3, 0x5}}, {0xe, 0x2, [0x40, 0x0, 0x814, 0xfff, 0x6]}}, {{0x1c, 0x1, {0x4, 0x3, 0x3, 0x5e, 0x0, 0x10001, 0x3bb6, 0x3}}, {0xa, 0x2, [0x100, 0x4, 0x7fff]}}, {{0x1c, 0x1, {0x7c, 0x8, 0xe, 0x1, 0x0, 0x0, 0x8, 0x4}}, {0xc, 0x2, [0x9, 0x6, 0x20a7, 0x8]}}]}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x4000}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x5}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x9}]}, 0x23c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
recvfrom$inet_nvme(0xffffffffffffffff, &(0x7f0000000640)=""/4096, 0x1000, 0x2000, &(0x7f0000000380)=@generic={0x11, "d71d9c1bf36be386b8195be2f96732daece168ab8c4756fcaaaaa57ab4d9fa9c5e136c872457faea878081b25c7ac9863e328325d3608f7b92b91789fb2322981d60e78ecebc51a8a848ac66a135cbf9adb555f5fff1d2552ce4b120288f1c606bebc17e3b75c547a1c41ac89d1be3f0e179d586d665ef8397dfdbdaa865"}, 0x80)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r6 = openat$cgroup_devices(r5, &(0x7f0000000240)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r6, &(0x7f0000000300)=ANY=[@ANYBLOB="6115033a"], 0x8)
setsockopt$inet6_int(r4, 0x29, 0xb, &(0x7f0000000100)=0x400, 0x4)

8.25672495s ago: executing program 0 (id=425):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000a80), 0x3f50cb9d075d319a, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$set_reqkey_keyring(0xf, 0xfffffffb)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x1, 'queue0\x00'})
syz_open_dev$usbmon(0x0, 0x2, 0x101800)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x2202, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)

6.988010198s ago: executing program 6 (id=426):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e})
r1 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000100)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @any, 0x0, 0x0, 0x5e, 0xfffffffffffffff9, 0x6})
r2 = socket$inet6_dccp(0xa, 0x6, 0x0)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
shutdown(r2, 0x0)
syz_emit_ethernet(0xbe, &(0x7f00000001c0)={@local, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x2, 0xb, 0xb0, 0x68, 0x0, 0x0, 0x11, 0x0, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x4e24, 0x4e22, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7273248ce9e30dfdd45876decb0d8f2a01c751b845c63d4c8ae6ef200b83ec9b", "f0351483f456538a2a4e52916f32967fa898a54a76e35177fe6f466d57947e33012d5d2d774273ed29d561936af24fc1", "e8413b80cf25aa0a5b47471a33271e6950e0789f7d1ddfd8fba58dea", {"1dfdf01c8696e4e648879bd9606d9835", "635b9ef87adc29613fe40aa4ed613c37"}}}}}}}, 0x0)

6.932070419s ago: executing program 0 (id=427):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
write$sndseq(0xffffffffffffffff, &(0x7f0000000380), 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
munlockall()
syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd5e, 0x240000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000040), 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x66, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x7}, 0x1c)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x2, @in=@broadcast, 0x6, 0x4, 0x3}]}]}, 0xfc}}, 0x0)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x20, 0x4001c00)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, 0x0, 0x48000)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'tunl0\x00'})

6.1889051s ago: executing program 5 (id=428):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="34008900", @ANYRES16=0x0, @ANYBLOB="000025bd7000fcdbdf25440000000a00180003030303030300000400cc0008000d003800000008"], 0x34}, 0x1, 0x0, 0x0, 0x8800}, 0x8004)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0xfffffffe, 0x8}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0xfff1, 0x4}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x38, 0x2, [@TCA_CGROUP_ACT={0x34}]}}]}, 0x68}}, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
write(r5, &(0x7f0000000040)="3a03000018002551075c0165ff0ffc02802000030004000500e1000c0400070080000900", 0x33a)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000000), 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000080)=[@in6={0xa, 0x4e24, 0x2, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x4}], 0x1c)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000040)=0x20)

5.124891695s ago: executing program 0 (id=429):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r1 = semget$private(0x0, 0x5, 0x30)
semctl$IPC_STAT(r1, 0x0, 0x2, 0x0)
semctl$IPC_RMID(r1, 0x0, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)}], 0x1}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x14)
ioctl$VFIO_CHECK_EXTENSION(0xffffffffffffffff, 0x3b65, 0x1)
ioctl$sock_SIOCADDDLCI(r3, 0x8980, &(0x7f00000001c0)={'lo\x00', 0x7})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r6=>0x0})
r7 = add_key$fscrypt_v1(0x0, &(0x7f00000000c0)={'fscrypt:', @desc2}, &(0x7f0000000100)={0x0, "4b0a00c13cd6cfef5df35e1d5c2cd83ec8331c81a09875c137d35494701f22acbd1c110c6ab4c8829dfb7154e1476a3cfeab3096b43788d7c435b4a89e2fdc93"}, 0x48, 0xffffffffffffffff)
r8 = add_key$keyring(&(0x7f0000000480), &(0x7f00000004c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x1d, r7, 0xfffffffffffffffe, r8, 0x0)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x1c, r5, 0x305, 0x0, 0x2, {0x7}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}]}, 0x1c}}, 0x20000000)
sendmsg$BATADV_CMD_TP_METER(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x80)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)

5.124583255s ago: executing program 4 (id=431):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000700)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x4, @mcast2, 0x9}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='batadv0\x00', 0x10)
sendto$inet6(r0, &(0x7f0000000340)="840bc2ae79b2164f1cfdd30f5c71470efe9b388b4b5b2096", 0x18, 0x0, 0x0, 0x0)

5.067865476s ago: executing program 3 (id=432):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SFACILITIES(r0, 0x89e3, &(0x7f00000000c0)={0x42, 0x800000, 0x8, 0x7, 0xfffffffd})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r2 = semget$private(0x0, 0x5, 0x30)
semctl$IPC_STAT(r2, 0x0, 0x2, &(0x7f0000000240)=""/206)
semctl$IPC_RMID(r2, 0x0, 0x0)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a1810039000000000bf0fffffefdff0e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x14)
r5 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$VFIO_CHECK_EXTENSION(r5, 0x3b65, 0x1)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCADDDLCI(r4, 0x8980, &(0x7f00000001c0)={'lo\x00', 0x7})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000000))
r7 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f00000000c0)={'fscrypt:', @desc2}, &(0x7f0000000100)={0x0, "4b0a00c13cd6cfef5df35e1d5c2cd83ec8331c81a09875c137d35494701f22acbd1c110c6ab4c8829dfb7154e1476a3cfeab3096b43788d7c435b4a89e2fdc93"}, 0x48, 0xffffffffffffffff)
r8 = add_key$keyring(&(0x7f0000000480), &(0x7f00000004c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x1d, r7, 0xfffffffffffffffe, r8, 0x0)
sendmsg$BATADV_CMD_TP_METER(r4, 0x0, 0x80)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)

4.984132977s ago: executing program 5 (id=433):
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x5, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000f7ff000000f64bd42a6787ddaa400063011800000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
semget$private(0x0, 0x4000000009, 0x0) (async)
r0 = semget$private(0x0, 0x4000000009, 0x0)
semop(r0, &(0x7f0000001480)=[{0x0, 0xfff9, 0x1800}], 0x1)
semtimedop(r0, &(0x7f0000000040)=[{0x3, 0x7fff, 0x1000}, {0x2, 0x7, 0x800}, {0x1, 0x8, 0x800}, {0x1, 0x7}, {0x2, 0x8, 0x1000}], 0x5, &(0x7f0000000080)={0x0, 0x3938700})

4.08873175s ago: executing program 6 (id=434):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000700)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x4, @mcast2, 0x9}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='batadv0\x00', 0x10)
sendto$inet6(r0, &(0x7f0000000340)="840bc2ae79b2164f1cfdd30f5c71470efe9b388b4b5b2096", 0x18, 0x0, 0x0, 0x0) (fail_nth: 1)

3.760726595s ago: executing program 4 (id=435):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r0, &(0x7f0000000600)=[{&(0x7f00000004c0)=""/26, 0x1a}], 0x1, 0x4000ffe, 0xfffffffc)
syz_open_dev$char_usb(0xc, 0xb4, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, 0x0)
shmget$private(0x0, 0x2000, 0x54000000, &(0x7f00009fd000/0x2000)=nil)
syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)

3.677911436s ago: executing program 3 (id=436):
r0 = io_uring_setup(0x194e, &(0x7f0000000a80)={0x0, 0xd3d5, 0x80, 0x5, 0x2b0})
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000280))
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, 0x0)
r2 = dup2(r1, r1)
read$FUSE(r2, 0x0, 0x0)
read$FUSE(r2, &(0x7f0000000b00)={0x2020}, 0x2020) (fail_nth: 1)
close_range(r0, 0xffffffffffffffff, 0x0)

3.603919347s ago: executing program 5 (id=437):
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x3)
syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0)
syz_open_dev$sndpcmp(0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'syztnl0\x00', &(0x7f0000000180)={'syztnl1\x00', <r1=>0x0, 0x2f, 0xe1, 0x7, 0xd220, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1, 0x7, 0x20, 0x3, 0x4}})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001640)=@newqdisc={0x23c, 0x24, 0x10, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0xe, 0x88a06bbbaeab0cf8}, {0x4}, {0xe, 0x1}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x0, 0xffffffff, 0x80400000}}}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x7}, @qdisc_kind_options=@q_blackhole={0xe}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x3}, @qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x80000001}}, @TCA_STAB={0x100, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x2, 0x5, 0x4, 0x2, 0x2, 0x8, 0x1, 0x6}}, {0x10, 0x2, [0x7, 0x8, 0x7a5b, 0x3, 0x332c, 0x0]}}, {{0x1c, 0x1, {0x4, 0x3a, 0x0, 0xffff, 0x1, 0x18, 0x6, 0x3}}, {0xa, 0x2, [0x7, 0xc, 0x6]}}, {{0x1c, 0x1, {0x5, 0xf4, 0xffff, 0x2, 0x0, 0x80, 0x417, 0x7}}, {0x12, 0x2, [0x9, 0x60, 0xfffa, 0x9f4a, 0x9, 0x1, 0x4]}}, {{0x1c, 0x1, {0x10, 0xc, 0x9, 0xf, 0x2, 0x2, 0x0, 0x5}}, {0xe, 0x2, [0x4, 0x2, 0x4, 0x2, 0x6]}}, {{0x1c, 0x1, {0x2, 0x4, 0x3, 0xfffffc00, 0x0, 0x5, 0xe, 0x3}}, {0xa, 0x2, [0xa, 0x2, 0x100]}}, {{0x1c, 0x1, {0x9, 0x9, 0x9a54, 0x7, 0x2, 0x4, 0xc7, 0x2}}, {0x8, 0x2, [0xd, 0x68eb]}}]}, @TCA_STAB={0xac, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x4, 0x7, 0x9, 0x7ff, 0x2, 0x6, 0x1, 0x5}}, {0xe, 0x2, [0x8, 0x8001, 0x10, 0x7995, 0x2]}}, {{0x1c, 0x1, {0x3, 0x7, 0x3, 0xa20, 0x1, 0xeb, 0x3, 0x5}}, {0xe, 0x2, [0x40, 0x0, 0x814, 0xfff, 0x6]}}, {{0x1c, 0x1, {0x4, 0x3, 0x3, 0x5e, 0x0, 0x10001, 0x3bb6, 0x3}}, {0xa, 0x2, [0x100, 0x4, 0x7fff]}}, {{0x1c, 0x1, {0x7c, 0x8, 0xe, 0x1, 0x0, 0x0, 0x8, 0x4}}, {0xc, 0x2, [0x9, 0x6, 0x20a7, 0x8]}}]}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x4000}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x5}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x9}]}, 0x23c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
recvfrom$inet_nvme(0xffffffffffffffff, &(0x7f0000000640)=""/4096, 0x1000, 0x2000, &(0x7f0000000380)=@generic={0x11, "d71d9c1bf36be386b8195be2f96732daece168ab8c4756fcaaaaa57ab4d9fa9c5e136c872457faea878081b25c7ac9863e328325d3608f7b92b91789fb2322981d60e78ecebc51a8a848ac66a135cbf9adb555f5fff1d2552ce4b120288f1c606bebc17e3b75c547a1c41ac89d1be3f0e179d586d665ef8397dfdbdaa865"}, 0x80)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r6 = openat$cgroup_devices(r5, &(0x7f0000000240)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r6, &(0x7f0000000300)=ANY=[@ANYBLOB="6115033a"], 0x8)
setsockopt$inet6_int(r4, 0x29, 0xb, &(0x7f0000000100)=0x400, 0x4)

3.587457878s ago: executing program 4 (id=438):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000a80), 0x3f50cb9d075d319a, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$set_reqkey_keyring(0xf, 0xfffffffb)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x1, 'queue0\x00'})
syz_open_dev$usbmon(0x0, 0x2, 0x101800)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x2202, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)

3.537908718s ago: executing program 6 (id=439):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SFACILITIES(r0, 0x89e3, &(0x7f00000000c0)={0x42, 0x800000, 0x8, 0x7, 0xfffffffd})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = semget$private(0x0, 0x5, 0x30)
semctl$IPC_STAT(r1, 0x0, 0x2, &(0x7f0000000240)=""/206)
semctl$IPC_RMID(r1, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a1810039000000000bf0fffffefdff0e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x14)
r4 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$VFIO_CHECK_EXTENSION(r4, 0x3b65, 0x1)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCADDDLCI(r3, 0x8980, &(0x7f00000001c0)={'lo\x00', 0x7})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000000))
add_key$fscrypt_v1(&(0x7f0000000000), 0x0, &(0x7f0000000100)={0x0, "4b0a00c13cd6cfef5df35e1d5c2cd83ec8331c81a09875c137d35494701f22acbd1c110c6ab4c8829dfb7154e1476a3cfeab3096b43788d7c435b4a89e2fdc93"}, 0x48, 0xffffffffffffffff)
sendmsg$BATADV_CMD_TP_METER(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x3c, r6, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x80)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)

3.203612623s ago: executing program 0 (id=440):
syz_open_dev$ptys(0xc, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d40)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000700)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x50cd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000780)='contention_end\x00', r0}, 0x18)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f00000022c0), 0x2, 0x0)
write$vhost_msg_v2(r1, &(0x7f0000002240)={0x2, 0x0, {0x0, 0xe0749d04fc370ad3, 0x0, 0x2, 0x2}}, 0x48)
r2 = syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="1201000000000008ef0ec4720000000000010902240001000090000904000001030000f3082103000001220500090581ab3eba5fd00867ca69030000070000a359a672dbedc2bec517720d2681f4dab59fe3278f7c036c6fe46070883578c029478209ea0990ab5c5468cb58496f38ce8230fe063a3c3a7284607bfc31fae122f634ecfcb1f961bb7b14fcfcf93d8cadfd1323c5dc1b98d0f7d4b92d60432dff04885353ae9bb5a7865477a62c934b1525da53a771c128d8bd167b68d692731c3ae723d2e96292195d811a858b2a6ba8d5639ebac6d05c251eaf8a92d31d99117af75f0193a45af7484500400bfa9cb4c7efae4d05732176769d3a8b54721cef71342c9459e7def8b84569b1a334e2f7d03973a029cb3cf6ec8c1a021007a9f23c4cea7b2f6273e740"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io(r2, &(0x7f0000000000)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="0003050000001408b1"], 0x0, 0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000604000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000007c0)=ANY=[@ANYBLOB="300000000b06010200c300000000000005000008050001000700000009000200737d7a3200fb760e4e811422000078f30d743b2f2be400f9677c207dac48c81a22fad18a82eba6a7d00a51c7e34a8960ada3ada7a1f71666dd0da1102ff2c59b10b37b"], 0x30}, 0x1, 0x0, 0x0, 0x2000c020}, 0x814)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000060000000a00000000000000", @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="0200000001000000000000000000000000c8475050502ddba7dc5254571eb7eb45000000000000000000"], 0x50)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0xb, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x61)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(r5, 0x0, 0x0)
mount$9p_rdma(&(0x7f00000000c0), &(0x7f0000000140)='.\x00', &(0x7f00000001c0), 0x10000, &(0x7f0000000480)={'trans=rdma,', {'port', 0x3d, 0x4e23}})
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r5)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r7, &(0x7f00000005c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000580)={&(0x7f0000000980)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="ba756082afef0a0095064fb7cf3bcf81ad45f2499badcc5a3ed8ae4e5270e65b69b3b8a96b6f9cfb69c4f195cca65c4768d50a91da4689e2029447d82b8cac13a3ef845c3e591cb16b49060000008aa466c5117c3748cb79a5809974a370d8eac20686e664a323e773a322ae18f9fe7358d9851426c193ef1b6dec798ec090dbc571f21d29d53bfd6981f34dc0262d55e5e833a98acf36c4114cd54a479a0257cb89e99a66632ddd796bf86c789bfeece2b765dba46d07cccbf03e88cf929ddcbe4997d24b7c6cc3faf578caf7c365ac3452a6bdf2ce1cc03edb98df2ba4f78665cdc8ad9517e7656dd051c8ccba69882397157d5d1c9c9102f9f545adda3d65ce577f9ac81b8c2d8ab75d28e31db3b0aebce5d5acbeae89c083e11bfcab2f64224c0c8a806f96680032caaf38c6969dfcf4a453a1dc8c48b2e15da45bef55a56dd977f7e6ba8110b97ad285823e25f6d3bcc3e01bc5244edbb70d476880ab474af7ca3f685e1fdb500fd6d83a4097fa90f20682b7aeacabcf8cb82b870382d9c2157a83371156ce3890fb309d6e6093ff044c4b17d25b", @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x40004}, 0x24000011)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000100)={'team0\x00', <r9=>0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtaction={0x68, 0x30, 0xb, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0x4, 0x6, 0x6}, 0x4, r9}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x2000a804)

2.422678325s ago: executing program 5 (id=441):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
write$sndseq(0xffffffffffffffff, &(0x7f0000000380), 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
munlockall()
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd5e, 0x240000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000040), 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x66, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x7}, 0x1c)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x2, @in=@broadcast, 0x6, 0x4, 0x3}]}]}, 0xfc}}, 0x0)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x20, 0x4001c00)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, 0x0, 0x48000)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'tunl0\x00'})

2.420331214s ago: executing program 4 (id=442):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
add_key$fscrypt_v1(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0xfffffffe, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@bridge_delneigh={0x38, 0x1e, 0x1, 0x0, 0x4, {0x2}, [@NDA_CACHEINFO={0x14, 0x3, {0x5, 0x6000000, 0x0, 0x8}}, @NDA_DST_IPV4={0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x38}, 0x1, 0x0, 0x0, 0x93}, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x2004cb], 0xeeee0000, 0x202})
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000300)={[{0x1, 0x7fff, 0xe0, 0x5, 0x0, 0x2, 0x4, 0x1, 0x0, 0xfe, 0x81, 0xd, 0x7f}, {0x0, 0x0, 0xff, 0xff, 0x4, 0x0, 0x81, 0x0, 0x60, 0x2, 0x0, 0x4, 0x200000000000009}, {0x7, 0x81, 0x0, 0x11, 0x5, 0x9, 0xf8, 0x2, 0xfd, 0x7, 0x0, 0x8, 0x100000e0ee}]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.351996056s ago: executing program 3 (id=443):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r0, 0x89a2, &(0x7f0000000200)='bridge0\x00')
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000000)='./file1\x00', 0x8c0, &(0x7f0000000180)=ANY=[@ANYRESOCT=r0], 0x0, 0x442d, &(0x7f0000004480)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3fGeefeYw+8SJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAsh9HX+7wUAAAAAAAAAAAAAAAAAAIC/o833/3PRiSbv/48lx5EW9dff6vwY6ZyJt6+OXRgcSvZ/j7blv54k/XKuK/Q32fc9u//7uUz95vu/b+9ntxrja/TbF6J4IHUexwMDIXyTbPx+KjoSl8pLlVdvlZcXZvdsGM+sdPzru/enopNs6N9u/Ecz7Xd+////bruaquc39+4Se66l49/Vsty3n0Ztxf98pt5+xJ/dS8e/u5bWu7XASH0CqMb/8+6d4z+Wab9T8T8eQshF1bHmUjNAdQ1TTW+1XiEtHf9DtbTU1Jn8I1vd/79n4n8h0/5Bzf8r2Q8imkrH/1+1tJ5Uic37vz/e+f6/mGn/IOJfHf+Kz/+2pON/uJ7YnSpS+0+2O/+PZ9rvVPyvx8k4j0epK2A1qqe3+r460tLx79mWv/n8F7e1/ruUqb9fz3+NfhvPf43p/+Wo/vxHc+n497Ys1+79P5Gp1+n5f6S2/mO30vE/UktLr53rX8rZbvwnM+13Kv61VUlPI/6b88kfh+vpX1v/tSUd/3/XE+OtJVZqP2vrv2jn9f/lTPsHsf6rjn8l7myvz4t0/I+2LFeN/w9tfP5fydTrfPxDGLTW37V0/I+1LFe7/3t2jv9Upl6n4/9SJxsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAaMJse+EMUDqfM4HhgI4XxyfiociaYLs/npUnnmo6UQxpL0XDgR3S6Vpwul/NxCebaYL5RK5ZkQLiT5J0NPtFQqV/LzhbsXN9rqje4UC4uV6WKhEkIYT9L/H4412pqeq8wX7oYQLm3k/ScuL969U1jIz84tvjk4ODgYJjbG0B8VP6kUFyr13uu5IUxu1O2Ltgyuln15YyxHow/Ly4sLhVIt/cqWOqXyTKG0pc5UkvdF6I8qi8sLM4VKMV8q3270d5BGkuPYxLX3rl0Z2pZ/M6ofR/d3WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8RY+G3/gyhNBdP4tDCCONX6Jm5R8+Lp7NP526vzZ8enL1wdqTVuUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS8coDQRRGIDfjIXaeQyrZbezXVFEC1cET6DH8DB6FC/hHVKkSJsiBJJZCJtd2Capvq95MD8z78E8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJ6n9+7jrW4iUlxtLiP+vv4Xh/lLqT/34/cvzjAjp/P82j081k3593SU35WjZZt36Xr1/Rkjtfc72JPhPu31fa4n55rat6n5+r43kXIVEW3Jb1POVTXvLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAtO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WUfRtAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD//+UFHyA=") (async)
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000000)='./file1\x00', 0x8c0, &(0x7f0000000180)=ANY=[@ANYRESOCT=r0], 0x0, 0x442d, &(0x7f0000004480)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3fGeefeYw+8SJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAsh9HX+7wUAAAAAAAAAAAAAAAAAAIC/o833/3PRiSbv/48lx5EW9dff6vwY6ZyJt6+OXRgcSvZ/j7blv54k/XKuK/Q32fc9u//7uUz95vu/b+9ntxrja/TbF6J4IHUexwMDIXyTbPx+KjoSl8pLlVdvlZcXZvdsGM+sdPzru/enopNs6N9u/Ecz7Xd+////bruaquc39+4Se66l49/Vsty3n0Ztxf98pt5+xJ/dS8e/u5bWu7XASH0CqMb/8+6d4z+Wab9T8T8eQshF1bHmUjNAdQ1TTW+1XiEtHf9DtbTU1Jn8I1vd/79n4n8h0/5Bzf8r2Q8imkrH/1+1tJ5Uic37vz/e+f6/mGn/IOJfHf+Kz/+2pON/uJ7YnSpS+0+2O/+PZ9rvVPyvx8k4j0epK2A1qqe3+r460tLx79mWv/n8F7e1/ruUqb9fz3+NfhvPf43p/+Wo/vxHc+n497Ys1+79P5Gp1+n5f6S2/mO30vE/UktLr53rX8rZbvwnM+13Kv61VUlPI/6b88kfh+vpX1v/tSUd/3/XE+OtJVZqP2vrv2jn9f/lTPsHsf6rjn8l7myvz4t0/I+2LFeN/w9tfP5fydTrfPxDGLTW37V0/I+1LFe7/3t2jv9Upl6n4/9SJxsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAaMJse+EMUDqfM4HhgI4XxyfiociaYLs/npUnnmo6UQxpL0XDgR3S6Vpwul/NxCebaYL5RK5ZkQLiT5J0NPtFQqV/LzhbsXN9rqje4UC4uV6WKhEkIYT9L/H4412pqeq8wX7oYQLm3k/ScuL969U1jIz84tvjk4ODgYJjbG0B8VP6kUFyr13uu5IUxu1O2Ltgyuln15YyxHow/Ly4sLhVIt/cqWOqXyTKG0pc5UkvdF6I8qi8sLM4VKMV8q3270d5BGkuPYxLX3rl0Z2pZ/M6ofR/d3WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8RY+G3/gyhNBdP4tDCCONX6Jm5R8+Lp7NP526vzZ8enL1wdqTVuUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS8coDQRRGIDfjIXaeQyrZbezXVFEC1cET6DH8DB6FC/hHVKkSJsiBJJZCJtd2Capvq95MD8z78E8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJ6n9+7jrW4iUlxtLiP+vv4Xh/lLqT/34/cvzjAjp/P82j081k3593SU35WjZZt36Xr1/Rkjtfc72JPhPu31fa4n55rat6n5+r43kXIVEW3Jb1POVTXvLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAtO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WUfRtAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD//+UFHyA=")

2.340095186s ago: executing program 6 (id=444):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e})
r1 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000100)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @any, 0x0, 0x0, 0x5e, 0xfffffffffffffff9, 0x6})
r2 = socket$inet6_dccp(0xa, 0x6, 0x0)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
shutdown(r2, 0x0)
syz_emit_ethernet(0xbe, &(0x7f00000001c0)={@local, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x2, 0xb, 0xb0, 0x68, 0x0, 0x0, 0x11, 0x0, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x4e24, 0x4e22, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7273248ce9e30dfdd45876decb0d8f2a01c751b845c63d4c8ae6ef200b83ec9b", "f0351483f456538a2a4e52916f32967fa898a54a76e35177fe6f466d57947e33012d5d2d774273ed29d561936af24fc1", "e8413b80cf25aa0a5b47471a33271e6950e0789f7d1ddfd8fba58dea", {"1dfdf01c8696e4e648879bd9606d9835", "635b9ef87adc29613fe40aa4ed613c37"}}}}}}}, 0x0)

1.36502193s ago: executing program 4 (id=445):
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e22, @private=0xa010100}, 0x10)
syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x49cc2})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x6, 0x14, &(0x7f0000000000)=ANY=[@ANYRES32=r2, @ANYRES8=r1, @ANYRESDEC], &(0x7f0000000080)='syzkaller\x00', 0x800000, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f0800", 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1.267966742s ago: executing program 3 (id=446):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SFACILITIES(r0, 0x89e3, &(0x7f00000000c0)={0x42, 0x800000, 0x8, 0x7, 0xfffffffd})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r2 = semget$private(0x0, 0x5, 0x30)
semctl$IPC_STAT(r2, 0x0, 0x2, &(0x7f0000000240)=""/206)
semctl$IPC_RMID(r2, 0x0, 0x0)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a1810039000000000bf0fffffefdff0e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x14)
r5 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$VFIO_CHECK_EXTENSION(r5, 0x3b65, 0x1)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCADDDLCI(r4, 0x8980, &(0x7f00000001c0)={'lo\x00', 0x7})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000000))
r8 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f00000000c0)={'fscrypt:', @desc2}, &(0x7f0000000100)={0x0, "4b0a00c13cd6cfef5df35e1d5c2cd83ec8331c81a09875c137d35494701f22acbd1c110c6ab4c8829dfb7154e1476a3cfeab3096b43788d7c435b4a89e2fdc93"}, 0x48, 0xffffffffffffffff)
r9 = add_key$keyring(&(0x7f0000000480), &(0x7f00000004c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x1d, r8, 0xfffffffffffffffe, r9, 0x0)
sendmsg$BATADV_CMD_TP_METER(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x3c, r7, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x80)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)

0s ago: executing program 0 (id=447):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$kvm(0xffffffffffffff9c, 0x0, 0x8b0040, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x727, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f00000005c0)={0x1, @pix_mp={0x7ff, 0x0, 0x59555956, 0x8, 0x0, [{0x8, 0xf}, {0x8, 0x29f6ebcd}, {0xd, 0x8}, {0x5, 0x8}, {0x2, 0x3}, {0x5, 0x4}, {0x6, 0x409}, {0x10001, 0x1800000}], 0x0, 0xd, 0x7, 0x2, 0x1}})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000240), 0xaaa43, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r3, &(0x7f0000004cc0)={0x2, 0x0, @loopback}, 0x10)
listen(r3, 0x8)
r4 = accept4(r3, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, 0x0, &(0x7f0000000380))
r5 = syz_open_dev$dri(&(0x7f0000000480), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000200)={0x6, 0x102})
ioctl$DRM_IOCTL_MODE_SETPLANE(r5, 0xc03064b7, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r5, 0xc01c64a3, &(0x7f0000000280)={0x3, 0x0, 0x0, 0x0, 0xa, 0x1ff, 0x1})
listen(0xffffffffffffffff, 0x2)
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r6 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r6, &(0x7f00000001c0)={0xa, 0x0, 0x0, @empty, 0x400005}, 0x1c)
setsockopt$ARPT_SO_SET_REPLACE(r6, 0x0, 0x1a, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFNL_MSG_ACCT_NEW(r0, 0x0, 0x0)
sendmsg$NFNL_MSG_ACCT_DEL(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="200000000307010400000000000000000000000409e00000"], 0x20}, 0x1, 0x0, 0x0, 0x20040080}, 0x4040)

kernel console output (not intermixed with test programs):

11][   T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.100947][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   79.110024][   T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.114000][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   79.134406][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   79.201683][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   79.250709][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   79.279965][ T4260] device veth0_vlan entered promiscuous mode
[   79.303059][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   79.325604][ T4299] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   79.345417][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   79.541835][ T4299] usb 2-1: Using ep0 maxpacket: 16
[   79.574915][ T4260] device veth1_vlan entered promiscuous mode
[   79.602709][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.623582][ T4299] usb 2-1: config 0 has an invalid interface number: 35 but max is 0
[   79.641873][ T4299] usb 2-1: config 0 has no interface number 0
[   79.648340][ T4299] usb 2-1: config 0 interface 35 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[   79.652468][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.684788][ T4266] Bluetooth: hci0: command 0x0419 tx timeout
[   79.765380][ T4266] Bluetooth: hci1: command 0x0419 tx timeout
[   79.844711][ T4266] Bluetooth: hci4: command 0x0419 tx timeout
[   79.926214][ T4268] Bluetooth: hci2: command 0x0419 tx timeout
[   79.932626][ T4266] Bluetooth: hci3: command 0x0419 tx timeout
[   80.084206][ T4299] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=3e.04
[   80.231013][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   80.259271][ T4299] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.267445][ T4299] usb 2-1: Product: syz
[   80.271638][ T4299] usb 2-1: Manufacturer: syz
[   80.276386][ T4299] usb 2-1: SerialNumber: syz
[   80.296643][ T4299] usb 2-1: config 0 descriptor??
[   80.310100][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   80.366006][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   80.380352][ T4346] loop2: detected capacity change from 0 to 512
[   80.419126][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   80.485932][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   80.499177][ T4346] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.6: invalid indirect mapped block 256 (level 2)
[   80.520830][ T4260] device veth0_macvtap entered promiscuous mode
[   80.528542][ T4346] EXT4-fs (loop2): 2 truncates cleaned up
[   80.534342][ T4346] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   80.557333][   T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.603114][   T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.614202][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   80.831059][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   80.919562][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[   80.927864][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[   80.936071][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[   80.944604][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[   80.954613][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[   80.962822][    T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!!
[   80.971112][    T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!!
[   80.979412][    T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!!
[   80.987721][    T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!!
[   80.996037][    T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!!
[   81.407769][ T4260] device veth1_macvtap entered promiscuous mode
[   82.116292][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.130930][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.145869][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.157083][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.169594][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.205972][ T4346] =======================================================
[   82.205972][ T4346] WARNING: The mand mount option has been deprecated and
[   82.205972][ T4346]          and is ignored by this kernel. Remove the mand
[   82.205972][ T4346]          option from the mount to silence this warning.
[   82.205972][ T4346] =======================================================
[   82.272054][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.419012][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.502621][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.582088][ T4260] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.651957][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.681602][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.702985][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.733741][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.757778][ T4353] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[   82.788623][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.800599][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.844651][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.878693][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.893132][ T4260] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.908285][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   82.921774][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   82.957959][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   82.970098][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   82.988973][ T4260] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.998176][ T4260] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.009833][ T4260] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.021393][ T4260] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.181392][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.194064][ T4346] fscrypt: Error allocating hmac(sha512): -4
[   83.231743][ T4304] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.232068][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.250041][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   83.260169][ T4304] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.270872][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   83.469149][ T4255] EXT4-fs (loop2): unmounting filesystem.
[   84.377382][ T4300] usb 2-1: USB disconnect, device number 2
[   84.555015][ T4367] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   84.863317][ T4367] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[   85.028078][ T4367] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   85.048480][ T4388] loop1: detected capacity change from 0 to 512
[   85.204176][ T4367] usb 1-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[   85.388432][ T4367] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.396731][ T4367] usb 1-1: Product: syz
[   85.401004][ T4367] usb 1-1: Manufacturer: syz
[   85.409798][ T4367] usb 1-1: SerialNumber: syz
[   85.425422][ T4367] usb 1-1: config 0 descriptor??
[   85.480246][   T22] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   85.508788][ T4388] EXT4-fs: Ignoring removed orlov option
[   85.592302][ T4388] EXT4-fs: Ignoring removed bh option
[   85.677582][ T4378] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   85.687089][ T4367] snd-usb-audio: probe of 1-1:0.0 failed with error -90
[   85.687115][ T4378] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   85.734757][   T22] usb 5-1: Using ep0 maxpacket: 16
[   85.742252][   T22] usb 5-1: config 0 has an invalid interface number: 35 but max is 0
[   85.752523][ T4388] EXT4-fs (loop1): Test dummy encryption mode enabled
[   85.761035][   T22] usb 5-1: config 0 has no interface number 0
[   85.780493][   T22] usb 5-1: config 0 interface 35 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[   86.012969][ T4388] EXT4-fs (loop1): 1 truncate cleaned up
[   86.019043][ T4388] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   86.663157][  T128] cfg80211: failed to load regulatory.db
[   86.776402][   T22] usb 5-1: string descriptor 0 read error: -71
[   86.781467][ T4251] EXT4-fs (loop1): unmounting filesystem.
[   86.782708][   T22] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=3e.04
[   86.798281][   T22] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.833905][   T22] usb 5-1: config 0 descriptor??
[   86.842289][   T22] usb 5-1: can't set config #0, error -71
[   86.852544][   T22] usb 5-1: USB disconnect, device number 2
[   86.985504][   T26] usb 1-1: USB disconnect, device number 2
[   87.355385][ T4410] loop1: detected capacity change from 0 to 1024
[   88.483003][ T4417] netlink: 12 bytes leftover after parsing attributes in process `syz.4.14'.
[   89.015154][ T4410] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:477: comm syz.1.13: Invalid block bitmap block 0 in block_group 0
[   89.112620][ T4404] sctp: failed to load transform for md5: -2
[   89.237442][ T4410] Quota error (device loop1): write_blk: dquota write failed
[   89.289195][ T4410] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   89.340497][ T4410] EXT4-fs error (device loop1): ext4_acquire_dquot:6802: comm syz.1.13: Failed to acquire dquot type 0
[   89.400688][ T4410] EXT4-fs error (device loop1): ext4_free_blocks:6210: comm syz.1.13: Freeing blocks not in datazone - block = 0, count = 4096
[   89.567270][ T4410] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.13: Invalid inode bitmap blk 0 in block_group 0
[   89.611205][    T9] Quota error (device loop1): do_check_range: Getting block 0 out of range 1-7
[   89.651898][    T9] EXT4-fs error (device loop1): ext4_release_dquot:6838: comm kworker/u4:0: Failed to release dquot type 0
[   89.724530][ T4410] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem
[   89.746804][ T4410] EXT4-fs (loop1): 1 orphan inode deleted
[   89.752612][ T4410] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   90.749823][ T4410] syz.1.13 (4410) used greatest stack depth: 20392 bytes left
[   90.775361][ T4251] EXT4-fs (loop1): unmounting filesystem.
[   91.741991][ T4448] netlink: 12 bytes leftover after parsing attributes in process `syz.1.23'.
[   92.316041][ T4445] sctp: failed to load transform for md5: -2
[   92.759797][ T4456] loop4: detected capacity change from 0 to 512
[   93.202995][ T4456] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.24: invalid indirect mapped block 256 (level 2)
[   93.266204][ T4456] EXT4-fs (loop4): 2 truncates cleaned up
[   93.294764][ T4456] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   93.874655][ T4299] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   95.506250][ T4456] EXT4-fs: Can't set or change test_dummy_encryption on remount
[   95.698143][ T4299] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[   95.730646][ T4299] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   95.736221][ T4260] EXT4-fs (loop4): unmounting filesystem.
[   95.833324][ T4299] usb 2-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[   95.888727][ T4299] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.977686][ T4299] usb 2-1: config 0 descriptor??
[   95.993642][ T4299] usb 2-1: can't set config #0, error -71
[   96.030591][ T4299] usb 2-1: USB disconnect, device number 3
[   96.338897][ T4469] loop2: detected capacity change from 0 to 8192
[   96.420579][ T4469]  loop2: p1 p2 p3 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p
[   96.420808][ T4469] loop2: p1 size 100663296 extends beyond EOD, 
[   96.508748][    C0] vkms_vblank_simulate: vblank timer overrun
[   96.564671][ T4469] truncated
[   97.306688][ T4475] netlink: 'syz.4.29': attribute type 10 has an invalid length.
[   97.586529][ T4469] loop2: p2 start 591104 is beyond EOD, truncated
[   97.593029][ T4469] loop2: p3 start 33572980 is beyond EOD, truncated
[   97.647712][ T4469] loop2: p5 size 100663296 extends beyond EOD, truncated
[   97.659156][ T4469] loop2: p6 start 591104 is beyond EOD, truncated
[   97.666196][ T4469] loop2: p7 size 100663296 extends beyond EOD, truncated
[   97.681883][ T4469] loop2: p8 start 591104 is beyond EOD, truncated
[   97.688746][ T4469] loop2: p9 size 100663296 extends beyond EOD, truncated
[   97.699396][ T4469] loop2: p10 start 591104 is beyond EOD, truncated
[   97.730947][ T4469] loop2: p11 size 100663296 extends beyond EOD, truncated
[   97.741212][ T4475] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[   97.762175][ T4469] loop2: p12 start 591104 is beyond EOD, truncated
[   97.794294][ T4469] loop2: p13 size 100663296 extends beyond EOD, truncated
[   97.806739][ T4481] overlayfs: failed to resolve './file1': -2
[   97.874957][ T4469] loop2: p14 start 591104 is beyond EOD, truncated
[   97.907388][ T4469] loop2: p15 size 100663296 extends beyond EOD, truncated
[   97.942861][ T4469] loop2: p16 start 591104 is beyond EOD, truncated
[   98.160150][ T4469] loop2: p17 size 100663296 extends beyond EOD, truncated
[   98.170453][ T4469] loop2: p18 start 591104 is beyond EOD, truncated
[   98.177436][ T4469] loop2: p19 size 100663296 extends beyond EOD, truncated
[   98.186201][ T4469] loop2: p20 start 591104 is beyond EOD, truncated
[   98.192784][ T4469] loop2: p21 size 100663296 extends beyond EOD, truncated
[   98.201869][ T4469] loop2: p22 start 591104 is beyond EOD, truncated
[   98.209582][ T4469] loop2: p23 size 100663296 extends beyond EOD, truncated
[   98.219064][ T4469] loop2: p24 start 591104 is beyond EOD, truncated
[   98.226042][ T4469] loop2: p25 size 100663296 extends beyond EOD, truncated
[   98.255066][ T4469] loop2: p26 start 591104 is beyond EOD, truncated
[   98.288442][ T4469] loop2: p27 size 100663296 extends beyond EOD, truncated
[   98.343838][ T4469] loop2: p28 start 591104 is beyond EOD, truncated
[   98.350914][ T4469] loop2: p29 size 100663296 extends beyond EOD, truncated
[   98.372029][ T4469] loop2: p30 start 591104 is beyond EOD, truncated
[   98.380735][ T4469] loop2: p31 size 100663296 extends beyond EOD, truncated
[   98.410837][ T4469] loop2: p32 start 591104 is beyond EOD, truncated
[   98.431873][ T4469] loop2: p33 size 100663296 extends beyond EOD, truncated
[   98.712538][ T4498] netlink: 16 bytes leftover after parsing attributes in process `syz.3.34'.
[   98.841432][ T4469] loop2: p34 start 591104 is beyond EOD, truncated
[   98.954799][  T126] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   99.011853][ T4469] loop2: p35 size 100663296 extends beyond EOD, truncated
[   99.141199][ T4469] loop2: p36 start 591104 is beyond EOD, truncated
[   99.170909][ T4469] loop2: p37 size 100663296 extends beyond EOD, truncated
[   99.192683][ T4469] loop2: p38 start 591104 is beyond EOD, truncated
[   99.210184][ T4469] loop2: p39 size 100663296 extends beyond EOD, truncated
[   99.260705][ T4469] loop2: p40 start 591104 is beyond EOD, truncated
[   99.300968][ T4469] loop2: p41 size 100663296 extends beyond EOD, truncated
[   99.358775][ T4469] loop2: p42 start 591104 is beyond EOD, truncated
[   99.377891][ T4469] loop2: p43 size 100663296 extends beyond EOD, truncated
[   99.432395][ T4469] loop2: p44 start 591104 is beyond EOD, truncated
[   99.439404][  T126] usb 2-1: Using ep0 maxpacket: 16
[   99.451440][ T4469] loop2: p45 size 100663296 extends beyond EOD, truncated
[   99.460564][  T126] usb 2-1: config 0 has an invalid interface number: 35 but max is 0
[   99.501831][ T4469] loop2: p46 start 591104 is beyond EOD, truncated
[   99.516999][  T126] usb 2-1: config 0 has no interface number 0
[   99.540207][ T4469] loop2: p47 size 100663296 extends beyond EOD, truncated
[   99.550222][  T126] usb 2-1: config 0 interface 35 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[   99.575014][ T4469] loop2: p48 start 591104 is beyond EOD, truncated
[   99.581742][ T4469] loop2: p49 size 100663296 extends beyond EOD, truncated
[   99.619906][ T4469] loop2: p50 start 591104 is beyond EOD, truncated
[   99.647423][  T126] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=3e.04
[   99.784363][  T126] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.870254][ T4469] loop2: p51 size 100663296 extends beyond EOD, truncated
[   99.887959][  T126] usb 2-1: Product: syz
[   99.937354][  T126] usb 2-1: Manufacturer: syz
[  100.019299][  T126] usb 2-1: SerialNumber: syz
[  100.063712][ T4469] loop2: p52 start 591104 is beyond EOD, truncated
[  100.191986][ T4469] loop2: p53 size 100663296 extends beyond EOD, truncated
[  100.224838][  T126] usb 2-1: config 0 descriptor??
[  100.259162][ T4469] loop2: p54 start 591104 is beyond EOD, truncated
[  100.313266][ T4469] loop2: p55 size 100663296 extends beyond EOD, truncated
[  100.375087][ T4469] loop2: p56 start 591104 is beyond EOD, truncated
[  100.386884][ T4469] loop2: p57 size 100663296 extends beyond EOD, truncated
[  100.395550][ T4469] loop2: p58 start 591104 is beyond EOD, truncated
[  100.402217][ T4469] loop2: p59 size 100663296 extends beyond EOD, truncated
[  100.427452][ T4507] binder: 4506:4507 ioctl 4018620d 0 returned -22
[  100.601200][ T4507] loop4: detected capacity change from 0 to 32768
[  100.622339][ T4469] loop2: p60 start 591104 is beyond EOD, truncated
[  100.625846][ T4507] 
[  100.625846][ T4507]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  100.625846][ T4507] 
[  100.651983][ T4507] ERROR: (device loop4): diWrite: ixpxd invalid
[  100.651983][ T4507] 
[  100.663442][ T4507] ERROR: (device loop4): txCommit: 
[  100.663442][ T4507] 
[  100.687625][ T4507] jfs_create: dtSearch returned -17
[  100.719339][ T4469] loop2: p61 size 100663296 extends beyond EOD, truncated
[  100.864273][ T4469] loop2: p62 start 591104 is beyond EOD, truncated
[  100.874707][ T4469] loop2: p63 size 100663296 extends beyond EOD, truncated
[  102.891175][ T4469] loop2: p64 start 591104 is beyond EOD, truncated
[  102.943894][ T4469] loop2: p65 size 100663296 extends beyond EOD, truncated
[  103.104268][ T4469] loop2: p66 start 591104 is beyond EOD, truncated
[  103.126502][ T4469] loop2: p67 size 100663296 extends beyond EOD, truncated
[  103.153924][ T4469] loop2: p68 start 591104 is beyond EOD, truncated
[  103.162371][ T4469] loop2: p69 size 100663296 extends beyond EOD, truncated
[  103.183710][ T4469] loop2: p70 start 591104 is beyond EOD, truncated
[  103.190971][ T4469] loop2: p71 size 100663296 extends beyond EOD, truncated
[  103.316258][ T4260] 
[  103.316258][ T4260]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  103.316258][ T4260] 
[  103.368667][ T4469] loop2: p72 start 591104 is beyond EOD, truncated
[  103.488381][ T4469] loop2: p73 size 100663296 extends beyond EOD, 
[  103.488590][ T4260] 
[  103.488590][ T4260]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  103.488590][ T4260] 
[  103.505806][ T4469] truncated
[  103.533855][  T128] usb 2-1: USB disconnect, device number 4
[  103.595521][ T4469] loop2: p74 start 591104 is beyond EOD, truncated
[  103.602192][ T4469] loop2: p75 size 100663296 extends beyond EOD, truncated
[  103.675822][ T4469] loop2: p76 start 591104 is beyond EOD, truncated
[  103.682414][ T4469] loop2: p77 size 100663296 extends beyond EOD, truncated
[  103.718471][ T4469] loop2: p78 start 591104 is beyond EOD, truncated
[  103.740007][ T4469] loop2: p79 size 100663296 extends beyond EOD, truncated
[  103.765130][ T4469] loop2: p80 start 591104 is beyond EOD, truncated
[  103.926068][ T4469] loop2: p81 size 100663296 extends beyond EOD, truncated
[  103.960696][ T4469] loop2: p82 start 591104 is beyond EOD, truncated
[  104.707380][ T4469] loop2: p83 size 100663296 extends beyond EOD, truncated
[  104.944309][ T4469] loop2: p84 start 591104 is beyond EOD, truncated
[  105.079923][ T4469] loop2: p85 size 100663296 extends beyond EOD, truncated
[  105.145961][ T4469] loop2: p86 start 591104 is beyond EOD, truncated
[  105.152536][ T4469] loop2: p87 size 100663296 extends beyond EOD, truncated
[  105.364295][ T4469] loop2: p88 start 591104 is beyond EOD, truncated
[  105.381625][ T4469] loop2: p89 size 100663296 extends beyond EOD, truncated
[  105.415372][ T4469] loop2: p90 start 591104 is beyond EOD, truncated
[  105.434777][ T4469] loop2: p91 size 100663296 extends beyond EOD, truncated
[  105.616924][ T4469] loop2: p92 start 591104 is beyond EOD, truncated
[  105.714434][ T4469] loop2: p93 size 100663296 extends beyond EOD, truncated
[  105.826096][ T4469] loop2: p94 start 591104 is beyond EOD, truncated
[  105.843561][ T4469] loop2: p95 size 100663296 extends beyond EOD, truncated
[  105.897233][ T4469] loop2: p96 start 591104 is beyond EOD, truncated
[  105.903907][ T4469] loop2: p97 size 100663296 extends beyond EOD, truncated
[  105.976754][ T4469] loop2: p98 start 591104 is beyond EOD, truncated
[  105.983337][ T4469] loop2: p99 size 100663296 extends beyond EOD, truncated
[  106.023375][ T4469] loop2: p100 start 591104 is beyond EOD, truncated
[  106.033098][ T4469] loop2: p101 size 100663296 extends beyond EOD, truncated
[  106.056047][ T4469] loop2: p102 start 591104 is beyond EOD, truncated
[  106.062706][ T4469] loop2: p103 size 100663296 extends beyond EOD, truncated
[  106.126794][ T4531] netlink: 'syz.4.43': attribute type 10 has an invalid length.
[  106.233294][ T4469] loop2: p104 start 591104 is beyond EOD, truncated
[  106.377923][ T4469] loop2: p105 size 100663296 extends beyond EOD, truncated
[  106.946927][ T4469] loop2: p106 start 591104 is beyond EOD, truncated
[  106.953594][ T4469] loop2: p107 size 100663296 extends beyond EOD, truncated
[  107.034916][ T4469] loop2: p108 start 591104 is beyond EOD, truncated
[  107.041582][ T4469] loop2: p109 size 100663296 extends beyond EOD, truncated
[  107.054881][ T4469] loop2: p110 start 591104 is beyond EOD, truncated
[  107.061544][ T4469] loop2: p111 size 100663296 extends beyond EOD, truncated
[  107.082746][ T4469] loop2: p112 start 591104 is beyond EOD, truncated
[  107.089876][ T4469] loop2: p113 size 100663296 extends beyond EOD, truncated
[  107.109869][ T4469] loop2: p114 start 591104 is beyond EOD, truncated
[  107.151417][ T4469] loop2: p115 size 100663296 extends beyond EOD, truncated
[  107.223526][ T4469] loop2: p116 start 591104 is beyond EOD, truncated
[  107.224927][ T4541] overlayfs: failed to resolve './file1': -2
[  107.243995][ T4469] loop2: p117 size 100663296 extends beyond EOD, truncated
[  107.281110][ T4469] loop2: p118 start 591104 is beyond EOD, truncated
[  107.399566][ T4469] loop2: p119 size 100663296 extends beyond EOD, truncated
[  107.543695][ T4469] loop2: p120 start 591104 is beyond EOD, truncated
[  107.552348][ T4469] loop2: p121 size 100663296 extends beyond EOD, truncated
[  107.569465][ T4469] loop2: p122 start 591104 is beyond EOD, truncated
[  108.264273][ T4469] loop2: p123 size 100663296 extends beyond EOD, truncated
[  108.525651][ T4469] loop2: p124 start 591104 is beyond EOD, truncated
[  108.532317][ T4469] loop2: p125 size 100663296 extends beyond EOD, truncated
[  108.571325][ T4550] netlink: 12 bytes leftover after parsing attributes in process `syz.1.47'.
[  108.581505][ T4469] loop2: p126 start 591104 is beyond EOD, truncated
[  108.606189][ T4469] loop2: p127 size 100663296 extends beyond EOD, truncated
[  108.631220][ T4469] loop2: p128 start 591104 is beyond EOD, truncated
[  108.649050][ T4469] loop2: p129 size 100663296 extends beyond EOD, truncated
[  108.672485][ T4469] loop2: p130 start 591104 is beyond EOD, truncated
[  108.683977][ T4554] binder: 4551:4554 ioctl 4018620d 0 returned -22
[  108.861778][ T4554] loop0: detected capacity change from 0 to 32768
[  108.883899][ T4554] 
[  108.883899][ T4554]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  108.883899][ T4554] 
[  108.897297][ T4543] sctp: failed to load transform for md5: -2
[  108.910357][ T4469] loop2: p131 size 100663296 extends beyond EOD, truncated
[  108.930206][ T4554] ERROR: (device loop0): diWrite: ixpxd invalid
[  108.930206][ T4554] 
[  108.939309][ T4554] ERROR: (device loop0): txCommit: 
[  108.939309][ T4554] 
[  108.949152][ T4554] jfs_create: dtSearch returned -17
[  108.989491][ T4469] loop2: p132 start 591104 is beyond EOD, truncated
[  109.015066][  T128] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  109.023364][ T4469] loop2: p133 size 100663296 extends beyond EOD, truncated
[  109.075028][ T4469] loop2: p134 start 591104 is beyond EOD, truncated
[  109.113574][ T4469] loop2: p135 size 100663296 extends beyond EOD, truncated
[  109.158923][ T4469] loop2: p136 start 591104 is beyond EOD, truncated
[  109.198479][ T4469] loop2: p137 size 100663296 extends beyond EOD, truncated
[  109.224763][  T128] usb 5-1: Using ep0 maxpacket: 16
[  109.232114][  T128] usb 5-1: config 0 has an invalid interface number: 35 but max is 0
[  109.253583][ T4469] loop2: p138 start 591104 is beyond EOD, truncated
[  109.271248][  T128] usb 5-1: config 0 has no interface number 0
[  109.292647][ T4469] loop2: p139 size 100663296 extends beyond EOD, truncated
[  109.322481][  T128] usb 5-1: config 0 interface 35 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  109.335911][ T4469] loop2: p140 start 591104 is beyond EOD, truncated
[  109.342583][ T4469] loop2: p141 size 100663296 extends beyond EOD, truncated
[  109.366943][  T128] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=3e.04
[  109.386079][ T4469] loop2: p142 start 591104 is beyond EOD, truncated
[  109.392734][ T4469] loop2: p143 size 100663296 extends beyond EOD, truncated
[  109.400383][  T128] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.514607][  T128] usb 5-1: Product: syz
[  109.529109][  T128] usb 5-1: Manufacturer: syz
[  109.535027][ T4469] loop2: p144 start 591104 is beyond EOD, truncated
[  109.550627][  T128] usb 5-1: SerialNumber: syz
[  109.570978][ T4469] loop2: p145 size 100663296 extends beyond EOD, truncated
[  109.651538][  T128] usb 5-1: config 0 descriptor??
[  109.659062][ T4469] loop2: p146 start 591104 is beyond EOD, truncated
[  109.681586][ T4469] loop2: p147 size 100663296 extends beyond EOD, truncated
[  109.728349][ T4469] loop2: p148 start 591104 is beyond EOD, truncated
[  109.741062][ T4469] loop2: p149 size 100663296 extends beyond EOD, truncated
[  109.752773][ T4469] loop2: p150 start 591104 is beyond EOD, truncated
[  109.760191][ T4469] loop2: p151 size 100663296 extends beyond EOD, truncated
[  109.768976][ T4469] loop2: p152 start 591104 is beyond EOD, truncated
[  109.778235][ T4469] loop2: p153 size 100663296 extends beyond EOD, truncated
[  109.800199][ T4469] loop2: p154 start 591104 is beyond EOD, truncated
[  109.807141][ T4469] loop2: p155 size 100663296 extends beyond EOD, truncated
[  109.816204][ T4469] loop2: p156 start 591104 is beyond EOD, truncated
[  109.823663][ T4469] loop2: p157 size 100663296 extends beyond EOD, truncated
[  109.832177][ T4469] loop2: p158 start 591104 is beyond EOD, truncated
[  110.444095][ T4469] loop2: p159 size 100663296 extends beyond EOD, truncated
[  110.463431][ T4469] loop2: p160 start 591104 is beyond EOD, truncated
[  110.471003][ T4469] loop2: p161 size 100663296 extends beyond EOD, truncated
[  110.485538][ T4469] loop2: p162 start 591104 is beyond EOD, truncated
[  110.492355][ T4469] loop2: p163 size 100663296 extends beyond EOD, truncated
[  110.518270][ T4263] 
[  110.518270][ T4263]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  110.518270][ T4263] 
[  110.535384][ T4469] loop2: p164 start 591104 is beyond EOD, truncated
[  110.556802][ T4263] 
[  110.556802][ T4263]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  110.556802][ T4263] 
[  110.571206][ T4469] loop2: p165 size 100663296 extends beyond EOD, truncated
[  110.769383][ T4469] loop2: p166 start 591104 is beyond EOD, truncated
[  110.802690][ T4469] loop2: p167 size 100663296 extends beyond EOD, truncated
[  110.867272][ T4469] loop2: p168 start 591104 is beyond EOD, truncated
[  110.874232][ T4469] loop2: p169 size 100663296 extends beyond EOD, truncated
[  110.899632][ T4469] loop2: p170 start 591104 is beyond EOD, truncated
[  110.906652][ T4469] loop2: p171 size 100663296 extends beyond EOD, truncated
[  110.933278][ T4469] loop2: p172 start 591104 is beyond EOD, truncated
[  110.940318][ T4469] loop2: p173 size 100663296 extends beyond EOD, truncated
[  110.968313][ T4469] loop2: p174 start 591104 is beyond EOD, truncated
[  111.047499][ T4469] loop2: p175 size 100663296 extends beyond EOD, truncated
[  111.073302][ T4469] loop2: p176 start 591104 is beyond EOD, truncated
[  111.088859][ T4469] loop2: p177 size 100663296 extends beyond EOD, truncated
[  111.112202][ T4469] loop2: p178 start 591104 is beyond EOD, truncated
[  111.127330][ T4469] loop2: p179 size 100663296 extends beyond EOD, truncated
[  111.150521][ T4469] loop2: p180 start 591104 is beyond EOD, truncated
[  111.166290][ T4469] loop2: p181 size 100663296 extends beyond EOD, truncated
[  111.189681][ T4469] loop2: p182 start 591104 is beyond EOD, truncated
[  111.204924][ T4469] loop2: p183 size 100663296 extends beyond EOD, truncated
[  111.229343][ T4469] loop2: p184 start 591104 is beyond EOD, truncated
[  111.244863][ T4469] loop2: p185 size 100663296 extends beyond EOD, truncated
[  111.270195][ T4469] loop2: p186 start 591104 is beyond EOD, truncated
[  111.285692][ T4469] loop2: p187 size 100663296 extends beyond EOD, truncated
[  111.313895][ T4469] loop2: p188 start 591104 is beyond EOD, truncated
[  111.329214][ T4469] loop2: p189 size 100663296 extends beyond EOD, truncated
[  111.352567][ T4469] loop2: p190 start 591104 is beyond EOD, truncated
[  111.367833][ T4469] loop2: p191 size 100663296 extends beyond EOD, truncated
[  111.392315][ T4469] loop2: p192 start 591104 is beyond EOD, truncated
[  111.409940][ T4469] loop2: p193 size 100663296 extends beyond EOD, truncated
[  111.433422][ T4469] loop2: p194 start 591104 is beyond EOD, truncated
[  111.463748][ T4469] loop2: p195 size 100663296 extends beyond EOD, truncated
[  111.487598][ T4469] loop2: p196 start 591104 is beyond EOD, truncated
[  111.502182][ T4469] loop2: p197 size 100663296 extends beyond EOD, truncated
[  111.515318][ T4469] loop2: p198 start 591104 is beyond EOD, truncated
[  111.522248][ T4469] loop2: p199 size 100663296 extends beyond EOD, truncated
[  111.535199][ T4469] loop2: p200 start 591104 is beyond EOD, truncated
[  111.541994][ T4469] loop2: p201 size 100663296 extends beyond EOD, truncated
[  111.651137][ T4469] loop2: p202 start 591104 is beyond EOD, truncated
[  111.723310][ T4469] loop2: p203 size 100663296 extends beyond EOD, truncated
[  111.841964][ T4469] loop2: p204 start 591104 is beyond EOD, truncated
[  111.850416][ T4469] loop2: p205 size 100663296 extends beyond EOD, truncated
[  111.859206][ T4469] loop2: p206 start 591104 is beyond EOD, truncated
[  111.866344][ T4469] loop2: p207 size 100663296 extends beyond EOD, truncated
[  111.883810][ T4469] loop2: p208 start 591104 is beyond EOD, truncated
[  111.902356][ T4469] loop2: p209 size 100663296 extends beyond EOD, truncated
[  111.920530][ T4469] loop2: p210 start 591104 is beyond EOD, truncated
[  111.936004][ T4469] loop2: p211 size 100663296 extends beyond EOD, truncated
[  111.945423][ T4469] loop2: p212 start 591104 is beyond EOD, truncated
[  111.952637][ T4469] loop2: p213 size 100663296 extends beyond EOD, truncated
[  111.962947][ T4469] loop2: p214 start 591104 is beyond EOD, truncated
[  111.969792][ T4469] loop2: p215 size 100663296 extends beyond EOD, truncated
[  111.980925][ T4469] loop2: p216 start 591104 is beyond EOD, truncated
[  111.988461][ T4469] loop2: p217 size 100663296 extends beyond EOD, truncated
[  111.999989][ T4469] loop2: p218 start 591104 is beyond EOD, truncated
[  112.007084][ T4469] loop2: p219 size 100663296 extends beyond EOD, truncated
[  112.032745][ T4577] netlink: 'syz.1.56': attribute type 10 has an invalid length.
[  112.115493][ T4577] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  112.164346][ T4469] loop2: p220 start 591104 is beyond EOD, truncated
[  112.272557][ T4469] loop2: p221 size 100663296 extends beyond EOD, truncated
[  112.478331][ T4469] loop2: p222 start 591104 is beyond EOD, truncated
[  112.603761][ T4469] loop2: p223 size 100663296 extends beyond EOD, truncated
[  112.748532][ T4469] loop2: p224 start 591104 is beyond EOD, truncated
[  112.789766][ T4469] loop2: p225 size 100663296 extends beyond EOD, truncated
[  112.838860][ T4469] loop2: p226 start 591104 is beyond EOD, truncated
[  112.874248][ T4469] loop2: p227 size 100663296 extends beyond EOD, truncated
[  112.901574][   T14] usb 5-1: USB disconnect, device number 3
[  112.985678][ T4469] loop2: p228 start 591104 is beyond EOD, truncated
[  112.992351][ T4469] loop2: p229 size 100663296 extends beyond EOD, truncated
[  113.034888][ T4469] loop2: p230 start 591104 is beyond EOD, truncated
[  113.041588][ T4469] loop2: p231 size 100663296 extends beyond EOD, truncated
[  113.081010][ T4469] loop2: p232 start 591104 is beyond EOD, truncated
[  113.115187][ T4469] loop2: p233 size 100663296 extends beyond EOD, truncated
[  113.144967][ T4469] loop2: p234 start 591104 is beyond EOD, truncated
[  113.154869][ T4585] loop0: detected capacity change from 0 to 512
[  113.163576][ T4469] loop2: p235 size 100663296 extends beyond EOD, truncated
[  113.194302][ T4469] loop2: p236 start 591104 is beyond EOD, truncated
[  113.204179][ T4469] loop2: p237 size 100663296 extends beyond EOD, truncated
[  113.215982][ T4585] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.54: invalid indirect mapped block 256 (level 2)
[  113.239846][ T4469] loop2: p238 start 591104 is beyond EOD, truncated
[  113.246697][ T4469] loop2: p239 size 100663296 extends beyond EOD, truncated
[  113.254538][ T4585] EXT4-fs (loop0): 2 truncates cleaned up
[  113.264429][ T4469] loop2: p240 start 591104 is beyond EOD, truncated
[  113.271353][ T4469] loop2: p241 size 100663296 extends beyond EOD, truncated
[  113.278092][ T4585] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  113.288231][ T4469] loop2: p242 start 591104 is beyond EOD, truncated
[  113.301962][ T4469] loop2: p243 size 100663296 extends beyond EOD, truncated
[  113.326587][ T4469] loop2: p244 start 591104 is beyond EOD, truncated
[  113.334129][ T4469] loop2: p245 size 100663296 extends beyond EOD, truncated
[  113.373837][ T4469] loop2: p246 start 591104 is beyond EOD, truncated
[  113.390934][ T4469] loop2: p247 size 100663296 extends beyond EOD, truncated
[  113.408884][ T4585] EXT4-fs: Can't set or change test_dummy_encryption on remount
[  113.425399][ T4469] loop2: p248 start 591104 is beyond EOD, truncated
[  113.604755][ T4469] loop2: p249 size 100663296 extends beyond EOD, truncated
[  113.791245][ T4469] loop2: p250 start 591104 is beyond EOD, truncated
[  113.961814][ T4469] loop2: p251 size 100663296 extends beyond EOD, truncated
[  114.162004][ T4469] loop2: p252 start 591104 is beyond EOD, truncated
[  114.204851][ T4469] loop2: p253 size 100663296 extends beyond EOD, truncated
[  114.253825][ T4469] loop2: p254 start 591104 is beyond EOD, truncated
[  114.282181][ T4469] loop2: p255 size 100663296 extends beyond EOD, truncated
[  114.439711][ T4263] EXT4-fs (loop0): unmounting filesystem.
[  115.484964][ T4610] loop0: detected capacity change from 0 to 1024
[  115.526497][ T4266] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  115.548017][ T4266] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  115.560474][ T4613] binder: 4611:4613 ioctl 4018620d 0 returned -22
[  115.740175][ T4613] loop1: detected capacity change from 0 to 32768
[  115.779760][ T4613] 
[  115.779760][ T4613]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  115.779760][ T4613] 
[  115.792865][ T4613] ERROR: (device loop1): diWrite: ixpxd invalid
[  115.792865][ T4613] 
[  115.802200][ T4613] ERROR: (device loop1): txCommit: 
[  115.802200][ T4613] 
[  115.815141][ T4266] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  115.823886][ T4613] jfs_create: dtSearch returned -17
[  115.829996][ T4266] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  115.837972][ T4266] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  115.846540][ T4266] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  115.944098][ T4610] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:477: comm syz.0.63: Invalid block bitmap block 0 in block_group 0
[  116.056813][ T4610] Quota error (device loop0): write_blk: dquota write failed
[  116.362257][ T4622] netlink: 12 bytes leftover after parsing attributes in process `syz.3.66'.
[  116.932253][ T4620] sctp: failed to load transform for md5: -2
[  116.956859][ T4610] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  116.967367][ T4610] EXT4-fs error (device loop0): ext4_acquire_dquot:6802: comm syz.0.63: Failed to acquire dquot type 0
[  117.007768][ T4610] EXT4-fs error (device loop0): ext4_free_blocks:6210: comm syz.0.63: Freeing blocks not in datazone - block = 0, count = 4096
[  117.067780][ T4610] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.63: Invalid inode bitmap blk 0 in block_group 0
[  117.125360][ T4610] EXT4-fs error (device loop0) in ext4_free_inode:362: Corrupt filesystem
[  117.148980][ T4364] Quota error (device loop0): do_check_range: Getting block 0 out of range 1-7
[  117.174956][ T4364] EXT4-fs error (device loop0): ext4_release_dquot:6838: comm kworker/u4:10: Failed to release dquot type 0
[  117.187780][ T4610] EXT4-fs (loop0): 1 orphan inode deleted
[  117.228640][ T4610] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  117.496026][ T4251] 
[  117.496026][ T4251]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  117.496026][ T4251] 
[  117.534673][ T4251] 
[  117.534673][ T4251]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  117.534673][ T4251] 
[  117.785015][ T4296] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  117.924721][ T4266] Bluetooth: hci5: command 0x0409 tx timeout
[  117.974783][ T4296] usb 4-1: Using ep0 maxpacket: 16
[  118.023871][ T4296] usb 4-1: config 0 has an invalid interface number: 35 but max is 0
[  118.125604][ T4263] EXT4-fs (loop0): unmounting filesystem.
[  118.139360][ T4296] usb 4-1: config 0 has no interface number 0
[  118.194530][ T4296] usb 4-1: config 0 interface 35 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  118.287941][ T4296] usb 4-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=3e.04
[  118.409380][ T4296] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.450619][ T4296] usb 4-1: Product: syz
[  118.457873][ T4296] usb 4-1: Manufacturer: syz
[  118.464166][ T4296] usb 4-1: SerialNumber: syz
[  118.480135][ T4296] usb 4-1: config 0 descriptor??
[  119.159602][ T4364] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.588927][ T4660] syz.4.73 sent an empty control message without MSG_MORE.
[  119.772095][ T4364] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.014712][ T4266] Bluetooth: hci5: command 0x041b tx timeout
[  120.130938][ T4364] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.840712][ T4364] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.443672][ T4612] chnl_net:caif_netlink_parms(): no params data found
[  122.084932][ T4266] Bluetooth: hci5: command 0x040f tx timeout
[  122.824852][ T4612] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.832011][ T4612] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.943831][ T4612] device bridge_slave_0 entered promiscuous mode
[  123.015740][ T4612] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.024773][ T4612] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.033026][ T4612] device bridge_slave_1 entered promiscuous mode
[  123.482726][ T4677] Zero length message leads to an empty skb
[  123.909442][ T4612] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  124.112456][ T4679] IPv6: addrconf: prefix option has invalid lifetime
[  124.164748][ T4266] Bluetooth: hci5: command 0x0419 tx timeout
[  124.767186][ T4612] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  124.903888][  T126] usb 4-1: USB disconnect, device number 2
[  125.464843][ T4300] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  125.659012][ T4612] team0: Port device team_slave_0 added
[  125.685084][ T4300] usb 5-1: too many configurations: 65, using maximum allowed: 8
[  125.753267][ T4300] usb 5-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  125.866996][ T4300] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.976658][ T4612] team0: Port device team_slave_1 added
[  126.016037][ T4300] usb 5-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  126.082204][ T4300] usb 5-1: No valid video chain found.
[  126.286238][ T4300] usb 5-1: USB disconnect, device number 4
[  127.487706][ T4612] batman_adv: batadv0: Adding interface: batadv_slave_0
[  127.529641][ T4612] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.247468][ T4612] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  129.245928][ T4612] batman_adv: batadv0: Adding interface: batadv_slave_1
[  129.279867][ T4612] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  129.553421][ T4612] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  130.490990][ T4612] device hsr_slave_0 entered promiscuous mode
[  130.583142][ T4612] device hsr_slave_1 entered promiscuous mode
[  130.659832][ T4612] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  130.707536][ T4612] Cannot create hsr debugfs directory
[  132.104903][ T4295] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  132.314695][ T4295] usb 1-1: Using ep0 maxpacket: 16
[  132.321808][ T4295] usb 1-1: config 0 has an invalid interface number: 35 but max is 0
[  132.374189][ T4295] usb 1-1: config 0 has no interface number 0
[  132.405179][ T4295] usb 1-1: config 0 interface 35 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  132.454812][ T4295] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=3e.04
[  132.484754][ T4295] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.492904][ T4295] usb 1-1: Product: syz
[  132.505962][ T4295] usb 1-1: Manufacturer: syz
[  132.521017][ T4295] usb 1-1: SerialNumber: syz
[  132.533571][ T4295] usb 1-1: config 0 descriptor??
[  132.568095][ T4364] device hsr_slave_0 left promiscuous mode
[  132.604789][ T4364] device hsr_slave_1 left promiscuous mode
[  132.621433][ T4364] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  132.641423][ T4364] batman_adv: batadv0: Removing interface: batadv_slave_0
[  132.663350][ T4364] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  132.692118][ T4364] batman_adv: batadv0: Removing interface: batadv_slave_1
[  132.713079][ T4364] device bridge_slave_1 left promiscuous mode
[  132.728829][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  132.735236][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  132.756158][ T4364] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.928153][ T4364] device bridge_slave_0 left promiscuous mode
[  132.953429][ T4364] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.967457][ T4364] device veth1_macvtap left promiscuous mode
[  134.973996][ T4364] device veth0_macvtap left promiscuous mode
[  134.995222][ T4364] device veth1_vlan left promiscuous mode
[  135.001339][ T4364] device veth0_vlan left promiscuous mode
[  135.883447][ T4759] overlayfs: failed to resolve './file0': -2
[  137.586759][ T4364] team0 (unregistering): Port device team_slave_1 removed
[  137.749502][ T4364] team0 (unregistering): Port device team_slave_0 removed
[  138.064442][ T4364] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  138.209893][ T4364] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  139.143250][ T4364] bond0 (unregistering): Released all slaves
[  139.444577][ T4242] usb 1-1: USB disconnect, device number 3
[  139.479675][ T4612] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  139.508719][ T4612] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  139.538417][ T4612] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  139.580755][ T4612] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  139.751007][ T4797] overlayfs: failed to resolve './file0': -2
[  139.861837][ T4612] 8021q: adding VLAN 0 to HW filter on device bond0
[  139.965701][ T4393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  139.974101][ T4393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  139.986982][ T4612] 8021q: adding VLAN 0 to HW filter on device team0
[  140.001740][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  140.135908][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  140.146377][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.153556][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[  140.262761][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  140.274479][ T4804] loop1: detected capacity change from 0 to 512
[  140.298027][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  140.307166][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  140.318236][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.318925][ T4804] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.108: invalid indirect mapped block 256 (level 2)
[  140.325420][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  140.327408][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  140.369039][ T4804] EXT4-fs (loop1): 2 truncates cleaned up
[  140.513947][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  140.522224][ T4804] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  141.330136][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  141.356660][ T4804] EXT4-fs: Can't set or change test_dummy_encryption on remount
[  141.402663][ T4813] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  141.425623][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  141.594208][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  141.603837][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  141.613054][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  141.621833][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  141.668320][ T4612] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  141.686458][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  141.707780][ T4612] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  141.719414][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  141.746503][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  141.783321][ T4449] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  141.974654][ T4242] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  142.185490][ T4242] usb 5-1: no configurations
[  142.190372][ T4242] usb 5-1: can't read configurations, error -22
[  142.354669][ T4242] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  142.555419][ T4242] usb 5-1: no configurations
[  142.560081][ T4242] usb 5-1: can't read configurations, error -22
[  142.594869][ T4242] usb usb5-port1: attempt power cycle
[  142.660775][ T4840] overlayfs: failed to resolve './file0': -2
[  142.805365][   T14] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  142.814375][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  142.825930][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  142.854342][ T4612] 8021q: adding VLAN 0 to HW filter on device batadv0
[  142.894744][ T4300] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  142.984673][   T14] usb 2-1: Using ep0 maxpacket: 16
[  142.992079][   T14] usb 2-1: config 0 has an invalid interface number: 35 but max is 0
[  143.020780][   T14] usb 2-1: config 0 has no interface number 0
[  143.027674][ T4242] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  143.054923][   T14] usb 2-1: config 0 interface 35 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  143.075930][ T4242] usb 5-1: no configurations
[  143.080752][ T4242] usb 5-1: can't read configurations, error -22
[  143.097036][ T4300] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  143.112854][   T14] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=3e.04
[  143.133045][ T4300] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  143.153087][   T14] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.174848][ T4300] usb 1-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  143.192607][   T14] usb 2-1: Product: syz
[  143.204642][   T14] usb 2-1: Manufacturer: syz
[  143.209466][ T4300] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.229805][   T14] usb 2-1: SerialNumber: syz
[  143.254813][ T4242] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  143.262723][ T4300] usb 1-1: Product: syz
[  143.268055][   T14] usb 2-1: config 0 descriptor??
[  143.281000][ T4300] usb 1-1: Manufacturer: syz
[  143.294787][ T4300] usb 1-1: SerialNumber: syz
[  143.306903][ T4242] usb 5-1: no configurations
[  143.314779][ T4242] usb 5-1: can't read configurations, error -22
[  143.352671][ T4242] usb usb5-port1: unable to enumerate USB device
[  143.359990][ T4300] usb 1-1: config 0 descriptor??
[  143.399538][ T4300] snd-usb-audio: probe of 1-1:0.0 failed with error -90
[  143.704668][ T4835] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  143.759943][ T4835] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  146.961976][ T4300] usb 2-1: USB disconnect, device number 5
[  147.167073][ T4297] usb 1-1: USB disconnect, device number 4
[  147.615481][ T4300] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  147.997086][ T4300] usb 2-1: config 220 has an invalid interface number: 76 but max is 2
[  148.034674][ T4300] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  148.124594][ T4300] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  148.183563][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  148.192621][ T4300] usb 2-1: config 220 has no interface number 2
[  148.686367][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  148.709747][ T4300] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  148.758766][ T4300] usb 2-1: config 220 interface 0 has no altsetting 0
[  148.776675][ T4884] loop3: detected capacity change from 0 to 512
[  148.788626][ T4300] usb 2-1: config 220 interface 76 has no altsetting 0
[  148.815876][ T4612] device veth0_vlan entered promiscuous mode
[  148.826550][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  148.841591][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  148.850054][ T4300] usb 2-1: config 220 interface 1 has no altsetting 0
[  148.858522][ T4612] device veth1_vlan entered promiscuous mode
[  148.868180][ T4884] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.122: invalid indirect mapped block 256 (level 2)
[  148.874429][ T4300] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  148.896909][ T4884] EXT4-fs (loop3): 2 truncates cleaned up
[  148.902703][ T4884] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  148.917002][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  148.933118][ T4300] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.936652][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  148.964596][ T4300] usb 2-1: Product: syz
[  148.968825][ T4300] usb 2-1: Manufacturer: syz
[  148.970331][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  148.991224][ T4300] usb 2-1: SerialNumber: syz
[  149.000548][ T4884] EXT4-fs: Can't set or change test_dummy_encryption on remount
[  149.074316][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  149.093030][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  149.135823][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  149.138011][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  149.163871][ T4612] device veth0_macvtap entered promiscuous mode
[  149.182349][ T4612] device veth1_macvtap entered promiscuous mode
[  149.197550][ T4393] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  149.237466][ T4393] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  149.349730][ T4612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  149.370086][ T4612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.427111][ T4612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  149.458191][ T4612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.522215][ T4612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  149.543346][ T4612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.599831][ T4612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  149.660254][ T4612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.673688][ T4612] batman_adv: batadv0: Interface activated: batadv_slave_0
[  149.690468][ T4612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.701786][ T4612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.712547][ T4612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.727905][ T4612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.734951][ T4300] usb 2-1: selecting invalid altsetting 0
[  149.738057][ T4612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.746753][ T4905] overlayfs: failed to resolve './file0': -2
[  149.763159][ T4300] usb 2-1: Found UVC 7.01 device syz (8086:0b07)
[  149.771966][ T4300] usb 2-1: No valid video chain found.
[  149.781709][ T4612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.801580][ T4612] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.812894][ T4612] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.825549][ T4300] usb 2-1: selecting invalid altsetting 0
[  149.835055][ T4300] usbtest: probe of 2-1:220.1 failed with error -22
[  149.842175][ T4612] batman_adv: batadv0: Interface activated: batadv_slave_1
[  149.855626][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  149.873045][ T4300] usb 2-1: USB disconnect, device number 6
[  149.881117][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  149.936693][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  149.968748][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  149.985375][ T4612] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  150.001663][ T4612] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  150.026629][ T4612] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  150.048501][ T4910] loop0: detected capacity change from 0 to 1024
[  150.060195][ T4910] EXT4-fs: Ignoring removed oldalloc option
[  150.074664][ T4612] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  150.115763][ T4910] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  150.259988][ T4263] EXT4-fs (loop0): unmounting filesystem.
[  150.410401][ T4364] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  150.445849][ T4364] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  150.473695][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  150.484679][ T4297] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  150.493090][ T4393] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  150.507512][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  150.533326][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  150.684641][ T4297] usb 5-1: Using ep0 maxpacket: 16
[  150.693186][ T4297] usb 5-1: config 0 has an invalid interface number: 35 but max is 0
[  150.754758][ T4297] usb 5-1: config 0 has no interface number 0
[  150.790202][ T4297] usb 5-1: config 0 interface 35 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  150.843400][ T4297] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=3e.04
[  150.870932][ T4297] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.891177][ T4297] usb 5-1: Product: syz
[  150.903724][ T4297] usb 5-1: Manufacturer: syz
[  150.909521][ T4297] usb 5-1: SerialNumber: syz
[  150.924315][ T4297] usb 5-1: config 0 descriptor??
[  153.325630][ T4300] usb 5-1: USB disconnect, device number 9
[  153.600889][ T4945] loop4: detected capacity change from 0 to 512
[  153.687715][ T4945] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.134: invalid indirect mapped block 256 (level 2)
[  154.018461][ T4945] EXT4-fs (loop4): 2 truncates cleaned up
[  154.036113][ T4945] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  154.194865][ T4957] netlink: 12 bytes leftover after parsing attributes in process `syz.5.136'.
[  154.420421][ T4945] EXT4-fs: Can't set or change test_dummy_encryption on remount
[  154.778354][ T4953] sctp: failed to load transform for md5: -2
[  154.822730][ T4260] EXT4-fs (loop4): unmounting filesystem.
[  155.062349][ T4969] overlayfs: failed to resolve './file0': -2
[  155.134727][ T4242] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  155.353632][ T4242] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  155.382484][ T4242] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  155.426149][ T4242] usb 2-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  155.445171][ T4513] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  155.462262][ T4242] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.481019][ T4242] usb 2-1: Product: syz
[  155.496831][ T4242] usb 2-1: Manufacturer: syz
[  155.514778][ T4367] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  155.538718][ T4242] usb 2-1: SerialNumber: syz
[  155.576075][ T4242] usb 2-1: config 0 descriptor??
[  155.610988][ T4242] snd-usb-audio: probe of 2-1:0.0 failed with error -90
[  155.646527][ T4513] usb 6-1: config 1 has an invalid interface number: 5 but max is 2
[  155.676847][ T4513] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  155.712317][ T4513] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  155.732973][ T4367] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  155.754436][ T4513] usb 6-1: config 1 has no interface number 1
[  155.772154][ T4513] usb 6-1: too many endpoints for config 1 interface 5 altsetting 6: 236, using maximum allowed: 30
[  155.775266][ T4367] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  155.804778][ T4958] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  155.819898][ T4513] usb 6-1: config 1 interface 5 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 236
[  155.870264][ T4513] usb 6-1: config 1 interface 5 has no altsetting 0
[  155.879920][ T4367] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  155.885140][ T4958] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  155.905236][ T4513] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  155.937556][ T4513] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.954866][ T4367] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.976850][ T4513] usb 6-1: Product: у
[  155.991239][ T4513] usb 6-1: Manufacturer: ᢥ暉漉噪﫳狇㚈☓ᑛꞬՕ鞽멗⧡浣늏霗땣쬀஬ﯻ橈⢠◯㙋쐦㙞
[  155.999157][ T4367] usb 4-1: Product: syz
[  156.031572][ T4367] usb 4-1: Manufacturer: syz
[  156.040785][ T4513] usb 6-1: SerialNumber: Ў
[  156.046780][ T4367] usb 4-1: SerialNumber: syz
[  156.074952][ T4367] usb 4-1: config 0 descriptor??
[  156.113651][ T4367] snd-usb-audio: probe of 4-1:0.0 failed with error -90
[  156.304358][ T4513] usb 6-1: 0:2 : does not exist
[  156.397531][ T4967] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  156.478424][ T4967] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  156.501304][ T4513] usb 6-1: USB disconnect, device number 2
[  157.812004][ T4995] loop0: detected capacity change from 0 to 512
[  157.877511][ T4995] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  157.973226][ T4995] EXT4-fs (loop0): orphan cleanup on readonly fs
[  158.059405][ T4995] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm syz.0.144: bg 0: block 18: invalid block bitmap
[  158.142222][ T5002] netlink: 'syz.5.146': attribute type 10 has an invalid length.
[  158.155963][ T5002] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  158.202703][ T4995] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  158.257735][ T4995] EXT4-fs (loop0): 1 truncate cleaned up
[  158.277739][ T4995] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  158.313405][ T4995] netlink: 8 bytes leftover after parsing attributes in process `syz.0.144'.
[  158.386504][ T4995] netlink: 8 bytes leftover after parsing attributes in process `syz.0.144'.
[  158.403602][ T5007] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #2: block 3: comm syz.0.144: lblock 0 mapped to illegal pblock 3 (length 1)
[  158.424946][ T4242] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  158.624098][ T4300] usb 2-1: USB disconnect, device number 7
[  158.630059][ T4242] usb 5-1: Using ep0 maxpacket: 16
[  158.662428][ T4242] usb 5-1: config 0 has an invalid interface number: 35 but max is 0
[  158.717726][ T4242] usb 5-1: config 0 has no interface number 0
[  158.741944][ T4242] usb 5-1: config 0 interface 35 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  158.776607][ T4242] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=3e.04
[  158.786576][ T4263] EXT4-fs (loop0): unmounting filesystem.
[  158.796187][ T4242] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.813268][ T4242] usb 5-1: Product: syz
[  158.830190][ T4242] usb 5-1: Manufacturer: syz
[  158.884069][ T4242] usb 5-1: SerialNumber: syz
[  158.908417][ T4242] usb 5-1: config 0 descriptor??
[  158.966760][ T4329] usb 4-1: USB disconnect, device number 3
[  159.075105][ T5019] overlayfs: failed to resolve './file0': -2
[  161.979789][ T5020] sctp: failed to load transform for md5: -2
[  162.334061][ T5036] loop1: detected capacity change from 0 to 8
[  162.349048][ T5040] xt_ecn: cannot match TCP bits for non-tcp packets
[  162.505354][ T4513] usb 5-1: USB disconnect, device number 10
[  162.679514][ T5042] fuse: root generation should be zero
[  162.696910][ T5036] SQUASHFS error: Failed to read block 0x106: -5
[  163.802730][   T27] audit: type=1800 audit(1748714941.638:2): pid=5036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.151" name="file2" dev="loop1" ino=6 res=0 errno=0
[  164.274185][ T5061] netlink: 'syz.5.157': attribute type 10 has an invalid length.
[  164.352853][ T5063] netlink: 16 bytes leftover after parsing attributes in process `syz.4.155'.
[  165.922696][ T5085] netlink: 12 bytes leftover after parsing attributes in process `syz.5.163'.
[  166.424335][ T5082] sctp: failed to load transform for md5: -2
[  167.004815][ T4300] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  167.038648][ T5103] loop3: detected capacity change from 0 to 256
[  167.074723][   T14] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  167.205580][ T4300] usb 1-1: Using ep0 maxpacket: 8
[  167.212981][ T4300] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  167.252154][ T4300] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.262494][   T14] usb 6-1: Using ep0 maxpacket: 16
[  167.275414][   T14] usb 6-1: config 0 has an invalid interface number: 35 but max is 0
[  167.292309][ T4300] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  167.307923][   T14] usb 6-1: config 0 has no interface number 0
[  167.321372][   T14] usb 6-1: config 0 interface 35 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  167.338438][ T4300] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  167.357007][   T14] usb 6-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=3e.04
[  167.374611][ T4300] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  167.385418][   T14] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.393446][   T14] usb 6-1: Product: syz
[  167.398078][ T4300] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  167.414719][   T14] usb 6-1: Manufacturer: syz
[  167.421576][ T4300] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  167.434609][   T14] usb 6-1: SerialNumber: syz
[  167.444736][ T4300] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.454374][   T14] usb 6-1: config 0 descriptor??
[  167.476953][ T4300] usb 1-1: Product: syz
[  167.481177][ T4300] usb 1-1: Manufacturer: syz
[  167.487837][ T4300] usb 1-1: SerialNumber: syz
[  168.425311][ T4242] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  169.052461][ T4300] cdc_ncm 1-1:1.0: bind() failure
[  169.219338][ T4300] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  169.349050][ T4300] cdc_ncm 1-1:1.1: bind() failure
[  169.539498][ T4300] usb 1-1: USB disconnect, device number 5
[  170.652025][ T5128] netlink: 16 bytes leftover after parsing attributes in process `syz.3.170'.
[  171.288985][ T4861] usb 6-1: USB disconnect, device number 3
[  171.430100][ T5132] netlink: 'syz.0.171': attribute type 10 has an invalid length.
[  171.444823][ T5132] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  171.992612][ T5149] netlink: 8 bytes leftover after parsing attributes in process `syz.3.175'.
[  172.265791][ T4861] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  172.303671][ T5155] loop4: detected capacity change from 0 to 512
[  172.350219][ T5155] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.177: invalid indirect mapped block 256 (level 2)
[  172.411669][ T5155] EXT4-fs (loop4): 2 truncates cleaned up
[  172.434843][ T5155] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  172.457337][ T4861] usb 4-1: config 0 has an invalid interface number: 128 but max is 0
[  172.477147][ T4861] usb 4-1: config 0 has no interface number 0
[  172.542452][ T4861] usb 4-1: config 0 interface 128 altsetting 6 endpoint 0x5 has invalid maxpacket 1024, setting to 1023
[  172.563476][ T4861] usb 4-1: config 0 interface 128 altsetting 6 endpoint 0xF has invalid maxpacket 512, setting to 64
[  172.575412][ T5155] EXT4-fs: Can't set or change test_dummy_encryption on remount
[  172.589813][ T4861] usb 4-1: config 0 interface 128 has no altsetting 0
[  172.618598][ T4861] usb 4-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=95.91
[  172.642798][ T4861] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.683730][ T4861] usb 4-1: Product: syz
[  172.700695][ T4260] EXT4-fs (loop4): unmounting filesystem.
[  172.710467][ T4861] usb 4-1: Manufacturer: syz
[  172.724116][ T4861] usb 4-1: SerialNumber: syz
[  172.748475][ T4861] usb 4-1: config 0 descriptor??
[  172.791472][ T4861] radio-si470x 4-1:0.128: could not find interrupt in endpoint
[  172.819847][ T4861] radio-si470x: probe of 4-1:0.128 failed with error -5
[  172.841948][ T4861] usbhid 4-1:0.128: couldn't find an input interrupt endpoint
[  173.081180][ T4861] usb 4-1: USB disconnect, device number 4
[  174.254859][ T4861] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  174.454671][ T4861] usb 5-1: Using ep0 maxpacket: 16
[  174.529997][ T4861] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  174.550745][ T4861] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  174.572906][ T4861] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  174.592543][ T4861] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.633546][ T5195] netlink: 12 bytes leftover after parsing attributes in process `syz.3.182'.
[  175.162864][ T5192] sctp: failed to load transform for md5: -2
[  175.162970][ T4861] usb 5-1: Product: syz
[  175.174293][ T4861] usb 5-1: Manufacturer: syz
[  175.179204][ T4861] usb 5-1: SerialNumber: syz
[  175.187129][ T4861] r8152-cfgselector 5-1: config 0 descriptor??
[  175.408779][ T4861] usbip-host 5-1: 5-1 is not in match_busid table... skip!
[  175.647697][ T5207] binder: 5204:5207 ioctl 4018620d 0 returned -22
[  175.671982][ T4861] usb 5-1: USB disconnect, device number 12
[  176.754904][ T4513] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  176.808004][ T5207] loop0: detected capacity change from 0 to 32768
[  176.835894][ T5207] 
[  176.835894][ T5207]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  176.835894][ T5207] 
[  176.860785][ T5207] ERROR: (device loop0): diWrite: ixpxd invalid
[  176.860785][ T5207] 
[  176.871414][ T5207] ERROR: (device loop0): txCommit: 
[  176.871414][ T5207] 
[  176.884506][ T5207] jfs_create: dtSearch returned -17
[  177.094817][ T4513] usb 4-1: Using ep0 maxpacket: 16
[  177.165147][ T4513] usb 4-1: config 0 has an invalid interface number: 35 but max is 0
[  177.221394][ T4513] usb 4-1: config 0 has no interface number 0
[  177.295682][ T4513] usb 4-1: config 0 interface 35 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  177.298891][ T4263] 
[  177.298891][ T4263]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  177.298891][ T4263] 
[  177.325813][ T4263] 
[  177.325813][ T4263]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  177.325813][ T4263] 
[  177.380661][ T4513] usb 4-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=3e.04
[  177.413459][ T4513] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.468874][ T4513] usb 4-1: Product: syz
[  177.483321][ T4513] usb 4-1: Manufacturer: syz
[  177.493038][ T4513] usb 4-1: SerialNumber: syz
[  177.510122][ T4513] usb 4-1: config 0 descriptor??
[  177.731420][ T5224] loop4: detected capacity change from 0 to 512
[  177.931388][ T5224] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.188: invalid indirect mapped block 256 (level 2)
[  178.556967][ T5224] EXT4-fs (loop4): 2 truncates cleaned up
[  178.573120][ T5224] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  179.384700][ T4260] EXT4-fs (loop4): unmounting filesystem.
[  179.504771][ T4242] usb 4-1: USB disconnect, device number 5
[  182.309265][ T5263] netlink: 12 bytes leftover after parsing attributes in process `syz.0.194'.
[  182.956955][ T5258] sctp: failed to load transform for md5: -2
[  183.332644][ T5270] binder: 5255:5270 ioctl 4018620d 0 returned -22
[  184.285175][ T5270] loop3: detected capacity change from 0 to 32768
[  184.784025][ T5270] 
[  184.784025][ T5270]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  184.784025][ T5270] 
[  184.810741][ T5270] ERROR: (device loop3): diWrite: ixpxd invalid
[  184.810741][ T5270] 
[  184.821680][ T5270] ERROR: (device loop3): txCommit: 
[  184.821680][ T5270] 
[  184.833003][ T5270] jfs_create: dtSearch returned -17
[  185.494783][ T4261] 
[  185.494783][ T4261]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  185.494783][ T4261] 
[  185.516786][ T4261] 
[  185.516786][ T4261]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  185.516786][ T4261] 
[  185.542836][ T5277] loop4: detected capacity change from 0 to 512
[  185.646864][ T4259] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  185.663966][ T4259] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  185.672018][ T4259] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  185.680385][ T4259] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  185.694847][ T4259] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  185.697978][ T5277] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.199: invalid indirect mapped block 256 (level 2)
[  185.716838][ T4268] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  185.862390][ T5277] EXT4-fs (loop4): 2 truncates cleaned up
[  185.868413][ T5277] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  186.073013][ T5287] netlink: 16 bytes leftover after parsing attributes in process `syz.3.198'.
[  186.845856][ T4260] EXT4-fs (loop4): unmounting filesystem.
[  187.275219][ T5294] loop3: detected capacity change from 0 to 4096
[  187.370890][ T5294] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  187.723165][ T5279] chnl_net:caif_netlink_parms(): no params data found
[  187.766163][ T4268] Bluetooth: hci1: command 0x0409 tx timeout
[  188.055003][ T5294] ntfs: volume version 3.1.
[  188.214293][ T5294] ntfs: (device loop3): ntfs_ucstonls(): Unicode name contains characters that cannot be converted to character set macinuit.  You might want to try to use the mount option nls=utf8.
[  188.345598][ T5294] ntfs: (device loop3): ntfs_filldir(): Skipping unrepresentable inode 0x4.
[  188.771899][ T5279] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.801207][ T5279] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.846308][ T5279] device bridge_slave_0 entered promiscuous mode
[  188.874454][ T5279] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.882358][ T5279] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.892151][ T5279] device bridge_slave_1 entered promiscuous mode
[  188.948254][ T5279] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  188.975834][ T5279] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  189.054005][ T5279] team0: Port device team_slave_0 added
[  189.072812][ T5279] team0: Port device team_slave_1 added
[  189.192264][ T5279] batman_adv: batadv0: Adding interface: batadv_slave_0
[  189.214678][ T5279] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  189.301113][ T5279] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  189.421552][ T5279] batman_adv: batadv0: Adding interface: batadv_slave_1
[  189.520763][ T5279] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  189.844745][ T4266] Bluetooth: hci1: command 0x041b tx timeout
[  189.990284][ T5279] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  190.224657][ T5325] sctp: failed to load transform for md5: -4
[  190.450831][ T5338] binder: 5335:5338 ioctl 4018620d 0 returned -22
[  190.584802][   T22] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  191.463841][ T5338] loop3: detected capacity change from 0 to 32768
[  191.831005][ T5338] 
[  191.831005][ T5338]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  191.831005][ T5338] 
[  191.856120][ T5338] ERROR: (device loop3): diWrite: ixpxd invalid
[  191.856120][ T5338] 
[  191.867849][ T5338] ERROR: (device loop3): txCommit: 
[  191.867849][ T5338] 
[  191.878974][ T5338] jfs_create: dtSearch returned -17
[  191.924702][ T4266] Bluetooth: hci1: command 0x040f tx timeout
[  191.934815][   T22] usb 1-1: Using ep0 maxpacket: 16
[  192.146275][   T22] usb 1-1: unable to get BOS descriptor or descriptor too short
[  192.216841][   T22] usb 1-1: config 1 interface 0 altsetting 127 endpoint 0x81 has an invalid bInterval 39, changing to 9
[  192.310595][   T22] usb 1-1: config 1 interface 0 altsetting 127 endpoint 0x81 has invalid maxpacket 1536, setting to 1024
[  192.372798][   T22] usb 1-1: config 1 interface 0 altsetting 127 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  192.386436][   T22] usb 1-1: config 1 interface 0 has no altsetting 0
[  192.396740][   T22] usb 1-1: New USB device found, idVendor=05ac, idProduct=0242, bcdDevice= 0.40
[  192.496275][   T22] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.586078][ T5353] netlink: 16 bytes leftover after parsing attributes in process `syz.5.209'.
[  193.261705][   T22] usb 1-1: Product: О
[  193.397069][   T22] usb 1-1: Manufacturer: 촖▏Ŗꄺᵆⶱ픡⹮ﮤ큦݅喥鮣猱鯿Ⱶ俸쯡십ꃟ䲑볬䪍鋫磲﵃뉱⮦Ꮅꀸꓼ꨸㾨ᦏⰚ罎早‫஺裁抉蛙ಽ宀Ⱚ盩憁ብ仗揀齍䙉䣜쎌ᛆԁ쉵鉟찦굤쉣㐷뙖魛恥ࡦꘀଋ㈶춣跐邋䥇쮴굕뽠ߗ튘槤䫄씍ꀇᒵ➊ꀛ䖢尵䊢㨯꼍㑥思⋏䮸徉闱扶╌⑏
[  193.616975][   T22] usb 1-1: SerialNumber: syz
[  193.794057][ T5279] device hsr_slave_0 entered promiscuous mode
[  193.830326][   T22] usb 1-1: can't set config #1, error -71
[  193.836166][ T4261] 
[  193.836166][ T4261]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  193.836166][ T4261] 
[  193.836198][ T4261] 
[  193.836198][ T4261]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  193.836198][ T4261] 
[  193.863060][ T5279] device hsr_slave_1 entered promiscuous mode
[  193.909237][ T5279] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  193.927356][ T5279] Cannot create hsr debugfs directory
[  193.939083][   T22] usb 1-1: USB disconnect, device number 6
[  194.016249][ T4266] Bluetooth: hci1: command 0x0419 tx timeout
[  194.182497][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  194.189429][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  195.570219][ T5279] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  195.695121][ T5279] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  195.748986][ T5279] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  195.796366][ T5279] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  196.165600][   T22] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  196.196649][ T5279] 8021q: adding VLAN 0 to HW filter on device bond0
[  196.241128][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  196.253792][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  196.287782][ T5279] 8021q: adding VLAN 0 to HW filter on device team0
[  196.294753][ T4253] Bluetooth: hci3: command 0x0406 tx timeout
[  196.300805][ T4253] Bluetooth: hci4: command 0x0406 tx timeout
[  196.310401][ T4253] Bluetooth: hci0: command 0x0406 tx timeout
[  196.316619][ T4253] Bluetooth: hci2: command 0x0406 tx timeout
[  196.366481][   T22] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  196.401025][   T22] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  196.488975][ T5339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  196.505621][ T5339] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  196.511510][   T22] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  196.523110][ T5339] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.530280][ T5339] bridge0: port 1(bridge_slave_0) entered forwarding state
[  196.568996][   T22] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.801204][   T22] usb 4-1: Product: syz
[  196.908845][   T22] usb 4-1: Manufacturer: syz
[  197.029055][   T22] usb 4-1: SerialNumber: syz
[  197.179291][ T5339] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  197.190965][   T22] usb 4-1: config 0 descriptor??
[  197.245387][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  197.254132][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  197.262804][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.270153][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[  197.350094][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  197.397176][ T5271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  197.432138][ T5271] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  197.652691][ T5271] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  197.844726][ T5271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  198.044278][ T5271] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  198.278928][ T5271] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  198.302036][ T5271] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  198.311946][ T5271] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  198.320819][ T5271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  198.330735][ T5271] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  198.356616][ T5279] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  198.368146][ T5380] loop4: detected capacity change from 0 to 32768
[  198.480996][ T5380] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  199.053498][ T5408] netlink: 16 bytes leftover after parsing attributes in process `syz.0.220'.
[  200.010077][ T5415] binder: 5412:5415 ioctl 4018620d 0 returned -22
[  201.236480][ T5415] loop0: detected capacity change from 0 to 32768
[  202.327931][   T22] usb 4-1: can't set config #0, error -110
[  202.343084][ T5415] 
[  202.343084][ T5415]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  202.343084][ T5415] 
[  202.368353][ T5415] ERROR: (device loop0): diWrite: ixpxd invalid
[  202.368353][ T5415] 
[  202.377799][ T5415] ERROR: (device loop0): txCommit: 
[  202.377799][ T5415] 
[  202.390114][ T5415] jfs_create: dtSearch returned -17
[  202.773904][   T22] usb 4-1: USB disconnect, device number 6
[  203.125984][ T4260] ocfs2: Unmounting device (7,4) on (node local)
[  203.226494][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  203.234021][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  203.280995][ T5279] 8021q: adding VLAN 0 to HW filter on device batadv0
[  203.341704][ T4263] 
[  203.341704][ T4263]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  203.341704][ T4263] 
[  203.384794][ T4263] 
[  203.384794][ T4263]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  203.384794][ T4263] 
[  203.612702][ T5425] loop5: detected capacity change from 0 to 512
[  203.703436][ T5425] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.224: invalid indirect mapped block 256 (level 2)
[  203.913336][ T5425] EXT4-fs (loop5): 2 truncates cleaned up
[  203.924982][ T5425] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  204.683813][ T5435] netlink: 'syz.3.225': attribute type 10 has an invalid length.
[  204.759088][ T5435] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  205.566089][ T4612] EXT4-fs (loop5): unmounting filesystem.
[  206.316326][ T5456] netlink: 'syz.5.228': attribute type 10 has an invalid length.
[  208.778848][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  208.793363][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  208.816623][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  208.825943][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  208.837614][ T5279] device veth0_vlan entered promiscuous mode
[  208.845208][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  208.853602][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  208.869143][ T5279] device veth1_vlan entered promiscuous mode
[  208.902510][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  208.913042][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  208.921798][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  208.930766][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  208.942955][ T5279] device veth0_macvtap entered promiscuous mode
[  209.089835][ T5471] netlink: 16 bytes leftover after parsing attributes in process `syz.4.230'.
[  209.164386][ T5279] device veth1_macvtap entered promiscuous mode
[  209.272893][ T5477] netlink: 52 bytes leftover after parsing attributes in process `syz.5.232'.
[  209.317166][ T5477] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.325628][ T5477] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.363716][ T5473] loop0: detected capacity change from 0 to 512
[  209.392860][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.415914][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.453464][ T5473] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  209.470668][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.495602][ T5473] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  209.505941][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.532557][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.554632][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.564665][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.577141][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.590450][ T5473] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  209.604226][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.615023][ T5473] EXT4-fs (loop0): 1 truncate cleaned up
[  209.620702][ T5473] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  209.661069][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.805909][ T5279] batman_adv: batadv0: Interface activated: batadv_slave_0
[  209.817760][ T5354] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  209.856569][ T5354] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  209.867603][ T5354] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  209.876961][ T5354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  209.901085][ T4263] EXT4-fs (loop0): unmounting filesystem.
[  209.920646][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  209.954577][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.984631][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  210.018545][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.069353][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  210.080416][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.091779][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  210.102846][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.113332][ T5279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  210.124487][ T5279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.136515][ T5279] batman_adv: batadv0: Interface activated: batadv_slave_1
[  210.149749][ T5279] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  210.274765][ T5279] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  210.283613][ T5279] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  211.062968][ T5484] binder: 5481:5484 ioctl 4018620d 0 returned -22
[  211.102612][ T5279] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  211.999293][ T5340] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  212.009025][ T5340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  212.178928][ T5494] netlink: 'syz.0.236': attribute type 10 has an invalid length.
[  212.301000][ T5269] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  212.329130][ T5269] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  212.435657][ T4514] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  212.482233][ T4449] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  212.511967][ T4449] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  212.566162][ T5501] loop0: detected capacity change from 0 to 512
[  212.574194][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  212.692484][ T5501] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.237: invalid indirect mapped block 256 (level 2)
[  212.785846][ T5501] EXT4-fs (loop0): 2 truncates cleaned up
[  212.791750][ T5501] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  212.889552][ T5484] loop5: detected capacity change from 0 to 32768
[  212.959715][ T5484] 
[  212.959715][ T5484]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.959715][ T5484] 
[  213.163955][ T5484] read_mapping_page failed!
[  213.191703][ T5484] diRead: diIAGRead returned -5
[  213.219304][ T4263] EXT4-fs (loop0): unmounting filesystem.
[  215.277860][ T5533] netlink: 12 bytes leftover after parsing attributes in process `syz.5.245'.
[  215.302599][ T5531] loop6: detected capacity change from 0 to 1024
[  217.215880][ T5542] netlink: 4 bytes leftover after parsing attributes in process `syz.4.244'.
[  217.314850][ T4861] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  217.447446][ T5547] netlink: 'syz.5.246': attribute type 10 has an invalid length.
[  217.521341][ T4861] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  218.222669][ T4861] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  218.236946][ T4861] usb 1-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  218.248744][ T4861] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.257173][ T4861] usb 1-1: Product: syz
[  218.265853][ T4861] usb 1-1: Manufacturer: syz
[  218.349100][ T4861] usb 1-1: SerialNumber: syz
[  218.363645][ T4861] usb 1-1: config 0 descriptor??
[  218.467113][ T4861] usb 1-1: can't set config #0, error -71
[  218.509924][ T4861] usb 1-1: USB disconnect, device number 7
[  218.543332][ T5553] netlink: 16 bytes leftover after parsing attributes in process `syz.6.247'.
[  219.326575][ T5552] loop3: detected capacity change from 0 to 512
[  219.388813][ T5555] loop5: detected capacity change from 0 to 1024
[  219.436511][ T5555] syz.5.250: attempt to access beyond end of device
[  219.436511][ T5555] loop5: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[  219.493643][ T5555] Buffer I/O error on dev loop5, logical block 100663296, async page read
[  219.549174][ T5557] loop6: detected capacity change from 0 to 256
[  219.586302][ T5555] syz.5.250: attempt to access beyond end of device
[  219.586302][ T5555] loop5: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[  219.648043][ T5555] Buffer I/O error on dev loop5, logical block 100663296, async page read
[  219.736731][ T5564] binder: 5561:5564 ioctl 4018620d 0 returned -22
[  220.722373][ T5564] loop0: detected capacity change from 0 to 32768
[  221.198610][ T5564] 
[  221.198610][ T5564]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  221.198610][ T5564] 
[  221.224850][ T5563] ERROR: (device loop0): diWrite: ixpxd invalid
[  221.224850][ T5563] 
[  221.234211][ T5563] ERROR: (device loop0): txCommit: 
[  221.234211][ T5563] 
[  221.256771][ T5563] jfs_create: dtSearch returned -17
[  221.403684][ T5552] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  221.501339][ T5552] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  221.523459][ T5557] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  222.142017][ T5570] netlink: 52 bytes leftover after parsing attributes in process `syz.3.248'.
[  222.165661][ T5570] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.174281][ T5570] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.277451][ T4263] 
[  222.277451][ T4263]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  222.277451][ T4263] 
[  222.298880][ T4263] 
[  222.298880][ T4263]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  222.298880][ T4263] 
[  222.511719][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  223.743648][ T5595] loop0: detected capacity change from 0 to 512
[  223.808369][ T5595] EXT4-fs: Mount option(s) incompatible with ext3
[  224.354912][ T5612] netlink: 16 bytes leftover after parsing attributes in process `syz.5.260'.
[  225.041864][ T5607] netlink: 'syz.6.261': attribute type 10 has an invalid length.
[  225.219791][ T5607] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  226.070151][ T5620] loop5: detected capacity change from 0 to 16
[  226.119655][ T5620] erofs: (device loop5): mounted with root inode @ nid 36.
[  226.148527][ T5622] netlink: 16 bytes leftover after parsing attributes in process `syz.0.265'.
[  226.256157][ T5625] binder: 5619:5625 ioctl 4018620d 0 returned -22
[  227.544114][ T5625] loop4: detected capacity change from 0 to 32768
[  227.568220][ T5625] 
[  227.568220][ T5625]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  227.568220][ T5625] 
[  227.592417][ T5624] ERROR: (device loop4): diWrite: ixpxd invalid
[  227.592417][ T5624] 
[  227.610967][ T5624] ERROR: (device loop4): txCommit: 
[  227.610967][ T5624] 
[  227.623358][ T5624] jfs_create: dtSearch returned -17
[  228.036514][ T5620] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  228.125549][ T5620] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -20 in[58, 4038] out[1851]
[  228.220343][ T4260] 
[  228.220343][ T4260]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  228.220343][ T4260] 
[  228.243556][ T5620] erofs: (device loop5): z_erofs_read_folio: failed to read, err [-117]
[  228.265233][ T4260] 
[  228.265233][ T4260]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  228.265233][ T4260] 
[  228.329150][ T5631] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  228.395362][ T5631] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -20 in[58, 4038] out[1851]
[  228.461438][ T5631] erofs: (device loop5): z_erofs_read_folio: failed to read, err [-117]
[  228.484709][ T5621] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  228.555000][ T5621] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -20 in[58, 4038] out[1851]
[  228.791485][ T5621] erofs: (device loop5): z_erofs_read_folio: failed to read, err [-117]
[  229.737471][ T5650] loop5: detected capacity change from 0 to 1024
[  229.833178][ T5650] ext4: Unknown parameter 'obj_user'
[  231.118994][ T5650] loop5: detected capacity change from 0 to 32768
[  231.188549][ T5650] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.270 (5650)
[  231.415605][ T5665] netlink: 16 bytes leftover after parsing attributes in process `syz.4.273'.
[  232.092275][ T5650] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  232.092534][ T5650] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  232.092595][ T5650] BTRFS info (device loop5): setting nodatacow, compression disabled
[  232.092643][ T5650] BTRFS info (device loop5): max_inline at 0
[  232.092666][ T5650] BTRFS info (device loop5): enabling disk space caching
[  232.092687][ T5650] BTRFS info (device loop5): turning off barriers
[  232.092705][ T5650] BTRFS info (device loop5): turning on flush-on-commit
[  232.092730][ T5650] BTRFS info (device loop5): doing ref verification
[  232.092752][ T5650] BTRFS info (device loop5): force clearing of disk cache
[  232.092801][ T5650] BTRFS info (device loop5): enabling ssd optimizations
[  232.092841][ T5650] BTRFS info (device loop5): max_inline at 4096
[  232.092865][ T5650] BTRFS info (device loop5): disk space caching is enabled
[  233.228240][ T5691] netlink: 'syz.4.276': attribute type 10 has an invalid length.
[  233.515847][ T5650] BTRFS error (device loop5): open_ctree failed: -12
[  233.770277][ T5700] binder: 5694:5700 ioctl 4018620d 0 returned -22
[  234.925793][ T5700] loop3: detected capacity change from 0 to 32768
[  234.946361][ T5700] 
[  234.946361][ T5700]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  234.946361][ T5700] 
[  234.995429][ T5699] ERROR: (device loop3): diWrite: ixpxd invalid
[  234.995429][ T5699] 
[  235.010800][ T5699] ERROR: (device loop3): txCommit: 
[  235.010800][ T5699] 
[  235.021513][ T5699] jfs_create: dtSearch returned -17
[  235.841225][ T4634] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by udevd (4634)
[  236.024380][ T5711] FAULT_INJECTION: forcing a failure.
[  236.024380][ T5711] name failslab, interval 1, probability 0, space 0, times 1
[  236.068617][ T4261] 
[  236.068617][ T4261]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.068617][ T4261] 
[  236.097587][ T4261] 
[  236.097587][ T4261]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  236.097587][ T4261] 
[  236.114753][ T5711] CPU: 0 PID: 5711 Comm: syz.5.281 Not tainted 6.1.140-syzkaller #0
[  236.122800][ T5711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  236.132906][ T5711] Call Trace:
[  236.136220][ T5711]  <TASK>
[  236.139181][ T5711]  dump_stack_lvl+0x168/0x22e
[  236.143907][ T5711]  ? show_regs_print_info+0x12/0x12
[  236.149158][ T5711]  ? load_image+0x3b0/0x3b0
[  236.153709][ T5711]  ? __might_sleep+0xd0/0xd0
[  236.158337][ T5711]  ? __lock_acquire+0x7c50/0x7c50
[  236.163558][ T5711]  ? aa_file_perm+0x3ef/0xec0
[  236.168259][ T5711]  should_fail_ex+0x399/0x4d0
[  236.172956][ T5711]  should_failslab+0x5/0x20
[  236.177479][ T5711]  slab_pre_alloc_hook+0x59/0x310
[  236.182547][ T5711]  ? kernfs_fop_write_iter+0x155/0x4c0
[  236.188122][ T5711]  __kmem_cache_alloc_node+0x4f/0x260
[  236.193517][ T5711]  ? kernfs_fop_write_iter+0x155/0x4c0
[  236.199000][ T5711]  __kmalloc+0xa0/0x240
[  236.203172][ T5711]  kernfs_fop_write_iter+0x155/0x4c0
[  236.208480][ T5711]  vfs_write+0x44c/0x960
[  236.212734][ T5711]  ? file_end_write+0x250/0x250
[  236.217598][ T5711]  ? __fget_files+0x44a/0x4d0
[  236.222308][ T5711]  ? __fdget_pos+0x2ae/0x360
[  236.226916][ T5711]  ? ksys_write+0x71/0x240
[  236.231344][ T5711]  ksys_write+0x143/0x240
[  236.235689][ T5711]  ? __ia32_sys_read+0x80/0x80
[  236.240464][ T5711]  ? lockdep_hardirqs_on+0x94/0x140
[  236.245689][ T5711]  do_syscall_64+0x4c/0xa0
[  236.250126][ T5711]  ? clear_bhb_loop+0x60/0xb0
[  236.254814][ T5711]  ? clear_bhb_loop+0x60/0xb0
[  236.259502][ T5711]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  236.265434][ T5711] RIP: 0033:0x7f8bbf98e969
[  236.269874][ T5711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.289508][ T5711] RSP: 002b:00007f8bc078e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  236.297947][ T5711] RAX: ffffffffffffffda RBX: 00007f8bbfbb5fa0 RCX: 00007f8bbf98e969
[  236.305933][ T5711] RDX: 0000000000000012 RSI: 0000200000000080 RDI: 0000000000000005
[  236.313915][ T5711] RBP: 00007f8bc078e090 R08: 0000000000000000 R09: 0000000000000000
[  236.321901][ T5711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  236.329886][ T5711] R13: 0000000000000000 R14: 00007f8bbfbb5fa0 R15: 00007fff13fd1f58
[  236.337920][ T5711]  </TASK>
[  238.630513][ T4336] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  238.673743][ T5733] netlink: 'syz.4.287': attribute type 10 has an invalid length.
[  238.834714][ T4336] usb 6-1: Using ep0 maxpacket: 32
[  238.842147][ T4336] usb 6-1: config 4 has an invalid interface number: 228 but max is 0
[  238.870328][ T4336] usb 6-1: config 4 has no interface number 0
[  238.880791][ T5740] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  238.904822][ T4336] usb 6-1: config 4 interface 228 altsetting 68 endpoint 0x7 has an invalid bInterval 147, changing to 11
[  238.922327][ T4336] usb 6-1: config 4 interface 228 altsetting 68 endpoint 0x7 has invalid maxpacket 41529, setting to 1024
[  238.936870][ T5740] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  238.956102][ T4336] usb 6-1: config 4 interface 228 has no altsetting 0
[  238.989343][ T5740] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  239.007816][ T4336] usb 6-1: New USB device found, idVendor=0499, idProduct=a9a2, bcdDevice=c4.e8
[  239.040466][ T4336] usb 6-1: New USB device strings: Mfr=1, Product=25, SerialNumber=3
[  239.057557][ T5740] device bridge_slave_0 left promiscuous mode
[  239.080279][ T4336] usb 6-1: Product: syz
[  239.087035][ T5740] bridge0: port 1(bridge_slave_0) entered disabled state
[  239.116704][ T4336] usb 6-1: Manufacturer: syz
[  239.131060][ T4336] usb 6-1: SerialNumber: syz
[  239.815653][ T5740] device bridge_slave_1 left promiscuous mode
[  239.823047][ T5740] bridge0: port 2(bridge_slave_1) entered disabled state
[  239.872696][ T4336] usb 6-1: can't set config #4, error -71
[  239.895617][ T4336] usb 6-1: USB disconnect, device number 4
[  239.942506][ T5740] bond0: (slave bond_slave_0): Releasing backup interface
[  239.976146][ T5740] bond0: (slave bond_slave_1): Releasing backup interface
[  240.305440][ T5740] team0: Port device team_slave_0 removed
[  240.756242][ T5740] team0: Port device team_slave_1 removed
[  240.769958][ T5740] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  240.808057][ T5740] batman_adv: batadv0: Removing interface: batadv_slave_0
[  240.850180][ T5740] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  240.883101][ T5740] batman_adv: batadv0: Removing interface: batadv_slave_1
[  240.958672][ T5740] bond0: (slave macvlan0): Releasing backup interface
[  241.431868][ T5769] binder: 5766:5769 ioctl 4018620d 0 returned -22
[  242.324642][ T4266] Bluetooth: hci5: command 0x0406 tx timeout
[  242.427779][ T5769] loop0: detected capacity change from 0 to 32768
[  242.828813][ T5769] 
[  242.828813][ T5769]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  242.828813][ T5769] 
[  242.850592][ T5769] ERROR: (device loop0): diWrite: ixpxd invalid
[  242.850592][ T5769] 
[  242.863710][ T5769] ERROR: (device loop0): txCommit: 
[  242.863710][ T5769] 
[  242.875169][ T5769] jfs_create: dtSearch returned -17
[  243.576540][ T5779] netlink: 'syz.4.298': attribute type 10 has an invalid length.
[  243.760590][ T5786] FAULT_INJECTION: forcing a failure.
[  243.760590][ T5786] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  243.783703][ T5786] CPU: 1 PID: 5786 Comm: syz.3.300 Not tainted 6.1.140-syzkaller #0
[  243.791748][ T5786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  243.801837][ T5786] Call Trace:
[  243.805142][ T5786]  <TASK>
[  243.808090][ T5786]  dump_stack_lvl+0x168/0x22e
[  243.812804][ T5786]  ? show_regs_print_info+0x12/0x12
[  243.818031][ T5786]  ? load_image+0x3b0/0x3b0
[  243.822561][ T5786]  ? __lock_acquire+0x7c50/0x7c50
[  243.827624][ T5786]  ? snprintf+0xd7/0x120
[  243.831898][ T5786]  should_fail_ex+0x399/0x4d0
[  243.836606][ T5786]  _copy_to_user+0x2c/0x130
[  243.841147][ T5786]  simple_read_from_buffer+0xe3/0x150
[  243.846564][ T5786]  proc_fail_nth_read+0x19a/0x210
[  243.851641][ T5786]  ? proc_fault_inject_write+0x2f0/0x2f0
[  243.857314][ T5786]  ? fsnotify_perm+0x248/0x550
[  243.862117][ T5786]  ? proc_fault_inject_write+0x2f0/0x2f0
[  243.867780][ T5786]  vfs_read+0x2c0/0x920
[  243.871981][ T5786]  ? kernel_read+0x1e0/0x1e0
[  243.876617][ T5786]  ? __fget_files+0x28/0x4d0
[  243.881335][ T5786]  ? __fget_files+0x44a/0x4d0
[  243.886056][ T5786]  ? __fdget_pos+0x2ae/0x360
[  243.890676][ T5786]  ? ksys_read+0x71/0x240
[  243.895034][ T5786]  ksys_read+0x143/0x240
[  243.899311][ T5786]  ? vfs_write+0x960/0x960
[  243.903747][ T5786]  ? lockdep_hardirqs_on+0x94/0x140
[  243.909024][ T5786]  do_syscall_64+0x4c/0xa0
[  243.913492][ T5786]  ? clear_bhb_loop+0x60/0xb0
[  243.918635][ T5786]  ? clear_bhb_loop+0x60/0xb0
[  243.923349][ T5786]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  243.929271][ T5786] RIP: 0033:0x7fa2ce38d37c
[  243.933707][ T5786] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  243.953350][ T5786] RSP: 002b:00007fa2cf27e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  243.961789][ T5786] RAX: ffffffffffffffda RBX: 00007fa2ce5b6080 RCX: 00007fa2ce38d37c
[  243.969785][ T5786] RDX: 000000000000000f RSI: 00007fa2cf27e0a0 RDI: 0000000000000005
[  243.977781][ T5786] RBP: 00007fa2cf27e090 R08: 0000000000000000 R09: 0000000000000000
[  243.985780][ T5786] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000001
[  243.993773][ T5786] R13: 0000000000000001 R14: 00007fa2ce5b6080 R15: 00007ffd9b265d78
[  244.001797][ T5786]  </TASK>
[  244.649395][ T4263] 
[  244.649395][ T4263]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  244.649395][ T4263] 
[  244.684803][ T4263] 
[  244.684803][ T4263]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  244.684803][ T4263] 
[  246.509861][ T5811] loop0: detected capacity change from 0 to 512
[  246.564060][ T5811] EXT4-fs: Ignoring removed bh option
[  246.622058][ T5811] EXT4-fs: Mount option(s) incompatible with ext3
[  246.804903][ T4861] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  247.009991][ T4861] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  247.020700][ T4861] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  247.033389][ T4861] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  247.043143][ T4861] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.059925][ T4861] usb 4-1: config 0 descriptor??
[  247.356328][ T5822] loop5: detected capacity change from 0 to 128
[  247.492383][ T5822] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  247.528505][ T5822] ext4 filesystem being mounted at /38/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  247.541417][ T5826] loop0: detected capacity change from 0 to 512
[  247.697310][ T5826] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.310: invalid indirect mapped block 256 (level 2)
[  247.837709][ T5826] EXT4-fs (loop0): 2 truncates cleaned up
[  247.857127][ T5826] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  248.061560][ T5836] process 'syz.3.306' launched './file0' with NULL argv: empty string added
[  248.149715][ T4263] EXT4-fs (loop0): unmounting filesystem.
[  248.400902][ T5845] netlink: 'syz.0.312': attribute type 10 has an invalid length.
[  248.412427][ T5845] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  249.104630][ T4861] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  249.106929][ T5852] loop0: detected capacity change from 0 to 1024
[  249.157862][ T5852] hfsplus: unable to parse mount options
[  249.264430][ T5850] netlink: 8 bytes leftover after parsing attributes in process `syz.0.313'.
[  249.306051][ T4861] usb 6-1: no configurations
[  249.314202][ T4861] usb 6-1: can't read configurations, error -22
[  249.544760][ T4861] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  249.756643][ T4861] usb 6-1: no configurations
[  249.935299][ T4861] usb 6-1: can't read configurations, error -22
[  250.645982][ T4861] usb usb6-port1: attempt power cycle
[  252.603361][ T4612] EXT4-fs (loop5): unmounting filesystem.
[  252.667870][ T5869] loop0: detected capacity change from 0 to 16
[  252.919580][ T5869] erofs: (device loop0): mounted with root inode @ nid 36.
[  253.125947][ T5882] netlink: 16 bytes leftover after parsing attributes in process `syz.4.321'.
[  253.298832][ T4295] usb 4-1: USB disconnect, device number 7
[  253.509245][ T5891] netlink: 'syz.4.323': attribute type 10 has an invalid length.
[  253.913683][ T5898] loop4: detected capacity change from 0 to 512
[  254.071065][ T5869] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD2 format 8 for nid 36, please upgrade kernel
[  254.094699][ T5869] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD2 format 8 for nid 36, please upgrade kernel
[  254.176852][ T5907] netlink: 16 bytes leftover after parsing attributes in process `syz.5.325'.
[  255.062099][ T5902] netlink: 'syz.6.326': attribute type 10 has an invalid length.
[  255.194005][ T5898] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.324: invalid indirect mapped block 256 (level 2)
[  255.378559][ T5869] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-95]
[  255.387195][ T5897] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD2 format 8 for nid 36, please upgrade kernel
[  255.435235][ T5898] EXT4-fs (loop4): 2 truncates cleaned up
[  255.441748][ T5898] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  255.452319][ T5897] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD2 format 8 for nid 36, please upgrade kernel
[  255.492835][ T5897] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD2 format 8 for nid 36, please upgrade kernel
[  255.536219][ T5897] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-95]
[  255.608091][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  255.614448][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  255.668305][ T4260] EXT4-fs (loop4): unmounting filesystem.
[  255.764843][ T4242] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  256.774580][ T4242] usb 6-1: Using ep0 maxpacket: 16
[  256.784253][ T4242] usb 6-1: config 0 has an invalid interface number: 35 but max is 0
[  256.815128][ T4242] usb 6-1: config 0 has no interface number 0
[  256.840526][ T4242] usb 6-1: config 0 interface 35 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  256.900625][ T4242] usb 6-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=3e.04
[  257.020022][ T4242] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.045013][ T4242] usb 6-1: Product: syz
[  257.072715][ T4242] usb 6-1: Manufacturer: syz
[  257.098523][ T4242] usb 6-1: SerialNumber: syz
[  257.192348][ T4242] usb 6-1: config 0 descriptor??
[  260.225301][ T4861] usb 6-1: USB disconnect, device number 8
[  260.329609][ T5938] loop3: detected capacity change from 0 to 128
[  260.578610][ T5941] netlink: 'syz.4.334': attribute type 10 has an invalid length.
[  260.794350][ T5938] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  260.835203][ T5938] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  260.892549][ T5932] fscrypt (loop3, inode 12): Unsupported encryption flags (0x29)
[  260.916010][ T5932] tmpfs: Bad value for 'mpol'
[  261.067347][ T5957] netlink: 'syz.0.338': attribute type 10 has an invalid length.
[  262.254368][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  262.430112][ T5980] netlink: 56 bytes leftover after parsing attributes in process `syz.0.343'.
[  264.280498][ T6000] netlink: 'syz.3.348': attribute type 10 has an invalid length.
[  264.537037][ T6007] loop5: detected capacity change from 0 to 128
[  264.628116][ T6007] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  264.644776][ T6007] ext4 filesystem being mounted at /47/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  264.722622][ T6007] syz.5.351 (pid 6007) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  264.779646][ T6014] FAULT_INJECTION: forcing a failure.
[  264.779646][ T6014] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.793594][ T6014] CPU: 1 PID: 6014 Comm: syz.3.353 Not tainted 6.1.140-syzkaller #0
[  264.801704][ T6014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  264.811804][ T6014] Call Trace:
[  264.815109][ T6014]  <TASK>
[  264.818056][ T6014]  dump_stack_lvl+0x168/0x22e
[  264.822777][ T6014]  ? show_regs_print_info+0x12/0x12
[  264.828008][ T6014]  ? load_image+0x3b0/0x3b0
[  264.832618][ T6014]  ? __lock_acquire+0x7c50/0x7c50
[  264.837666][ T6014]  should_fail_ex+0x399/0x4d0
[  264.842346][ T6014]  _copy_from_user+0x2c/0x170
[  264.847042][ T6014]  ucma_write+0x15d/0x2e0
[  264.851408][ T6014]  ? ucma_get_global_nl_info+0x70/0x70
[  264.856895][ T6014]  ? common_file_perm+0x171/0x1c0
[  264.861945][ T6014]  ? fsnotify_perm+0x5a/0x550
[  264.866657][ T6014]  ? security_file_permission+0x75/0xa0
[  264.872211][ T6014]  ? ucma_get_global_nl_info+0x70/0x70
[  264.877773][ T6014]  vfs_write+0x2c4/0x960
[  264.882044][ T6014]  ? file_end_write+0x250/0x250
[  264.886924][ T6014]  ? __fget_files+0x28/0x4d0
[  264.891555][ T6014]  ? __fget_files+0x44a/0x4d0
[  264.896277][ T6014]  ? __fdget_pos+0x1d4/0x360
[  264.900986][ T6014]  ? ksys_write+0x71/0x240
[  264.905423][ T6014]  ksys_write+0x143/0x240
[  264.909767][ T6014]  ? __ia32_sys_read+0x80/0x80
[  264.914543][ T6014]  ? lockdep_hardirqs_on+0x94/0x140
[  264.919760][ T6014]  do_syscall_64+0x4c/0xa0
[  264.924189][ T6014]  ? clear_bhb_loop+0x60/0xb0
[  264.928874][ T6014]  ? clear_bhb_loop+0x60/0xb0
[  264.933571][ T6014]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  264.939487][ T6014] RIP: 0033:0x7fa2ce38e969
[  264.943907][ T6014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.963521][ T6014] RSP: 002b:00007fa2cf29f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  264.971942][ T6014] RAX: ffffffffffffffda RBX: 00007fa2ce5b5fa0 RCX: 00007fa2ce38e969
[  264.979923][ T6014] RDX: 0000000000000118 RSI: 0000200000000140 RDI: 0000000000000003
[  264.987898][ T6014] RBP: 00007fa2cf29f090 R08: 0000000000000000 R09: 0000000000000000
[  264.995892][ T6014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  265.003864][ T6014] R13: 0000000000000000 R14: 00007fa2ce5b5fa0 R15: 00007ffd9b265d78
[  265.011853][ T6014]  </TASK>
[  265.015050][    C1] vkms_vblank_simulate: vblank timer overrun
[  265.224208][ T4612] EXT4-fs (loop5): unmounting filesystem.
[  265.397930][ T6020] netlink: 'syz.0.354': attribute type 10 has an invalid length.
[  268.456219][ T6046] netlink: 'syz.0.363': attribute type 10 has an invalid length.
[  269.277020][ T6057] loop3: detected capacity change from 0 to 1024
[  270.405375][ T6057] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  270.413952][ T6057] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  270.511373][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  270.640484][ T6071] binder: 6068:6071 ioctl 4018620d 0 returned -22
[  271.897524][ T6071] loop4: detected capacity change from 0 to 32768
[  271.919129][ T6071] 
[  271.919129][ T6071]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  271.919129][ T6071] 
[  271.951779][ T6071] ERROR: (device loop4): diWrite: ixpxd invalid
[  271.951779][ T6071] 
[  271.961259][ T6071] ERROR: (device loop4): txCommit: 
[  271.961259][ T6071] 
[  271.989989][ T6071] jfs_create: dtSearch returned -17
[  273.526716][ T4260] 
[  273.526716][ T4260]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  273.526716][ T4260] 
[  273.544658][ T4260] 
[  273.544658][ T4260]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  273.544658][ T4260] 
[  275.214936][ T4336] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  275.452739][ T4336] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  275.514680][ T4336] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  275.548598][ T4336] usb 6-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  275.655710][ T4336] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  275.663769][ T4336] usb 6-1: Product: syz
[  275.678526][ T4336] usb 6-1: Manufacturer: syz
[  275.683176][ T4336] usb 6-1: SerialNumber: syz
[  276.425999][ T4336] usb 6-1: config 0 descriptor??
[  276.444733][ T4336] snd-usb-audio: probe of 6-1:0.0 failed with error -90
[  276.603954][ T4299] usb 6-1: USB disconnect, device number 9
[  276.889564][ T6096] netlink: 'syz.3.371': attribute type 10 has an invalid length.
[  277.836981][ T6100] netlink: 'syz.5.378': attribute type 10 has an invalid length.
[  278.278488][ T6110] binder: 6108:6110 ioctl 4018620d 0 returned -22
[  279.547080][ T6110] loop5: detected capacity change from 0 to 32768
[  279.602720][ T6110] 
[  279.602720][ T6110]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  279.602720][ T6110] 
[  279.626738][ T6110] ERROR: (device loop5): diWrite: ixpxd invalid
[  279.626738][ T6110] 
[  279.636009][ T6110] ERROR: (device loop5): txCommit: 
[  279.636009][ T6110] 
[  279.646967][ T6110] jfs_create: dtSearch returned -17
[  280.469250][ T6116] capability: warning: `syz.0.384' uses deprecated v2 capabilities in a way that may be insecure
[  280.652431][ T4612] 
[  280.652431][ T4612]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  280.652431][ T4612] 
[  280.687457][ T4612] 
[  280.687457][ T4612]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  280.687457][ T4612] 
[  282.080239][ T6135] binder: 6133:6135 ioctl 4018620d 0 returned -22
[  283.807601][ T6135] loop5: detected capacity change from 0 to 32768
[  283.921945][ T6135] 
[  283.921945][ T6135]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  283.921945][ T6135] 
[  285.956379][ T6145] netlink: 'syz.0.392': attribute type 10 has an invalid length.
[  286.826609][ T6150] netlink: 'syz.3.393': attribute type 10 has an invalid length.
[  288.142224][ T6164] binder: 6160:6164 ioctl 4018620d 0 returned -22
[  289.189042][ T6164] loop3: detected capacity change from 0 to 32768
[  289.351419][ T4612] 
[  289.351419][ T4612]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  289.351419][ T4612] 
[  289.458973][ T6164] 
[  289.458973][ T6164]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  289.458973][ T6164] 
[  289.485080][ T6163] ERROR: (device loop3): diWrite: ixpxd invalid
[  289.485080][ T6163] 
[  289.494335][ T6163] ERROR: (device loop3): txCommit: 
[  289.494335][ T6163] 
[  289.506855][ T6163] jfs_create: dtSearch returned -17
[  289.754891][ T4612] 
[  289.754891][ T4612]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  289.754891][ T4612] 
[  289.896335][ T6169] binder: 6165:6169 ioctl 4018620d 0 returned -22
[  291.118191][ T6169] loop4: detected capacity change from 0 to 32768
[  291.138003][ T6169] 
[  291.138003][ T6169]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  291.138003][ T6169] 
[  291.165008][ T6169] ERROR: (device loop4): diWrite: ixpxd invalid
[  291.165008][ T6169] 
[  291.174278][ T6169] ERROR: (device loop4): txCommit: 
[  291.174278][ T6169] 
[  291.198942][ T6169] jfs_create: dtSearch returned -17
[  292.892356][ T4261] 
[  292.892356][ T4261]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  292.892356][ T4261] 
[  292.919713][ T4261] 
[  292.919713][ T4261]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  292.919713][ T4261] 
[  293.099885][ T4260] 
[  293.099885][ T4260]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  293.099885][ T4260] 
[  293.139963][ T4260] 
[  293.139963][ T4260]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  293.139963][ T4260] 
[  293.554887][ T4299] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  293.808642][ T4299] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  293.931760][ T4299] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  294.004885][ T4299] usb 6-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  294.034819][ T4299] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.042873][ T4299] usb 6-1: Product: syz
[  294.077581][ T4299] usb 6-1: Manufacturer: syz
[  294.082349][ T4299] usb 6-1: SerialNumber: syz
[  294.109699][ T4299] usb 6-1: config 0 descriptor??
[  294.132078][ T4299] snd-usb-audio: probe of 6-1:0.0 failed with error -90
[  294.339482][ T6182] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  294.348067][ T6182] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  294.545602][ T6196] netlink: 'syz.4.406': attribute type 10 has an invalid length.
[  295.613469][ T6201] netlink: 'syz.3.407': attribute type 10 has an invalid length.
[  295.642377][ T6203] overlayfs: missing 'lowerdir'
[  295.964448][ T4861] usb 6-1: USB disconnect, device number 10
[  297.476016][ T6223] binder: 6219:6223 ioctl 4018620d 0 returned -22
[  298.676064][ T6223] loop5: detected capacity change from 0 to 32768
[  300.156034][ T6223] 
[  300.156034][ T6223]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  300.156034][ T6223] 
[  300.510013][ T6220] ERROR: (device loop5): diWrite: ixpxd invalid
[  300.510013][ T6220] 
[  300.519870][ T6220] ERROR: (device loop5): txCommit: 
[  300.519870][ T6220] 
[  300.673962][ T6220] jfs_create: dtSearch returned -17
[  304.182094][ T6238] netlink: 'syz.4.419': attribute type 10 has an invalid length.
[  304.354919][ T4612] 
[  304.354919][ T4612]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  304.354919][ T4612] 
[  304.399672][ T4612] 
[  304.399672][ T4612]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  304.399672][ T4612] 
[  306.912459][ T6260] netlink: 'syz.5.423': attribute type 10 has an invalid length.
[  307.197736][ T6269] netlink: 12 bytes leftover after parsing attributes in process `syz.5.428'.
[  307.301820][ T6269] netlink: 666 bytes leftover after parsing attributes in process `syz.5.428'.
[  308.276042][ T6279] netlink: 'syz.3.432': attribute type 10 has an invalid length.
[  308.884644][ T4266] Bluetooth: hci1: command 0x0406 tx timeout
[  310.756187][ T6302] netlink: 'syz.6.439': attribute type 10 has an invalid length.
[  312.514919][ T6329] netlink: 'syz.3.446': attribute type 10 has an invalid length.
[  313.215218][   T28] INFO: task syz-executor:4251 blocked for more than 143 seconds.
[  313.323158][   T28]       Not tainted 6.1.140-syzkaller #0
[  313.384775][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  313.393646][   T28] task:syz-executor    state:D stack:21888 pid:4251  ppid:1      flags:0x00004004
[  313.403912][   T28] Call Trace:
[  313.408042][   T28]  <TASK>
[  313.411672][   T28]  __schedule+0x10e9/0x40d0
[  313.416544][   T28]  ? release_firmware_map_entry+0x18a/0x18a
[  313.422509][   T28]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  313.428822][   T28]  ? lock_chain_count+0x20/0x20
[  313.433884][   T28]  ? _raw_spin_lock_irq+0xab/0xe0
[  313.439353][   T28]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  313.444973][   T28]  schedule+0xb9/0x180
[  313.449302][   T28]  io_schedule+0x7c/0xd0
[  313.457024][   T28]  folio_wait_bit_common+0x6e1/0xf60
[  313.470644][   T28]  ? folio_wait_bit+0x30/0x30
[  313.480847][   T28]  ? migration_entry_wait_on_locked+0xe50/0xe50
[  313.488547][   T28]  ? folio_mapping+0x1ba/0x4d0
[  313.494390][   T28]  truncate_inode_pages_range+0x9a2/0xff0
[  313.500800][   T28]  ? mapping_evict_folio+0x520/0x520
[  313.506474][   T28]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  313.513621][   T28]  ? _raw_spin_unlock_irq+0x1f/0x40
[  313.606936][   T28]  ? lockdep_hardirqs_on+0x94/0x140
[  313.653007][ T6332] netlink: 12 bytes leftover after parsing attributes in process `syz.0.447'.
[  314.457921][   T28]  evict+0x498/0x870
[  314.464180][   T28]  ? proc_nr_inodes+0x2f0/0x2f0
[  314.477235][   T28]  ? do_raw_spin_unlock+0x11d/0x230
[  314.496322][   T28]  ? _raw_spin_unlock+0x24/0x40
[  314.514615][   T28]  ? do_raw_spin_unlock+0x11d/0x230
[  314.534219][   T28]  evict_inodes+0x604/0x690
[  314.538891][   T28]  ? clear_inode+0x150/0x150
[  314.543524][   T28]  ? dput+0x1c9/0x1d0
[  314.547694][   T28]  ? sync_filesystem+0x103/0x220
[  314.552664][   T28]  generic_shutdown_super+0x93/0x340
[  314.558138][   T28]  kill_block_super+0x7c/0xe0
[  314.562857][   T28]  deactivate_locked_super+0x93/0xf0
[  314.568444][   T28]  cleanup_mnt+0x463/0x4f0
[  314.572903][   T28]  ? lockdep_hardirqs_on+0x94/0x140
[  314.578186][   T28]  task_work_run+0x1ca/0x250
[  314.582888][   T28]  ? task_work_cancel+0x230/0x230
[  314.588022][   T28]  ? exit_to_user_mode_loop+0x3b/0x110
[  314.593613][   T28]  exit_to_user_mode_loop+0xe6/0x110
[  314.605925][   T28]  exit_to_user_mode_prepare+0xb1/0x140
[  314.611532][   T28]  syscall_exit_to_user_mode+0x16/0x40
[  314.650856][   T28]  do_syscall_64+0x58/0xa0
[  314.667615][   T28]  ? clear_bhb_loop+0x60/0xb0
[  314.672490][   T28]  ? clear_bhb_loop+0x60/0xb0
[  314.677724][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  314.683690][   T28] RIP: 0033:0x7f1156d8fc97
[  314.688211][   T28] RSP: 002b:00007ffd95bcd0d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  314.696691][   T28] RAX: 0000000000000000 RBX: 00007f1156e1089d RCX: 00007f1156d8fc97
[  314.704763][   T28] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd95bcd190
[  314.712769][   T28] RBP: 00007ffd95bcd190 R08: 0000000000000000 R09: 0000000000000000
[  314.720828][   T28] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd95bce220
[  314.728962][   T28] R13: 00007f1156e1089d R14: 0000000000027fb6 R15: 00007ffd95bce260
[  314.737639][   T28]  </TASK>
[  314.740924][   T28] 
[  314.740924][   T28] Showing all locks held in the system:
[  314.748746][   T28] 1 lock held by rcu_tasks_kthre/12:
[  314.754044][   T28]  #0: ffffffff8c92b4b0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00
[  314.764643][   T28] 1 lock held by rcu_tasks_trace/13:
[  314.769939][   T28]  #0: ffffffff8c92bcd0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00
[  314.781012][   T28] 1 lock held by khungtaskd/28:
[  314.785908][   T28]  #0: ffffffff8c92ab20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290
[  314.795854][   T28] 2 locks held by getty/4015:
[  314.800543][   T28]  #0: ffff88814cf81098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  314.810397][   T28]  #1: ffffc9000325e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x41b/0x1380
[  314.820583][   T28] 1 lock held by syz-executor/4251:
[  314.825887][   T28]  #0: ffff8880544a40e0 (&type->s_umount_key#60){+.+.}-{3:3}, at: deactivate_super+0xa0/0xd0
[  314.836178][   T28] 2 locks held by kworker/u4:15/4522:
[  314.841972][   T28]  #0: ffff888017479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7a1/0x1160
[  314.853271][   T28]  #1: ffffc90004d57d00 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x7a1/0x1160
[  314.864950][   T28] 
[  314.867287][   T28] =============================================
[  314.867287][   T28] 
[  314.875779][   T28] NMI backtrace for cpu 1
[  314.880125][   T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.1.140-syzkaller #0
[  314.888049][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  314.898226][   T28] Call Trace:
[  314.901509][   T28]  <TASK>
[  314.904445][   T28]  dump_stack_lvl+0x168/0x22e
[  314.909143][   T28]  ? show_regs_print_info+0x12/0x12
[  314.914443][   T28]  ? load_image+0x3b0/0x3b0
[  314.918953][   T28]  ? vprintk_emit+0x571/0x680
[  314.923811][   T28]  ? printk_sprint+0x460/0x460
[  314.928585][   T28]  nmi_cpu_backtrace+0x3f4/0x470
[  314.933528][   T28]  ? nmi_trigger_cpumask_backtrace+0x450/0x450
[  314.939684][   T28]  ? _printk+0xcc/0x110
[  314.943866][   T28]  ? load_image+0x3b0/0x3b0
[  314.948384][   T28]  ? load_image+0x3b0/0x3b0
[  314.952893][   T28]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  314.958984][   T28]  nmi_trigger_cpumask_backtrace+0x1d4/0x450
[  314.964995][   T28]  watchdog+0xeee/0xf30
[  314.969162][   T28]  ? watchdog+0x1ed/0xf30
[  314.973510][   T28]  kthread+0x29d/0x330
[  314.977592][   T28]  ? hungtask_pm_notify+0x40/0x40
[  314.982622][   T28]  ? kthread_blkcg+0xd0/0xd0
[  314.987225][   T28]  ret_from_fork+0x1f/0x30
[  314.991660][   T28]  </TASK>
[  314.995677][   T28] Sending NMI from CPU 1 to CPUs 0:
[  315.000923][    C0] NMI backtrace for cpu 0
[  315.000934][    C0] CPU: 0 PID: 4300 Comm: kworker/0:6 Not tainted 6.1.140-syzkaller #0
[  315.000952][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  315.000963][    C0] Workqueue: events free_work
[  315.000988][    C0] RIP: 0010:stack_trace_consume_entry+0xef/0x270
[  315.001012][    C0] Code: 8b 74 24 08 48 8b 1f 45 8d 79 01 0f b6 44 15 00 84 c0 0f 85 35 01 00 00 45 89 38 4e 8d 3c cb 4c 89 f8 48 c1 e8 03 80 3c 10 00 <74> 1a 4c 89 ff 48 89 f3 49 89 d4 4c 89 c5 e8 3e 9f 62 00 49 89 e8
[  315.001027][    C0] RSP: 0018:ffffc900042c75f8 EFLAGS: 00000246
[  315.001041][    C0] RAX: 1ffff92000858ef8 RBX: ffffc900042c7790 RCX: 0000000080000000
[  315.001055][    C0] RDX: dffffc0000000000 RSI: ffffffff81c5848a RDI: ffffc900042c7700
[  315.001068][    C0] RBP: 1ffff92000858ee2 R08: ffffc900042c7710 R09: 0000000000000006
[  315.001080][    C0] R10: fffff52000858ed5 R11: 1ffff92000858ed3 R12: 0000000000000000
[  315.001092][    C0] R13: 1ffff92000858ee1 R14: ffffc900042c7708 R15: ffffc900042c77c0
[  315.001105][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  315.001120][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  315.001132][    C0] CR2: 00007f3706780178 CR3: 00000000182f0000 CR4: 00000000003506f0
[  315.001148][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  315.001158][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  315.001169][    C0] Call Trace:
[  315.001174][    C0]  <TASK>
[  315.001180][    C0]  ? remove_vm_area+0x1aa/0x1d0
[  315.001204][    C0]  ? stack_trace_save+0xe0/0xe0
[  315.001224][    C0]  arch_stack_walk+0x100/0x140
[  315.001245][    C0]  ? remove_vm_area+0x1aa/0x1d0
[  315.001269][    C0]  stack_trace_save+0x98/0xe0
[  315.001289][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  315.001308][    C0]  ? __lock_acquire+0x13c0/0x7c50
[  315.001334][    C0]  ? memset+0x1e/0x40
[  315.001352][    C0]  kasan_set_track+0x4b/0x70
[  315.001376][    C0]  ? kasan_set_track+0x4b/0x70
[  315.001399][    C0]  ? kasan_save_free_info+0x2d/0x50
[  315.001433][    C0]  ? ____kasan_slab_free+0x126/0x1e0
[  315.001457][    C0]  ? slab_free_freelist_hook+0x131/0x1a0
[  315.001478][    C0]  ? kmem_cache_free+0xf7/0x290
[  315.001495][    C0]  ? free_vmap_area_noflush+0x448/0x9a0
[  315.001538][    C0]  ? kmem_cache_free+0xf7/0x290
[  315.001556][    C0]  kasan_save_free_info+0x2d/0x50
[  315.001573][    C0]  ____kasan_slab_free+0x126/0x1e0
[  315.001598][    C0]  slab_free_freelist_hook+0x131/0x1a0
[  315.001621][    C0]  ? free_vmap_area_noflush+0x448/0x9a0
[  315.001644][    C0]  kmem_cache_free+0xf7/0x290
[  315.001664][    C0]  free_vmap_area_noflush+0x448/0x9a0
[  315.001692][    C0]  remove_vm_area+0x1aa/0x1d0
[  315.001714][    C0]  __vunmap+0x33d/0xa00
[  315.001736][    C0]  ? __kmem_cache_free+0xb6/0x1f0
[  315.001757][    C0]  free_work+0x56/0x80
[  315.001776][    C0]  ? process_one_work+0x7a1/0x1160
[  315.001793][    C0]  process_one_work+0x898/0x1160
[  315.001816][    C0]  ? worker_detach_from_pool+0x240/0x240
[  315.001836][    C0]  ? _raw_spin_lock_irq+0xab/0xe0
[  315.001859][    C0]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  315.001881][    C0]  ? kthread_data+0x4b/0xc0
[  315.001905][    C0]  worker_thread+0xaa2/0x1250
[  315.001934][    C0]  kthread+0x29d/0x330
[  315.001956][    C0]  ? worker_clr_flags+0x1a0/0x1a0
[  315.001972][    C0]  ? kthread_blkcg+0xd0/0xd0
[  315.001996][    C0]  ret_from_fork+0x1f/0x30
[  315.002024][    C0]  </TASK>
[  315.005423][   T28] Kernel panic - not syncing: hung_task: blocked tasks
[  315.005438][   T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.1.140-syzkaller #0
[  315.005460][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  315.005474][   T28] Call Trace:
[  315.005481][   T28]  <TASK>
[  315.005489][   T28]  dump_stack_lvl+0x168/0x22e
[  315.005523][   T28]  ? memcpy+0x3c/0x60
[  315.005547][   T28]  ? show_regs_print_info+0x12/0x12
[  315.005577][   T28]  ? load_image+0x3b0/0x3b0
[  315.005611][   T28]  panic+0x2c9/0x710
[  315.005644][   T28]  ? schedule_preempt_disabled+0x20/0x20
[  315.005673][   T28]  ? bpf_jit_dump+0xd0/0xd0
[  315.005706][   T28]  ? __irq_work_queue_local+0x12c/0x190
[  315.005743][   T28]  ? nmi_trigger_cpumask_backtrace+0x35b/0x450
[  315.005776][   T28]  ? nmi_trigger_cpumask_backtrace+0x360/0x450
[  315.005809][   T28]  watchdog+0xf2d/0xf30
[  315.005838][   T28]  ? watchdog+0x1ed/0xf30
[  315.005868][   T28]  kthread+0x29d/0x330
[  315.005898][   T28]  ? hungtask_pm_notify+0x40/0x40
[  315.005922][   T28]  ? kthread_blkcg+0xd0/0xd0
[  315.005955][   T28]  ret_from_fork+0x1f/0x30
[  315.005998][   T28]  </TASK>
[  315.009181][   T28] Kernel Offset: disabled
[  315.448223][   T28] Rebooting in 86400 seconds..