last executing test programs:

17m18.302017267s ago: executing program 32 (id=186):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0xff43, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a300000000040000380080001400000000008000240000000002c0900000000000000656e65766530000000000000000000140001007767320000000000000000000000000048000000180a010100"], 0xfc}}, 0x0)

16m48.414426153s ago: executing program 33 (id=238):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0xff43, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a300000000040000380080001400000000008000240000000002c0900000000000000656e65766530000000000000000000140001007767320000000000000000000000000048000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000"], 0xfc}}, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r1, 0x8108551b, &(0x7f0000000000)={0xffffffff, 0x1, "6e9fe44d4d0b00000074fcffff14e315eebfdd73835e57efa94b1a0275781c647aa7e3470c6028641b17832b10b386a6f73791011c22a990541f406e312295ee620a9a46573bf6ed5b67ed2904e1ff379742c3f0b46caa357d70ee438f90c3f820819517454618de595cd179445b4bdbf698b9986356f0ebf7d2d24ae9f0bf94b99e6b87d65f79d383d05bb32701daed400785a497881fd4f6cfdfe756bc00d08e36655c0000000000000000000000000d000000024aa3910000000000911e000000005fafcb45b63246dc00"})
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
chown(0x0, 0x0, 0xee01)
ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, 0x0, 0x2f7e, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xaf4, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x1000)
getgroups(0x5, &(0x7f0000000280)=[0xffffffffffffffff, 0xee00, 0xee01, 0x0, 0x0])
lsetxattr$system_posix_acl(&(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='system.posix_acl_default\x00', &(0x7f0000000380)={{}, {}, [{0x2, 0x0, 0xee00}], {0x4, 0x1}, [{0x8, 0x3, 0xffffffffffffffff}, {0x8, 0x6, r3}], {0x10, 0x1}}, 0x3c, 0x3)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

10m3.579709204s ago: executing program 3 (id=1131):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000600), 0x1, 0x563, &(0x7f0000000640)="$eJzs3c9vFFUcAPDvm/7gR9UWYlQ8aBNjIFFaWsAQ4wHuhOCPmxdXWgiy/Ait0aKJkODFxHjxYOLJg/hfKNGrJ28evHgyJMQYjiaume1MWehuacuuU5nPJ5l23rzdfN/s5rtv5u2b2QBqazL/k0XsiYhLKWK8o244isrJ5cfd+evjU/mSotV6888UqdhWPj4V/8eKJ2+PiF9+TLF7aHXchaUr5xrN5vzlojy9eP7S9MLSlf1nzzfOzJ+ZvzD7yuyRw4cOH5k50Ld9PX79vQ/GPzvx9rdf/51mvvvtRIqj0Wq1Pon79qNfJmNy5TXplL+uR/odrCJDxf50vsVpuMIGsSHl+zcSEU/HeAzF3TdvPD59vdLGAQPVSpH3gUAtJfkPNVUeB5Tn9oM4Dwa2ptvHlgcAVuf/8PLYYGxvjw3svJOic1gnRUQ/RubyGD//dOJ6vsSAxuGA7q5ei4hnuuV/aufmRHsUP8//7J78zyLiZPE/3/7GJuNP3leW//DfeZj8f6cj/9/dZHz5DwAAAAAAAP1z81hEvNzt+79sZf5PdJn/MxYRR/sQ/8Hf/2W3+hAG6OL2sYjXus7/zcqHTAwVpcfb8wFG0umzzfkDEfFEROyLkW15eWaNGPs/3/1Vr7rO+X/5kscv5wIW7bg1vO3e58w1FhsPs8/AstvXIp7tOv83rfT/qUv/n38eXFpnjN0v3jjZq+7B+Q8MSuubiL1d+/+7d65Ia9+fY7p9PDBdHhWs9txHX3zfK778h+rk/f/OtfN/InXer2dh4zEOLg23etVt9vh/NL3VvuXMaLHtw8bi4uWZiNF0fPX22Y23GR5FZT6U+ZLn/74X1h7/63b8vyMirq4z5lP/jP3eq07/D9XJ839uQ/3/xldmb0z80Cv++vr/Q+0+fV+xxfgfrG29CVp1OwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/yiLiMciZVMr61k2NRUxFhFPxs6seXFh8aXTF9+/MJfXtX//Pyt/6Xd8uZzK3/+f6CjP3lc+GBG7IuLLoR3t8tSpi825qnceAAAAAAAAAAAAAAAAAAAAtoixHtf/5/4Yqrp1wMANV90AoDLyH+pL/kN9yX+oL/kP9SX/ob7kP9SX/If6kv9QX/IfAAAAAAAeKbuev/lrioirr+5oL7nRom6k0pYBg5ZV3QCgMm7xA/Vl6g/Ul3N8ID2gfvumnwkAAAAAAAAAAAAA9MvePa7/h7py/T/Ul+v/ob5c/w/15RwfcP0/AAAAAAAAAAAAAGx9C0tXzjWazfnLVqxYsbKyUvUnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUPo3AAD//6ERJ48=")
syz_mount_image$fuse(0x0, &(0x7f00000002c0)='./bus\x00', 0x322020, 0x0, 0x1, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x22)
mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2)
openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/ip_tables_matches\x00')
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000640), r0)
sendmsg$IEEE802154_LLSEC_DEL_KEY(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x30, r2, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xc4}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x4008000}, 0x48004)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
shmat(0x0, &(0x7f0000001000/0x3000)=nil, 0x1000)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)

10m0.561187318s ago: executing program 3 (id=1138):
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a3200000000140000"], 0x7c}}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='\x04\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}h\xc6\v\xda\xbfS\x16 \x04\r\xcd\xdb\x9a\xd4\xaf\r\a\x00\x00\x00\xb6\x9b\xdb\xdc\xf3\xb9\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet_tcp(0x2, 0x1, 0x0)
connect$can_bcm(0xffffffffffffffff, &(0x7f00000000c0), 0x10)
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))
r5 = memfd_create(&(0x7f0000000340)='\x00\x01\x00\x00\x00\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\x00\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\x03\x00\x00\x00m\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xa1\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"F\xb4\x02\xc5T\xe5\xc7\x98\xcd\fs\x1ap^\xc1jL\xfb{\xd8\x9e;L9\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90F@\x8a_\xe0\xd7\xfag\x9f\xcfp2*}=\x01h\x04\x81V9\xa1Q\xe19\x85\xa4x\xb6/\xbe~M\xac%\x03\xdfm\x174\xb0\x8a{)$\xa6\xad\xadg6\x02P\xbf\x9a\x1d\xaeR\x1f_\x1b\x9cma\xc3\xa5\x19b\'H\x94|\x18\x8a\xd5\xbb\"\xfe\xdf\x8f', 0x7)
fallocate(r5, 0x0, 0x400000000000000, 0x7)
ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0)

9m58.645657803s ago: executing program 3 (id=1141):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x1e)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r1, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)
r2 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x1802, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f000000e280)={0x2020}, 0x2020)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040), 0x111}}, 0x20)
link(0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='scalable\x00', 0x9)
shutdown(r1, 0x1)
write(r0, &(0x7f0000000080)="0b000300010001", 0x7)

9m56.117063608s ago: executing program 3 (id=1145):
syz_mount_image$f2fs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x8, &(0x7f0000000600)=ANY=[@ANYBLOB="6661756c745f696e6a656374696f6e3d30303030303030303030303030303030313236322c6d6f64653d61646170746976652c616c6c6f635f6d6f64653d64656661756c742c636865636b706f696e743d656e61626c652c6163746976655f6c6f67733d362c6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6e6f61636c2c6d6f64653d61646170746976652c6e6f696e6c696e655f78617474722c6e6f657874656e745f63616368652c6e6f757365725f78617474722c6a71666d743d7666736f6c642c66617374626f6f742c67727071756f74613d2f6465762f75686964002c61636c2c0032f4ee2f6560cdca2b9483944e9645733866c506b49c56b50344a658491dfe1afc3bb0de511c48132c86a775315723c53de2957513b9e639dfab8b7e4f4097c16f12b630a63e3ee7aa89cfa87acb9e9436e3d4feae3c1c3fedb8759e622019ece82c31d9fe60c2e3300afffbbda9aa8515e815ffc77756449aee7d4dc8354a136775201fe90e0663c422eb5a7e10e72601606e640c6714946801fccf68f802ff1c466e968c229e988c70dbe2c74169c0e96f9117a800ef78cef7bea512401010266195fc419fabbb4304582cd727de0f01694c0e22f6bca0650e3f3e4c4aefef27a417b89a0ce12bce1898cc08bbacc339f2655241746a085213fe4d6edc276928e230d4663583ccad22e450718285ed6a84bad0c7d117de297a02d83173a5a3d62192e8b6882f1a34b2200fdb7de25a9c0657778fdf670dfbd28483194c7b288bd257fa84f4a9564651ee61761f4a364803b5aea822e4c5b52b5676bdba4d9bdcbf1b7ddda716f223a1bc6d1c5a150fa64e72f580f7bf672ce6c6d30f8bcf091186a89ff219d2272ff5f2c0b4f63cb92f4708d6d81bc1935a791bd1c3670ba93b4a4db772e29f150122528cbe24284f0d1064ba237debaa65d481756e427ad570171d1e9445fe5c06dd6335167686a2cf8f226eb57ebe530d4e72"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000008, 0x0, 0x0, 0x0, 0x0)
setxattr$trusted_overlay_origin(&(0x7f0000000180)='./file0\x00', &(0x7f0000000000), &(0x7f0000000b40), 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x8, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_on}]})

9m53.178765726s ago: executing program 3 (id=1150):
syz_io_uring_setup(0x112, &(0x7f0000000140)={0x0, 0x666f, 0x0, 0x3, 0x6c0}, &(0x7f0000000240)=<r0=>0x0, &(0x7f0000000280))
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f00000000c0)={[{0x0, 0x800, 0x0, 0x0, 0x0, 0xa5, 0xfd, 0x9, 0xa9, 0x4c, 0x0, 0x6, 0x40000000}, {0x8, 0x4005, 0x0, 0x0, 0x41, 0x0, 0x0, 0x0, 0x2, 0xff, 0x0, 0x2, 0x6}, {0x3fd, 0x4, 0x4, 0x5e, 0x0, 0x0, 0xb3, 0x0, 0x3, 0xfe, 0x80, 0xf6, 0x7}], 0x5})
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_setup(0x890, 0x0, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0xc08, 0x3, 0x460, 0x0, 0x5002004a, 0xb, 0x0, 0xea13, 0x3c8, 0x3c8, 0x3c8, 0x3c8, 0x3c8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2c8, 0x310, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00', {0x7}}}, @common=@ttl={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x8, 'pptp\x00'}}}, {{@uncond, 0x0, 0x98, 0xb8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4c0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, 0x0, 0x0, 0x4)
r5 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000cc0), 0x2, 0x0)
ioctl$VIDIOC_S_PARM(r5, 0xc0cc5616, &(0x7f0000000d00)={0xd, @output={0x1000, 0x1, {0xf7f, 0x1}, 0x6, 0xf03}})

9m51.552210537s ago: executing program 3 (id=1156):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000113000/0x3000)=nil, 0x400000, 0x3, 0x2})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x1, 0x10, &(0x7f0000002380)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0xd, 0x0, &(0x7f0000000180)="4e3f261e29a7fa764a1131a77b", 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r2, 0xc0045005, &(0x7f0000000580)=0xe)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r4}, 0x10)
execve(0x0, 0x0, 0x0)
shmget$private(0x0, 0x13000, 0x1, &(0x7f0000feb000/0x13000)=nil)
mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ff7000/0x2000)=nil)
socket$inet_udp(0x2, 0x2, 0x0)

9m50.799470238s ago: executing program 34 (id=1156):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000113000/0x3000)=nil, 0x400000, 0x3, 0x2})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x1, 0x10, &(0x7f0000002380)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0xd, 0x0, &(0x7f0000000180)="4e3f261e29a7fa764a1131a77b", 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r2, 0xc0045005, &(0x7f0000000580)=0xe)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r4}, 0x10)
execve(0x0, 0x0, 0x0)
shmget$private(0x0, 0x13000, 0x1, &(0x7f0000feb000/0x13000)=nil)
mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ff7000/0x2000)=nil)
socket$inet_udp(0x2, 0x2, 0x0)

4m29.680999418s ago: executing program 0 (id=1993):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xffffffdd)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f00000002c0)={&(0x7f0000000280)=[0x0], 0x1, 0x9})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r3 = getpid()
syz_open_dev$sndctrl(&(0x7f00000001c0), 0xffff, 0x84080)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@loopback, 0x4e22, 0x0, 0x1, 0x0, 0x2, 0x30}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x0, 0x0, 0x6}, 0x2253, 0x6e6bb0}, {{@in6=@local, 0x4d2, 0x6c}, 0x0, @in=@multicast1}}, 0xe8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x840}, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSBRKP(r6, 0x5425, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TCSETSW2(r7, 0x5408, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "23f555d9adb42d4408020e90d1beaa82dc1ecf"})
ioctl$TIOCGPGRP(r6, 0x5437, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})

4m27.910950952s ago: executing program 0 (id=1995):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8b37, 0x0)
fsopen(&(0x7f0000000300)='binfmt_misc\x00', 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
write$USERIO_CMD_SET_PORT_TYPE(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)

4m24.084702021s ago: executing program 0 (id=2002):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
recvmsg(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x10101)
write$uinput_user_dev(r1, 0x0, 0x0)
ioctl$UI_DEV_CREATE(r1, 0x5501)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="0203f30216000000001c00000000000002001b0008000000e9000000000000000300060000000000020000000000000000000000000000000200010000000000000003fcff000020030005000000000002000000ac1414aa00000000000000000a00080008"], 0xb0}, 0x1, 0x7}, 0x0)

4m22.903735366s ago: executing program 0 (id=2005):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
getdents(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1048001, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x3, 0x6c4ba42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xcd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0xfffffffffffffffb, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x200, 0x0, 0x40000000000, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x100000001]})

4m20.613138111s ago: executing program 0 (id=2008):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x446, &(0x7f00000001c0)={[{@stripe={'stripe', 0x3d, 0x2}}, {@journal_dev={'journal_dev', 0x3d, 0x1045}}, {@oldalloc}, {@noquota}, {@data_err_ignore}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@delalloc}, {@errors_continue}, {@orlov}, {@user_xattr}, {@quota}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0xfff7fffffffffff5}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x26, 0x75b, &(0x7f0000000d40)="$eJzs3M9rHOUbAPBnptmmP/L9bgTBHwcRWmihdJM0IO2p8eKtUCh4rSGZhJBJNmQ3tRsLtp6F2lwUBFHPHr0Kpf4B3qSg4F0QrfEgXlZms0lpmt1um6Qr6ecDk3ne+fW8T3Z4swN5J4AX1pvFjyRiKCIuR0S5vT2NiMOt6EjEzY3j1h/cmCqWJJrNK78nxWmx3ixvXStpr49H65R4NSLulSLOfPR43lpjdX4yz7PldnukvrA0Umusnp1bmJzNZrPFsfELo+fHx8+Pjj+xhld6rPXkuxeO3vnhnbW1H7+t335j4GwSE626o11bj5d5Khu/k1JMtNuH2uvF/UjWR0m/OwAAQE/S9nfSgda31HIcakUAAADAQdIcbAIAAAAHXhL97gEAAACwvzb/D2Bzbu9+zYPt5Le3I2J4p/wDrTnEEUeiFBHH1pNHZiYkG6fBrty8FRF3J7bff18Xd9jNXV57dFv70TnSh3d5dfbC3WL8mdhp/Em3xp/YYfwZ2Hx3wi51Hv8e5j/UYfy73GOO7754rdQx/62I1wcey//Ww/v/SCvXTvnf6zH/7bWP73Ta1/wq4tSOf3+SR3J1eT/ExMxc3vX1A/f+OX2/W/3HOuVPute/1GP9H6z/Od9pLCnynz7R/fPfKX9xT3zS7kcaEXfa66K9ti3HiYWfvu9W/3REc6f6n/T5f9lj/b98M3i9x0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgJY2IoUjSylacppVKxPGIeDmOpXm1Vj8zU11ZnC72RQxHKZ2Zy7PRiChvtJOiPdaKH7bPbWuPR8RLPx/dSDqXZ5Wpaj7d7+IBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYcjwihiJJKxGRRsRf5TStVCIGejh38Dn0DwAAANgjw/3uAAAAALDvPP8DAADAwfesz//JHvcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONAuX7pULM31Bzemivb0tcbKfPXa2emsNl9ZWJmqTFWXlyqz1epsnlWmqgtPul5erS6NXYiV6yP1rFYfqTVWry5UVxbrV+cWJmezq1npuVQFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA0xpqLUlaiYi0FadppRLxv4gYjlIyM5dnoxHx/4i4Xy4NFu2xfncaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAPVdrrM5P5nm2LBAInlvwYUT8B7rRJej3yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQD/UGqvzk3meLdf63RMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6K/01iYhiOVU+ObR97+Hk73JrHRHvf37l0+uT9fryWLH9j63t9c/a28/1o/8AAADwQrj4NAdvPqdvPscDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qtZYnZ/M82x5d8HFaKw2kw7H9LtGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg2fwbAAD//2Wnx3E=")
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r2}, &(0x7f0000000400), &(0x7f00000004c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
prctl$PR_SET_THP_DISABLE(0x29, 0x0)
rename(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00')
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, 0x0, 0x0)
read$rfkill(r0, &(0x7f00000003c0), 0x8)
sendmsg$NFT_BATCH(r3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = socket$netlink(0x10, 0x3, 0x2)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000006800)={&(0x7f0000000080)={0x44, r6, 0x615, 0x0, 0x2, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x44}, 0x5}, 0x0)
pwrite64(r0, &(0x7f0000000000)='6', 0x56, 0xffff)
r7 = open(&(0x7f0000000580)='./file1\x00', 0x64042, 0x169)
pwritev2(r7, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3)

4m18.351047585s ago: executing program 0 (id=2014):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4000810)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r4 = syz_io_uring_setup(0xa0, &(0x7f0000000480)={0x0, 0x105cc6, 0x1, 0x0, 0x207}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r3, 0xc000000, &(0x7f0000000000)=[{&(0x7f0000001600)=""/4096, 0x1000}, {0x0}], 0x2, 0x12})
io_uring_enter(r4, 0x847ba, 0x0, 0xe, 0x0, 0x0)

4m3.231850177s ago: executing program 35 (id=2014):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4000810)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r4 = syz_io_uring_setup(0xa0, &(0x7f0000000480)={0x0, 0x105cc6, 0x1, 0x0, 0x207}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r3, 0xc000000, &(0x7f0000000000)=[{&(0x7f0000001600)=""/4096, 0x1000}, {0x0}], 0x2, 0x12})
io_uring_enter(r4, 0x847ba, 0x0, 0xe, 0x0, 0x0)

2m50.931885775s ago: executing program 4 (id=2234):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x8000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x1c, 0x0, 0x0)
dup(0xffffffffffffffff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x40, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000080)=<r2=>0x0)
prlimit64(r2, 0xe23d708c27c4d9c6, 0x0, &(0x7f00000000c0))
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000001e00000018000180140002006e657464657673696d30"], 0x2c}}, 0x0)
shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000240)=""/236)
ioctl$CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, &(0x7f0000000000)={0x0, 0x0, 0x0, @raw})
socket$packet(0x11, 0x3, 0x300)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@delqdisc={0x2c, 0x25, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {0x5, 0xfff2}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0xb}]}, 0x2c}}, 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000012b80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x60, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, &(0x7f0000000600)={0x6, 0x0, @ioapic={0x5000, 0x9fc, 0x0, 0x8000, 0x0, [{0xe0, 0x8, 0xe7, '\x00', 0x83}, {0xa, 0x4, 0x4, '\x00', 0xc}, {0x0, 0x8, 0xfe, '\x00', 0xd}, {0x2, 0x2, 0x1, '\x00', 0x1c}, {0x39, 0xd, 0x2, '\x00', 0x1}, {0x0, 0x2, 0x7, '\x00', 0x78}, {0x43, 0x80, 0x7, '\x00', 0x4e}, {0x3, 0x6, 0x2, '\x00', 0x45}, {0x2, 0x8, 0x40, '\x00', 0x6}, {0x12, 0xfe, 0x1, '\x00', 0x2}, {0x3, 0x9, 0xfc, '\x00', 0x9d}, {0x5, 0x1, 0x26, '\x00', 0x7d}, {0xe, 0x1e, 0x7, '\x00', 0x10}, {0x7, 0xe5, 0xc, '\x00', 0x80}, {0xfe, 0xb, 0x6, '\x00', 0x7}, {0xe, 0x15, 0x2}, {0x4, 0x7, 0x7, '\x00', 0x80}, {0x4, 0x4, 0x2, '\x00', 0x42}, {0xfa, 0x6, 0x2, '\x00', 0x7f}, {0x81, 0x0, 0x12, '\x00', 0x2a}, {0x2, 0x0, 0x99, '\x00', 0x80}, {0x6, 0x46, 0x9b, '\x00', 0x4}, {0xfa, 0x3, 0x7d, '\x00', 0xd3}, {0x0, 0x8, 0x3a, '\x00', 0x5}]}})

2m45.727460686s ago: executing program 4 (id=2243):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_io_uring_setup(0x3b, 0x0, &(0x7f0000000240), &(0x7f0000000100)=<r1=>0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000480)=ANY=[@ANYRESHEX=r0, @ANYRES16=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x18, 0x30, 0x1, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x804}, 0x4040001)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r2, 0x2285, 0x0)
writev(r2, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e", 0x1e}, {&(0x7f0000000040)}], 0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000840), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r5, 0x405c5503, &(0x7f0000000280)={{0x5}, 'syz1\x00', 0x10})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$UI_DEV_CREATE(r5, 0x5501)
ioctl$UI_DEV_DESTROY(r5, 0x5502)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000740)="effc933fe97c092030ca0851ca0cc117e36a7e03595e", &(0x7f00000007c0), 0x1, 0xffffffffffffffff, 0x4}, 0x38)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x2000211, 0x0, 0x0, 0x0, 0x0, 0x0)

2m39.540165676s ago: executing program 4 (id=2257):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000810)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r0, 0x0, 0xfff7fffffffffff5}, 0x18)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r5 = syz_io_uring_setup(0xa0, &(0x7f0000000480)={0x0, 0x105cc6, 0x1, 0x0, 0x207}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r4, 0xc000000, &(0x7f0000000000)=[{&(0x7f0000001600)=""/4096, 0x1000}, {0x0}], 0x2, 0x12})
io_uring_enter(r5, 0x847ba, 0x0, 0xe, 0x0, 0x0)

2m38.599978892s ago: executing program 4 (id=2259):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@debug}, {@noload}, {@jqfmt_vfsv1}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}, {@usrjquota}]}, 0xfe, 0x46c, &(0x7f0000000940)="$eJzs3M1vFOUfAPDvTF94+/FrRXwBQapoJL60tLzIwYtGEw6amOgB46m2hVQWamhNhBCtHvBoSLwb/wvjSS9GvWjiVe+GhBguoF7WzM4MLMtu2aXbLrCfTzLd55l5us/znZln95l5djeAvjWW/Uki/hcRv0fESJ69ucBY/nDtyvmZv6+cn0miWn3rr6RW7uqV8zNl0fL/tuSZarXIb2hS74V3I6YrlbkzRX5i6dQHE4tnz70wf2r6xNyJudNTR44cPLB7+PDUoa7EmcV1defHC7t2HH3n4hszxy6+91OSRh53NMTRLWP53m3q6W5X1mNb69LJYP2WPb/cSDc7E+ilgYjIDtdQrf+PxEBsur5tJF77rKeNA9ZUtVqtrvCqvFwF7mNJ9LoFQG+Ub/TZ9W+5rNPQ465w+eX8AiiL+1qx5FsGI80Te4Yarm+7aSwiji3/81W2xBrdhwAAqPddNv55vtn4L42H88Rw9uf/xRzKaEQ8EBHbIuLBiNgeEQ9F1Mo+EhGPdlh/4wzJreOf9NIdB9eGbPz3UjG3dfP4Ly2LjA4Uua21+IeS4/OVuf3FPtkXQxuOzydzkyvU8f2rv33Ralv9+C9bsvrLsWDRjkuDDTfoZqeXplcTc73Ln0bsHGwWfxLlNE4SETsiYucd1jH/7GDLbbePfwWtn7Zt1a8jnsmP/3I0xF9KWs5PTr54eOrQxMaozO2fKM+KW/3864U3W9W/qvi7IDv+m5ue/9fjH002RiyePXeyNl+72HkdF/74vOU1TYfn/9Gtxfk/nLxdWzFcbPhoemnpzGTEcPL6reunbjxbmS/LZ/Hv29u8/2+LG3visYjYFRG7I+Lx7KKwaPsTEfFkROxdIf4fX3nq/c7jX5+50iz+2dsd/6g//p0nBk7+8O3t498YEa2O/8Faal+xpp3Xv3YbuJp9BwAAAPeK/DPwSTp+PZ2m4+P5Z/i3x+a0srC49NzxhQ9Pz+aflR+NobS80zVSdz90srg3XOanGvIHivvGXw5squXHZxYqs70OHvrclhb9P/PnQK9bB6y5LsyjAfco/R/6l/4P/SnR/6Gv6f/Qv5r1/09alh7/Zk0bA6wr7//Qv9ro/8v5Q+tRAXBv8v4P/Uv/h77U8rvx6aq+8r/uiX+L3zO8W9pz/ycivSuacf8nBtv+MYsOEtWRvP9nazY0LdPrVyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+C8AAP//F0nluw==")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7ddff, 0x0, 0x3)

2m37.348760543s ago: executing program 4 (id=2264):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000600), 0x1, 0x563, &(0x7f0000000640)="$eJzs3c9vFFUcAPDvm/7gR9UWYlQ8aBNjIFFaWsAQ4wHuhOCPmxdXWgiy/Ait0aKJkODFxHjxYOLJg/hfKNGrJ28evHgyJMQYjiaume1MWehuacuuU5nPJ5l23rzdfN/s5rtv5u2b2QBqazL/k0XsiYhLKWK8o244isrJ5cfd+evjU/mSotV6888UqdhWPj4V/8eKJ2+PiF9+TLF7aHXchaUr5xrN5vzlojy9eP7S9MLSlf1nzzfOzJ+ZvzD7yuyRw4cOH5k50Ld9PX79vQ/GPzvx9rdf/51mvvvtRIqj0Wq1Pon79qNfJmNy5TXplL+uR/odrCJDxf50vsVpuMIGsSHl+zcSEU/HeAzF3TdvPD59vdLGAQPVSpH3gUAtJfkPNVUeB5Tn9oM4Dwa2ptvHlgcAVuf/8PLYYGxvjw3svJOic1gnRUQ/RubyGD//dOJ6vsSAxuGA7q5ei4hnuuV/aufmRHsUP8//7J78zyLiZPE/3/7GJuNP3leW//DfeZj8f6cj/9/dZHz5DwAAAAAAAP1z81hEvNzt+79sZf5PdJn/MxYRR/sQ/8Hf/2W3+hAG6OL2sYjXus7/zcqHTAwVpcfb8wFG0umzzfkDEfFEROyLkW15eWaNGPs/3/1Vr7rO+X/5kscv5wIW7bg1vO3e58w1FhsPs8/AstvXIp7tOv83rfT/qUv/n38eXFpnjN0v3jjZq+7B+Q8MSuubiL1d+/+7d65Ia9+fY7p9PDBdHhWs9txHX3zfK778h+rk/f/OtfN/InXer2dh4zEOLg23etVt9vh/NL3VvuXMaLHtw8bi4uWZiNF0fPX22Y23GR5FZT6U+ZLn/74X1h7/63b8vyMirq4z5lP/jP3eq07/D9XJ839uQ/3/xldmb0z80Cv++vr/Q+0+fV+xxfgfrG29CVp1OwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/yiLiMciZVMr61k2NRUxFhFPxs6seXFh8aXTF9+/MJfXtX//Pyt/6Xd8uZzK3/+f6CjP3lc+GBG7IuLLoR3t8tSpi825qnceAAAAAAAAAAAAAAAAAAAAtoixHtf/5/4Yqrp1wMANV90AoDLyH+pL/kN9yX+oL/kP9SX/ob7kP9SX/If6kv9QX/IfAAAAAAAeKbuev/lrioirr+5oL7nRom6k0pYBg5ZV3QCgMm7xA/Vl6g/Ul3N8ID2gfvumnwkAAAAAAAAAAAAA9MvePa7/h7py/T/Ul+v/ob5c/w/15RwfcP0/AAAAAAAAAAAAAGx9C0tXzjWazfnLVqxYsbKyUvUnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUPo3AAD//6ERJ48=")
syz_mount_image$fuse(0x0, &(0x7f00000002c0)='./bus\x00', 0x322020, 0x0, 0x1, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x22)
mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2)
openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/ip_tables_matches\x00')
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000640), r0)
sendmsg$IEEE802154_LLSEC_DEL_KEY(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x14, r2, 0x1, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4008000}, 0x48004)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
shmat(0x0, &(0x7f0000001000/0x3000)=nil, 0x1000)
mount$overlay(0x0, 0x0, &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat(0xffffffffffffff9c, 0x0, 0x40000, 0x120)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)

2m36.041872669s ago: executing program 4 (id=2266):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xffffffdd)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f00000002c0)={&(0x7f0000000280)=[0x0], 0x1, 0x9})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r3 = getpid()
syz_open_dev$sndctrl(&(0x7f00000001c0), 0xffff, 0x84080)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@loopback, 0x4e22, 0x0, 0x1, 0x0, 0x2, 0x30}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x0, 0x0, 0x6}, 0x2253, 0x6e6bb0}, {{@in6=@local, 0x4d2, 0x6c}, 0x0, @in=@multicast1}}, 0xe8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x840}, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSBRKP(r6, 0x5425, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r7, 0x5408, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "23f555d9adb42d4408020e90d1beaa82dc1ecf"})
ioctl$TIOCGPGRP(r6, 0x5437, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})

2m35.304108119s ago: executing program 36 (id=2266):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xffffffdd)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f00000002c0)={&(0x7f0000000280)=[0x0], 0x1, 0x9})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r3 = getpid()
syz_open_dev$sndctrl(&(0x7f00000001c0), 0xffff, 0x84080)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@loopback, 0x4e22, 0x0, 0x1, 0x0, 0x2, 0x30}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x0, 0x0, 0x6}, 0x2253, 0x6e6bb0}, {{@in6=@local, 0x4d2, 0x6c}, 0x0, @in=@multicast1}}, 0xe8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x840}, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSBRKP(r6, 0x5425, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r7, 0x5408, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "23f555d9adb42d4408020e90d1beaa82dc1ecf"})
ioctl$TIOCGPGRP(r6, 0x5437, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})

2m30.799971643s ago: executing program 5 (id=2279):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x4048043)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000021c0)='./file0\x00', 0x0, &(0x7f0000002880)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000100)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000002140)={0x50, 0x0, r5, {0x7, 0x27, 0x0, 0x14a4014}}, 0x50)
read$FUSE(r4, &(0x7f000000b040)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r4, &(0x7f0000000000)={0x10, 0xffffffffffffffda, r6}, 0x10)

2m29.369992749s ago: executing program 5 (id=2281):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mknodat$loop(0xffffffffffffffff, 0x0, 0x0, 0x1)
recvmmsg(0xffffffffffffffff, &(0x7f00000078c0)=[{{0x0, 0x0, 0x0, 0xfffffe4e, &(0x7f0000001c40)=""/4103, 0x1000}, 0x6}, {{0x0, 0x0, &(0x7f0000004200), 0x3}, 0x3}], 0x2, 0x40010001, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r3, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmsg$unix(r3, &(0x7f00000000c0)={&(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4040801}, 0x20008840)

2m27.840035923s ago: executing program 5 (id=2282):
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x8, 0x0, 0x31)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x44, 0x0, &(0x7f0000000900)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000001340)="0e9849f1332c3a4f7cd80c990e6bb6b5979749a4fbaef24bc5bcc03ac73ad01da6441277f5ac3b4d0ab075522859b01dff8f24e16cd420439da93470adbb7411843f018e01848aec434d0395f241ae92"})
ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0)

2m27.717870022s ago: executing program 5 (id=2284):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x40942, 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, 0x0, 0x0)

2m27.321799674s ago: executing program 5 (id=2287):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000810)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r0, 0x0, 0xfff7fffffffffff5}, 0x18)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r4, 0xc000000, &(0x7f0000000000)=[{&(0x7f0000001600)=""/4096, 0x1000}, {0x0}], 0x2, 0x12})
io_uring_enter(0xffffffffffffffff, 0x847ba, 0x0, 0xe, 0x0, 0x0)

2m26.171933407s ago: executing program 5 (id=2289):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$eventfd(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r3, 0x6, 0x1, 0x0, 0x0)

2m25.627914191s ago: executing program 37 (id=2289):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$eventfd(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r3, 0x6, 0x1, 0x0, 0x0)

59.792384133s ago: executing program 9 (id=2534):
syz_usb_connect$uac1(0x4, 0x98, &(0x7f0000000200)=ANY=[@ANYBLOB="12011003000000106b1d01014000010203010902860003010140750904000000010100000a24010600080201020904010000010200000904010101010200000b2402"], 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x60a80, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d}, 0x94)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(0xffffffffffffffff, 0xc10c5541, &(0x7f0000000480)={0xffff41d9, 0x3})
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)

56.595453722s ago: executing program 9 (id=2538):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e21, @local}], 0x10)
syz_open_procfs(0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x8a73, 0x100, 0x22, 0x1b7}, &(0x7f0000000300)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000000)=0x103, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/15, 0xf}], 0x1})
io_uring_enter(r4, 0x47ba, 0x3000000, 0x0, 0x0, 0x0)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x2a000}], 0x64, 0x0, 0x0, 0x804c040}, 0x0)
read$eventfd(0xffffffffffffffff, &(0x7f0000000340), 0x8)

56.443513624s ago: executing program 8 (id=2539):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xcd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0x5ac, 0x7, 0x2, 0x0, 0x4, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x200, 0x0, 0x40000000000, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x4, 0x100000001]})
r1 = dup(0xffffffffffffffff)
bind$unix(r1, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e)
ioctl$KVM_CAP_HYPERV_SYNIC(r1, 0x4068aea3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_SET_PTRACER(0x59616d61, r2)
memfd_create(&(0x7f00000000c0)='\xe9`\x10\x98[\x82?O3#\xfa\x02\xdc\x96\xa1\xbc\x80\x00+\xb6O', 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
io_uring_setup(0xaae, 0x0)
r6 = syz_open_procfs$pagemap(0x0, &(0x7f0000000040))
ioctl$PAGEMAP_SCAN(r6, 0xc0606610, &(0x7f0000000140)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x6ffffffa, 0x0, 0x0, 0x201, 0x12, 0x0, 0x7})
openat$cgroup_int(r5, &(0x7f0000000080)='hugetlb.1GB.rsvd.limit_in_bytes\x00', 0x2, 0x0)

55.356018062s ago: executing program 9 (id=2540):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x20, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
socket$kcm(0x29, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
shutdown(0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x13, &(0x7f0000000240)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x1, 0xb, 0x1, 0xa, 0x6}, {0x7, 0x0, 0x4}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1000000}, {0x85, 0x0, 0x0, 0x5}}, @printk={@lx, {0x3, 0x3, 0x6, 0xa, 0x1, 0xfff8, 0x51}, {0x5}}]}, &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
chdir(&(0x7f0000000340)='./file0\x00')
getdents(0xffffffffffffffff, 0x0, 0x0)
execve(0x0, 0x0, &(0x7f0000019100)={[], 0x5c000000})

54.952854335s ago: executing program 8 (id=2541):
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a3200000000"], 0x7c}}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='\x04\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}h\xc6\v\xda\xbfS\x16 \x04\r\xcd\xdb\x9a\xd4\xaf\r\a\x00\x00\x00\xb6\x9b\xdb\xdc\xf3\xb9\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet_tcp(0x2, 0x1, 0x0)
connect$can_bcm(0xffffffffffffffff, &(0x7f00000000c0), 0x10)
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))
r5 = memfd_create(&(0x7f0000000340)='\x00\x01\x00\x00\x00\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\x00\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\x03\x00\x00\x00m\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xa1\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"F\xb4\x02\xc5T\xe5\xc7\x98\xcd\fs\x1ap^\xc1jL\xfb{\xd8\x9e;L9\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90F@\x8a_\xe0\xd7\xfag\x9f\xcfp2*}=\x01h\x04\x81V9\xa1Q\xe19\x85\xa4x\xb6/\xbe~M\xac%\x03\xdfm\x174\xb0\x8a{)$\xa6\xad\xadg6\x02P\xbf\x9a\x1d\xaeR\x1f_\x1b\x9cma\xc3\xa5\x19b\'H\x94|\x18\x8a\xd5\xbb\"\xfe\xdf\x8f', 0x7)
fallocate(r5, 0x0, 0x400000000000000, 0x7)
ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0)

54.095951644s ago: executing program 9 (id=2543):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x40942, 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(0x0, 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, 0x0, 0x0)

53.417422519s ago: executing program 8 (id=2545):
syz_open_procfs$pagemap(0x0, &(0x7f00000000c0))
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x42, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000980), 0x2, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect$uac1(0x3, 0xdc, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r1, @ANYRES16=r0], 0x0)

53.171204609s ago: executing program 9 (id=2546):
syz_usb_connect$uac1(0x4, 0x98, &(0x7f0000000200)=ANY=[@ANYBLOB="12011003000000106b1d01014000010203010902860003010140750904000000010100000a24010600080201020904010000010200000904010101010200000b2402"], 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x60a80, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d}, 0x94)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(0xffffffffffffffff, 0xc10c5541, &(0x7f0000000480)={0xffff41d9, 0x3})
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)

52.035967971s ago: executing program 9 (id=2551):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x49c2, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r3=>0x0})
sendmsg$can_raw(r2, &(0x7f0000000000)={&(0x7f0000000780)={0x1d, r3}, 0x10, &(0x7f0000000200)={&(0x7f0000001100)=@can={{0x0, 0x0, 0x0, 0x1}, 0x5, 0x1, 0x0, 0x0, "09151995c95f32cc"}, 0x10}}, 0x44001)
recvmmsg(r2, &(0x7f0000000640)=[{{0x0, 0x0, 0x0}, 0xeb}], 0x1, 0x2001, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r4=>0x0})
r5 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r5, 0x11, 0x67, &(0x7f0000000200)=0x3, 0x4)
connect$inet6(r5, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @empty}], 0x10)
sendmsg$inet_sctp(r6, &(0x7f0000000140)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x4000891)
setsockopt$sock_linger(r5, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)={0x1c, r1, 0x331, 0x0, 0x25dfdbfb, {0xb}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x4000000)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x6)

51.323064848s ago: executing program 38 (id=2551):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x49c2, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r3=>0x0})
sendmsg$can_raw(r2, &(0x7f0000000000)={&(0x7f0000000780)={0x1d, r3}, 0x10, &(0x7f0000000200)={&(0x7f0000001100)=@can={{0x0, 0x0, 0x0, 0x1}, 0x5, 0x1, 0x0, 0x0, "09151995c95f32cc"}, 0x10}}, 0x44001)
recvmmsg(r2, &(0x7f0000000640)=[{{0x0, 0x0, 0x0}, 0xeb}], 0x1, 0x2001, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r4=>0x0})
r5 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r5, 0x11, 0x67, &(0x7f0000000200)=0x3, 0x4)
connect$inet6(r5, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @empty}], 0x10)
sendmsg$inet_sctp(r6, &(0x7f0000000140)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x4000891)
setsockopt$sock_linger(r5, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)={0x1c, r1, 0x331, 0x0, 0x25dfdbfb, {0xb}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x4000000)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x6)

51.288560981s ago: executing program 8 (id=2554):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x40942, 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(0x0, 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, 0x0, 0x0)

51.06070494s ago: executing program 8 (id=2555):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
getgroups(0x2, &(0x7f0000001080)=[0xee01, <r0=>0xffffffffffffffff])
setgroups(0x0, 0x0)
keyctl$chown(0x4, 0x0, 0xee01, r0)
keyctl$setperm(0x5, 0x0, 0x30925)
keyctl$KEYCTL_MOVE(0x3, 0x0, 0x0, 0x0, 0x0)

49.82793335s ago: executing program 8 (id=2558):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x8000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x1c, 0x0, 0x0)
dup(0xffffffffffffffff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x40, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000080)=<r2=>0x0)
prlimit64(r2, 0xe23d708c27c4d9c6, 0x0, &(0x7f00000000c0))
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r4, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000240)=""/236)
ioctl$CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, &(0x7f0000000000)={0x0, 0x0, 0x0, @raw})
socket$packet(0x11, 0x3, 0x300)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@delqdisc={0x2c, 0x25, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {0x5, 0xfff2}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0xb}]}, 0x2c}}, 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000012b80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x60, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, &(0x7f0000000600)={0x6, 0x0, @ioapic={0x5000, 0x9fc, 0x0, 0x8000, 0x0, [{0xe0, 0x8, 0xe7, '\x00', 0x83}, {0xa, 0x4, 0x4, '\x00', 0xc}, {0x0, 0x8, 0xfe, '\x00', 0xd}, {0x2, 0x2, 0x1, '\x00', 0x1c}, {0x39, 0xd, 0x2, '\x00', 0x1}, {0x0, 0x2, 0x7, '\x00', 0x78}, {0x43, 0x80, 0x7, '\x00', 0x4e}, {0x3, 0x6, 0x2, '\x00', 0x45}, {0x2, 0x8, 0x40, '\x00', 0x6}, {0x12, 0xfe, 0x1, '\x00', 0x2}, {0x3, 0x9, 0xfc, '\x00', 0x9d}, {0x5, 0x1, 0x26, '\x00', 0x7d}, {0xe, 0x1e, 0x7, '\x00', 0x10}, {0x7, 0xe5, 0xc, '\x00', 0x80}, {0xfe, 0xb, 0x6, '\x00', 0x7}, {0xe, 0x15, 0x2}, {0x4, 0x7, 0x7, '\x00', 0x80}, {0x4, 0x4, 0x2, '\x00', 0x42}, {0xfa, 0x6, 0x2, '\x00', 0x7f}, {0x81, 0x0, 0x12, '\x00', 0x2a}, {0x2, 0x0, 0x99, '\x00', 0x80}, {0x6, 0x46, 0x9b, '\x00', 0x4}, {0xfa, 0x3, 0x7d, '\x00', 0xd3}, {0x0, 0x8, 0x3a, '\x00', 0x5}]}})

48.451755311s ago: executing program 39 (id=2558):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x8000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x1c, 0x0, 0x0)
dup(0xffffffffffffffff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x40, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000080)=<r2=>0x0)
prlimit64(r2, 0xe23d708c27c4d9c6, 0x0, &(0x7f00000000c0))
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r4, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000240)=""/236)
ioctl$CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, &(0x7f0000000000)={0x0, 0x0, 0x0, @raw})
socket$packet(0x11, 0x3, 0x300)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@delqdisc={0x2c, 0x25, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {0x5, 0xfff2}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0xb}]}, 0x2c}}, 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000012b80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x60, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, &(0x7f0000000600)={0x6, 0x0, @ioapic={0x5000, 0x9fc, 0x0, 0x8000, 0x0, [{0xe0, 0x8, 0xe7, '\x00', 0x83}, {0xa, 0x4, 0x4, '\x00', 0xc}, {0x0, 0x8, 0xfe, '\x00', 0xd}, {0x2, 0x2, 0x1, '\x00', 0x1c}, {0x39, 0xd, 0x2, '\x00', 0x1}, {0x0, 0x2, 0x7, '\x00', 0x78}, {0x43, 0x80, 0x7, '\x00', 0x4e}, {0x3, 0x6, 0x2, '\x00', 0x45}, {0x2, 0x8, 0x40, '\x00', 0x6}, {0x12, 0xfe, 0x1, '\x00', 0x2}, {0x3, 0x9, 0xfc, '\x00', 0x9d}, {0x5, 0x1, 0x26, '\x00', 0x7d}, {0xe, 0x1e, 0x7, '\x00', 0x10}, {0x7, 0xe5, 0xc, '\x00', 0x80}, {0xfe, 0xb, 0x6, '\x00', 0x7}, {0xe, 0x15, 0x2}, {0x4, 0x7, 0x7, '\x00', 0x80}, {0x4, 0x4, 0x2, '\x00', 0x42}, {0xfa, 0x6, 0x2, '\x00', 0x7f}, {0x81, 0x0, 0x12, '\x00', 0x2a}, {0x2, 0x0, 0x99, '\x00', 0x80}, {0x6, 0x46, 0x9b, '\x00', 0x4}, {0xfa, 0x3, 0x7d, '\x00', 0xd3}, {0x0, 0x8, 0x3a, '\x00', 0x5}]}})

10.509644779s ago: executing program 7 (id=2619):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x256c, 0x6d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="002205000000"], 0x0}, 0x0)
syz_usb_control_io(r0, &(0x7f0000000480)={0x2c, 0x0, &(0x7f0000000240)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x3445}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, 0x0, &(0x7f00000004c0)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000000c0)={0x24, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0003"], 0x0, 0x0}, 0x0)

10.007954479s ago: executing program 1 (id=2621):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f00000000c0)={0x48, 0x2, r1, 0x0, <r2=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_REPLACE(r0, 0x3ba0, &(0x7f0000000180)={0x48, 0xa, r2})

9.565963366s ago: executing program 1 (id=2622):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/stat\x00', 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0x6, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0x1ce97bbf60ae786d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
r3 = getpid()
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x14, 0x0, &(0x7f0000000340)=[@acquire={0x40046305, 0x3}, @free_buffer], 0x40, 0x0, &(0x7f0000000400)="49db2abaecafa972fe58aa0a97f2d6d2d320d8c01e6503d235682062d8951a5574befa5a269b32cc4bae8c1dbe18e872211865055f5aa4837dce26430a49d016"})
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, 0x2, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0x9}, [@CTA_MARK_MASK={0x8}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x8c0}, 0x48000)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
pread64(r0, &(0x7f00000024c0)=""/209, 0xfd36, 0x698)

7.690339287s ago: executing program 1 (id=2624):
r0 = socket(0x8000000010, 0x2, 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3e", 0x77)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000140), 0x760, 0xa382)
r2 = syz_create_resource$binfmt(0x0)
r3 = openat$binfmt(0xffffffffffffff9c, r2, 0x42, 0x1ff)
close(r3)
execveat$binfmt(0xffffffffffffff9c, r2, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000340)=ANY=[])
read$FUSE(r4, &(0x7f0000006280)={0x2020}, 0x2020)
unlinkat(0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x200)
write$FUSE_INIT(r4, 0x0, 0x0)
syz_fuse_handle_req(r4, 0x0, 0x0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x90, 0x0, 0x6, {0x5, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, {0x0, 0x0, 0x6, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffd, 0x3, 0x4000, 0x1000, 0xfffffffe, 0x0, 0xee01, 0x8}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x2)
pwritev(r5, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r5)
sendfile(r1, r1, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x3, 0x0, 0x11, 0x1, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e17bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978072a8b070006584a128d7469166ffbffffff19e7df4af14e1df82d", [0x1, 0x7]})

6.283143661s ago: executing program 7 (id=2628):
r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
mknodat$loop(r0, 0x0, 0x2000, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000180)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0xff}}, './file0\x00'})
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, 0x0)
r5 = creat(&(0x7f0000000040)='./file0\x00', 0x4b)
close(r5)
syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r5, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x0, [], [0x2b8]})

5.459167588s ago: executing program 2 (id=2631):
r0 = socket(0x8000000010, 0x2, 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3e", 0x77)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000140), 0x760, 0xa382)
r3 = syz_create_resource$binfmt(0x0)
r4 = openat$binfmt(0xffffffffffffff9c, r3, 0x42, 0x1ff)
close(r4)
execveat$binfmt(0xffffffffffffff9c, r3, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r5 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000340)=ANY=[])
read$FUSE(r5, &(0x7f0000006280)={0x2020}, 0x2020)
unlinkat(0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x200)
write$FUSE_INIT(r5, 0x0, 0x0)
syz_fuse_handle_req(r5, 0x0, 0x0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x90, 0x0, 0x6, {0x5, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, {0x0, 0x0, 0x6, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffd, 0x3, 0x4000, 0x1000, 0xfffffffe, 0x0, 0xee01, 0x8}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x2)
pwritev(r6, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r6)
sendfile(r2, r2, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x3, 0x0, 0x11, 0x1, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e17bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978072a8b070006584a128d7469166ffbffffff19e7df4af14e1df82d", [0x1, 0x7]})
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(r6, 0xc0109428, &(0x7f0000000000)={0x1, 0xd})
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r7, 0x6, 0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
kcmp(0x0, 0x0, 0x4, r7, r2)
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r1)

5.077733388s ago: executing program 2 (id=2632):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/stat\x00', 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0x6, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0x1ce97bbf60ae786d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
r3 = getpid()
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x14, 0x0, &(0x7f0000000340)=[@acquire={0x40046305, 0x3}, @free_buffer], 0x40, 0x0, &(0x7f0000000400)="49db2abaecafa972fe58aa0a97f2d6d2d320d8c01e6503d235682062d8951a5574befa5a269b32cc4bae8c1dbe18e872211865055f5aa4837dce26430a49d016"})
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, 0x2, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0x9}, [@CTA_MARK_MASK={0x8}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x8c0}, 0x48000)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
pread64(r0, &(0x7f00000024c0)=""/209, 0xfd36, 0x698)

5.076986169s ago: executing program 1 (id=2633):
syz_mount_image$hfs(&(0x7f0000000140), &(0x7f0000000000)='./bus\x00', 0xc0d4, &(0x7f0000002700)=ANY=[], 0x1, 0x270, &(0x7f00000008c0)="$eJzs3UFrE0EYxvFnNrFGW+raVgTxINWCJ2nrRbwI0m/gxZOoTYRiqKAV1IvVs/gBvPsV/BCexLPgzZPee6vMuxOzSbPZNCZOEv8/SNhk5915Jzvp7JtQIgD/rdtb3z9e/+FvTqqoIummlEiqSVVJ53S+9nx3b2ev2aj3O1DFIvzNKYt0R9ps7zZ6hfo4iwhS/6iqhfxzGI/at9gZYBLYuz/zK/98Ip0M707bX4uS3ejtx04gMnegA73QYuw8AABxhfU/Cev8Qrh+TxJpLSz7nev/lC+gB7ETiCy3/luVdej8+T1ju9r1npVwfn/SqhKH6WtO2cyqdCRQVlVaLsmpRzvNxrXtJ816ore6FeSardh9PZu6Lfls3xw99GqP2rSP4cc+b2M44cewWZD/8mh7LOc+uy/unkv1QfU/13/VQ+dPk52ptOtMZfmvFx/RRplmrQpGedY6uRB6CPqOsqKuNPLmwjE7PiBIy/K0qKWuqGx0GyVRyz2jNkuiVrqj2rO5OHLc3Ht3163qpz5pK3f9n/hXe02DvDN9G2sZZkbf8VStZWrribtkT+1f7NkyGXpIOL53eqgbWnz28tXjB81m4ykbQ2y8Di/mpOQz6EZrEkxKPjO74V/kKL1X/3pmRvmrhH+sfdKPGch3M7PCX3e5rP7L1SvrViL5u7TPdfph2cFzR9woqA2W7P50cQXXwdlHD/NyRV9FDFpzXb4qXRmkx0wa8pwRbktfdZ/P/wEAAAAAAAAAAAAAAAAAAKbN6P7loKaiXbHHCAAAAAAAAAAAAAAAAAAAAADAtJu43/+9o+wRv/8LjN3vAAAA//9nXXUi")
io_setup(0x2, &(0x7f0000000200)=<r0=>0x0)
io_submit(r0, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x16000}])

4.464141258s ago: executing program 1 (id=2634):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000000)={0x4000000, {}, {0x2, 0x0, @dev}, {0x2, 0x0, @empty}, 0x2a0})
ioctl$sock_inet_SIOCDELRT(r1, 0x890c, &(0x7f0000000080)={0xfffffffffffffdfd, {}, {0x2, 0x0, @multicast2}, {0x2, 0x0, @empty}, 0xab852ebbeefbd6b1})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
openat$vimc2(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sched_getattr(r0, &(0x7f0000000280)={0x38}, 0x31, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000380)={0x8, {{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x29}}}}, 0x88)
fanotify_init(0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x400, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r4)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="21082cbd7000ffdbdf2d2e0000000c0005000202aaaaaaaaaaaa05002b000200000006000400feff000008002c003000000005002e001000000008002c00010000000a0001007770616e3100000005002b000000000006000600010000000c0005"], 0x70}, 0x1, 0x0, 0x0, 0x4044801}, 0x40480c4)

3.969147498s ago: executing program 2 (id=2635):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000240)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0)

3.81988514s ago: executing program 2 (id=2637):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$cec(0x0, 0x0, 0x0)
ioctl$CEC_S_MODE(r1, 0x40046109, 0x0)
ioctl$CEC_S_MODE(r1, 0x40046109, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0xfffffffffffffffe, 0x0)
bind$isdn(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect(0x5, 0x24, &(0x7f0000000740)={{0x12, 0x1, 0x300, 0xd4, 0xe4, 0xc8, 0x8, 0xd46, 0x78, 0xcc70, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x7, 0x80, 0x0, 0xf8, [{{0x9, 0x4, 0x3b, 0x40, 0x0, 0xe4, 0xf7, 0x8, 0x6}}]}}]}}, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0})
syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)

3.314342881s ago: executing program 7 (id=2638):
syz_usb_connect$uac1(0x4, 0x98, &(0x7f0000000200)=ANY=[@ANYBLOB="12011003000000106b1d01014000010203010902860003010140750904000000010100000a24010600080201020904010000010200000904010101010200000b2402010c038f076d15630a24020198010f07347c09240202080001800209240201090108095909050109400206100507250100"], 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x60a80, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d}, 0x94)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(0xffffffffffffffff, 0xc10c5541, &(0x7f0000000480)={0xffff41d9, 0x3})
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)

2.633818486s ago: executing program 6 (id=2641):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c636865636b3d7374726963742c756d61736b3d30303030303030303030303030303030303133363033302c756e695f786c6174653d312c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303034302c757466383d302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c74696d655f6f66667365743d3078303030303030303030303030303166622c666c7573682c756e695f786c6174653d302c73686f72746e616d653d77696e39352c00208893fdd4787adad4209069"], 0x8, 0x2b0, &(0x7f0000000280)="$eJzs3T9vI0UYB+B3E3vtg8IuqBASK0FBdbpcS+MI5aQIVyAXQAEn7k5CsYV0J0XijzBX0dJQ8gmQkOj4EjQU9Ei0SHRccdKi9e7GTlg72QgnwD1Pk8ns/Gbe3YwTpfD4g5dmR/eyePD481+j309iZxSjeJLEMHai9mWcMvo6AID/sid5Hn/kpTa5JCL62ysLANiilb//Ny4U+GHrJQEAW/b2O+++uT8eH7yVZf24M/vqeFL8Z198La/vP4iPYhr341YM4mlEfqJs38nzfN7JCsN4dTY/nhTJ2fs/VfPv/x6xyO/FIIaLrtP5w/HBXlZayc+LOp6r1h8V+dsxiBca1j8cH9xuyMckjddeWan/Zgzi5w/j45jGvUURy/wXe1n2Rv7Nn5+9V5RX5JP58aS3GLeU717xjwYAAAAAAAAAAAAAAAAAAAAAgP+xm9XZOb1YnN9TdFXn7+w+Lb7pRlYbnj6fp8wn9URnzgea5/Ftfb7OrSzL8mrgMt+JFzvRuZ67BgAAAAAAAAAAAAAAAAAAgH+XR598enR3Or3/8B9p1KcB1G/rv+w8o5Wel6NhzDBOenrLJXeqZTfMHLv1mCRiYxnFjK2K756/+prGjXWp775v++j654/pXqLClo16dx3dTZqfYS/qnn69SX5cHZPGBddK113KW22/tPFS2voFkj6/aMw3jIlkU2Gv/1Y+uaonOXsX6eKpNsa7VaN8LTTtjVb7+e+/KxKndQAAAAAAAAAAAAAAAAAAwFYt3/TbcPHxmtAvh+WH/Mdwy9UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNVYfv5/i8a8Cl9gcBoPH13zLQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAM+CsAAP//yylfnw==")
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mkdir(&(0x7f0000000180)='./file1\x00', 0x3)

2.484638928s ago: executing program 7 (id=2642):
syz_mount_image$hfs(&(0x7f0000000140), &(0x7f0000000000)='./bus\x00', 0xc0d4, &(0x7f0000002700)=ANY=[], 0x1, 0x270, &(0x7f00000008c0)="$eJzs3UFrE0EYxvFnNrFGW+raVgTxINWCJ2nrRbwI0m/gxZOoTYRiqKAV1IvVs/gBvPsV/BCexLPgzZPee6vMuxOzSbPZNCZOEv8/SNhk5915Jzvp7JtQIgD/rdtb3z9e/+FvTqqoIummlEiqSVVJ53S+9nx3b2ev2aj3O1DFIvzNKYt0R9ps7zZ6hfo4iwhS/6iqhfxzGI/at9gZYBLYuz/zK/98Ip0M707bX4uS3ejtx04gMnegA73QYuw8AABxhfU/Cev8Qrh+TxJpLSz7nev/lC+gB7ETiCy3/luVdej8+T1ju9r1npVwfn/SqhKH6WtO2cyqdCRQVlVaLsmpRzvNxrXtJ816ore6FeSardh9PZu6Lfls3xw99GqP2rSP4cc+b2M44cewWZD/8mh7LOc+uy/unkv1QfU/13/VQ+dPk52ptOtMZfmvFx/RRplmrQpGedY6uRB6CPqOsqKuNPLmwjE7PiBIy/K0qKWuqGx0GyVRyz2jNkuiVrqj2rO5OHLc3Ht3163qpz5pK3f9n/hXe02DvDN9G2sZZkbf8VStZWrribtkT+1f7NkyGXpIOL53eqgbWnz28tXjB81m4ykbQ2y8Di/mpOQz6EZrEkxKPjO74V/kKL1X/3pmRvmrhH+sfdKPGch3M7PCX3e5rP7L1SvrViL5u7TPdfph2cFzR9woqA2W7P50cQXXwdlHD/NyRV9FDFpzXb4qXRmkx0wa8pwRbktfdZ/P/wEAAAAAAAAAAAAAAAAAAKbN6P7loKaiXbHHCAAAAAAAAAAAAAAAAAAAAADAtJu43/+9o+wRv/8LjN3vAAAA//9nXXUi")
io_setup(0x2, &(0x7f0000000200)=<r0=>0x0)
io_submit(r0, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x16000}])

2.391861536s ago: executing program 6 (id=2643):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/stat\x00', 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0x6, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0x1ce97bbf60ae786d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
r3 = getpid()
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x14, 0x0, &(0x7f0000000340)=[@acquire={0x40046305, 0x3}, @free_buffer], 0x40, 0x0, &(0x7f0000000400)="49db2abaecafa972fe58aa0a97f2d6d2d320d8c01e6503d235682062d8951a5574befa5a269b32cc4bae8c1dbe18e872211865055f5aa4837dce26430a49d016"})
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, 0x2, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0x9}, [@CTA_MARK_MASK={0x8}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x8c0}, 0x48000)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
pread64(r0, &(0x7f00000024c0)=""/209, 0xfd36, 0x698)

2.126770387s ago: executing program 7 (id=2644):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000005d40)='./file1\x00', 0x4002, &(0x7f0000001e40)=ANY=[@ANYBLOB="71756f74612c646973636172642c646973636172642c696f636861727365743d6b6f69382d72752c646973636172642c00f4193eb3ba2a0d5ff2cd7374288ff89ec513a53e007345decb720900f8312da2463eb0edf52fad1a00ebd41c14b3ce75d0cffefd379624b16f7260c835713b263352e03b5cb8fa0c042bd1225ed4ded2b62e12fea4d7e61b738e40781e58d5fff112364ac140f419e5dafecd283b3fab6b142ddbc893b35a81fe9265591ef35fa2928e095fee4c10b22e4212378de59bca0307cc644b9620b63f0000007bbbd422d87856b71348b8f45398b9660b6b3e8ee8a8c32f3234cb46e2cd827ec25c1ca4d046bc004f8df7b1ee690a5e50510700d80c7fa65fa724d0e1b4369f1b64fe249a0312010000004ac983de925f52d735b03fea941b1e948ad8d19cfda5b799325fd69d14fcf6cdde7700a63150eb3699e5314e0827750e244150ec19f3f3f1d8be542c084b5e40bfaa8ad206d2a33b0ddbd7f8e07dc7d17174a4549ffaf5976949cb69658c42ec7cd9fe8ad82852cefb04646edb3a41eb514eb6a772b3ee9f21e25822b54ec33e592d5c040946721101d53aff21f90351c95aa0f73f1853d6afcbf9448b220e988466066fa5c09e6198fc4520d199b93bdedee87c4043815aa05668a06f8da96680ccc1a139ade90f5c79af46208f9762f54e7c29088d9de69bd2d51c6b9c42209ddc3880051303b855853407d959a5777dce25201c5ea1faa084c36e3e349915ebec53435eb2910c59394ee84ba3baf9c440ae5833c23f46b0eaac543ce0c80ba0603213e53ea59755070b18bc10b9224aa082d96700e63d51c5bffa4f712c2d7fafb9cf506c06e1ddad4fc19038407786fedb9afdfb11a5f182676dd84c919f71d5eee2f3b740b68ee7f6518eb9d8baa26f1c3871f863b134ee942eb3af92d19e70d8268839cd7b4637f0627299f99b1873ca165e410f8bd421e1a4859fd9bd6bb34d25c07e1a52b9668a530b10b8585d797124a6975a71aedbe557a17b06bbfe547aa553c3d08b8921a4b0d938c03687bd48a9a387b4c066c056f457fba5738775b900a1e82a89aae1494b05c4bb0fc8ed1a93688bf850a4f7b0942eda1f16ecf043efa6b8c1f9e0fba31f4a58ed0031180fb1b8a00e4a86826b030000002dd1272a3d1609bed545b86ca7a6bf569ed35d0000ca23b0de742f6008fdf20928370d88f8c04bc3b97b9a9e0062e8fc5fd2337d85a66bd20730f3153db2459fb34c134c06c19364e9645e83040dd16ee08f18f0ba69ac9ca3e25e15442b07000000d30d38a64613b535fa808a9b3bae00bc371271d45db200a5cbf433e2f6dd03b7c7fcc040781e5151c9badb787e7e1e2f39d60998919aa8dbd156f31a5b7fa5f9e5ec01e8c799edc322703c7fc4a81ab9bc02dd96714ee9d7e75d28d040ff3566404fd6db547a4b553197c1f316d20ea54f9459cd81351a510d101e90eabe6dc6c6ac3ffa189c073a5fb3fc382df620bf5af9e638819c77a051e6875866a849f6f578c068c0e4c7cfbc15033997efa853c96297b3201dd30ea40dc94d010a0c33da9f63a10b8f813dc789b80be3bb3f00ee58b30d5c03a6ddbf418ac1b3d4a13839e4b273c4f914bed13f8806295495d41609478798396aeec06e8d342efd8ac6b422f6c23a011b1400000000000000bc2a02094e19a1ee8bb3c3c0c088ae8efaf68c85001faf7cf5426fb7c5c367ed93eb25c48a293549d15b91b59f1b574b3f6171f8e56a402ec56bdf51d90312b3ca5398f4050000007504be21456ec953bf06f12fff20c31e7c8b55fee5c49aa939830b09995ff149258118f9aae29206f9731288b56b10de51525665fdb4e289b1c177df97af3085f82045fbd012f1dde94ffecd90b7b63d8197d9c24a6fe5915ac7d7240847f6d0bf9099ee117c83e363f2ad36a4a9f4faa5734afe9770c38c565cae87a408d0acbb2db7db9174acab60a344814ee643fa82ba41706d2360269ed276e13dd83abbc258f07b0d58ab0b65200b18b7f9f871bcb43fec5a2e3789ecd0c1069d2da80b93c86dff8933e70c2108346003ddf6b60379eee63b66e7341cdd8f87ed9f11894c9ae040976321d87405b492f419ebfa77eb367ca6e360b808451102f54893d7d1695c24bcc184b1e7d19940a2b6931ade8638dd2b85a86dc511dbb97f5035d07ca024076e8581db332b1c5f135fe6b2e9d2c18c9d5d5a524d3d5b2657e4b28f1a09696bd5b076a1471c8b2ab2ca3ba57843af1d03590f4e8985e1c463c781bb03ad7ec816ea70bbe06411aae001e0ca72ee7e828ad14bb7a092d883ad000554bf7f00000000000075cc01f8a2e1802192f09e77bc488b3bd3f08a9ce88ba2e2bcc23cf5d7372b339ce1f5003db0ad70fa6e93aa908a2ced81f5514e23e2f94ff03c1c02f5a9195f4735563efd0a1fc7dafcfb3dae043fe0c172ec3a12747d7abf4382bf7453c13df994641017a0f461add956ef8f834b762af30408af6a61f317fd3c7b0816236a768601b7c6606ba52ff126eb13d33c915c5da99d118db488da3f3d7783a608282a93fcbe0910f0389c3ef91de7c84e23daa6554c42b2b3e9f70a9f790f29011a0b5101b23bfeba6e52877ed8a188958e39375dd203d434bef4dc82cc8a21fc40c6e6e6a2475f70bf1503beb9555036e63bdc937f8a4d61b21d06a9d3239d1df6f2e9ef16dee590b15ac028c6d873bb2965374b733d8e11ba763ab157ed91dd871b098c0543dcbba4cf67db8c83c84369dc67735fa4faa0fdcf34b1c6a862ccae9fe4fa28746504643b57f02623a2ef34ea90f2e7f7dd771f8f75217c799d978a3533fcfab6c6f5391b626d61b400f08172fc675e2a062d06c31b85452804f7b125c291f60a02a5d62271e96fe70d64bae36e28b42e197259169ebee8f64355544fbad8b83c1c8fad02cd1a2e56a6f6e82ec7719a48a1bea803546b8af7a89faf7cef94d8ada45fc0a98a79ba90c95262f0110725c6bf7c81237534dcd6a8a113bd8ac48b7db5526ab762cec103674742476cd6b92b8c7abcfb1f8e08f0a05c1b209187049f3206bd545e8c20f8db6d8a7cdd0c9ecbb9011b611a013cd581521dfcb028d59d5c69d286fb93e4c498b3aaff7e0cdcf1f41fec65ebdbe4c2bf453140251cdd94c32b87c4634d6500000000000000000000000000000000816e6c33f92dca3e03c400"/2303], 0xff, 0x5e0a, &(0x7f000000c740)="$eJzs3U9vHGcdB/Df/vH6T2kbVagKEQc3hdJSmv8JlH9NOXCAA0ioZxK5bhVIASUB0SoirnJAXICXAJdeOPQt8AL6GhAvgEg2px4og8Z+nmQ8XmcdEu/s+vl8JGfmN8+O95l8PZ5dz8w+AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADED77/k7O9iLjym7TgWMTnYhDRj1iu69WoZy7nxw8j4nhsN8fzETFYjKjX3/7n2YgLEfHJMxGbW7fX6sXnDtiPi2du3fjsh9/7x+//dPf4z97+6Uft9h9//vzHf7gTcexHr3/82Z0ns+0AAABQiqqqql56m38ivb/vd90pAGAq8vG/SvJytVqtVj/R+o/92eqPutC6qRrvTrOIiI3mOvVrBqfjAWDObMSnXXeBDsm/aMOIeKrrTgAzrdd1BzgUm1u313op317zeLC6057/Trkr/43e/fs79ptO0r7GZFo/X3djEM/t05/lKfVhluT8++38r+y0j9LjDjv/adkv/9HOrU/FyfkP2vm37Mr/zxExt/n3x+Zfqpz/8FHy3xjM8f4vfwAAAAAAjr789/9jHZ//XXz8TTmQh53/XZ1SHwAAAAAAAADgSXvc8f/uM/4fAAAAzKz6vXrtL888WLbfZ7HVy9/qRTzdejxQmNXGhwMCAAAAAAAAAAAAANMxjFhJ1/UvRMTTKytVVdVfTe36UT3u+vOu9O2HknX9Sx4AAHZ88kzrXv5exFJEvJU+629hZWWlqpaWV6qVankxv54dLS5Vy433tXlaL1scHeAF8XBU1d9sqbFe06T3y5Pa29+vfq5RNThAx6ajw8ABICJ2jkabjkhHTFU9G12/ymE+2P+PHvs/B9H1zykAAABw+Kqqqnrp47xPpHP+/a47BQBMRT7+t88LqNVqtVqtPnp1UzXenWYRERvNderXDIbjB4A5sxGfdt0FOiT/og0j4njXnQBmWq/rDnAoNrdur/VSvr3m8WB1pz1fC7Ir/43e9np5/XHTSdrXmEzr5+tuDOK5ffrz/JT6MEty/v12/ld22vMQ/4ed/7Tsl3+9ncc66E/Xcv6Ddv4tRyf//tj8S5XzHz5S/gP5AwAAAADADMt//z/m/G/eZAAAAAAAAACYO5tbt9fyfa/5/P8Xxzyu15xz/+eRkfPvHTh/9/8eJTn/fjv/1gU5g8b8vTcf5P/vrdtrH9361xfydObzXxiM6ude6PUHw3TNT7XwTlyL67EeZ/Y8frir/eye9oVd7ecmtJ/f0z6q25dz+6lYi1/G9Xj7fvvihAujlia0VxPac/4D+3+Rcv7Dxled/0pq77WmtXsf9vfs983puOe5/Lf/vLR375q+uzG4v21N9fad7KA/2/8nT43i1zfXb5z67dVbt26cjTTZtfRcpMkTlvNfSF85/5df3GnPv/eb++u9D0ePnP+suBvDffN/sTFfb+8rU+5bF3L+o/SV889HoPH7/zznv//+/2oH/QEAAAAAAAAAAAAAAICHqapq+xbRyxFxKd3/09W9mQDAdOXjf5Xk5Wq1Wq1Wq49e3VSN90aziIi/N9epXzP8btw3AwBm2X8j4p9dd4LOyL9g+fP+6umXuu4MMFU33//g51evX1+/cbPrngAAAAAAAAAA/688/udqY/zn7euAWuNG7xr/9c1YndvxP/ujwfZY52mDXoiHj/99Mh4+/vdwwvMtTGgfTWhfnNC+NKF97I0eDTn/F1LGOf8TacNKGv/15Q7607Wc/8k01nPO/yutxzXzr/46z/n3d+V/+tZ7vzp98/0PXrv23tV3199d/8XZM5cunL944fzFi6ffuXZ9/czOvx32+HDl/PPY164DLUvOP2cu/7Lk/L+cavmXJef/UqrlX5acf369J/+y5Pzzex/5lyXn/0qq5V+WnP9XUy3/suT8X021/MuS8/9aquVflpz/a6mWf1ly/qdSLf+y5PxPp1r+Zcn55zNc8i9Lzj9f2SD/suT8z6Va/mXJ+Z9PtfzLkvO/kGr5lyXnfzHV8i9Lzv9SquVflpz/11Mt/7Lk/L+RavmXJef/eqrlX5ac/zdTLf+y5Py/lWr5lyXn/+1Uy78sOf/vpFr+Zcn5fzfV8i9Lzv+NVMu/LA8+/9+MGTNm8kzXv5kAAAAAAAAAAAAAgLZpXE7c9TYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA/duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFvXuLkau+7wB+9mavDQE33IkDtrkZWNhd38AhBpOElJJeKAlp05Iax14bJ77Vu+YmVDaFtkRBKlL7QB+aJlEaRWorUBWpqUQjpEZq35qnRrxErZQHP0DloKRSqsBWZ+b//3tmdnZmfRl75vw/H2T/vDtnZv5z5szZ/S76zgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACN1n985s+GiqIo/9T+WlMUF5f/XlXsLD+c33ahVwgAAACcrfdqf//9pekTO5dxpYZt/u26//juwsLCQvGFd0+8/xcLC+mCdUUxsrIoapdF//6Lny80bhO8UIwPDTd8PNzl7ke6XD7a5fKxLpev6HL5yi6Xj3e5fNEOWGRV/ecxtRu7sfbPNfVdWlxejNUuu7HNtV4YWjk8HH+WUzNUu87C2L7iQHGwmCmmFl1nqPZfUbyxvryvB4t4X8MN97W2KIqTP31uT1zDUNjHNxZNd1bT+Ny9c3+x7t2fPrfn23NvX9Nudt0Ni1ZaFBs3lOt8sShO/biqGCpWpn0S1zncsM61bdY50rTOodr1yn+3rvPkMtcZH/d4WOcPO6xzbfjc0zcURTFfLLlNqxeK4WJ1y72m/T1ePyLK2yifyg8Wo6d1nKxfxnFSXucnNzQfJ63HZNz/68M+GV1iDY1PxztfXrFov5/pcVI+6n44Vsvbfri80/Hxxh+tNh2r5TbP3bT0MdD2uWtzDKRjueEY2NDtGBheMVI7BoZPrXlD0zEwveg6w8VQ7b5O3NT5GJicO3R0cvaZZ+84cGj3/pn9M4enp7Zt2bx1y+atWyf3HTg4M1X/+/R26QBZXQynY3BDONfEY/CWlm0bD8mFb5y718F4n7wOysf+mZvLBV08XCxxjJfbvLjx7F8H6et+w+tgtOF10Pac2uZ1MLqM10G5zcmNy/uaOdrwp90aenUuXNNwDFzIr4flfT5269LnwrVhXS/ddrpfD0cWHQPxYQ2F1175mfT93vjdYb8sPi6uLS+4aEVxfHbm2J1P756bOzZdhHFeXNbwXLUeL6sbHlOx6HgZPu3jZeff/fLma9t8fk3YV+O3d36uym22THR+rmpn9/b7s+mzm4owzrHzvT/bfTUr92fKEh32Z7nNi3ec/feCKZc0nP/Gup3/RsZG6+e/kbQ3xprOf4ufmpHayori5B3LO/+NhT/n+/x3eZ+c/8p99didnY+BcpuXJk/3GBjteP67IcyhsJ5bQ2IYb8j979cun68fpg3PZdfjZnR0LBw3o/Eem4+bzYuuU95aed8bp87suNl4Q/Nz1fR9SwWPm3Jf/eVU5+Om3ObN6bM/d6yK/2w4d6zodgyMjawo1zuWDoL6+W5hVTwG7iz2FEeKg8XedJ3yWS7va2LT8o6BFeHP+T53XN0nx0C5r17d1PkYKLf5weZz+73TxvCZtE3D906tP19YKvNfO3rq9lp327nO/OU6P7Gl88+Gym3e3nK6OaPzfro9fOaiNvup9fWz1DG9tzg/++nqsM6DWzv/bKrc5vJtyzyedhZF8db0W7Wfd4Wf7/7j8f/8btPPfdv9TPmt6bcemnzkR6ezfgAAztz7tb/nV9S/12z4P9bL+f//AAAAwECIuX84zET+BwAAgMqIuX8kzET+BwAAgMqIuX80zCST/P/E3dtfe+/5Ir0b4EIQL4+74eF769vFjvd8+Hjdwinl5z/2rbHXvvL88u57uCiKXz70obbbP3FvXFfd0bjOjzR/fpGrr1/W/T/+6KntGt8/4eT2+u3Hx7PcwyB2ld+Y3FS73XXPTNfmmw8VtfnI/Esv1G+//nHc/sTm+vZ/Hd60ZOe+oabrbwzruTHMdeE9ZR7eeWo/lDNe77W11/3rZZ89dX/xekMbLqk9zFf/qH678T2iXrmsvn183Eut/1+++p3Xyu2fvqn9+p8fbr/+E+F2fxLmL3bUt2/c519pWP+fhPXH+4vXu/Ob32+7/tevqm//ejguvh5m6/rv//MPv9fu+Yr3s/Oe+vXi/U/975ba9eLtxdtvXf/489NN+6P19t98t347O5782Ujj9vHz8X6ix+9pPr6HwvPb1CMviuI7f1o07efio/Xr/XPL+uPtHb2n/fpvb1nn0aHra9c/9XjWND2ur/3tpraPN65n5z+saXo8rzwQ9t+7kz8ob/fEI+F4DJf/3w/rt9f6XqavP9B8vonbf31N/XUbb2+yZf2vtKx//vpy33Vf/4Pv1tf/+n0rm9a/85PheHqwPrutf//fXNp0/W98u/58HHtq4vCR2eMH9jbs1cbX8crxVasvuvgDl1wazqWtH+86MvfEzLF1U+umimLdAL5lYK/X/80w/6c+5s/9PdT96Gf14+7lT9W/bt3y8/rHr4TPPx6ez/j18Wt/NdZ0vLY+7/P31efZrv+2sI7luuqr/339sjY88fk3jv/TH7/d+n1BfDxHrxivPb5X119Zu2zozfrlreerbv7riubX9Y9Hp2rze2G/LoR3Zt5wZf3+Wm8/vjfJy5+uv37jd3Lx+kXL+4msGWl+HGe7/h+H72O+f3Xz+S8eH997vuXdnNcUQ+US5sP5oZivXx63ivv75ZNXtr2/+D48xfw1p7PMJc0+Mzt58MDh409Pzs3Mzk3OPvPsrkNHjh+e21V779JdX+x2/VOv79W11/femW1bitqr/Uh99NiFXv/RR/fsvWvq5r0z+3Yf3zf36NGZY/v3zM7umdk7e/Pufftmnup2/QN7d0xv2r75rk0T+w/s3XH39u2bt08cOHykXEZ9UV1sm/rSxOFju2pXmd2xZfv01q1bpiYOHdk7s+OuqamJ492uX/vaNFFe+8mJYzMHd88dODQzMXvg2Zkd09u3bdvU9d0fDx3dN7tu8tjxw5PHZ2eOTdYfy7q52qfLr33drk8eZo+E812LofDd+edu35beH7f0rS8veVP1TZq/PS3eCe8FFb++dfs45v6xMJNM8j8AAADkIOb+8Mb/py6Q/wEAAKAyYu5fGWYi/wMAAEBlxNw/HmaSSf7X/9f/1//X/9f/1//vJf1//f9O9P/1/wd5/fr/+v9012/9/5j7VxVFlvkfAAAAchBz/+owE/kfAAAAKiPm/ovCTOR/AAAAqIyY+y8OM8kj/4+1/lP/X/9f/7+x/x+31f8v9P/1/8+Q/r/+fyf6//r/g7z+Puz/r9L/p9/0W/8/5v4PhJnkkf8BAAAgCzH3XxJmIv8DAABAZcTcf2mYifwPAAAAlRFz/5owk0zyv9//r/+v/+/3/+v/6//3kv6//n8n+v/6/4O8/j7s//v9//Sdfuv/x9z/K2EmmeR/AAAAyEHM/R8MM5H/AQAAoDJi7r8szET+BwAAgMqIuf/yMJNM8r/+v/6//r/+v/6//n8v6f/r/3ei/6//P8jr1//X/6e7fuv/x9x/RZhJJvkfAAAAchBz/5VhJvI/AAAAVEbM/VeFmcj/AAAAUBkx918dZpJJ/tf/1//X/9f/1//X/+8l/X/9/070//X/B3n9+v/6/3TXb/3/mPuvCTPJJP8DAABADmLuvzbMRP4HAACAyoi5/0NhJvI/AAAAVEbM/WvDTDLJ//r/+v/6//r/+v/6/700WP3/4SUv0f+v0/9vpv+v/6//r/9PZ/3W/4+5/8NhJpnkfwAAAMhBzP3XhZnI/wAAAFAZMfdfH2Yi/wMAAEBlxNy/Lswkk/yv/6//r/+v/6//r//fS4PV/1+a/n+d/n8z/X/9f/1//X8667f+f8z968NMMsn/AAAAkIOY+zeEmcj/AAAAUBkx998QZiL/AwAAQGXE3H9jmEkm+V//X/9f/1//X/9f/7+X9P/1/zvR/9f/H+T16/8vr/+/otsNUWn91v+Puf+mMJNM8j8AAADkIOb+m8NM5H8AAACojJj7bwkzkf8BAACgMmLu3xhmkkn+1//X/9f/1//X/9f/7yX9f/3/TvT/9f8Hef36/37/P931W/8/5v5bw0wyyf8AAACQg5j7bwszkf8BAACgMmLuvz3MRP4HAACAyoi5fyLMJJP8r/+v/6//r/+v/6//30tV7f+n86j+v/6//r/+v/6//j9L6rf+f8z9d4SZZJL/AQAAIAcx998ZZiL/AwAAQGXE3D8ZZiL/AwAAQGXE3D8VZpJJ/tf/1//X/9f/1//X/++lqvb//f5//f9C/1//X/9f/5+u+q3/H3P/dJhJJvkfAAAAchBz/6YwE/kfAAAAKiPm/s1hJvI/AAAAVEbM/VvCTDLJ//r/+v/6//r/+v/6/72k/6//34n+v/7/IK9f/1//n2bDbT7Xb/3/mPu3hplkkv8BAAAgBzH3bwszkf8BAACgMmLuvyvMRP4HAACAyoi5/+4wk0zyv/6//r/+v/6//r/+fy/p/+v/d6L/r/8/yOvX/9f/p7t+6//H3L89zCST/A8AAAA5iLn/I2Em8j8AAABURsz994SZyP8AAAAwUNr9HsIo5v6Phplkkv/1/6ve/19Yqf+v/6//33n9+v+9pf+v/9+J/r/+/yCvX/9f/5/u+q3/H3P/jjCTTPI/AAAA5CDm/nvDTOR/AAAAqIyY++8LM5H/AQAAoDJi7t8ZZpJJ/tf/r3r/3+//1//X/++2fv3/3tL/1//vRP9/MPv/4dsW/f8+6v+Xx5D+P/2o3/r/MfffH2aSSf4HAACAHMTc/7EwE/kfAAAAKiPm/o+Hmcj/AAAAUBkx938izCST/K//r/+v/6//r/+v/99L+v/6/53o/w9m/z/S/++f/r/f/0+/6rf+f8z9D4SZZJL/AQAAIAcx938yzET+BwAAgMqIuf9Xw0zkfwAAAKiMmPsfDDPJJP/r/+v/6//r/+v/6//3kv6//n8n+v/6/4O8fv1//X+667f+f8z9vxZmkkn+BwAAgBzE3P9QmIn8DwAAAJURc/+nwkzkfwAAAKiMmPt/Pcwkk/yv/39++v/D6fb1//X/9f/1//X/zyX9f/3/Qv//jF3o/vygr1//X/+f7vqt/x9z/2+EmWSS/wEAACAHMff/ZpiJ/A8AAACVEXP/b4WZyP8AAABQGTH3Pxxmkkn+1//3+//1//X/9f/1/3tJ/1//vxP9f/3/QV6//r/+P931W/8/5v7fDjPJJP8DAABADmLufyTMRP4HAACAyoi5/9NhJvI/AAAAVEbM/Z8JM8kk/+v/6//r/+v/6//r//eS/r/+fyf6//r/g7x+/X/9f7rrt/5/zP2Phplkkv8BAAAgBzH3fzbMRP4HAACAyoi5/3fCTOR/AAAAqIyY+383zCST/K//r/+v/6//r/+v/99L+v+L+//lOexC9v9XLGdD/f9l0f/X/9f/1/+ns37r/8fc/7kwk0zyPwAAAOQg5v7fCzOR/wEAAKAyYu7//TAT+R8AAAAqI+b+x8JMMsn/+v/6//r/+v/6//r/vaT/7/f/d6L/r/8/yOvX/9f/p7t+6//H3P/5MJNM8j8AAADkIOb+Pwgzkf8BAACgMmLu3xVmIv8DAABAZcTc/3iYSSb5X/9f/1//X/9f/1//v5f0//X/O9H/1/8f5PXr/+v/012/9f9j7t8dZpJJ/gcAAIAcxNz/hTAT+R8AAAAqI+b+PWEm8j8AAABURsz9e8NMMsn/+v/6//r/+v/6//r/vaT/r//fif6//v8gr1//X/+f7vqt/x9z/0yYSSb5HwAAAHIQc/++MBP5HwAAACoj5v79YSbyPwAAAFRGzP1PhJlkkv/1//X/9f/1//X/9f97Sf9f/78T/X/9/0Fev/6//j/d9Vv/P+b+A2EmmeR/AAAAyEHM/V8MM5H/AQAAoDJi7v9SmIn8DwAAAJURc//BMJNM8r/+v/6//r/+v/6//n8v6f/r/3ei/6//P8jr1//X/6e7fuv/x9x/KMwkk/wPAAAAOYi5/3CYifwPAAAAlRFz/5EwE/kfAAAAKiPm/qNhJpnkf/1//X/9f/1//X/9/17S/9f/70T/X/9/kNev/6//T3f91v+Puf8Pw0wyyf8AAACQg5j7j4WZyP8AAABQGTH3z4aZyP8AAABQGTH3z4WZZJL/9f/1//X/9f/1//X/e0n/X/+/E/1//f9BXr/+v/4/3fVb/z/m/uNhJpnkfwAAAMhBzP1PhpnI/wAAAFAZMfc/FWYi/wMAAEBlxNz/dJhJJvlf/1//X/+/b/r/9Z6f/r/+v/7/adH/1/8v9P/P2IXuzw/6+vX/9f//n7273BXtLOI4fAohkBDCtXAFXALXwGXgLsXd3d3d3d3dHQrFNSkJZ2ZKaLvWqSz2u2ae58uk7U765uxP/5z8sti3Wv+fu/9eccuQ/Q8AAAAT5O6/d9xi/wMAAEAbufvvE7fY/wAAANBG7v77xi1D9r/+X/+v/1+m//f9//y96v/1/zeD/l//f0n/f4tddD9/9vfr//X/7Fut/8/df7+4Zcj+BwAAgAly998/brH/AQAAoI3c/Q+IW+x/AAAAaCN3/wPjliH7X/+v/9f/6//1//r/I+n/9f9b9P/6/zO/X/+v/2ffav1/7v4HxS1D9j8AAABMkLv/wXGL/Q8AAABt5O5/SNxi/wMAAEAbufsfGrcM2f/6f/2//l//r//X/x9J/6//36L/1/+f+f36f/0/+1br/3P3PyxuGbL/AQAAYILc/Q+PW+x/AAAAaCN3/yPiFvsfAAAA2sjd/8i4Zcj+1//r//X/+n/9v/7/SPp//f8W/b/+/8zv1//r/9l3eP9/j6v/c6+0/8/df3XcMmT/AwAAwAS5+x8Vt9j/AAAA0Ebu/kfHLfY/AAAAtJG7/zFxy5D9r//X/1/f/193lf5f/6//v/7f6/9vG/p//f8W/f+q/f+V/Uno//X/+n/2HN7/7/T+//vPufsfG7cM2f8AAAAwQe7+x8Ut9j8AAAC0kbv/8XGL/Q8AAABt5O5/QtwyZP/r//X/vv+v/9f/6/+PpP/X/2/R/6/a//v+/63t/+9+Be/X/zPBav1/7v4nxi1D9j8AAABMkLv/SXGL/Q8AAABt5O5/ctxi/wMAAEAbufufErcM2f/6f/2//l//r//X/x9J/6//36L/1/+f+f2+/6//Z99q/X/u/qfGLUP2PwAAAEyQu/9pcYv9DwAAAG3k7n963GL/AwAAQBu5+58RtwzZ//p//b/+X/9/q/r/2+v/9f/b9P/6/y36f/3/md+v/9f/s2+1/j93/zPjliH7HwAAACbI3f+suMX+BwAAgDZy9z87brH/AQAAoI3c/c+JW4bsf/2//l//r//3/X/9/5H0/+36/6v0/9fT/+v/9f/6f7at1v/n7n9u3DJk/wMAAMAEufufF7fY/wAAANBG7v7nxy32PwAAALSRu/8FccuQ/a//1//r//X/+n/9/5H0/+36f9///y/6f/2//l//z7bV+v/c/S+MW4bsfwAAAJggd/+L4hb7HwAAANrI3f/iuMX+BwAAgDZy978kbhmy//X/+n/9v/5f/6//P5L+X/+/Rf9/4/3/nW7i/6f/X+v9+n/9P/tW6/9z9780bhmy/wEAAGCC3P0vi1vsfwAAAGgjd//L4xb7HwAAANrI3f+KuGXI/r+p/v/aO1/+7/r/K6P/v/H36//1//p//b/+X/+/Rf/v+/9nfr/+X//PvtX6/9z9r4xbhux/AAAAmCB3/6viFvsfAAAA2sjd/+q4xf4HAACANnL3vyZuGbL/ff9f/6//1//r//X/R9L/6/+36P/1/2d+v/5f/8++1fr/3P2vjVuG7H8AAACYIHf/6+IW+x8AAADayN3/+rjF/gcAAIA2cve/IW4Zsv/1//r/C+//b6f/T/r/+L3q//X/N4P+X/9/Sf9/i110P3/29+v/9f/sW63/z93/xrhlyP4HAACACXL3vylusf8BAACgjdz9b45b7H8AAABoI3f/W+KWIftf/6//v/D+3/f/i/4/fq/6f/3/zaD/1/9f0v/fYhfdz5/9/fp//T/7Vuv/c/e/NW4Zsv8BAABggtz9b4tb7H8AAABoI3f/2+MW+x8AAADayN3/jrhlyP7X/+v/9f/6f/2//v9I+n/9/xb9v/7/zO/X/+v/2bda/5+7/51xy5D9DwAAABPk7n9X3GL/AwAAQBu5+98dt9j/AAAA0Ebu/vfELUP2v/7/7P3/Pa+JF+j/9f/6f/3/kvT/+v8t+n/9/5nfr//X/7Nvtf4/d/9745Yh+x8AAAAmyN3/vrjF/gcAAIA2cve/P26x/wEAAKCN3P0fiFuG7P8Z/f8dbvBjffp/3//X/+v/9f9r0//r/7fo//X/Z36//l//z77V+v/c/R+MW4bsfwAAAJggd/+H4hb7HwAAANrI3f/huMX+BwAAgDZy938kbhmy/2f0/zek/7/sNu//r7ur/l//X/T/+v9L+n/9/w79v/7/zO/X/+v/2bda/5+7/6Nxy5D9DwAAABPk7v9Y3GL/AwAAQBu5+z8et9j/AAAA0Ebu/k/EDXe7y8U96f9K/6//9/1//b/+X/9/JP2//n+L/l//f+b36//1/+xbrf/P3f/JuMXf/wMAAEAbufs/FbfY/wAAANBG7v5Pxy32PwAAALSRu/8zccuQ/a//1//r//X/+n/9/5H0//r/Lfp//f+Z36//1/+zb7X+P3f/Z+OWIfsfAAAAJsjd/7m4xf4HAACANnL3fz5usf8BAACgjdz9X4hbhux//b/+X/+v/9f/6/+PpP/X/2/R/+v/z/x+/b/+n32r9f+5+78YtwzZ/wAAADBB7v4vxS32PwAAALSRu//LcYv9DwAAAG3k7v9K3DJk/+v/9f/6f/2//l//fyT9v/5/i/5f/3/m9+v/9f/sW63/z93/1bhlyP4HAACACXL3fy1usf8BAACgjdz9X49b7H8AAABoI3f/N+KWIfu/c/+/9WP6/8v0//r/S/p//f/B9P/6/y36f/3/md+v/9f/s2+1/j93/zfjliH7HwAAACbI3f+tuMX+BwAAgDZy9387brH/AQAAoI3c/d+JW4bs/879/xb9/2X6f/3/Jf2//v9g+n/9/xb9v/7/zO/X/+v/2bda/5+7/7txy5D9DwAAABPk7v9e3GL/AwAAQBu5+78ft9j/AAAA0Ebu/h/ELUP2v/5f/6//1//r//X/R9L/6/+36P/1/2d+v/5f/8++1fr/3P0/jFuG7H8AAACYIHf/j+IW+x8AAADayN3/47jF/gcAAIA2cvf/JG4Zsv/1//p//b/+X/+v/z+S/l//v0X/r/8/8/v1//p/9q3W/+fu/2ncMmT/AwAAwAS5+38Wt9j/AAAA0Ebu/p/HLfY/AAAAtJG7/xdxy5D9r//X/+v/9f/6f/3/kfT/+v8t+n/9/5nfr//X/7Nvtf4/d/8v45Yh+x8AAAAmyN3/q7jF/gcAAIA2cvf/Om6x/wEAAKCN3P2/iVuG7H/9v/5f/6//1//r/4+k/9f/b9H/6//P/H79v/6ffav1/7n7r4lbhux/AAAAmCB3/2/jFvsfAAAA2sjd/7u4xf4HAACANnL3Xxu3DNn/+n/9f8v+/476f/2//n8V+n/9/xb9v/7/zO/X/+v/2bda/5+7//dxy5D9DwAAABPk7v9D3GL/AwAAQBu5+/8Yt9j/AAAA0Ebu/j/FLUP2v/5f/9+y//f9f/2//n8Z+n/9/xb9v/7/zO/X/+v/2bda/5+7/89xy5D9DwAAABPk7v9L3GL/AwAAQBu5+/8at9j/AAAA0Ebu/r/FLUP2v/5f/6//1//r//X/R9L/6/+36P/1/2d+v/5f/8++1fr/3P1/j1uG7H8AAACYIHf/P+IW+x8AAADayN3/z7jF/gcAAIA2cvf/K24Zsv/1//p//b/+X/+v/z+S/l//v0X/r/8/8/v1//p/9q3W/+fu/3cAAAD//1pJMZk=")
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="04"], 0x3b)
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, 0x0, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x4e21, 0x5ef, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8}, 0x1c)
bind$inet6(r5, &(0x7f00000000c0)={0xa, 0x4e22, 0x1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2e}}, 0x7}, 0x1c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000200)=ANY=[], 0x841, 0x0)

1.908024975s ago: executing program 2 (id=2645):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000240)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0)

1.886231956s ago: executing program 1 (id=2646):
r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
mknodat$loop(r0, 0x0, 0x2000, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000180)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0xff}}, './file0\x00'})
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', 0x0})
r5 = creat(&(0x7f0000000040)='./file0\x00', 0x4b)
close(r5)
syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r5, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x0, [], [0x2b8]})

1.746041968s ago: executing program 2 (id=2647):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$cdc_ncm(0x6, 0x6e, &(0x7f0000000540)=ANY=[], 0x0)
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x1c802, &(0x7f0000002740)=ANY=[@ANYBLOB="71756f74612c646973636172642c646973636172642c696f636861727365743d6b6f69382d72752c646973636172642c00f4193eb3ba2a0d5fd0cd7374288ff89ec513a53e007345decb720900f8312da2463eb0edf52fad1a00ebd41c14b3ce75d0cffefd379624b16f7260c835713b263352e03b5cb8fa0c042bd1225ed4ded2b62e12fea4d7e61b738e40781e58d5fff112364ac140f419e5dafecd283b3fab6b142ddbc893b35a81fe9265591ef35fa2928e095fee4c10b22e4212378de59bca0307cc644b9620b63f0000007bbbd422d87856b71348b8f45398b9660b6b3e8ee8a8c32f3234cb46e2cd827ec25c1ca4d046bc004f8df7b1ee690a5e50510700d80c7fa65fa724d0e1b4369f1b64fe249a0312010000004ac983de925f52d735b03fea941b1e948ad8d19cfda5b799325fd69d14fcf6cdde7700a63150eb3699e5314e0827750e244150ec19f3f3f1d8be542c084b5e40bfaa8ad206d2a33b0ddbd7f8e07dc7d17174a4549ffaf5976949cb6d658c42ec7cd9fe8ad82852cefb04646edb3a41eb514eb6a772b3ee9f21e25822b54ec33e592d5c040946721101d53aff21f90351c95aa0f73f1853d6afcbf9448b220e988466066fa5c09e6198fc4520d199b93bdedee87c4043815aa05668a06f8da96680ccc1a139ade90f5c79af46208f9762f54e7c29088d9de69bd2d51c6b9c42209ddc3880051303b855853407d959a5777dce25201c5ea1faa084c36e3e349915ebec53435eb2910c59394ee84ba3baf9c440ae5833c23f46b0eaac543ce0c80ba0603213e53ea59755070b18bc10b9224aa082d967206115b492d825751fcc00000000000000e63d51c5bffa4f712c2d7fafb9cf506c06e1ddad4fc19038407786fedb9afdfb11a5f182676dd84c919f71d5eee2f3b740b68ee7f6518eb9d8baa26f1c3871f863b134ee942eb3af92d19e70d8268839cd7b4637f0627299f99b1873ca165e410f8bd421e1a4859fd9bd6bb34d25c07e1a52b9668a530b10b8585d797124a6975a71aedbe557a17b06bbfe547aa553c3d08b8921a4b0d938c03687bd48a9a387b4c066c056f457fba5738775b900a1e82a89aae1494b05c4bb0fc8ed1a93688bf850a4f7b0942eda1f16ecf043efa6b8c1f9e0fba31f4a58ed0031180fb1b8a00e4a86826b030000002dd1272a3d1609bebb749daef202e0412a73d545b86ca7a6bf569ed35d0000ca23b0de742f6008fdf20928370d88f8c04bc3b97b9a9e0062e8fc5fd2337d85a66bd20730f3153db2459fb34c134c06c19364e9645e83040dd16ee08f18f0ba69ac9ca3e25e15442b07000000d30d38a64613b535fa808a9b3bae00bc371271d45db200a5cbf433e2f6dd03b7c7fcc040781e5151c9badb787e7e1e2f39d60998919aa8dbd156f31a5b7fa5f9e5ec01e8c799edc322703c7fc4a81ab9bc02dd96714ee9d7e75d28d040ff3566404fd6db547a4b553197c1f316d20ea54f9459cd81351a510d101e90eabe6dc6c6ac3ffa189c073a5fb3fc382df620bf5af9e638819c77a051e6875866a849f6f578c068c0e4c7cfbc15033997efa853c96297b3201dd30ea40dc94d010a0c33da9f63a10b8f813dc789b80be3bb3f00ee58b30d5c03a6ddbf418ac1b3d4a13839e4b273c4f914bed13f8806295495d41609478798396aeec06e8d342efd8ac6b422f6c23a011b1400000000000000bc2a02094e19a1ee8bb3c3c0c088ae8efaf68c85001faf7cf5426fb7c5c367ed93eb25c48a293549d15b91b59f1b574b3f6171f8e56a402ec56bdf51d90312b3ca5398f4050000007504be21456ec953bf06f12fff20c31e7c8b55fee5c49aa939830b09995ff149258118f9aae29206f9731288b56b10de51525665fdb4e289b1c177de97af3085f82045fbd012f1dde94ffecd90b7b63d8197d9c24a6fe5915ac7d7240847f6d0bf9099ee117c83e363f2ad36a4a9f4faa5734afe9770c38c565cae87a408d0acbb2db7db9174acab60a344814ee643fa82ba41706d2360269ed276e13dd83abbc258f07b0d58ab0b65200b18b7f9f871bcb43fec5a2e3789ecd0c1069d2da80b93c86dff8933e70c2108346003ddf6b60379eee63b66e7341cdd8f87ed9f11894c9ae040976321d87405b492f419ebfa77eb367ca6e360b8f8451102f54893d7d1695c24bcc184b1e7d19940a2b6931ade8638dd2b85a86dc511dbb97f50520f91fbf7201fc9621d0aee9735d07ca024076e8581db332b1c5f135fe6b2e9d2c18c9d5d5a524d3d5b2657e4b28f1a09696bd5b076a1471c8b2ab2ca3ba57843af1d03590f4e8985e1c463c781bb03ad7ec816ea70bbe06411aae001e0ca72ee7e828ad14bb7a092d883ad000554bf7f00000000000075cc01f8a2e1802192f09e77bc488b3bd3f08a9ce88ba2e2bcc23cf5d7372b339ce1f5003db0ad70fa6e93aa908a2ced81f5514e23e2f94ff03c1c02f5a9195f4735563efd0a1fc7dafcfb3dae043fe0c172ec3a12747d7abf4382bf7453c13df994641017a0f461add956ef8f834b762af30408af6a61f317fd3c7b0816236a768601b7c6606ba52ff126eb13d33c915c5da99d118db488da3f3d7783a608282a93fcbe0910f0389c3ef91de7c84e23daa6554c42b2b3e9f70a9f790f29011a0b5101b23bfeba6e52877ed8a188958e39375dd203d434bef4dc82cc8a21fc40c6e6e6a2475f70bf1503beb9555036e63bdc937f8a4d61b21d06a9d3239d1df6f2e9ef16dee590b15ac028c6d873bb2965374b733d8e11ba763ab157ed91dd871b098c0543dcbba4cf67db8c83c84369dc67735fa4faa0fdcf34b1c6a862ccae9fe4fa28746504643b57f02623a2ef34ea90f2e7f7dd771f8f75217c799d978a3533fcfab6c6f5391b626d61b400f08172fc675e2a062d06c31b85452804f7b125c291f60a02a5d62271e96fe70d64bae36e28b42e197259169ebee8f64355544fbad8b83c1c8fad02cd1a2e56a6f6e82ec7719a48a1bea803546b8af7a89faf7cef94d8ada45fc0a98a79ba90c95262f0110725c6bf7c81237534dcd6a8a113bd8ac48b7db5526ab762cec103674742476cd6b92b8c7abcfb1f8e08f0a05c1b209187049f3206bd545e8c20f8db6d8a7cdd0c9ecbb9011b611a013cd581521dfcb028d59d5c69d286fb93e4c498b3aaff7e0cdcf1f41fec65ebdbe4c2bf453140251cdd94c32b87c4634d6500000000000000000000000000000000816e6c33f92dca3e03c40000005e538c77b2b14f63d253705363846bc4e9cd3284ff329330812d2211ae34106e0306376a2b1cfe60a09becae2b05ec9adcac47612af85f598a880fa97891a7a290b6e730800542aea761aeb463f5ff5bdf5099ae8ad4afe99db9e9c4e703cb900e9ae272742fe2ff81d1a4f15668392cdafd2e1757706f47f9f84e532f25e2737cb6f6e89378f8d79ab8507b109c7f1f3653a5bc9d54ccc633de6263526eac10519274"], 0x1, 0x5f55, &(0x7f000000efc0)="$eJzs3cuOHFcZB/CvL9NzCXGsCEXGYuE4EBJCfLch3OKwYAFIICGvsTWZRAYHkG0QiSw8kReIBZdHgE02LPIi4RUQD4AlD6tIEArVzDl2TU2Pexx7urrn/H7SuOrr0zV9yv+pqe6pywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIL733R+f7kXE5V+nBw5HfCYGEf2I5bo+FvXMxfz8YUQcic3meC4iBosR9fKb/zwTcS4iPjoUcW/j1mr98Jk99uP8qZvXP/n+d/7xuz/dOfLTN3/yQbv9R589++Hvb0cc/uFrH35y+8msOwAAAJSiqqqqlz7mH02f7/tddwoAmIq8/6+S/LharVarn2j9x/5s9UddaN1UjXe7WUTEenOZ+j2Dw/EAMGfW4+Ouu0CH5F+0YUQ81XUngJnW67oD7It7G7dWeynfXnN/cGyrPf+dclv+673713fsNp2kfY7JtH6+7sQgnt2lP8tT6sMsyfn32/lf3mofpeftd/7Tslv+o61Ln4qT8x+082/Zlv+fI2Ju8++Pzb9UOf/ho+S/Ppjj7V/+AAAAAAAcfPnv/4c7Pv67+PirsicPO/57bEp9AAAAAAAAAIAn7XHH/7vP+H8AAAAws+rP6rW/HHrw2G73Yqsfv9SLeLr1fKAw6WKZla77AQAAAAAAAAAAAAAlGW6dw3upF7EQEU+vrFRVVX81tetH9bjLz7vS1x9K1vUveQAA2PLRoda1/L2IpYi4lO71t7CyslJVS8sr1Uq1vJjfz44Wl6rlxufaPK0fWxzt4Q3xcFTV32ypsVzTpM/Lk9rb369+rVE12EPHpqPDwAEgIrb2RvfskQ6Yqnomun6Xw3yw/R88tn/2ouufUwAAAGD/VVVV9dLtvI+mY/79rjsFAEzDUt7/t48LqNVqtVqtPnh1UzXe7WYREevNZer3DIbjB4A5sx4fd90FOiT/og0j4kjXnQBmWq/rDrAv7m3cWu2lfHvN/UEa3z2fC7It//Xe5nJ5+XHTSdrnmEzr5+tODOLZXfrz3JT6MEty/v12/pe32kfpefud/7Tsln+9noc76E/Xcv6Ddv4tByf//tj8S5XzHz5S/gP5AwAAAADADMt//z9c/PFfdz0AAAAAAAAAYH7d27i1mq97zcf/Pz/meb3mnOs/D4ycf2/P+bv+9yDJ+ffb+bdOyBk05u++8SD/f2/cWv3g5r8+l6czn//CYFS/9kKvPxim05yqhbfialyLtTi14/nDbe2nd7QvbGs/M6H97I72Ud2+nNtPxGr8Iq7Fm/fbFyecGLU0ob2a0J7zH9j+i5TzHza+6vxXUnuvNa3dfb+/Y7tvTse9zsW//ffFnVvX9N2Jwf11a6rX73gH/dn8P3lqFL+6sXb9xG+u3Lx5/XSkybZHz0SaPGE5/4X0lfN/6YWt9vx7v7m93n1/9Mj5z4o7Mdw1/xca8/X6vjzlvnUh5z9KXzn/vAcav/3Pc/67b/+vdNAfAAAAAAAAAAAAAAAAeJiqqjYvEb0YERfS9T/uhA8ARfjDD9JMlYRarVar1eoDWzdV473eLGJp+zIXIuK3474ZADDL/hcR/+y6E3RG/gXL9/urp1/oujPAVN14972fXbl2be36ja57AgAAAAAAAAB8Wnn8z2ON8Z83zwNqjRu9bfzXN+LY3I7/2R8NNsc6Tyv0fDx8/O/j8fDxv4cTXm9hQvtoQvvihPalCe1jL/RoyPk/nzLO+R9NK1bS+K8vddCfruX8j6exnnP+X2o9r5l/9dd5zr+/Lf+TN9/55ckb77736tV3rry99vbaz0+funDu7PlzZ8+fP/nW1Wtrp7b+7bDH+yvnn8e+dh5oWXL+OXP5lyXn/8VUy78sOf8XUy3/suT88/s9+Zcl558/+8i/LDn/l1Mt/7Lk/L+cavmXJef/SqrlX5ac/1dSLf+y5PxfTbX8y5LzP5Fq+Zcl538y1fIvS84/H+GSf1ly/vnMBvmXJed/JtXyL0vO/2yq5V+WnP+5VMu/LDn/86mWf1ly/hdSLf+y5Py/mmr5lyXn/7VUy78sOf/XUi3/suT8v55q+Zcl5/+NVMu/LDn/b6Za/mXJ+X8r1fIvS87/26mWf1ly/q+nWv5leXD/fzNTnvnP3yNmoBtmzIyb6fo3EwAAAAAAAAAAAADQNo3TibteRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7PDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1Eaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwd3cxcpX3GcDPftlrQ4IbCCHECWtjiAOLd9df4BCDSUJKSZtSEtKmJTWOvTZO/FXvOgGEylJoSxSkIrUX9KJpEqVRpLYCRZGaSjRCaqT2rlwl4iZqJS4sFSoHJZVSBbY6M+/77szs7Mz6Y+3z8fsh/PfOnJl558yZ2X3WemYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBWGz42/ecDWZbl/zf+WJdll+d/X5Ptyb+c23mpVwgAAACcr7caf/7DFemEPcu4UMs2//aB//j+/Pz8fPaFN0+//Zfz8+mMsSwbWp1ljfOif//lL+ZbtwmeykYHBlu+Huxz80N9zh/uc/5In/NX9Tl/dZ/zR/ucv2gHLLKm+fuYxpVtavx1XXOXZldlI43zNnW51FMDqwcH4+9yGgYal5kfOZgdzo5k09nkossMNP7Lspc25Ld1TxZva7DlttZnWXbmZ4/vj2sYCPt4U9Z2Yw2tj90bd2Vjb/7s8f3fmX39vd1m392waKVZtnljvs6ns2zh11XZQLY67ZO4zsGWda7vss6htnUONC6X/71znWeWuc54v0fDOl/psc714bRHrs+ybC5bcptOT2WD2dqOW037e7R5ROTXkT+U78qGz+o42bCM4yS/zGvXtx8nncdk3P8bwj4ZXmINrQ/HG0+uWrTfz/U4ye91EY7V/Lrvy290dLT1V6ttx2q+zeM3LH0MdH3suhwD6VhuOQY29jsGBlcNNY6BwYU1b2w7BqYWXWYwG2jc1ukbeh8DE7NHT0zMPPrYLYeP7js0fWj62NTkzu3bdmzftmPHxMHDR6Ynm3+e3S4tkbXZYDoGN4bXmngMfrBj29ZDcv6bF+55MFqQ50F+3z9zY76gywezJY7xfJunN5//8yB93295Hgy3PA+6vqZ2eR4ML+N5kG9zZvPyvmcOt/zfbQ0r9Vq4ruUYuJTfD/PbfPBDS78Wrg/reuams/1+OLToGIh3ayA89/JT0s97o7eF/bL4uLg2P+OyVdmpmemTWx7ZNzt7cioL46K4suWx6jxe1rbcp2zR8TJ41sfLnr//1Y3Xdjl9XdhXozf3fqzybbaP936sGq/u7ftzVdbcn22nbs3CuMAu9v7s9t0s358pS/TYn/k2T99y/j8LplzS8vo30u/1b2hkuPn6N5T2xkjb69/ih2aosbIsO3PL8l7/RsL/F/v176qCvP7l++rBLb2PgXybZybO9hgY7vn6d32YA2E9HwqJYbQl97/dOH+ueZi2PJZ9j5vh4ZFw3AzHW2w/brYtukx+bfltb548t+Nm8/Xtj1Xbzy0VPG7yffVXk72Pm3ybl6fO/7VjTfxry2vHqn7HwMjQqny9I+kgaL7eza+Jx8CWbH92PDuSHUiXyR/l/LbGty7vGFgV/r/Yrx3XFOQYyPfV81t7HwP5Nj/admF/dtocTknbtPzs1Pn7haUy/7XDC9fXudsudObP1/nxH38qndYtQ+TbvL79bHNG7/10czjlsi77qfP5s9QxfSC7OPvpmrDOIzt6/24q3+aqncs8nvZkWfbq1KuN33eF3+9+79SPv9/2e99uv1N+derVeyfu/8nZrB8AgHP3duPPuVXNnzVb/sV6Of/+DwAAAJRCzP2DYSbyPwAAAFRGzP1DYSbyPwAAAFRGzP3DYSY1yf8P37brhbeeyNK7Ac4H8fy4G+67o7ld7HjPha/H5hfkp3/02yMvfPWJ5d32YJZlv7r3fV23f/iOuK6mE3GdH24/fZFrrlvW7T/0wMJ2re+fcGZX8/rj/VnuYRC7yi9NbG1c79ijU4358r1ZY94/98xTzetvfh23P72tuf3fhDct2XNwoO3ym8N6NoU5Ft5T5r49C/shn/FyL6z/wL9e+dmF24uXG9j4zsbdfP6Pm9cb3yPquSub28f7vdT6/+Vr330h3/6RG7qv/4nB7us/Ha73tTB/ubu5fes+/2rL+v80rD/eXrzclm/9sOv6X3xPc/sXw3HxjTA713/XX7z/rW6PV7ydPbc3Lxdvf/J/tzcuF68vXn/n+kefmGrbH53X//KbzevZ/eWfD7VuH0+PtxM9dHv78T0QHt+2HnmWZd/9s6xtP2cfaV7unzvWH6/vxO3d139zxzpPDFzXuPzC/VnXdr++/ndbu97fuJ49/7iu7f48d3fYf29O/Ci/3tP3h+MxnP9/rzSvr/O9TF+8u/31Jm7/jXXN5228vomO9T/Xsf656/J913/997zZXP+Ld65uW/+eT4Tj6Z7m7Lf+Q397Rdvlv/md5uNx8ivjx47PnDp8oGWvtj6PV4+uWXvZ5e945xXhtbTz673HZx+ePjk2OTaZZWMlfMvAlV7/t8L8n+aYu/C30PSTnzePu2c/2fy+9cFfNL9+Lpz+UHg84/fHr//1SNvx2vm4z93ZnOe7/pvCOpbrPV/7r+uWteHpz7906p/+5PXOnwvi/Tnx7tHG/Xt+w9WN8wZebp7f+XrVz3++u/15/dPhycb8Qdiv8+GdmTde3by9zuuP703y7Kebz9/4k1y8fNbxfiLrhtrvx/mu/6fh55gfXtP++hePjx880fFuzuuygXwJc+H1IZtrnh+3ivv72TNXd729+D482dx7z2aZS5p5dGbiyOFjpx6ZmJ2emZ2YefSxvUePnzo2u7fx3qV7v9jv8gvP77WN5/eB6Z3bs8az/XhzrLBLvf4TD+w/cOvkjQemD+47dXD2gRPTJw/tn5nZP31g5sZ9Bw9Of6Xf5Q8f2D21dde2W7eOHzp8YPdtu3Zt2zV++NjxfBnNRfWxc/JL48dO7m1cZGb39l1TO3Zsnxw/evzA9O5bJyfHT/W7fON703h+6S+Pn5w+sm/28NHp8ZnDj03vntq1c+fWvu/+ePTEwZmxiZOnjk2cGp4+OdG8L2OzjZPz7339Lk89zBwPr3cdBsJP55+7eWd6f9zct59c8qqam7T/eJq9Ed4LKn5/6/d1zP0jYSY1yf8AAABQBzH3hzf+XzhD/gcAAIDKiLl/dZiJ/A8AAACVEXN/M/mPpo9/r0v+v1D9/yf1/xv0//X/M/3/RP9f/z/T/9f/70P/X/+/zOvX/0/9/xn9f5ZStP5/yP3Zmizz7/8AAABQUTH3rw0zkf8BAACgMmLuvyzMRP4HAACAyoi5//Iwk5rkf5//r/+v/9+r/x+31f/P9P+L0P/f9N/6/4vo/+v/Z/r/5+xS9+fLvv4C9v/X6P9TNEXr/8fc/44wk5rkfwAAAKiDmPvfGWYi/wMAAEBlxNx/RZiJ/A8AAACVEXP/ujCTmuR//X/9f/1/n/+v/1+a/r/P/+9C/1//P9P/P2eXuj9f9vUXsP/v8/8pnKL1/2Pu/7Uwk5rkfwAAAKiDmPvfFWYi/wMAAEBlxNx/ZZiJ/A8AAACVEXP/VWEmNcn/9ez/v5Zlmf5/pv+v/9+xTv1//f+VoP+v/9+L/r/+f5nXr/+v/09/Rev/x9z/7jCTmuR/AAAAqIOY+68OM5H/AQAAoDJi7n9PmIn8DwAAAJURc/81YSY1yf/17P/7/H/9/yb9//Z16v/r/68E/X/9/170/5fR/x9e+Kv+f7HWr/+v/09/Rev/x9z/3jCTmuR/AAAAqIOY+68NM5H/AQAAoDJi7n9fmIn8DwAAAJURc//6MJOa5H/9f/1//X/9f/1//f+VVK7+/+CS5+j/N+n/t7tw/f+5hQX4/P/SrF//X/+f/orW/4+5//1hJjXJ/wAAAFAHMfd/IMxE/gcAAIDKiLn/ujAT+R8AAAAqI+b+sTCTmuR//X/9f/1//X/9f/3/lVSu/v/S9P+b9P/bXZTP/2+h/1+s9ev/6//TX9H6/zH3bwgzqUn+BwAAgDqIuX9jmIn8DwAAAJURc//1YSbyPwAAAFRGzP2bwkxqkv/1//X/9f/1//X/9f9Xkv6//n8v+v/6/2Vev/6//j/9Fa3/H3P/DWEmNcn/AAAAUAcx998YZiL/AwAAQGXE3P/BMBP5HwAAACoj5v7NYSY1yf/6//r/+v8l7v8P6f9n+v+Fp/+v/9+L/r/+f5nXr/+v/09/Rev/x9z/oTCTmuR/AAAAqIOY+28KM5H/AQAAoDJi7r85zET+BwAAgMqIuX88zKQm+V//X/9f/7/E/X+f/9+2fv3/YtL/1//vRf9f/7/M69f/1/+nv6L1/2PuvyXMpCb5HwAAAOog5v4tYSbyPwAAAFRGzP0TYSbyPwAAAFRGzP2TYSY1yf/6//r/+v/6//r/+v8rSf9f/78X/X/9/zKvX/9f/5/+itb/j7l/KsykJvkfAAAA6iDm/q1hJvI/AAAAVEbM/dvCTOR/AAAAqIyY+7eHmdQk/5ek/78lFaD0//X/9f/1//X/S0X/X/+/F/1//f8yr1//X/+fdoNdTita/z/m/h1hJjXJ/wAAAFAHMffvDDOR/wEAAKAyYu6/NcxE/gcAAIDKiLn/tjCTmuT/kvT/ff6//r/+fwv9f/3/MtH/1//vRf9f/7/M69f/1/+nv6L1/2Pu3xVmUpP8DwAAAHUQc/+Hw0zkfwAAAKiMmPtvDzOR/wEAAKBUun0OYRRz/0fCTGqS//X/q97/n1+t/6//r//fe/36/ytL/1//vxf9f/3/Mq9f/1//n/6K1v+PuX93mElN8j8AAADUQcz9d4SZyP8AAABQGTH33xlmIv8DAABAZcTcvyfMpCb5X/+/6v1/n/+v/6//32/9+v8rS/9f/78X/f9y9v/Djy36/wXq/+fHkP4/RVS0/n/M/XeFmdQk/wMAAEAdxNz/0TAT+R8AAAAqI+b+j4WZyP8AAABQGTH3fzzMpCb5X/9f/1//X/9f/1//fyXp/69Y/7/xUljk/v+aZdyM/n85+/+R/n9x+v8+/5+iKlr/P+b+u8NMapL/AQAAoA5i7v9EmIn8DwAAAJURc/+vh5nI/wAAAFAZMfffE2ZSk/yv/6//r/+v/6//r/+/kvT/ff5/L/r/+v9lXr/+v/4//RWt/x9z/2+EmdQk/wMAAEAdxNx/b5iJ/A8AAACVEXP/J8NM5H8AAAAomVVLnhNz/2+GmdQk/5ev/z9Wyv7/YLp+/X/9f/1//X/9/wtJ/1//P9P/P2eXuj9f9vXr/+v/01/R+v8x9/9WmElN8j8AAADUQcz9nwozkf8BAACgMmLu/+0wE/kfAAAAKiPm/vvCTGqS/y90/7/z8r34/H/9/0z/X/9f/1///zzp/+v/Z/r/5+xS9+fLvn79f/1/+ita/z/m/t8JM6lJ/gcAAIA6iLn//jAT+R8AAAAK6uGzvkTM/Z8OM5H/AQAAoDJi7v9MmElN8n/5Pv9f/1//X/9f/1//v0z0//X/e9H/1/8v8/r1//X/6a9o/f+Y+x8IM6lJ/gcAAIA6iLn/s2Em8j8AAABURsz9vxtmIv8DAABAZcTc/3thJj3y/9KVhPLR/9f/1//X/9f/1/9fSfr/i/v/+WuY/n+T/r/+f5nXr/+v/09/Rev/x9z/uTAT//4PAAAAlRFz/++Hmcj/AAAAUBkx9/9BmIn8DwAAAJURc/+DYSY1yf/6//r/+v/6//r/+v8rSf/f5//3ov+v/1/m9ev/6//TX9H6/zH3fz7MpCb5HwAAAOog5v4/DDOR/wEAAKAyYu7fG2Yi/wMAAEBlxNz/UJhJTfK//r/+v/6//r/+v/7/StL/1//vRf9f/7/M69f/1/+nv6L1/2Pu3xdmsqf9ZgAAAIDyirn/C2EmNfn3fwAAAKiDmPv3h5nI/wAAAFAZMfcfCDOpSf7X/9f/1//X/9f/1/9fSfr/+v+96P/r/5d5/fr/+v/0V7T+f8z902EmNcn/AAAAUAcx9x8MM5H/AQAAoDJi7j8UZiL/AwAAQGXE3P9wmElN8r/+v/6//n9t+/+vfK9jnfr/+v8rQf9f/78X/X/9/zKvX/9f/5/+itb/j7n/cJhJTfI/AAAA1EHM/V8MM5H/AQAAoDJi7v9SmIn8DwAAAJURc/+RMJOa5H/9f/1//f/a9v+X9/n/axZuV/9f//9c6P/r//ei/6//X+b16//r/9Nf0fr/MfcfDTOpSf4HAACAOoi5/1iYifwPAAAAlRFz//EwE/kfAAAAKiPm/hNhJjXJ//r/Z9X/XzWwRDdQ/7/7+vX/K9D/b6H/r/9/LvT/9f970f/X/y/z+vX/9f/pr2j9/5j7/yjMpCb5HwAAAOog5v6TYSbyPwAAAFRGzP0zYSbyPwAAAFRGzP2zYSY1yf/6/z7/X/9f/1//X/9/Jen/6//3ov+v/1/m9ev/6//TX9H6/zH3nwozqUn+B4D/Z+8+c/U6qz4OP6/zOiRCwBTCEGACDIExIDEGeknooUPovYXeQofQe++99x4IvUpB8VlrhWPsvW2f8/jc+17X9SELTpB8RzEf/kp+2gAAHeTuv1/cYv8DAADANHL33z9usf8BAABgGrn7HxC3NNn/+n/9v/5f/6//1//vk/5f/79E/6//3/L79f/6f9aN1v/n7n9g3NJk/wMAAEAHufsfFLfY/wAAADCN3P0PjlvsfwAAAJhG7v6HxC1N9r/+X/+v/9f/6//1//uk/9f/L9H/6/+3/H79v/6fdaP1/7n7Hxq3NNn/AAAA0EHu/ofFLfY/AAAATCN3/8PjFvsfAAAAppG7/9q4pcn+1//r//X/G+z//1//r//fDv2//n+J/l//v+X36//1/6wbrf/P3X9d3NJk/wMAAEAHufsfEbfY/wAAADCN3P2PjFvsfwAAAJhG7v5HxS1N9r/+X/+v/99g/+/7//r/DdH/6/+X6P/1/1t+v/5f/8+60fr/3P2Pjlua7H8AAADoIHf/Y+IW+x8AAACmkbv/sXGL/Q8AAADTyN3/uLilyf7X/+v/9f/6f/2//n+f9P/6/yX6f/3/lt+v/9f/s27v/f+9rz9zL7T/z91/fdzSZP8DAABAB7n7Hx+32P8AAAAwjdz9T4hb7H8AAACYRu7+J8YtTfa//l//f0f/f9v/6f/1//r/O36u/z8e+n/9/xL9v/5/y+/X/+v/Wbf3/n+l9z/7v+fuf1Lc0mT/AwAAQAe5+58ct9j/AAAAMI3c/U+JW+x/AAAAmEbu/qfGLU32v/5f/+/7//p//b/+f5/0/8P2/2f/X+8w/f8F0f/r/8/X/9/rAt6v/6eD0fr/3P1Pi1ua7H8AAADoIHf/0+MW+x8AAACmkbv/hrjF/gcAAIBp5O5/RtzSZP/r//X/+n/9/+H+/1TL/v/2n+n/90P/P2z/v0z/f0H0//p/3//X/7NstP4/d/8z45Ym+x8AAAA6yN3/rLjF/gcAAIBp5O5/dtxi/wMAAMA0cvc/J25psv/1//p//b/+/0jf/79ijv7f9//3R/+v/1+i/9f/b/n9+n/9P+tG6/9z9z83bmmy/wEAAGB6p3a1+58Xt9j/AAAAMI3c/c+PW+x/AAAAmEbu/hfELU32v/5f/6//1/8fqf+f5Pv/+v/90f/r/5dcaP+/0//XX4v+f5z36//1/6wbrf/P3f/CuKXJ/gcAAIAOcve/KG6x/wEAAGAauftfHLfY/wAAADCN3P0viVua7H/9v/5f/6//1//r//dJ/6//X+L7//r/Lb9f/6//Z91o/X/u/pfGLU32PwAAAHSQu/9lcYv9DwAAANPI3f/yuMX+BwAAgGnk7n9F3HL2/j91OV91+ej/9f/6f/2//l//v0/6f/3/Ev3/ufv/q87z6+n/x3q//l//z7rR+v/c/TfGLf75PwAAAEwjd/8r4xb7HwAAAKaRu/9VcYv9DwAAANPI3f/quKXJ/j9f/3/rnQ/+vP7/wuj/z/1+/b/+X/+v/9f/6/+X6P99/3/L79f/6/9ZN1r/n7v/NXFLk/0PAAAAHeTuf23cYv8DAADANHL3vy5usf8BAABgGrn7Xx+3NNn/x//9/2v0//p//X9c/b/+X/+v/9f/L9P/6/+3/H79v/6fdaP1/7n73xC3NNn/AAAA0EHu/jfGLfY/AAAATCN3/5viFvsfAAAAppG7/81xS5P9f/z9v+//6/8vsv8/pf9P+v/4+6r/1/9fBP2//n+n/79kJ93Pb/39+n/9P+tG6/9z9990Zur12/8AAADQwU1n/njV7i1xi/0PAAAA08jd/9a4xf4HAACAaeTuf1vc0mT/6//1/yfe//v+f9H/x99X/b/+/yLo//X/O/3/JTvpfn7r79f/6/9ZN1r/n7v/7XFLk/0PAAAAHeTuf0fcYv8DAADANGL3H/zL7/Y/AAAATOmdZ/541e5dcUuT/d+4/7/mqP3/1f/1n/X/536//v9Y+v+bzv69p//X/2+J/l//v0T/r//f8vvH6f/jB9fq/xnPaP1/7v53xy1N9j8AAAB0kLv/PXGL/Q8AAADTyN1/c9xi/wMAAMA0cve/N25psv8b9/+TfP//PrfEC/T/8/b/vv8fV/+v/z8X/b/+f6f/v2Qn3c9v/f3j9P++/8+4Ruv/c/e/L25psv8BAACgg9z9749b7H8AAACYRu7+D8Qt9j8AAABMI3f/B+OWJvtf/7/1/t/3//X/+n/9/9j0//r/Jfp//f+W36//1/+zbrT+P3f/h+KWJvsfAAAAOsjd/+G4xf4HAACAaeTu/0jcYv8DAADANHL3fzRuabL/9f/6/331/7f/Ivr/Jv3/dfr/nf7/vPT/+v8l+n/9/5bfr//X/7NutP4/d//H4pYm+x8AAAA6yN3/8bjF/gcAAIBp5O7/RNxi/wMAAMA0cvd/Mm64x11O7knH6/R5fh69uf5f/+/7//p/3//X/++T/l//v0T/r//f8vv1//p/1o3W/+fu/1Tc4p//AwAAwDRy9386brH/AQAAYBq5+z8Tt9j/AAAAMI3c/Z+NW5rsf/2//l//v9n+/2r9/+H36//HpP/X/y/R/+v/t/x+/b/+n3Wj9f+5+z8XtzTZ/wAAANBB7v7Pxy32PwAAAEwjd/8X4hb7HwAAAKaRu/+LcUuT/a//1//r/zfb//v+/1nv1/+PSf+v/1+i/9f/b/n9+n/9P+tG6/9z938pbmmy/wEAAKCD3P1fjlvsfwAAAJhG7v6vxC32PwAAAEwjd/9X45Ym+1//r//X/+v/9f/6/33S/+v/l+j/9f9bfr/+X//PutH6/9z9X4tbmux/AAAA6CB3/9fjFvsfAAAAppG7/xtxi/0PAAAA08jd/824pcn+n7n/X/qf6f8P6P/1/zv9v/5/z/T/+v8l+n/9/5bfr//X/7NutP4/d/+34pYm+x8AAAA6yN3/7bjF/gcAAIBp5O7/Ttxi/wMAAMA0cvd/N25psv9n7v+X6P8P6P/1/zv9v/5/z/T/+v8l+n/9/5bfr//X/7PuhPr/07vz9P+5+78XtzTZ/wAAANBB7v7vxy32PwAAAEwjd/8P4hb7HwAAAKaRu/+Hccs8+/++Ny/8Sf3/sff/Z34T6f/1/7sh+//Th96p/z+g/98v/b/+f4n+X/+/5ffr//X/rBvt+/+5+38Ut8yz/wEAAKC93P0/jlvsfwAAAJhG7v6fxC32PwAAAEwjd/9P45Ym+1//7/v/+v9O/f89r9j5/r/+/zLT/+v/l+j/9f9bfr/+X//PutH6/9z9P4tbmux/AAAA6CB3/8/jFvsfAAAAppG7/xdxi/0PAAAA08jd/8u4pcn+1//r//X/rfr/Q+/X/x/Q/++X/l//v0T/r//f8vuz/8/fd/p//T//a7T+P3f/r+KWJvsfAAAAOsjd/+u4xf4HAACAaeTu/03cYv8DAADANHL3/zZuabL/9f/6f/1/m/7/trvtdvp//f9lN1D/f+VRfh39/wH9/2H6f/2/7//r/1k2Wv+fu/+WuKXJ/gcAAIAOcvf/Lm6x/wEAAGAauft/H7fY/wAAADCN3P23xi1N9r/+X/8/Zf9/J/2/7//r/0cxUP9/JPr/A/r/w/T/+n/9v/6fZaP1/7n7/xC3NNn/AAAA0EHu/j/GLfY/AAAATCN3/5/iFvsfAAAAppG7/89xS5P9r//X/198/3+6/rqH7f99/1//r/8fxrz9/5X6f/3/kfv/G248+LH+f5vv1//r/1k3Wv+fu/8vcUuT/Q8AAAAd5O7/a9xi/wMAAMA0cvf/LW6x/wEAAGAaufv/Hrc02f/T9P93v+vB1f/7/r/+X/8fP9f/j2He/t/3//X/vv+v/9f/6/9ZM1r/n7v/H3FLk/0PAAAAHeTu/2fcYv8DAADANHL3/ytusf8BAABgGrn7/x23NNn/0/T/Sf+v/9f/6//j5/r/Mej/9f9L9P/6/y2/X/+v/2fdaP1/7v7/BAAA//9RaTCH")
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x20000, 0x0, 0x0, 0x0, &(0x7f0000000100))
mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2236824, 0x0)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2b21445, 0x0, 0xfc, 0x0, &(0x7f0000000100))
ioctl$EVIOCRMFF(r0, 0x5509, 0x0)
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, &(0x7f0000000240)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x7, 0xffffffff, 0x2, 0x2, 0x80000001}, 0x1, 0x0, 0x7, 0x9, 0x0, 0x12, 0x5, 0x0, 0x0, 0xfffffffb, {0x4, 0xfffffff7, 0x617, 0x399, 0x5, 0x7}}}}]}, 0x78}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.364035239s ago: executing program 6 (id=2648):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000380)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f00000000c0)={0x48, 0x2, 0x0, 0x0, <r2=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_REPLACE(r0, 0x3ba0, &(0x7f0000000180)={0x48, 0xa, r2, 0x0, r1})

1.259150507s ago: executing program 6 (id=2649):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$KVM_X86_SET_MSR_FILTER(0xffffffffffffffff, 0x4188aec6, &(0x7f0000004a40)={0x1, [{0x1, 0x3008, 0xcd2, &(0x7f00000002c0)="046b9d41ebfd960d995c4a49972b931efad1aa43582c9559fc1e119f1ad4e66bdd25062741e7520b4f478facc1be20bb1c8a04179b31bdc20f07a33895897e8ec69674828653d6b09bedb419f884724ba316a01041f0d780ed62117fdc9c031a96e579032f4366c161476a2e568ca63a1c02dac09848e64e413c3b204d564696387b579ae92eaebe01fabb309e3164b7b9883099d0bd3bd60f36f7beacdbabf88efe9b4677035b3ccaf95d7c121fbbede0f78d311938374ede9cf048c03b9c405c332299b7a1d6fb31924755979b4564878069bb9ad5154607f6530dd685abf7294db10d0c515d9732221ef6062f5a5f533e8c15f3099144bc944a9e998fa37e77a7044cd5813c8fb94e389a40074531d2d0f59d8526c5a8cec267b7728a39b2eacd4730db05984ba44ad58993879c3eb9f9439e9865e6d428358bd892c43145af6fa22a8d375e38ad10e1bd40a85b9050e77db839154a683adba8dbcdf5fb1ad09dbb488fb267bad1ad3f19642191ca835c8f62b72b154a4e3eb519e869c77aa8c590eed86da39d47d381fd206db81a278cde1e123e3a59ff609d62dcbd66210309cff1438fa3cedfc421c3d4e8d9810129a5bc3a315e99caadb535d29c4074e9c182dc39c5e00450c8d311cc5de87b9a2b0c9a22f6c422d5472b748aeb4bd264c988c80fdf890203e82e8bd14f1cae354101240c69b5948606597101fdc0b81b940940ab3f25a4ee04ce3936eebea1f1ce8de64b520867777d3877ac35f015ad5f96e67123305653c389ea4b9fcd6125dc31758c5bbdfc9bd01ba3db4a8af10e44ab5c0dfd45cc06dbc572b867f4c958d62ed02d98da107a7d6fce11f83160fcee2869b6cf23e3c484243f076013f5eb7be11375240b63d9e34c5aee4b8d6eef8984d1490a366491deea76d80925e304addc2c1f962fb2a5eb0b17879ffb7eb09b0e6571e8efd646b47a95e64e090a37a41a10e21b109030f144fe5fd7026f667a2cd4ffa0f3bfe034dc0bc179d75d77c3811b24201321418ce9216713f321f7f1c6f5c9d0b4c51d9078c9a5efa2055a946358854bb69938fba7da667d48aaadd188792767a67f8de3836b90bdeaa1afa9c62279e28d0440de4c8e74d32f1bd414684487224e3afabed3cf12f2997795161b30bb866a384ca6d1606ff797f6aed6ea3ec6eaf3ef1fb9c721d335a9de309a599e659f420260517a5e025be56b705c2303526a28945eb317b0d6562a0430f28cad907b78f2a62b3b96c94013fec333acbd190e6fb0aeae6cdfe18b89466833281c3630df5f9a1cb67d3b094fd453a6d86a647eceddc287a84cbfe3304c662d54487bbb5029b1ee8f478be169daa7f3eda9c249d5e13d700aa81ff1a285ccf6dde40015ea42fd954dc47489f3802208b25989c8be5bf5c28a0a8e1f2d1badd510d8340329b426baf254870c10a60e2986a7e72919965d5abe7bc23ffe49d4528dc2aa8600702d42195508d132d362328500e759e6decd14f019ec5d4ec946e1af8a3a4c44238125335eba5ec4fe411edf2b1045896e207a31a2af8ca5cc38b0fbf6a77b7e79f6782bc91f94eec47339db05dd8a4330062f8bb14dc1fdd73afe436f565ad19f11962ac4e5c76cd763c6d8fdd1c0d1cbb63016873697a139dbf4a83819d60a0b81ca52472a6c7c978b148f351a7bfde53b5f8f6fe42fd3a7ab817706033e8f485a3256b944f0432d3b8e970a179e9f15aed52d96a89ed75555880762ceceadafc48acaf9f4ac60920e50c727ee377a7c21e80c26ce9a6cf72eff34d1efb87a644601d911aa8a9edeb7bc3b82c023d97068a050d9a29016484b293a69c2f7ba4a87a2581d53c5af65c400278d639e45e1a5094edbcfe02ea997e34eaa21fb7b286ab635582ce07f46bb0cd7785bef1161b4f9efd94d5d641f93a5776476c6dec269c854971ff837529dc129235e4efb0c5c79e4bc860a359d6e3a5c54e76a8e830f52be00847cdcd2eba243ca91a495cc5ee5663db67f3f02ee7ff794843bf81e718790857ecd8e5010c5336e220cc629c449eb257dd34aad32e5b2f5d45c7e5d37b5be91cac99b4404ce85ca702bd3edfc72e22d106ef5731fc73c278690904541ea6cf7d7bb9c9a88014521713d7f5c5d316aac847df3c9c5366dfe58cd961499d865482f1d6ec09e"}, {0x1, 0x0, 0x7fffffff, 0x0}, {0x3, 0x0, 0x55, 0x0}, {0x1, 0x0, 0x1ff, 0x0}, {0x2, 0x0, 0xe, 0x0}, {0x0, 0x0, 0xd6, 0x0}, {0x2, 0x0, 0x9, 0x0}, {0x0, 0x0, 0x7ff, 0x0}, {0x2, 0x0, 0x0, 0x0}, {0x2, 0x0, 0xfffffa2e, 0x0}, {0x2, 0x0, 0x0, 0x0}, {0x2, 0x0, 0xcfd, 0x0}, {0x6, 0x0, 0xc9b, 0x0}, {0x3, 0x0, 0xf, 0x0}, {0x3, 0x0, 0x7, 0x0}, {0x0, 0x0, 0x6000, 0x0}]})

986.31864ms ago: executing program 6 (id=2650):
syz_usb_connect$uac1(0x4, 0x98, &(0x7f0000000200)=ANY=[@ANYBLOB="12011003000000106b1d01014000010203010902860003010140750904000000010100000a24010600080201020904010000010200000904010101010200000b2402010c038f076d15630a24020198010f07347c09240202080001800209240201090108095909050109400206100507250100"], 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x60a80, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d}, 0x94)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(0xffffffffffffffff, 0xc10c5541, &(0x7f0000000480)={0xffff41d9, 0x3})
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)

407.796766ms ago: executing program 7 (id=2651):
mkdir(0x0, 0x21)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$kcm(0xa, 0x1, 0x106)
setsockopt$sock_int(r3, 0x1, 0x7, &(0x7f0000000340)=0x1, 0x4)
sendmsg$kcm(r3, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x20000001)
r4 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
r6 = socket$unix(0x1, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
mkdir(&(0x7f0000000200)='./bus\x00', 0x10)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f00000021c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

0s ago: executing program 6 (id=2652):
syz_mount_image$hfs(&(0x7f0000000140), &(0x7f0000000000)='./bus\x00', 0xc0d4, &(0x7f0000002700)=ANY=[], 0x1, 0x270, &(0x7f00000008c0)="$eJzs3UFrE0EYxvFnNrFGW+raVgTxINWCJ2nrRbwI0m/gxZOoTYRiqKAV1IvVs/gBvPsV/BCexLPgzZPee6vMuxOzSbPZNCZOEv8/SNhk5915Jzvp7JtQIgD/rdtb3z9e/+FvTqqoIummlEiqSVVJ53S+9nx3b2ev2aj3O1DFIvzNKYt0R9ps7zZ6hfo4iwhS/6iqhfxzGI/at9gZYBLYuz/zK/98Ip0M707bX4uS3ejtx04gMnegA73QYuw8AABxhfU/Cev8Qrh+TxJpLSz7nev/lC+gB7ETiCy3/luVdej8+T1ju9r1npVwfn/SqhKH6WtO2cyqdCRQVlVaLsmpRzvNxrXtJ816ore6FeSardh9PZu6Lfls3xw99GqP2rSP4cc+b2M44cewWZD/8mh7LOc+uy/unkv1QfU/13/VQ+dPk52ptOtMZfmvFx/RRplmrQpGedY6uRB6CPqOsqKuNPLmwjE7PiBIy/K0qKWuqGx0GyVRyz2jNkuiVrqj2rO5OHLc3Ht3163qpz5pK3f9n/hXe02DvDN9G2sZZkbf8VStZWrribtkT+1f7NkyGXpIOL53eqgbWnz28tXjB81m4ykbQ2y8Di/mpOQz6EZrEkxKPjO74V/kKL1X/3pmRvmrhH+sfdKPGch3M7PCX3e5rP7L1SvrViL5u7TPdfph2cFzR9woqA2W7P50cQXXwdlHD/NyRV9FDFpzXb4qXRmkx0wa8pwRbktfdZ/P/wEAAAAAAAAAAAAAAAAAAKbN6P7loKaiXbHHCAAAAAAAAAAAAAAAAAAAAADAtJu43/+9o+wRv/8LjN3vAAAA//9nXXUi")
io_setup(0x2, &(0x7f0000000200)=<r0=>0x0)
io_submit(r0, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x16000}])

kernel console output (not intermixed with test programs):

703446][ T5849] usb 1-1: USB disconnect, device number 14
[  907.762589][ T5849] usb 5-1: USB disconnect, device number 14
[  909.968658][T13932] loop5: detected capacity change from 0 to 512
[  910.012894][T13932] EXT4-fs: Ignoring removed oldalloc option
[  910.108416][T13932] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  910.487452][T13932] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2867: Unable to expand inode 11. Delete some EAs or run e2fsck.
[  910.556813][T13937] kAFS: No cell specified
[  910.571156][T13932] EXT4-fs (loop5): 1 truncate cleaned up
[  910.625421][T13932] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  910.868234][ T6869] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  912.626299][T13950] loop4: detected capacity change from 0 to 32768
[  912.668735][ T5791] Bluetooth: hci4: Received unexpected HCI Event 0x00
[  912.788146][T13948] loop5: detected capacity change from 0 to 40427
[  912.825918][T13948] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  912.864576][T13948] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  912.903647][T13948] F2FS-fs (loop5): invalid crc value
[  913.208810][T13972] read_mapping_page failed!
[  913.458206][T13948] F2FS-fs (loop5): Found nat_bits in checkpoint
[  914.450763][T13979] kAFS: No cell specified
[  916.389737][T13997] syzkaller0: entered promiscuous mode
[  916.396046][T13997] syzkaller0: entered allmulticast mode
[  916.413493][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  916.422214][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  916.806103][T14004] loop4: detected capacity change from 0 to 1024
[  916.834777][T14004] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e000e01c, mo2=0002]
[  916.856892][T14004] System zones: 0-1, 3-36
[  916.873796][T14004] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  917.169280][T14004] overlayfs: missing 'lowerdir'
[  919.276756][ T6646] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  919.348088][T14014] kAFS: No cell specified
[  921.105199][T14017] loop4: detected capacity change from 0 to 40427
[  921.150152][T14017] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  921.168170][T14017] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  921.185738][T14017] F2FS-fs (loop4): invalid crc value
[  921.295318][T14017] F2FS-fs (loop4): Found nat_bits in checkpoint
[  921.425350][T14017] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  921.432626][T14017] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  922.467478][   T28] audit: type=1800 audit(1754608591.895:63): pid=14017 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1963" name="bus" dev="loop4" ino=10 res=0 errno=0
[  923.377608][  T785] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  923.467799][T14052] kAFS: No cell specified
[  923.601492][  T785] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  923.634556][  T785] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  923.649688][  T785] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  923.676699][  T785] usb 6-1: config 0 descriptor??
[  923.709872][  T785] pwc: Askey VC010 type 2 USB webcam detected.
[  924.610425][T14060] loop0: detected capacity change from 0 to 40427
[  924.623880][  T785] pwc: recv_control_msg error -32 req 02 val 2700
[  924.641605][  T785] pwc: recv_control_msg error -71 req 02 val 2c00
[  924.660595][T14060] F2FS-fs (loop0): LFS is not compatible with checkpoint=disable
[  924.687355][  T785] pwc: recv_control_msg error -71 req 04 val 1000
[  927.239160][  T785] pwc: recv_control_msg error -71 req 04 val 1300
[  927.723347][  T785] pwc: recv_control_msg error -71 req 04 val 1400
[  927.731797][  T785] pwc: recv_control_msg error -71 req 02 val 2000
[  927.741346][  T785] pwc: recv_control_msg error -71 req 02 val 2100
[  927.750475][  T785] pwc: recv_control_msg error -71 req 04 val 1500
[  927.757697][  T785] pwc: recv_control_msg error -71 req 02 val 2500
[  927.765223][  T785] pwc: recv_control_msg error -71 req 02 val 2400
[  927.773543][  T785] pwc: recv_control_msg error -71 req 02 val 2600
[  927.781254][  T785] pwc: recv_control_msg error -71 req 02 val 2900
[  927.788443][  T785] pwc: recv_control_msg error -71 req 02 val 2800
[  927.795890][  T785] pwc: recv_control_msg error -71 req 04 val 1100
[  927.815323][  T785] pwc: recv_control_msg error -71 req 04 val 1200
[  927.839979][  T785] pwc: Registered as video103.
[  927.852650][  T785] input: PWC snapshot button as /devices/platform/dummy_hcd.5/usb6/6-1/input/input6
[  927.867992][  T785] usb 6-1: USB disconnect, device number 8
[  929.454715][T14077] loop0: detected capacity change from 0 to 512
[  929.718217][T14077] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  929.917213][T14077] ext4 filesystem being mounted at /500/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  930.377810][T14077] fs-verity (loop0, inode 15): Unrecognized descriptor size: 0 bytes
[  930.602369][ T5788] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  931.654914][T14101] kAFS: No cell specified
[  931.806445][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  931.812837][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  932.810983][T14107] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  933.007638][T14109] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[  936.096355][T14134] (null): rxe_set_mtu: Set mtu to 4096
[  936.135253][T14134] rdma_rxe: rxe_newlink: failed to add lo
[  936.969351][T14143] tty tty31: ldisc open failed (-12), clearing slot 30
[  936.977177][T14144] tty tty31: ldisc open failed (-12), clearing slot 30
[  936.984574][T14145] tty tty31: ldisc open failed (-12), clearing slot 30
[  939.584211][T14167] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[  941.341881][T14188] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  943.745809][T14191] loop0: detected capacity change from 0 to 1024
[  943.761474][T14191] EXT4-fs: Ignoring removed oldalloc option
[  943.780217][T14191] EXT4-fs: Ignoring removed orlov option
[  943.795735][T14191] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  944.490559][T14191] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  944.960778][   T28] audit: type=1800 audit(1754608614.375:64): pid=14191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2008" name="file1" dev="loop0" ino=16 res=0 errno=0
[  944.982871][T14191] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4036: comm syz.0.2008: Allocating blocks 433-513 which overlap fs metadata
[  945.080724][T14209] syzkaller0: entered promiscuous mode
[  945.119204][T14209] syzkaller0: entered allmulticast mode
[  945.155553][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  945.164252][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  945.178522][T14208] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[  945.197545][T14190] EXT4-fs error (device loop0): mb_free_blocks:1943: group 0, inode 15: block 161:freeing already freed block (bit 10); block bitmap corrupt.
[  945.406272][ T5788] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  949.600715][T14249] binder: 14248:14249 ioctl 4018620d 0 returned -22
[  951.606794][T14259] loop5: detected capacity change from 0 to 32768
[  952.774052][T14284] binder: 14283:14284 ioctl c0306201 200000001440 returned -11
[  952.926126][ T8893] null_blk: rq ffff8880223b8000 timed out
[  952.933157][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  952.936524][T14288] binder: BINDER_SET_CONTEXT_MGR already set
[  952.944736][ T8893] null_blk: rq ffff8880223b8180 timed out
[  952.953411][T14288] binder: 14287:14288 ioctl 4018620d 200000000040 returned -16
[  952.955954][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  952.974073][ T8893] null_blk: rq ffff8880223b8300 timed out
[  952.979817][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  952.990366][ T8893] null_blk: rq ffff8880223b8480 timed out
[  952.996189][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  953.006927][ T8893] null_blk: rq ffff8880223b8600 timed out
[  953.012935][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  953.023505][ T8893] null_blk: rq ffff8880223b8780 timed out
[  953.029254][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  953.040690][ T8893] null_blk: rq ffff8880223b8900 timed out
[  953.046535][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  953.057120][ T8893] null_blk: rq ffff8880223b8a80 timed out
[  953.062962][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  953.078114][ T8893] null_blk: rq ffff8880223b8c00 timed out
[  953.084090][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  953.094627][ T8893] null_blk: rq ffff8880223b8d80 timed out
[  953.100366][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  953.111368][ T8893] null_blk: rq ffff8880223b8f00 timed out
[  953.117370][ T8893] null_blk: rq ffff8880223b9080 timed out
[  953.123258][ T8893] null_blk: rq ffff8880223b9200 timed out
[  953.128998][ T8893] null_blk: rq ffff8880223b9380 timed out
[  953.134790][ T8893] null_blk: rq ffff8880223b9500 timed out
[  953.140938][ T8893] null_blk: rq ffff8880223b9680 timed out
[  953.147139][ T8893] null_blk: rq ffff8880223b9800 timed out
[  953.152950][ T8893] null_blk: rq ffff8880223b9980 timed out
[  953.158676][ T8893] null_blk: rq ffff8880223b9b00 timed out
[  953.165664][ T8893] null_blk: rq ffff8880223b9c80 timed out
[  953.171446][ T8893] null_blk: rq ffff8880223b9e00 timed out
[  953.177264][ T8893] null_blk: rq ffff8880223b9f80 timed out
[  953.184356][ T8893] null_blk: rq ffff8880223ba100 timed out
[  953.190112][ T8893] null_blk: rq ffff8880223ba280 timed out
[  953.196394][ T8893] null_blk: rq ffff8880223ba400 timed out
[  953.202131][ T8893] null_blk: rq ffff8880223ba580 timed out
[  953.207891][ T8893] null_blk: rq ffff8880223ba700 timed out
[  953.213672][ T8893] null_blk: rq ffff8880223ba880 timed out
[  953.219404][ T8893] null_blk: rq ffff8880223baa00 timed out
[  953.225288][ T8893] null_blk: rq ffff8880223bab80 timed out
[  953.231020][ T8893] null_blk: rq ffff8880223bad00 timed out
[  953.236846][ T8893] null_blk: rq ffff8880223bae80 timed out
[  953.244083][ T8893] null_blk: rq ffff8880223bb000 timed out
[  953.249829][ T8893] null_blk: rq ffff8880223bb180 timed out
[  953.255614][ T8893] null_blk: rq ffff8880223bb300 timed out
[  953.261347][ T8893] null_blk: rq ffff8880223bb480 timed out
[  953.267135][ T8893] null_blk: rq ffff8880223bb600 timed out
[  953.272915][ T8893] null_blk: rq ffff8880223bb780 timed out
[  953.278641][ T8893] null_blk: rq ffff8880223bb900 timed out
[  953.284400][ T8893] null_blk: rq ffff8880223bba80 timed out
[  953.292027][ T8893] null_blk: rq ffff8880223bbc00 timed out
[  953.297832][ T8893] null_blk: rq ffff8880223bbd80 timed out
[  953.303630][ T8893] null_blk: rq ffff8880223bbf00 timed out
[  953.309369][ T8893] null_blk: rq ffff8880223bc080 timed out
[  953.315147][ T8893] null_blk: rq ffff8880223bc200 timed out
[  953.320891][ T8893] null_blk: rq ffff8880223bc380 timed out
[  953.327102][ T8893] null_blk: rq ffff8880223bc500 timed out
[  953.332926][ T8893] null_blk: rq ffff8880223bc680 timed out
[  953.339521][ T8893] null_blk: rq ffff8880223bc800 timed out
[  953.346112][ T8893] null_blk: rq ffff8880223bc980 timed out
[  953.351874][ T8893] null_blk: rq ffff8880223bcb00 timed out
[  953.357753][ T8893] null_blk: rq ffff8880223bcc80 timed out
[  953.363555][ T8893] null_blk: rq ffff8880223bce00 timed out
[  953.369294][ T8893] null_blk: rq ffff8880223bcf80 timed out
[  953.375106][ T8893] null_blk: rq ffff8880223bd100 timed out
[  953.380822][ T8893] null_blk: rq ffff8880223bd280 timed out
[  953.387175][ T8893] null_blk: rq ffff8880223bd400 timed out
[  953.392976][ T8893] null_blk: rq ffff8880223bd580 timed out
[  953.398703][ T8893] null_blk: rq ffff8880223bd700 timed out
[  953.404504][ T8893] null_blk: rq ffff8880223bd880 timed out
[  953.410258][ T8893] null_blk: rq ffff8880223bda00 timed out
[  953.416121][ T8893] null_blk: rq ffff8880223bdb80 timed out
[  953.421922][ T8893] null_blk: rq ffff8880223bdd00 timed out
[  953.427925][ T8893] null_blk: rq ffff8880223bde80 timed out
[  955.242764][T11469] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  955.842823][T11469] usb 6-1: Using ep0 maxpacket: 32
[  955.849682][T11469] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  955.866897][T11469] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  955.876339][T11469] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  955.884705][T11469] usb 6-1: Product: syz
[  955.888880][T11469] usb 6-1: Manufacturer: syz
[  955.893674][T11469] usb 6-1: SerialNumber: syz
[  955.900157][T11469] usb 6-1: config 0 descriptor??
[  955.909206][T14298] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  955.920495][T11469] hub 6-1:0.0: bad descriptor, ignoring hub
[  955.926684][T11469] hub: probe of 6-1:0.0 failed with error -5
[  960.147443][ T8910] null_blk: rq ffff8880223b8000 timed out
[  960.159861][ T8910] blk_print_req_error: 54 callbacks suppressed
[  960.159876][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xc00000 phys_seg 2 prio class 1
[  960.241013][ T8910] null_blk: rq ffff8880223b8180 timed out
[  960.251998][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xc00000 phys_seg 2 prio class 1
[  960.268310][ T8910] null_blk: rq ffff8880223b8300 timed out
[  960.291185][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xc00000 phys_seg 2 prio class 1
[  960.323023][ T8910] null_blk: rq ffff8880223b8480 timed out
[  960.333486][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xc00000 phys_seg 2 prio class 1
[  960.345514][ T8910] null_blk: rq ffff8880223b8600 timed out
[  960.351499][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xc00000 phys_seg 2 prio class 1
[  960.362453][ T8910] null_blk: rq ffff8880223b8780 timed out
[  960.369700][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xc00000 phys_seg 2 prio class 1
[  960.380433][ T8910] null_blk: rq ffff8880223b8900 timed out
[  960.387704][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xc00000 phys_seg 2 prio class 1
[  960.398447][ T8910] null_blk: rq ffff8880223b8a80 timed out
[  960.404446][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xc00000 phys_seg 2 prio class 1
[  960.416466][ T8910] null_blk: rq ffff8880223b8c00 timed out
[  960.422320][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xc00000 phys_seg 2 prio class 1
[  960.433054][ T8910] null_blk: rq ffff8880223b8d80 timed out
[  960.438968][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xc00000 phys_seg 2 prio class 1
[  960.449736][ T8910] null_blk: rq ffff8880223b8f00 timed out
[  960.455827][ T8910] null_blk: rq ffff8880223b9080 timed out
[  960.462904][ T8910] null_blk: rq ffff8880223b9200 timed out
[  960.468778][ T8910] null_blk: rq ffff8880223b9380 timed out
[  960.474954][ T8910] null_blk: rq ffff8880223b9500 timed out
[  960.481016][ T8910] null_blk: rq ffff8880223b9680 timed out
[  960.488216][ T8910] null_blk: rq ffff8880223b9800 timed out
[  960.494326][ T8910] null_blk: rq ffff8880223b9980 timed out
[  960.500283][ T8910] null_blk: rq ffff8880223b9b00 timed out
[  960.506446][ T8910] null_blk: rq ffff8880223b9c80 timed out
[  960.513127][ T8910] null_blk: rq ffff8880223b9e00 timed out
[  960.519130][ T8910] null_blk: rq ffff8880223b9f80 timed out
[  960.525179][ T8910] null_blk: rq ffff8880223ba100 timed out
[  960.531058][ T8910] null_blk: rq ffff8880223ba280 timed out
[  960.537669][ T8910] null_blk: rq ffff8880223ba400 timed out
[  960.543636][ T8910] null_blk: rq ffff8880223ba580 timed out
[  960.549546][ T8910] null_blk: rq ffff8880223ba700 timed out
[  960.556891][ T8910] null_blk: rq ffff8880223ba880 timed out
[  960.562938][ T8910] null_blk: rq ffff8880223baa00 timed out
[  960.568833][ T8910] null_blk: rq ffff8880223bab80 timed out
[  960.574863][ T8910] null_blk: rq ffff8880223bad00 timed out
[  960.580760][ T8910] null_blk: rq ffff8880223bae80 timed out
[  960.587620][ T8910] null_blk: rq ffff8880223bb000 timed out
[  960.593684][ T8910] null_blk: rq ffff8880223bb180 timed out
[  960.599775][ T8910] null_blk: rq ffff8880223bb300 timed out
[  960.605840][ T8910] null_blk: rq ffff8880223bb480 timed out
[  960.612293][ T8910] null_blk: rq ffff8880223bb600 timed out
[  960.618355][ T8910] null_blk: rq ffff8880223bb780 timed out
[  960.624431][ T8910] null_blk: rq ffff8880223bb900 timed out
[  960.630832][ T8910] null_blk: rq ffff8880223bba80 timed out
[  960.684273][ T8910] null_blk: rq ffff8880223bbc00 timed out
[  960.690116][ T8910] null_blk: rq ffff8880223bbd80 timed out
[  960.701513][ T8910] null_blk: rq ffff8880223bbf00 timed out
[  960.707428][ T8910] null_blk: rq ffff8880223bc080 timed out
[  960.713535][ T8910] null_blk: rq ffff8880223bc200 timed out
[  960.719304][ T8910] null_blk: rq ffff8880223bc380 timed out
[  960.725553][ T8910] null_blk: rq ffff8880223bc500 timed out
[  960.731317][ T8910] null_blk: rq ffff8880223bc680 timed out
[  960.737796][ T8910] null_blk: rq ffff8880223bc800 timed out
[  960.743831][ T8910] null_blk: rq ffff8880223bc980 timed out
[  960.749606][ T8910] null_blk: rq ffff8880223bcb00 timed out
[  960.755401][ T8910] null_blk: rq ffff8880223bcc80 timed out
[  960.761149][ T8910] null_blk: rq ffff8880223bce00 timed out
[  960.766970][ T8910] null_blk: rq ffff8880223bcf80 timed out
[  960.772764][ T8910] null_blk: rq ffff8880223bd100 timed out
[  960.778526][ T8910] null_blk: rq ffff8880223bd280 timed out
[  960.785446][ T8910] null_blk: rq ffff8880223bd400 timed out
[  960.791228][ T8910] null_blk: rq ffff8880223bd580 timed out
[  960.797048][ T8910] null_blk: rq ffff8880223bd700 timed out
[  960.803299][ T8910] null_blk: rq ffff8880223bd880 timed out
[  960.809064][ T8910] null_blk: rq ffff8880223bda00 timed out
[  960.817206][ T8910] null_blk: rq ffff8880223bdb80 timed out
[  960.823037][ T8910] null_blk: rq ffff8880223bdd00 timed out
[  960.828805][ T8910] null_blk: rq ffff8880223bde80 timed out
[  961.285680][T14347] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  961.297620][T14347] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  961.308219][T14347] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  961.309695][T14350] binder: BINDER_SET_CONTEXT_MGR already set
[  961.316411][T14347] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  961.333505][T14347] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  961.340962][T14347] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  961.348256][T14350] binder: 14349:14350 ioctl 4018620d 200000000040 returned -16
[  961.458179][T14344] lo speed is unknown, defaulting to 1000
[  962.445611][T11469] usb 6-1: USB disconnect, device number 9
[  962.729998][T14065] tipc: Left network mode
[  963.468964][T14347] Bluetooth: hci1: command tx timeout
[  964.052040][T14378] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2057'.
[  964.171932][T14387] binder: 14386:14387 ioctl c0306201 0 returned -14
[  964.977253][T14344] chnl_net:caif_netlink_parms(): no params data found
[  965.482904][T14347] Bluetooth: hci1: command tx timeout
[  966.746917][T14426] binder: 14424:14426 ioctl c0306201 0 returned -14
[  966.791288][T14344] bridge0: port 1(bridge_slave_0) entered blocking state
[  966.865231][T14344] bridge0: port 1(bridge_slave_0) entered disabled state
[  966.901549][T14344] bridge_slave_0: entered allmulticast mode
[  966.919760][T14344] bridge_slave_0: entered promiscuous mode
[  966.962142][T14429] loop5: detected capacity change from 0 to 1024
[  966.983470][T14344] bridge0: port 2(bridge_slave_1) entered blocking state
[  967.003223][T14429] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  967.023714][T14344] bridge0: port 2(bridge_slave_1) entered disabled state
[  967.031031][T14344] bridge_slave_1: entered allmulticast mode
[  967.049391][T14429] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  967.057841][T14344] bridge_slave_1: entered promiscuous mode
[  967.116848][T14429] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  967.205699][T14429] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  967.296780][T14429] EXT4-fs (loop5): This should not happen!! Data will be lost
[  967.296780][T14429] 
[  967.299434][T14344] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  967.327677][T14429] EXT4-fs (loop5): Total free blocks count 0
[  967.336131][T14429] EXT4-fs (loop5): Free/Dirty block details
[  967.349759][T14429] EXT4-fs (loop5): free_blocks=20480
[  967.355274][T14429] EXT4-fs (loop5): dirty_blocks=80
[  967.365865][T14429] EXT4-fs (loop5): Block reservation details
[  967.383150][T14429] EXT4-fs (loop5): i_reserved_data_blocks=5
[  967.384965][T14344] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  967.397408][T14445] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 64 with error 28
[  967.439335][T14429] syz.5.2068 (14429) used greatest stack depth: 20528 bytes left
[  967.564951][T14347] Bluetooth: hci1: command tx timeout
[  967.570983][T14344] team0: Port device team_slave_0 added
[  967.715473][T14344] team0: Port device team_slave_1 added
[  967.862000][T14344] batman_adv: batadv0: Adding interface: batadv_slave_0
[  968.213478][T14344] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  968.545829][T14344] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  968.633285][T14344] batman_adv: batadv0: Adding interface: batadv_slave_1
[  968.655322][T14344] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  968.699940][T14344] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  968.852739][T11478] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  969.703406][T14347] Bluetooth: hci1: command tx timeout
[  969.735060][T11478] usb 5-1: Using ep0 maxpacket: 16
[  970.354867][T11478] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  970.366410][T11478] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  970.381428][T11478] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  970.391659][T14344] hsr_slave_0: entered promiscuous mode
[  970.416898][T14344] hsr_slave_1: entered promiscuous mode
[  970.425081][T11478] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  970.471678][T11478] usb 5-1: Product: syz
[  970.481834][T11478] usb 5-1: Manufacturer: syz
[  970.492235][T11478] usb 5-1: SerialNumber: syz
[  970.505419][T14344] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  970.517740][T14344] Cannot create hsr debugfs directory
[  970.673170][T14065] hsr_slave_0: left promiscuous mode
[  970.681440][T14065] hsr_slave_1: left promiscuous mode
[  970.720321][T14065] batman_adv: batadv0: Removing interface: batadv_slave_0
[  970.732350][T14065] batman_adv: batadv0: Removing interface: batadv_slave_1
[  970.745572][T11478] usb 5-1: 0:2 : does not exist
[  970.756039][T14065] bridge_slave_1: left promiscuous mode
[  970.766599][T14065] bridge0: port 2(bridge_slave_1) entered disabled state
[  970.777915][T11478] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  970.788497][T14065] bridge_slave_0: left promiscuous mode
[  970.810444][T14065] bridge0: port 1(bridge_slave_0) entered disabled state
[  970.824303][T11478] usb 5-1: USB disconnect, device number 15
[  970.930797][T14343] udevd[14343]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  972.658788][T14065] team0 (unregistering): Port device team_slave_1 removed
[  973.064119][T14065] team0 (unregistering): Port device team_slave_0 removed
[  973.543163][T14065] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  973.762080][T14065] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  973.944028][T14513] JFS: discard option not supported on device
[  973.971807][T14513] Mount JFS Failure: -22
[  973.977610][T14513] jfs_mount failed w/return code = -22
[  976.434546][T14525] fuse: Bad value for 'fd'
[  979.481298][T14065] bond0 (unregistering): Released all slaves
[  979.747169][ T3433] smc: removing ib device s
z1
[  979.855723][T14544] loop4: detected capacity change from 0 to 1024
[  979.915755][T14544] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e000e01c, mo2=0002]
[  979.924359][T14544] System zones: 0-1, 3-36
[  980.024477][T14544] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  980.304113][T14551] fuse: Bad value for 'fd'
[  982.483551][ T6646] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  983.247239][T14344] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  983.268088][T14575] kAFS: unable to lookup cell '(/c¾ûL'
[  983.315353][T14344] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  983.342876][T11469] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  983.417154][T14575] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2100'.
[  983.437874][T14344] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  983.484858][T14344] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  983.580245][T11469] usb 5-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  983.615898][T11469] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  983.671777][T11469] usb 5-1: Product: syz
[  983.702313][T11469] usb 5-1: Manufacturer: syz
[  983.708056][T11469] usb 5-1: SerialNumber: syz
[  983.740786][T11469] usb 5-1: config 0 descriptor??
[  983.776214][T11469] gspca_main: sq905c-2.14.0 probing 2770:9052
[  983.966356][T14344] 8021q: adding VLAN 0 to HW filter on device bond0
[  984.071137][T14344] 8021q: adding VLAN 0 to HW filter on device team0
[  984.184032][T11469] gspca_sq905c: sq905c_read: usb_control_msg failed (-71)
[  984.198374][T11469] sq905c 5-1:0.0: Reading version command failed
[  984.222881][T11469] sq905c: probe of 5-1:0.0 failed with error -71
[  984.232033][ T1083] bridge0: port 1(bridge_slave_0) entered blocking state
[  984.239228][ T1083] bridge0: port 1(bridge_slave_0) entered forwarding state
[  984.272402][T11469] usb 5-1: USB disconnect, device number 16
[  984.376048][ T1083] bridge0: port 2(bridge_slave_1) entered blocking state
[  984.383275][ T1083] bridge0: port 2(bridge_slave_1) entered forwarding state
[  984.548816][T14596] vivid-000: =================  START STATUS  =================
[  984.560307][T14596] vivid-000: Test Pattern: 75% Colorbar
[  984.598596][T14596] vivid-000: Fill Percentage of Frame: 100
[  984.613237][T14596] vivid-000: Horizontal Movement: No Movement
[  984.629095][T14596] vivid-000: Vertical Movement: No Movement
[  984.641082][T14596] vivid-000: OSD Text Mode: All
[  984.646684][T14596] vivid-000: Show Border: false
[  984.652044][T14596] vivid-000: Show Square: false
[  984.658220][T14596] vivid-000: Sensor Flipped Horizontally: false
[  984.664816][T14596] vivid-000: Sensor Flipped Vertically: false
[  984.671276][T14596] vivid-000: Insert SAV Code in Image: false
[  984.680190][T14596] vivid-000: Insert EAV Code in Image: false
[  984.686983][T14596] vivid-000: Insert Video Guard Band: false
[  984.694526][T14596] vivid-000: Reduced Framerate: false
[  984.700076][T14596] vivid-000: Enable Capture Cropping: true
[  984.708426][T14596] vivid-000: Enable Capture Composing: true
[  984.718340][T14596] vivid-000: Enable Capture Scaler: true
[  984.732802][T14596] vivid-000: Timestamp Source: End of Frame
[  984.752969][T14596] vivid-000: Colorspace: sRGB
[  984.761240][T14596] vivid-000: Transfer Function: Default
[  984.819274][T14596] vivid-000: Y'CbCr Encoding: Default
[  984.825313][T14596] vivid-000: HSV Encoding: Hue 0-179
[  984.831283][T14596] vivid-000: Quantization: Default
[  984.836707][T14596] vivid-000: Apply Alpha To Red Only: false
[  984.843135][T14596] vivid-000: Standard Aspect Ratio: 4x3
[  984.859950][T14596] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  984.870677][T14596] vivid-000: DV Timings: 640x480p59 inactive
[  984.883195][T14596] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  984.891746][T14596] vivid-000: Maximum EDID Blocks: 2
[  984.899162][T14596] vivid-000: Limited RGB Range (16-235): false
[  984.912427][T14596] vivid-000: Rx RGB Quantization Range: Automatic
[  984.932910][T14596] vivid-000: Power Present: 0x00000001
[  984.940467][T14596] tpg source WxH: 640x360 (Y'CbCr)
[  984.948216][T14596] tpg field: 1
[  984.952731][T14596] tpg crop: 640x360@0x0
[  984.957161][T14596] tpg compose: 640x360@0x0
[  984.961679][T14596] tpg colorspace: 8
[  984.965856][T14596] tpg transfer function: 0/0
[  984.970603][T14596] tpg Y'CbCr encoding: 0/0
[  984.975331][T14596] tpg quantization: 0/0
[  984.979662][T14596] tpg RGB range: 0/2
[  984.986530][T14596] vivid-000: ==================  END STATUS  ==================
[  986.302352][T14344] 8021q: adding VLAN 0 to HW filter on device batadv0
[  987.265734][T11469] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  987.502978][T11469] usb 5-1: Using ep0 maxpacket: 16
[  987.599520][T11469] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  987.628116][T14344] veth0_vlan: entered promiscuous mode
[  987.661054][T11469] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  987.721330][T11469] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  987.733618][T11469] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  987.750276][T14344] veth1_vlan: entered promiscuous mode
[  987.757765][T11469] usb 5-1: Product: syz
[  987.779335][T11469] usb 5-1: Manufacturer: syz
[  987.784577][T11469] usb 5-1: SerialNumber: syz
[  988.476481][T14344] veth0_macvtap: entered promiscuous mode
[  988.530691][T14344] veth1_macvtap: entered promiscuous mode
[  988.563506][T14344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  988.582808][T14344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  988.600319][T14344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  988.628154][T14344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  988.650860][T14344] batman_adv: batadv0: Interface activated: batadv_slave_0
[  988.729437][T14344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  988.747514][T11469] usb 5-1: 0:2 : does not exist
[  988.756285][T14344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  988.769705][T14344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  988.788942][T14344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  988.801587][T11469] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  988.819099][T14344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  988.858981][T14344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  988.869559][T11469] usb 5-1: USB disconnect, device number 17
[  988.897527][T14344] batman_adv: batadv0: Interface activated: batadv_slave_1
[  988.918874][T14343] udevd[14343]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  988.948929][T14344] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  988.992842][T14344] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  989.001604][T14344] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  989.073711][T14344] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  989.294992][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  989.319590][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  989.462958][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  989.470832][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  991.230634][T14670] loop4: detected capacity change from 0 to 32768
[  991.345630][T14347] Bluetooth: hci4: Received unexpected HCI Event 0x00
[  991.724452][T14716] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2126'.
[  991.733968][T14716] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2126'.
[  993.019777][T14726] binder: 14725:14726 ioctl c0306201 200000001440 returned -11
[  993.257969][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  993.264374][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  994.530830][T14759] loop5: detected capacity change from 0 to 2048
[  994.573273][T14761] netlink: 'syz.4.2136': attribute type 21 has an invalid length.
[  994.590056][T14761] netlink: 'syz.4.2136': attribute type 1 has an invalid length.
[  994.601829][T14761] netlink: 144 bytes leftover after parsing attributes in process `syz.4.2136'.
[  995.092050][T14759] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  995.287398][ T6869] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  995.753822][T14784] loop4: detected capacity change from 0 to 1024
[  995.833880][T14784] EXT4-fs: Ignoring removed oldalloc option
[  995.840686][T14784] EXT4-fs: Ignoring removed orlov option
[  995.961690][T14784] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  996.583211][T14784] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  996.775210][T14784] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4036: comm syz.4.2141: Allocating blocks 497-513 which overlap fs metadata
[  996.810860][   T28] audit: type=1800 audit(1754608666.215:65): pid=14784 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2141" name="file1" dev="loop4" ino=16 res=0 errno=0
[  996.895938][T14784] EXT4-fs (loop4): pa ffff888078a64740: logic 256, phys. 353, len 10
[  996.906806][T14784] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5377: group 0, free 0, pa_free 1
[  997.110688][ T6646] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  997.924617][T14807] loop4: detected capacity change from 0 to 40427
[  997.963086][T14807] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  997.970882][T14807] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  997.985514][T14807] F2FS-fs (loop4): invalid crc value
[  998.042536][T14807] F2FS-fs (loop4): Found nat_bits in checkpoint
[  998.105485][T14807] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  998.112596][T14807] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  998.144259][   T28] audit: type=1800 audit(1754608667.585:66): pid=14807 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2145" name="bus" dev="loop4" ino=10 res=0 errno=0
[  999.000587][T14817] loop7: detected capacity change from 0 to 32768
[  999.125646][T14347] Bluetooth: hci1: Received unexpected HCI Event 0x00
[ 1002.744732][T14872] loop7: detected capacity change from 0 to 40427
[ 1002.790928][T14872] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[ 1002.798832][T14872] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[ 1002.956796][T14872] F2FS-fs (loop7): invalid crc value
[ 1003.081586][T14872] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1003.753277][T14872] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[ 1003.760384][T14872] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 1003.832380][   T28] audit: type=1800 audit(1754608673.275:67): pid=14872 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2157" name="bus" dev="loop7" ino=10 res=0 errno=0
[ 1005.287293][T14876] loop5: detected capacity change from 0 to 32768
[ 1005.317362][T14905] loop4: detected capacity change from 0 to 2048
[ 1005.398032][T14905] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1005.442868][T11468] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[ 1005.615026][ T6646] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1005.658221][T11468] usb 8-1: device descriptor read/64, error -71
[ 1005.982913][T11468] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[ 1006.785664][T11468] usb 8-1: device descriptor read/64, error -71
[ 1006.910240][T11468] usb usb8-port1: attempt power cycle
[ 1007.822924][T11468] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[ 1007.879342][T11468] usb 8-1: device descriptor read/8, error -71
[ 1008.163159][T11468] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[ 1008.372833][T11468] usb 8-1: device descriptor read/8, error -71
[ 1008.722999][T11468] usb usb8-port1: unable to enumerate USB device
[ 1009.824748][T14950] loop4: detected capacity change from 0 to 128
[ 1009.832104][T14950] FAT-fs (loop4): bogus number of reserved sectors
[ 1009.838762][T14950] FAT-fs (loop4): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[ 1009.848191][T14950] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1009.912988][T14343] blk_print_req_error: 54 callbacks suppressed
[ 1009.913006][T14343] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1011.043265][T11468] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[ 1011.304412][T11468] usb 5-1: device descriptor read/64, error -71
[ 1011.378259][T14983] binder_alloc: 14981: binder_alloc_buf, no vma
[ 1011.397350][T14983] binder: 14981:14983 ioctl c0306201 200000001440 returned -11
[ 1012.491715][T11468] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[ 1012.642739][T11468] usb 5-1: device descriptor read/64, error -71
[ 1012.774528][T11468] usb usb5-port1: attempt power cycle
[ 1012.988284][T14998] fuse: Bad value for 'fd'
[ 1013.641053][T14990] loop5: detected capacity change from 0 to 32768
[ 1013.837447][T14991] loop7: detected capacity change from 0 to 32768
[ 1013.881309][T15002] binder: 15000:15002 ioctl 4018620d 0 returned -22
[ 1013.970511][T14347] Bluetooth: hci1: Received unexpected HCI Event 0x00
[ 1014.719147][T15022] loop4: detected capacity change from 0 to 1024
[ 1014.765716][T15022] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e000e01c, mo2=0002]
[ 1014.790385][T15022] System zones: 0-1, 3-36
[ 1014.873847][T15022] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1016.742323][ T6646] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1018.008235][T11478] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[ 1018.222923][T11478] usb 5-1: device descriptor read/64, error -71
[ 1018.515712][T11478] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[ 1018.702953][T11478] usb 5-1: device descriptor read/64, error -71
[ 1018.928171][T11478] usb usb5-port1: attempt power cycle
[ 1019.515624][T11478] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[ 1019.591446][T11478] usb 5-1: device descriptor read/8, error -71
[ 1019.985141][T11478] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[ 1020.334694][T11478] usb 5-1: device descriptor read/8, error -71
[ 1020.431094][T15081] loop5: detected capacity change from 0 to 1024
[ 1020.463974][T15081] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e000e01c, mo2=0002]
[ 1020.483164][T15081] System zones: 0-1, 3-36
[ 1020.512983][T11478] usb usb5-port1: unable to enumerate USB device
[ 1020.607203][T15081] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1021.737273][T15106] loop7: detected capacity change from 0 to 40427
[ 1021.800629][T15106] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[ 1021.808497][T15106] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[ 1021.823165][T15106] F2FS-fs (loop7): invalid crc value
[ 1021.846575][T15106] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1021.876701][T15106] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[ 1021.884831][T15106] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 1021.920723][   T28] audit: type=1800 audit(1754608691.365:68): pid=15106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2203" name="bus" dev="loop7" ino=10 res=0 errno=0
[ 1022.011245][ T6869] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1024.727847][T15142] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2211'.
[ 1024.782894][T15142] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2211'.
[ 1025.178957][T15152] overlay: ./file0 is not a directory
[ 1025.603869][T15138] loop4: detected capacity change from 0 to 32768
[ 1025.699870][T14347] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1025.887466][T15160] loop7: detected capacity change from 0 to 1024
[ 1026.237891][T15160] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e000e01c, mo2=0002]
[ 1026.274698][T15160] System zones: 0-1, 3-36
[ 1026.346436][T15160] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1026.815171][T15169] loop4: detected capacity change from 0 to 40427
[ 1026.825433][T15169] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1026.833300][T15169] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1026.907871][T15177] loop5: detected capacity change from 0 to 8
[ 1027.579746][T15169] F2FS-fs (loop4): invalid crc value
[ 1027.627423][T15169] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1027.656083][T15169] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1027.663256][T15169] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1027.679834][   T28] audit: type=1800 audit(1754608697.125:69): pid=15169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2215" name="bus" dev="loop4" ino=10 res=0 errno=0
[ 1028.760539][T14344] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1029.262895][T11478] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[ 1030.156890][T15209] netlink: 'syz.7.2225': attribute type 21 has an invalid length.
[ 1030.176119][T11478] usb 6-1: Using ep0 maxpacket: 32
[ 1030.182878][T15209] netlink: 'syz.7.2225': attribute type 1 has an invalid length.
[ 1030.199317][T15209] netlink: 144 bytes leftover after parsing attributes in process `syz.7.2225'.
[ 1030.836591][T11478] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1030.903215][T11478] usb 6-1: config 0 has no interfaces?
[ 1030.974858][T11478] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1031.013033][T11478] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1031.072569][T11478] usb 6-1: Product: syz
[ 1031.080666][T11478] usb 6-1: Manufacturer: syz
[ 1031.100472][T11478] usb 6-1: SerialNumber: syz
[ 1031.138901][T15218] loop4: detected capacity change from 0 to 1024
[ 1031.318527][T15222] loop7: detected capacity change from 0 to 40427
[ 1031.341787][T11478] usb 6-1: config 0 descriptor??
[ 1031.378906][T15222] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[ 1031.386813][T15222] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[ 1031.407965][T15218] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e000e01c, mo2=0002]
[ 1031.420174][T15222] F2FS-fs (loop7): invalid crc value
[ 1031.434429][T15218] System zones: 0-1, 3-36
[ 1031.464762][T15222] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1031.464920][T15218] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1031.531529][T15222] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[ 1031.538720][T15222] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 1031.558132][   T28] audit: type=1800 audit(1754608701.005:70): pid=15222 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2227" name="bus" dev="loop7" ino=10 res=0 errno=0
[ 1031.796686][T11478] usb 6-1: USB disconnect, device number 10
[ 1032.814466][ T6646] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1035.557106][T15241] loop5: detected capacity change from 0 to 32768
[ 1036.555009][T15279] loop7: detected capacity change from 0 to 40427
[ 1036.578521][T15279] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[ 1036.586365][T15279] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[ 1036.613911][T15279] F2FS-fs (loop7): invalid crc value
[ 1036.679836][T15279] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1036.716161][T15279] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[ 1036.723287][T15279] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 1036.741557][   T28] audit: type=1800 audit(1754608706.185:71): pid=15279 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2238" name="bus" dev="loop7" ino=10 res=0 errno=0
[ 1037.950870][T15307] binder: BINDER_SET_CONTEXT_MGR already set
[ 1037.967493][T15307] binder: 15306:15307 ioctl 4018620d 200000000040 returned -16
[ 1038.000339][T15307] binder: 15306:15307 ioctl c0306201 200000001440 returned -11
[ 1039.503754][T15321] loop7: detected capacity change from 0 to 1024
[ 1039.587558][T15321] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1039.666896][T15321] EXT4-fs (loop7): shut down requested (0)
[ 1039.894173][T14344] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1040.376886][T15334] input: syz1 as /devices/virtual/input/input7
[ 1040.452118][T15323] loop5: detected capacity change from 0 to 40427
[ 1040.621262][T15323] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[ 1040.646397][T15323] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[ 1040.690587][T15323] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1040.851263][T15323] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[ 1040.865073][T15323] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 1041.590744][T15347] loop7: detected capacity change from 0 to 1024
[ 1041.643666][T15347] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e000e01c, mo2=0002]
[ 1041.673961][T15347] System zones: 0-1, 3-36
[ 1042.044199][T15347] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1042.710963][T14344] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1045.316625][T15376] loop4: detected capacity change from 0 to 512
[ 1045.386554][T15376] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[ 1045.436888][T15376] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c118, mo2=0002]
[ 1045.583544][T15376] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2244: inode #15: comm syz.4.2259: corrupted in-inode xattr: e_value size too large
[ 1045.649045][T15376] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.2259: couldn't read orphan inode 15 (err -117)
[ 1045.704571][T15376] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1045.837859][   T28] audit: type=1800 audit(1754608715.285:72): pid=15376 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2259" name="bus" dev="loop4" ino=18 res=0 errno=0
[ 1046.017011][T15376] loop4: detected capacity change from 512 to 64
[ 1046.080531][T15389] EXT4-fs error (device loop4): mb_free_blocks:1943: group 0, inode 18: block 29:freeing already freed block (bit 28); block bitmap corrupt.
[ 1046.097298][T15389] EXT4-fs (loop4): pa ffff888078a64910: logic 503, phys. 29, len 218
[ 1046.105580][T15389] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5377: group 0, free 218, pa_free 197
[ 1046.388866][ T6646] EXT4-fs error (device loop4): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=201326592, rec_len=256, size=1024 fake=0
[ 1046.483760][T15391] binder: 15390:15391 ioctl c0306201 200000001440 returned -11
[ 1046.535337][ T6646] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1047.613121][ T6646] syz-executor (6646) used greatest stack depth: 20296 bytes left
[ 1047.957661][ T1083] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1048.123030][T11478] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[ 1048.522800][T11478] usb 6-1: Using ep0 maxpacket: 32
[ 1048.544824][ T1083] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1048.567665][T11478] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1048.613866][T11478] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1048.759292][T11478] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1048.782879][T11478] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1048.802693][T11478] usb 6-1: Product: syz
[ 1048.806912][T11478] usb 6-1: Manufacturer: syz
[ 1049.441946][ T1083] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1049.504398][T11478] usb 6-1: SerialNumber: syz
[ 1049.516364][T11478] usb 6-1: config 0 descriptor??
[ 1049.553082][T11478] hub 6-1:0.0: bad descriptor, ignoring hub
[ 1049.559072][T11478] hub: probe of 6-1:0.0 failed with error -5
[ 1049.710772][ T1083] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1049.745785][ T5791] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1049.757354][ T5791] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1049.771965][ T5791] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1049.810679][ T5791] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1049.818597][ T5791] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1049.826443][ T5791] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1050.072972][ T5850] usb 6-1: USB disconnect, device number 11
[ 1050.461768][T15417] loop7: detected capacity change from 0 to 2048
[ 1051.063321][T15417] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1051.325043][ T1083] tipc: Left network mode
[ 1051.480668][T14344] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1051.738573][T15432] loop7: detected capacity change from 0 to 1024
[ 1051.861729][T15432] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e000e01c, mo2=0002]
[ 1051.893061][ T5791] Bluetooth: hci2: command tx timeout
[ 1051.893089][T15432] System zones: 0-1, 3-36
[ 1051.939461][T15432] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1052.682237][T14344] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1053.649370][T15458] loop7: detected capacity change from 0 to 128
[ 1054.358188][ T5791] Bluetooth: hci2: command tx timeout
[ 1054.818446][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.888040][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[ 1055.075960][T15412] chnl_net:caif_netlink_parms(): no params data found
[ 1055.907176][T15474] binder: BINDER_SET_CONTEXT_MGR already set
[ 1055.918124][T15474] binder: 15473:15474 ioctl 4018620d 200000000040 returned -16
[ 1055.933176][T15474] binder: 15473:15474 ioctl c0306201 200000001440 returned -11
[ 1056.094050][T15480] loop5: detected capacity change from 0 to 64
[ 1056.433312][ T6869] BFS-fs: bfs_iget(): Bad inode number loop5:0000fe02
[ 1056.441360][ T6869] BFS-fs: bfs_iget(): Bad inode number loop5:0000fe02
[ 1056.450708][ T5791] Bluetooth: hci2: command tx timeout
[ 1056.610997][T15412] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1057.089249][T15412] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1057.152591][T15412] bridge_slave_0: entered allmulticast mode
[ 1057.160477][T15412] bridge_slave_0: entered promiscuous mode
[ 1057.170273][T15412] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1057.179588][T15412] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1057.187354][T15412] bridge_slave_1: entered allmulticast mode
[ 1057.195068][T15412] bridge_slave_1: entered promiscuous mode
[ 1057.505779][T15412] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1057.641304][T15504] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2288'.
[ 1057.650393][T15504] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2288'.
[ 1057.676620][T15412] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1057.826264][ T1083] hsr_slave_0: left promiscuous mode
[ 1057.885479][ T1083] hsr_slave_1: left promiscuous mode
[ 1057.965586][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1057.987111][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1058.007381][ T1083] bridge_slave_1: left allmulticast mode
[ 1058.024943][ T1083] bridge_slave_1: left promiscuous mode
[ 1058.030754][ T1083] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1058.051642][ T1083] bridge_slave_0: left allmulticast mode
[ 1058.058762][ T1083] bridge_slave_0: left promiscuous mode
[ 1058.074669][ T1083] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1058.162969][ T1083] veth1_macvtap: left promiscuous mode
[ 1058.168566][ T1083] veth0_macvtap: left promiscuous mode
[ 1058.182384][T15510] binder: BINDER_SET_CONTEXT_MGR already set
[ 1058.188874][ T1083] veth1_vlan: left promiscuous mode
[ 1058.194315][ T1083] veth0_vlan: left promiscuous mode
[ 1058.200064][T15510] binder: 15508:15510 ioctl 4018620d 200000000040 returned -16
[ 1058.210554][T15510] binder: 15508:15510 ioctl c0306201 200000001440 returned -11
[ 1058.378855][T15513] loop7: detected capacity change from 0 to 1024
[ 1058.431487][T15513] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e000e01c, mo2=0002]
[ 1058.476449][T15513] System zones: 0-1, 3-36
[ 1058.492529][T15513] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1058.537962][ T5791] Bluetooth: hci2: command tx timeout
[ 1058.891499][T14347] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1058.903752][T14347] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1058.912519][T14347] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1058.924995][T14347] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1058.932841][T14347] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1058.941597][T14347] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1059.334555][T14344] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1060.873655][ T1083] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface
[ 1060.949908][ T1083] team0 (unregistering): Port device team_slave_1 removed
[ 1061.014372][T14347] Bluetooth: hci3: command tx timeout
[ 1061.087899][ T1083] team0 (unregistering): Port device team_slave_0 removed
[ 1061.155691][ T1083] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1061.244106][ T1083] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1062.128755][ T1083] bond0 (unregistering): Released all slaves
[ 1062.267865][T15412] team0: Port device team_slave_0 added
[ 1062.283491][T15412] team0: Port device team_slave_1 added
[ 1062.478497][T15412] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1062.492859][T15412] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1062.551291][T15412] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1062.596979][T15412] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1062.611282][T15412] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1062.647007][T15412] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1063.116093][T14347] Bluetooth: hci3: command tx timeout
[ 1063.328253][T15412] hsr_slave_0: entered promiscuous mode
[ 1063.337353][T15412] hsr_slave_1: entered promiscuous mode
[ 1063.348447][T15412] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1063.357549][T15412] Cannot create hsr debugfs directory
[ 1063.786349][T15575] binder: BINDER_SET_CONTEXT_MGR already set
[ 1063.792413][T15575] binder: 15574:15575 ioctl 4018620d 200000000040 returned -16
[ 1063.801797][T15575] binder: 15574:15575 ioctl c0306201 200000001440 returned -11
[ 1063.910223][T15517] chnl_net:caif_netlink_parms(): no params data found
[ 1064.082583][ T1083] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1064.300678][ T1083] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1064.323229][T15577] loop7: detected capacity change from 0 to 32768
[ 1064.467227][T15517] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1064.489654][T15517] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1064.502429][T15517] bridge_slave_0: entered allmulticast mode
[ 1064.510043][T15517] bridge_slave_0: entered promiscuous mode
[ 1064.575625][ T1083] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1064.578766][T15577] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[ 1064.640642][T15517] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1064.667919][T15517] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1064.694553][T15517] bridge_slave_1: entered allmulticast mode
[ 1064.733014][T15517] bridge_slave_1: entered promiscuous mode
[ 1064.791379][ T1083] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1064.826232][T14344] ocfs2: Unmounting device (7,7) on (node local)
[ 1064.872486][T15412] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1064.895719][T15412] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1064.992361][T15517] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1065.009815][T15412] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1065.022406][T15412] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1065.062194][T15517] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1065.173687][T14347] Bluetooth: hci3: command tx timeout
[ 1065.238623][T15517] team0: Port device team_slave_0 added
[ 1065.324605][T15517] team0: Port device team_slave_1 added
[ 1066.225000][T15517] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1066.232013][T15517] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1066.280371][T15517] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1066.341886][T15622] binder: 15621:15622 ioctl c0306201 200000001440 returned -11
[ 1066.361120][T15517] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1066.392442][T15517] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1066.510917][T15517] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1066.615986][ T1083] tipc: Left network mode
[ 1066.803359][T15517] hsr_slave_0: entered promiscuous mode
[ 1066.809855][T15517] hsr_slave_1: entered promiscuous mode
[ 1066.819192][T15517] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1066.827791][T15517] Cannot create hsr debugfs directory
[ 1066.993179][  T786] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[ 1067.206861][  T786] usb 8-1: Using ep0 maxpacket: 16
[ 1067.230490][  T786] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1067.242892][T14347] Bluetooth: hci3: command tx timeout
[ 1067.251952][  T786] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1067.297913][  T786] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1067.307868][  T786] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1067.316681][  T786] usb 8-1: Product: syz
[ 1067.320881][  T786] usb 8-1: Manufacturer: syz
[ 1067.326535][  T786] usb 8-1: SerialNumber: syz
[ 1067.510565][T15412] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1067.567022][  T786] usb 8-1: 0:2 : does not exist
[ 1067.594616][  T786] usb 8-1: 5:0: failed to get current value for ch 0 (-22)
[ 1067.695417][  T786] usb 8-1: USB disconnect, device number 6
[ 1067.880269][T14343] udevd[14343]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1068.110385][T15517] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1068.132299][T15412] 8021q: adding VLAN 0 to HW filter on device team0
[ 1068.240115][T15517] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1068.273464][T15517] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1068.297525][T14065] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1068.304753][T14065] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1068.321805][T14065] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1068.329027][T14065] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1068.369323][T15517] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1068.504269][  T786] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[ 1068.733075][  T786] usb 8-1: Using ep0 maxpacket: 32
[ 1068.763251][  T786] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1068.883434][  T786] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1068.910930][  T786] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1068.960067][  T786] usb 8-1: Product: syz
[ 1068.980194][  T786] usb 8-1: Manufacturer: syz
[ 1069.003662][  T786] usb 8-1: SerialNumber: syz
[ 1069.066334][  T786] usb 8-1: config 0 descriptor??
[ 1069.093467][  T786] hub 8-1:0.0: bad descriptor, ignoring hub
[ 1069.101790][  T786] hub: probe of 8-1:0.0 failed with error -5
[ 1069.212321][T15412] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1069.234804][T15412] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1069.636834][T11478] usb 8-1: USB disconnect, device number 7
[ 1069.891803][ T1083] hsr_slave_0: left promiscuous mode
[ 1069.996156][ T1083] hsr_slave_1: left promiscuous mode
[ 1070.085798][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1070.123740][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1070.153419][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1070.191863][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1070.213461][ T1083] bridge_slave_1: left allmulticast mode
[ 1070.219152][ T1083] bridge_slave_1: left promiscuous mode
[ 1070.252924][ T1083] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1070.313093][ T1083] bridge_slave_0: left allmulticast mode
[ 1070.318790][ T1083] bridge_slave_0: left promiscuous mode
[ 1070.325041][ T1083] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1070.508874][ T1083] veth1_macvtap: left promiscuous mode
[ 1070.525344][ T1083] veth0_macvtap: left promiscuous mode
[ 1070.533786][ T1083] veth1_vlan: left promiscuous mode
[ 1070.539146][ T1083] veth0_vlan: left promiscuous mode
[ 1070.792817][T14645] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[ 1071.032223][T14645] usb 8-1: Using ep0 maxpacket: 16
[ 1071.040112][T14645] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1071.068690][T14645] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1071.098202][T14645] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1071.112776][T14645] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1071.129301][T14645] usb 8-1: Product: syz
[ 1071.170978][T14645] usb 8-1: Manufacturer: syz
[ 1071.180963][T14645] usb 8-1: SerialNumber: syz
[ 1071.406198][T14645] usb 8-1: 0:2 : does not exist
[ 1071.433143][T14645] usb 8-1: 5:0: failed to get current value for ch 0 (-22)
[ 1071.495211][T14645] usb 8-1: USB disconnect, device number 8
[ 1071.597223][T14343] udevd[14343]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1071.886717][ T1083] team0 (unregistering): Port device team_slave_1 removed
[ 1072.068460][ T1083] team0 (unregistering): Port device team_slave_0 removed
[ 1073.104710][ T1083] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1073.377164][ T1083] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1075.128685][T15724] binder: 15723:15724 ioctl c0306201 200000001440 returned -11
[ 1076.470645][ T1083] bond0 (unregistering): (slave team0): Releasing backup interface
[ 1077.604808][T15748] binder: 15747:15748 ioctl c0306201 200000001440 returned -11
[ 1077.715009][ T1083] bond0 (unregistering): Released all slaves
[ 1077.737011][T15752] loop7: detected capacity change from 0 to 64
[ 1077.819619][   T28] audit: type=1804 audit(1754608747.255:73): pid=15752 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.2345" name="/newroot/64/bus/bus" dev="loop7" ino=3 res=1 errno=0
[ 1078.029619][T15517] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1078.138652][T15517] 8021q: adding VLAN 0 to HW filter on device team0
[ 1078.198554][T14065] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1078.205806][T14065] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1078.219112][T14065] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1078.226343][T14065] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1078.266473][T11470] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[ 1078.349547][T15517] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1078.417870][T15412] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1078.493770][T11470] usb 8-1: Using ep0 maxpacket: 32
[ 1078.526712][T11470] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1078.548500][T11470] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 0
[ 1078.566395][T11470] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1078.593368][T11470] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1078.601595][T11470] usb 8-1: Product: syz
[ 1078.632670][T11470] usb 8-1: Manufacturer: syz
[ 1078.637332][T11470] usb 8-1: SerialNumber: syz
[ 1078.665773][T11470] usb 8-1: config 0 descriptor??
[ 1078.683408][T11470] hub 8-1:0.0: bad descriptor, ignoring hub
[ 1078.694255][T11470] hub: probe of 8-1:0.0 failed with error -5
[ 1078.802378][T15517] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1079.146947][T15412] veth0_vlan: entered promiscuous mode
[ 1079.193599][T15412] veth1_vlan: entered promiscuous mode
[ 1079.347436][ T5850] usb 8-1: USB disconnect, device number 9
[ 1079.373938][T15412] veth0_macvtap: entered promiscuous mode
[ 1079.402576][T15412] veth1_macvtap: entered promiscuous mode
[ 1080.165148][T15412] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1080.182006][T15412] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1080.192089][T15412] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1080.215380][T15412] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1080.236331][T15412] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1080.277682][T15804] binder: 15802:15804 ioctl c0306201 200000001440 returned -11
[ 1080.278379][T15412] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1080.317213][T15412] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1080.342702][T15412] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1080.362895][T15412] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1080.394751][T15412] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1080.397916][T15809] loop7: detected capacity change from 0 to 64
[ 1080.419911][T15412] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1080.431947][T15412] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1080.440991][T15412] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1080.456516][T15412] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1080.465311][   T28] audit: type=1804 audit(1754608749.905:74): pid=15809 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.2353" name="/newroot/67/bus/bus" dev="loop7" ino=3 res=1 errno=0
[ 1080.491947][T15806] netlink: 'syz.6.2352': attribute type 21 has an invalid length.
[ 1080.507820][T15806] netlink: 'syz.6.2352': attribute type 1 has an invalid length.
[ 1080.518112][T15806] netlink: 144 bytes leftover after parsing attributes in process `syz.6.2352'.
[ 1080.565958][T15517] veth0_vlan: entered promiscuous mode
[ 1080.665170][T15517] veth1_vlan: entered promiscuous mode
[ 1080.880886][ T1076] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1080.908223][T15517] veth0_macvtap: entered promiscuous mode
[ 1080.916517][ T1076] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1080.971345][T15517] veth1_macvtap: entered promiscuous mode
[ 1081.017957][ T1083] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1081.040977][T15517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1081.051985][ T1083] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1081.076222][T15517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1081.097557][T15517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1081.112580][T15517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1081.130017][T15517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1081.159596][T15517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1081.172324][T15517] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1081.187318][T15517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1081.198919][T15517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1081.212684][T15517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1081.225895][T15517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1081.236159][T15517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1081.257478][T15517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1081.275197][T15517] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1081.306190][T15517] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1081.332659][T15517] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1081.342916][T11468] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[ 1081.365555][T15517] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1081.382718][T15517] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1081.542912][T11468] usb 8-1: Using ep0 maxpacket: 32
[ 1081.583128][T11468] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1081.598660][ T1103] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1081.618203][T11468] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 0
[ 1081.626975][ T1103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1081.662998][T11468] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1081.693765][T11468] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1081.701998][T11468] usb 8-1: Product: syz
[ 1081.736508][T11468] usb 8-1: Manufacturer: syz
[ 1081.741182][T11468] usb 8-1: SerialNumber: syz
[ 1081.748477][ T1090] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1081.761212][T11468] usb 8-1: config 0 descriptor??
[ 1081.779191][ T1090] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1081.784218][T11468] hub 8-1:0.0: bad descriptor, ignoring hub
[ 1081.793337][T11468] hub: probe of 8-1:0.0 failed with error -5
[ 1082.964989][T11468] usb 8-1: USB disconnect, device number 10
[ 1083.160588][T15854] netlink: 'syz.6.2361': attribute type 21 has an invalid length.
[ 1083.178216][T15850] loop9: detected capacity change from 0 to 64
[ 1083.192886][T15854] netlink: 'syz.6.2361': attribute type 1 has an invalid length.
[ 1083.300872][T15854] netlink: 144 bytes leftover after parsing attributes in process `syz.6.2361'.
[ 1083.963096][   T28] audit: type=1804 audit(1754608753.405:75): pid=15850 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.9.2362" name="/newroot/1/bus/bus" dev="loop9" ino=3 res=1 errno=0
[ 1084.385530][T11468] kernel write not supported for file /9/comm (pid: 11468 comm: kworker/1:11)
[ 1085.589965][T15890] loop9: detected capacity change from 0 to 64
[ 1087.252169][T15902] loop8: detected capacity change from 0 to 512
[ 1087.265499][T15902] EXT4-fs: Ignoring removed orlov option
[ 1087.317882][T15902] EXT4-fs (loop8): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[ 1087.329001][T15902] EXT4-fs (loop8): ext4_check_descriptors: Inode table for group 0 not in group (block 2)!
[ 1087.339085][T15902] EXT4-fs (loop8): group descriptors corrupted!
[ 1087.444594][T14343] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1087.663732][T14347] Bluetooth: hci1: command 0x0406 tx timeout
[ 1087.724643][T15907] netlink: 'syz.9.2376': attribute type 21 has an invalid length.
[ 1087.756403][T15907] netlink: 'syz.9.2376': attribute type 1 has an invalid length.
[ 1087.766560][T15907] netlink: 144 bytes leftover after parsing attributes in process `syz.9.2376'.
[ 1088.178010][T15908] loop7: detected capacity change from 0 to 4096
[ 1088.261336][T15908] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1088.391974][T14344] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1089.139456][T11231] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1090.059029][T11231] usb 9-1: config 220 has an invalid interface number: 76 but max is 2
[ 1090.092879][T11231] usb 9-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[ 1090.114156][T11231] usb 9-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[ 1090.145458][T11231] usb 9-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1090.165542][T15948] netlink: 'syz.6.2389': attribute type 21 has an invalid length.
[ 1090.173514][T15948] netlink: 'syz.6.2389': attribute type 1 has an invalid length.
[ 1090.181238][T15948] netlink: 144 bytes leftover after parsing attributes in process `syz.6.2389'.
[ 1090.229905][T11231] usb 9-1: config 220 has no interface number 2
[ 1090.256832][T11231] usb 9-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1090.290845][T11231] usb 9-1: config 220 interface 0 has no altsetting 0
[ 1090.302693][T11231] usb 9-1: config 220 interface 76 has no altsetting 0
[ 1090.309612][T11231] usb 9-1: config 220 interface 1 has no altsetting 0
[ 1090.349965][T11231] usb 9-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1090.370516][T11231] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1090.406586][T11231] usb 9-1: Product: syz
[ 1090.452497][T11231] usb 9-1: Manufacturer: syz
[ 1090.507782][T11231] usb 9-1: SerialNumber: syz
[ 1092.844583][T11231] usb 9-1: selecting invalid altsetting 0
[ 1092.889151][T11231] usb 9-1: Found UVC 7.01 device syz (8086:0b07)
[ 1092.895931][T11231] usb 9-1: No valid video chain found.
[ 1092.919351][T11231] usb 9-1: selecting invalid altsetting 0
[ 1092.925439][T11231] usbtest: probe of 9-1:220.1 failed with error -22
[ 1092.941293][T11231] usb 9-1: USB disconnect, device number 2
[ 1093.122545][T15964] loop8: detected capacity change from 0 to 2048
[ 1093.625132][T15964] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1094.004011][T15412] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1095.931294][T15998] binder: 15996:15998 ioctl c0306201 200000001440 returned -11
[ 1096.230240][T16002] loop9: detected capacity change from 0 to 4096
[ 1096.266418][T16002] ntfs3: loop9: Different NTFS sector size (4096) and media sector size (512).
[ 1097.889759][T16027] netlink: 24 bytes leftover after parsing attributes in process `syz.9.2407'.
[ 1097.962096][T16027] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 1100.319158][T16066] overlay: ./file0 is not a directory
[ 1104.363488][T16117] netlink: 'syz.6.2422': attribute type 21 has an invalid length.
[ 1104.371422][T16117] netlink: 'syz.6.2422': attribute type 1 has an invalid length.
[ 1104.379256][T16117] netlink: 144 bytes leftover after parsing attributes in process `syz.6.2422'.
[ 1105.349884][T16123] loop9: detected capacity change from 0 to 32768
[ 1105.407810][ T5791] Bluetooth: hci3: Received unexpected HCI Event 0x00
[ 1105.935349][ T8910] null_blk: rq ffff8880223b8000 timed out
[ 1105.941151][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1105.955085][ T8910] null_blk: rq ffff8880223b8180 timed out
[ 1105.960904][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1105.973432][ T8910] null_blk: rq ffff8880223b8300 timed out
[ 1105.979194][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1105.990046][ T8910] null_blk: rq ffff8880223b8480 timed out
[ 1105.995877][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1106.006392][ T8910] null_blk: rq ffff8880223b8600 timed out
[ 1106.012138][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1106.024882][ T8910] null_blk: rq ffff8880223b8780 timed out
[ 1106.030638][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1106.041195][ T8910] null_blk: rq ffff8880223b8900 timed out
[ 1106.049275][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1106.060204][ T8910] null_blk: rq ffff8880223b8a80 timed out
[ 1106.069276][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1106.080215][ T8910] null_blk: rq ffff8880223b8c00 timed out
[ 1106.086143][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1106.096753][ T8910] null_blk: rq ffff8880223b8d80 timed out
[ 1106.102488][ T8910] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1106.113200][ T8910] null_blk: rq ffff8880223b8f00 timed out
[ 1106.118983][ T8910] null_blk: rq ffff8880223b9080 timed out
[ 1106.125491][ T8910] null_blk: rq ffff8880223b9200 timed out
[ 1106.131264][ T8910] null_blk: rq ffff8880223b9380 timed out
[ 1106.137577][ T8910] null_blk: rq ffff8880223b9500 timed out
[ 1106.143402][ T8910] null_blk: rq ffff8880223b9680 timed out
[ 1106.149730][ T8910] null_blk: rq ffff8880223b9800 timed out
[ 1106.155558][ T8910] null_blk: rq ffff8880223b9980 timed out
[ 1106.161302][ T8910] null_blk: rq ffff8880223b9b00 timed out
[ 1106.167117][ T8910] null_blk: rq ffff8880223b9c80 timed out
[ 1106.172965][ T8910] null_blk: rq ffff8880223b9e00 timed out
[ 1106.178724][ T8910] null_blk: rq ffff8880223b9f80 timed out
[ 1106.189291][ T8910] null_blk: rq ffff8880223ba100 timed out
[ 1106.199955][ T8910] null_blk: rq ffff8880223ba280 timed out
[ 1106.213390][ T8910] null_blk: rq ffff8880223ba400 timed out
[ 1106.219195][ T8910] null_blk: rq ffff8880223ba580 timed out
[ 1106.225763][ T8910] null_blk: rq ffff8880223ba700 timed out
[ 1106.231548][ T8910] null_blk: rq ffff8880223ba880 timed out
[ 1106.237605][ T8910] null_blk: rq ffff8880223baa00 timed out
[ 1106.243628][ T8910] null_blk: rq ffff8880223bab80 timed out
[ 1106.249397][ T8910] null_blk: rq ffff8880223bad00 timed out
[ 1106.255204][ T8910] null_blk: rq ffff8880223bae80 timed out
[ 1106.262130][ T8910] null_blk: rq ffff8880223bb000 timed out
[ 1106.267990][ T8910] null_blk: rq ffff8880223bb180 timed out
[ 1106.273864][ T8910] null_blk: rq ffff8880223bb300 timed out
[ 1106.279626][ T8910] null_blk: rq ffff8880223bb480 timed out
[ 1106.285477][ T8910] null_blk: rq ffff8880223bb600 timed out
[ 1106.291241][ T8910] null_blk: rq ffff8880223bb780 timed out
[ 1106.297129][ T8910] null_blk: rq ffff8880223bb900 timed out
[ 1106.302977][ T8910] null_blk: rq ffff8880223bba80 timed out
[ 1106.308762][ T8910] null_blk: rq ffff8880223bbc00 timed out
[ 1107.512161][T16152] loop8: detected capacity change from 0 to 32768
[ 1107.630609][T16152] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop8 scanned by syz.8.2428 (16152)
[ 1107.718747][T16152] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1107.794752][T16152] BTRFS info (device loop8): using sha256 (sha256-avx2) checksum algorithm
[ 1107.843376][T16152] BTRFS info (device loop8): using free space tree
[ 1108.123371][T16152] BTRFS info (device loop8): enabling ssd optimizations
[ 1108.130365][T16152] BTRFS info (device loop8): auto enabling async discard
[ 1108.283861][T16189] netlink: 'syz.6.2432': attribute type 21 has an invalid length.
[ 1108.291789][T16189] netlink: 'syz.6.2432': attribute type 1 has an invalid length.
[ 1108.299610][T16189] netlink: 144 bytes leftover after parsing attributes in process `syz.6.2432'.
[ 1109.150127][T16198] loop7: detected capacity change from 0 to 2048
[ 1111.511191][T16198] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1111.859501][T14344] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1112.235936][T15412] BTRFS info (device loop8): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1112.491423][T16222] (null): rxe_set_mtu: Set mtu to 4096
[ 1112.497356][T16222] lo speed is unknown, defaulting to 1000
[ 1112.506059][T16222] lo speed is unknown, defaulting to 1000
[ 1112.512630][T16222] lo speed is unknown, defaulting to 1000
[ 1112.667933][T16222] infiniband s
z1: set active
[ 1112.672700][T16222] infiniband s
z1: added lo
[ 1112.691455][T11469] lo speed is unknown, defaulting to 1000
[ 1112.751144][T16222] RDS/IB: s
z1: added
[ 1112.755294][T16222] smc: adding ib device s
z1 with port count 1
[ 1112.761472][T16222] smc:    ib device s
z1 port 1 has pnetid 
[ 1112.769304][T16222] lo speed is unknown, defaulting to 1000
[ 1112.939025][T16222] lo speed is unknown, defaulting to 1000
[ 1112.949406][T11469] lo speed is unknown, defaulting to 1000
[ 1114.137008][T16222] lo speed is unknown, defaulting to 1000
[ 1114.220947][T16222] lo speed is unknown, defaulting to 1000
[ 1114.849960][T16243] overlay: ./file0 is not a directory
[ 1115.599757][T16250] netlink: 'syz.8.2443': attribute type 21 has an invalid length.
[ 1115.608632][T16250] netlink: 'syz.8.2443': attribute type 1 has an invalid length.
[ 1115.616883][T16250] netlink: 144 bytes leftover after parsing attributes in process `syz.8.2443'.
[ 1116.134970][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.141327][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[ 1117.975278][T16257] loop8: detected capacity change from 0 to 32768
[ 1118.036911][ T5791] Bluetooth: hci2: Received unexpected HCI Event 0x00
[ 1120.858699][T16304] netlink: 'syz.8.2454': attribute type 21 has an invalid length.
[ 1120.867464][T16304] netlink: 'syz.8.2454': attribute type 1 has an invalid length.
[ 1120.875440][T16304] netlink: 144 bytes leftover after parsing attributes in process `syz.8.2454'.
[ 1121.413280][T11469] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[ 1121.652981][T11469] usb 10-1: Using ep0 maxpacket: 16
[ 1121.674246][T11469] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1121.746887][T11469] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1121.779751][T11469] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1121.808440][T11469] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1121.822694][T11469] usb 10-1: Product: syz
[ 1121.830568][T11469] usb 10-1: Manufacturer: syz
[ 1121.837478][T11469] usb 10-1: SerialNumber: syz
[ 1122.078994][T11469] usb 10-1: 0:2 : does not exist
[ 1122.165554][T11469] usb 10-1: 5:0: failed to get current value for ch 0 (-22)
[ 1122.367124][T11469] usb 10-1: USB disconnect, device number 2
[ 1122.487859][T14343] udevd[14343]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1124.110366][T16350] netlink: 'syz.8.2465': attribute type 21 has an invalid length.
[ 1124.118386][T16350] netlink: 'syz.8.2465': attribute type 1 has an invalid length.
[ 1124.126341][T16350] netlink: 144 bytes leftover after parsing attributes in process `syz.8.2465'.
[ 1124.163099][T16332] loop9: detected capacity change from 0 to 32768
[ 1124.210717][ T5791] Bluetooth: hci3: Received unexpected HCI Event 0x00
[ 1124.811728][T16357] binder: BINDER_SET_CONTEXT_MGR already set
[ 1124.861553][T16357] binder: 16356:16357 ioctl 4018620d 200000000040 returned -16
[ 1125.646878][T16367] loop8: detected capacity change from 0 to 2048
[ 1126.809971][T16367] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1127.325593][T15412] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1127.792988][T11468] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[ 1128.972736][T11468] usb 10-1: Using ep0 maxpacket: 16
[ 1128.980238][T11468] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1128.991030][T11468] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1129.025785][T11468] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1129.035790][T11468] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1129.063904][T16402] netlink: 'syz.6.2474': attribute type 21 has an invalid length.
[ 1129.071901][T16402] netlink: 'syz.6.2474': attribute type 1 has an invalid length.
[ 1129.079884][T16402] netlink: 144 bytes leftover after parsing attributes in process `syz.6.2474'.
[ 1129.113081][T11468] usb 10-1: Product: syz
[ 1129.117391][T11468] usb 10-1: Manufacturer: syz
[ 1129.122090][T11468] usb 10-1: SerialNumber: syz
[ 1129.251152][T16404] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1129.393345][T11468] usb 10-1: 0:2 : does not exist
[ 1129.435638][T11468] usb 10-1: 5:0: failed to get current value for ch 0 (-22)
[ 1129.539006][T11468] usb 10-1: USB disconnect, device number 3
[ 1129.846833][T14343] udevd[14343]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1130.742999][T16434] loop9: detected capacity change from 0 to 2048
[ 1131.987758][T16434] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1132.391991][T15517] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1133.540256][T16469] netlink: 'syz.8.2484': attribute type 21 has an invalid length.
[ 1133.548192][T16469] netlink: 'syz.8.2484': attribute type 1 has an invalid length.
[ 1133.555949][T16469] netlink: 144 bytes leftover after parsing attributes in process `syz.8.2484'.
[ 1133.755014][T16475] netlink: 196 bytes leftover after parsing attributes in process `syz.8.2486'.
[ 1135.315051][T16511] netlink: 'syz.6.2494': attribute type 21 has an invalid length.
[ 1135.324425][T16511] netlink: 'syz.6.2494': attribute type 1 has an invalid length.
[ 1135.332193][T16511] netlink: 144 bytes leftover after parsing attributes in process `syz.6.2494'.
[ 1136.617633][ T8893] null_blk: rq ffff8880223b8000 timed out
[ 1136.623852][ T8893] blk_print_req_error: 31 callbacks suppressed
[ 1136.623865][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1136.643960][ T8893] null_blk: rq ffff8880223b8180 timed out
[ 1136.653166][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1136.664855][ T8893] null_blk: rq ffff8880223b8300 timed out
[ 1136.670717][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1136.682717][ T8893] null_blk: rq ffff8880223b8480 timed out
[ 1136.688533][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1136.700698][ T8893] null_blk: rq ffff8880223b8600 timed out
[ 1136.701993][T16558] netlink: 'syz.9.2504': attribute type 21 has an invalid length.
[ 1136.707124][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1136.707183][ T8893] null_blk: rq ffff8880223b8780 timed out
[ 1136.707195][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1136.707222][ T8893] null_blk: rq ffff8880223b8900 timed out
[ 1136.749170][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1136.773028][ T8893] null_blk: rq ffff8880223b8a80 timed out
[ 1136.778913][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1136.790882][ T8893] null_blk: rq ffff8880223b8c00 timed out
[ 1136.796891][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1136.805085][T16558] netlink: 'syz.9.2504': attribute type 1 has an invalid length.
[ 1136.807452][ T8893] null_blk: rq ffff8880223b8d80 timed out
[ 1136.821008][ T8893] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[ 1136.831788][ T8893] null_blk: rq ffff8880223b8f00 timed out
[ 1136.837816][ T8893] null_blk: rq ffff8880223b9080 timed out
[ 1136.845546][ T8893] null_blk: rq ffff8880223b9200 timed out
[ 1136.851428][ T8893] null_blk: rq ffff8880223b9380 timed out
[ 1136.857547][T16558] netlink: 144 bytes leftover after parsing attributes in process `syz.9.2504'.
[ 1136.862718][ T8893] null_blk: rq ffff8880223b9500 timed out
[ 1136.872489][ T8893] null_blk: rq ffff8880223b9680 timed out
[ 1136.879132][ T8893] null_blk: rq ffff8880223b9800 timed out
[ 1136.885521][ T8893] null_blk: rq ffff8880223b9980 timed out
[ 1136.891433][ T8893] null_blk: rq ffff8880223b9b00 timed out
[ 1136.897505][ T8893] null_blk: rq ffff8880223b9c80 timed out
[ 1136.903493][ T8893] null_blk: rq ffff8880223b9e00 timed out
[ 1136.909388][ T8893] null_blk: rq ffff8880223b9f80 timed out
[ 1136.915440][ T8893] null_blk: rq ffff8880223ba100 timed out
[ 1136.921334][ T8893] null_blk: rq ffff8880223ba280 timed out
[ 1136.928253][ T8893] null_blk: rq ffff8880223ba400 timed out
[ 1136.934169][ T8893] null_blk: rq ffff8880223ba580 timed out
[ 1136.940036][ T8893] null_blk: rq ffff8880223ba700 timed out
[ 1136.947513][ T8893] null_blk: rq ffff8880223ba880 timed out
[ 1136.953483][ T8893] null_blk: rq ffff8880223baa00 timed out
[ 1136.959370][ T8893] null_blk: rq ffff8880223bab80 timed out
[ 1136.965331][ T8893] null_blk: rq ffff8880223bad00 timed out
[ 1136.971217][ T8893] null_blk: rq ffff8880223bae80 timed out
[ 1136.980514][ T8893] null_blk: rq ffff8880223bb000 timed out
[ 1136.986646][ T8893] null_blk: rq ffff8880223bb180 timed out
[ 1136.992544][ T8893] null_blk: rq ffff8880223bb300 timed out
[ 1136.998726][ T8893] null_blk: rq ffff8880223bb480 timed out
[ 1137.005138][ T8893] null_blk: rq ffff8880223bb600 timed out
[ 1137.011034][ T8893] null_blk: rq ffff8880223bb780 timed out
[ 1137.019148][ T8893] null_blk: rq ffff8880223bb900 timed out
[ 1137.025173][ T8893] null_blk: rq ffff8880223bba80 timed out
[ 1137.031520][ T8893] null_blk: rq ffff8880223bbc00 timed out
[ 1137.037400][ T8893] null_blk: rq ffff8880223bbd80 timed out
[ 1137.043197][ T8893] null_blk: rq ffff8880223bbf00 timed out
[ 1137.049471][ T8893] null_blk: rq ffff8880223bc080 timed out
[ 1137.055335][ T8893] null_blk: rq ffff8880223bc200 timed out
[ 1137.061091][ T8893] null_blk: rq ffff8880223bc380 timed out
[ 1137.070064][ T8893] null_blk: rq ffff8880223bc500 timed out
[ 1137.076021][ T8893] null_blk: rq ffff8880223bc680 timed out
[ 1137.081771][ T8893] null_blk: rq ffff8880223bc800 timed out
[ 1137.087588][ T8893] null_blk: rq ffff8880223bc980 timed out
[ 1137.093418][ T8893] null_blk: rq ffff8880223bcb00 timed out
[ 1137.099165][ T8893] null_blk: rq ffff8880223bcc80 timed out
[ 1137.105133][ T8893] null_blk: rq ffff8880223bce00 timed out
[ 1137.110877][ T8893] null_blk: rq ffff8880223bcf80 timed out
[ 1137.116693][ T8893] null_blk: rq ffff8880223bd100 timed out
[ 1137.122438][ T8893] null_blk: rq ffff8880223bd280 timed out
[ 1137.128458][ T8893] null_blk: rq ffff8880223bd400 timed out
[ 1137.134498][ T8893] null_blk: rq ffff8880223bd580 timed out
[ 1137.140335][ T8893] null_blk: rq ffff8880223bd700 timed out
[ 1137.146565][ T8893] null_blk: rq ffff8880223bd880 timed out
[ 1137.153408][ T8893] null_blk: rq ffff8880223bda00 timed out
[ 1137.159330][ T8893] null_blk: rq ffff8880223bdb80 timed out
[ 1138.872879][T11471] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1139.062876][T11471] usb 9-1: Using ep0 maxpacket: 16
[ 1139.080254][T11471] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1139.092997][T11471] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1139.125373][T11471] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1139.135389][T11471] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1139.143500][T11471] usb 9-1: Product: syz
[ 1139.152237][T11471] usb 9-1: Manufacturer: syz
[ 1139.162271][T11471] usb 9-1: SerialNumber: syz
[ 1139.312217][T16602] loop7: detected capacity change from 0 to 4096
[ 1139.387198][T16602] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1139.403285][T11471] usb 9-1: 0:2 : does not exist
[ 1139.478576][T11471] usb 9-1: 5:0: failed to get current value for ch 0 (-22)
[ 1139.489594][T16602] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[ 1139.516307][T11471] usb 9-1: USB disconnect, device number 3
[ 1139.549583][T14343] udevd[14343]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1139.562980][T16602] System zones: 0-5
[ 1139.616313][T16602] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1139.717809][ T5791] Bluetooth: hci1: unexpected event for opcode 0x0c1b
[ 1139.872447][T14344] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1142.282336][T16659] loop8: detected capacity change from 0 to 4096
[ 1142.301877][T16659] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1142.320326][T16659] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[ 1142.332122][T16659] System zones: 0-5
[ 1142.356874][T16659] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1142.451111][T15412] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1144.676302][T16670] comedi comedi2: reset error (fatal)
[ 1146.031069][T16697] loop8: detected capacity change from 0 to 2048
[ 1147.005030][T16697] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1147.320809][T15412] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1150.360924][T16731] loop9: detected capacity change from 0 to 64
[ 1150.547803][T15517] BFS-fs: bfs_iget(): Bad inode number loop9:0000fe02
[ 1150.566976][T15517] BFS-fs: bfs_iget(): Bad inode number loop9:0000fe02
[ 1150.683108][T11470] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1150.900816][T11470] usb 9-1: Using ep0 maxpacket: 16
[ 1151.010701][T11470] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1151.265171][T11470] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1151.421542][T11470] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1151.456455][T11470] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1151.503131][T11470] usb 9-1: Product: syz
[ 1151.507580][T11470] usb 9-1: Manufacturer: syz
[ 1151.512211][T11470] usb 9-1: SerialNumber: syz
[ 1151.533723][T16749] loop7: detected capacity change from 0 to 512
[ 1151.556072][T16749] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[ 1151.622787][T16749] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c118, mo2=0002]
[ 1151.683720][T16749] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2244: inode #15: comm syz.7.2549: corrupted in-inode xattr: e_value size too large
[ 1151.736342][T11470] usb 9-1: 0:2 : does not exist
[ 1151.752356][T11470] usb 9-1: 5:0: failed to get current value for ch 0 (-22)
[ 1151.810192][T16749] EXT4-fs error (device loop7): ext4_orphan_get:1404: comm syz.7.2549: couldn't read orphan inode 15 (err -117)
[ 1151.833133][T11470] usb 9-1: USB disconnect, device number 4
[ 1151.859338][ T1083] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1151.879033][T16749] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1151.967660][   T28] audit: type=1800 audit(1754608821.405:76): pid=16749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2549" name="bus" dev="loop7" ino=18 res=0 errno=0
[ 1152.021561][   T28] audit: type=1804 audit(1754608821.465:77): pid=16749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.2549" name="/newroot/109/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bus" dev="loop7" ino=18 res=1 errno=0
[ 1152.156854][ T1083] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1152.194927][T14344] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1152.345107][ T1083] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1152.544631][T16766] loop8: detected capacity change from 0 to 64
[ 1152.657250][T15412] BFS-fs: bfs_iget(): Bad inode number loop8:0000fe02
[ 1152.695287][ T1083] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1152.706669][T15412] BFS-fs: bfs_iget(): Bad inode number loop8:0000fe02
[ 1153.958593][T14347] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1153.970957][T14347] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1154.143428][T14347] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1154.154319][T14347] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1154.162177][T14347] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1154.179210][T14347] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1155.033746][T16782] lo speed is unknown, defaulting to 1000
[ 1156.122223][T16782] chnl_net:caif_netlink_parms(): no params data found
[ 1156.190957][ T5791] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1156.212402][ T5791] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1156.223285][ T5791] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1156.240367][ T5791] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1156.251658][ T5791] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1156.262918][ T5791] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1156.283293][T14347] Bluetooth: hci2: command tx timeout
[ 1156.728651][T16815] lo speed is unknown, defaulting to 1000
[ 1156.730114][T16782] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1156.843979][T16782] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1156.933536][T16348] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[ 1156.950745][T16782] bridge_slave_0: entered allmulticast mode
[ 1157.015196][T16782] bridge_slave_0: entered promiscuous mode
[ 1157.202719][T16348] usb 8-1: Using ep0 maxpacket: 16
[ 1157.219289][T16782] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1157.227007][T16348] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1157.258565][T16782] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1157.266141][T16348] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1157.296246][T16782] bridge_slave_1: entered allmulticast mode
[ 1157.305372][T16782] bridge_slave_1: entered promiscuous mode
[ 1157.350987][T16348] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1157.408239][T16348] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1157.460396][T16348] usb 8-1: Product: syz
[ 1157.470892][T16348] usb 8-1: Manufacturer: syz
[ 1157.478402][T16348] usb 8-1: SerialNumber: syz
[ 1157.536851][T16782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1157.667376][T16782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1158.109701][T16348] usb 8-1: 0:2 : does not exist
[ 1158.327025][T16348] usb 8-1: 5:0: failed to get current value for ch 0 (-22)
[ 1158.363527][ T5791] Bluetooth: hci3: command tx timeout
[ 1158.371420][ T5791] Bluetooth: hci2: command tx timeout
[ 1158.549592][T16348] usb 8-1: USB disconnect, device number 11
[ 1158.585557][T16782] team0: Port device team_slave_0 added
[ 1158.607952][T14343] udevd[14343]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1158.729908][ T1083] hsr_slave_0: left promiscuous mode
[ 1158.737573][ T1083] hsr_slave_1: left promiscuous mode
[ 1158.759053][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1158.778349][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1158.787128][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1158.803054][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1158.811513][ T1083] bridge_slave_1: left allmulticast mode
[ 1158.823082][ T1083] bridge_slave_1: left promiscuous mode
[ 1158.828886][ T1083] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1158.969688][ T1083] bridge_slave_0: left allmulticast mode
[ 1159.038834][ T1083] bridge_slave_0: left promiscuous mode
[ 1159.118995][ T1083] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1159.579667][ T1083] veth1_macvtap: left promiscuous mode
[ 1159.587040][ T1083] veth0_macvtap: left promiscuous mode
[ 1159.593228][ T1083] veth1_vlan: left promiscuous mode
[ 1159.598694][ T1083] veth0_vlan: left promiscuous mode
[ 1160.462702][T14347] Bluetooth: hci2: command tx timeout
[ 1160.468163][T14347] Bluetooth: hci3: command tx timeout
[ 1161.271052][T16867] loop7: detected capacity change from 0 to 32768
[ 1161.381979][ T5791] Bluetooth: hci1: Received unexpected HCI Event 0x00
[ 1162.211377][ T1083] team0 (unregistering): Port device team_slave_1 removed
[ 1162.288989][ T1083] team0 (unregistering): Port device team_slave_0 removed
[ 1162.356650][ T1083] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1162.425670][ T1083] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1162.523160][ T5791] Bluetooth: hci3: command tx timeout
[ 1162.528718][ T5791] Bluetooth: hci2: command tx timeout
[ 1163.906842][ T1083] bond0 (unregistering): Released all slaves
[ 1164.142911][T16782] team0: Port device team_slave_1 added
[ 1164.208032][T16880] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2571'.
[ 1164.245671][T16880] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2571'.
[ 1164.447611][T16782] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1164.480405][T16782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1164.553304][T16782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1164.595398][T16782] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1164.602394][T16782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1164.630323][T16782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1164.654614][ T5791] Bluetooth: hci3: command tx timeout
[ 1165.637812][T16782] hsr_slave_0: entered promiscuous mode
[ 1165.691411][T16782] hsr_slave_1: entered promiscuous mode
[ 1165.719126][ T5791] Bluetooth: hci1: unexpected event for opcode 0x200b
[ 1165.726811][T16782] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1165.763046][T16782] Cannot create hsr debugfs directory
[ 1166.885051][T16815] chnl_net:caif_netlink_parms(): no params data found
[ 1167.164321][T16904] loop7: detected capacity change from 0 to 32768
[ 1167.202414][ T5791] Bluetooth: hci1: Received unexpected HCI Event 0x00
[ 1168.248917][T16815] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1168.269762][T16815] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1168.277552][T16815] bridge_slave_0: entered allmulticast mode
[ 1168.298107][T16815] bridge_slave_0: entered promiscuous mode
[ 1168.317980][T16815] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1168.333683][T16815] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1168.340960][T16815] bridge_slave_1: entered allmulticast mode
[ 1168.354644][T16815] bridge_slave_1: entered promiscuous mode
[ 1168.506507][ T1083] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1168.785137][T16940] loop7: detected capacity change from 0 to 64
[ 1168.869547][T16940] hfs: request for non-existent node 237 in B*Tree
[ 1168.883395][T16940] hfs: request for non-existent node 237 in B*Tree
[ 1168.909337][T16940] hfs: request for non-existent node 237 in B*Tree
[ 1168.926881][T16940] hfs: request for non-existent node 237 in B*Tree
[ 1168.935024][T16940] hfs: request for non-existent node 237 in B*Tree
[ 1168.944021][T16940] hfs: request for non-existent node 237 in B*Tree
[ 1169.146094][ T1083] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1169.196739][T16815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1169.223902][T16815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1169.473422][ T1083] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1169.713202][T16948] binder_alloc: 16945: binder_alloc_buf, no vma
[ 1170.380027][T16815] team0: Port device team_slave_0 added
[ 1170.540440][ T1083] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1170.758555][T16815] team0: Port device team_slave_1 added
[ 1170.869684][T16815] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1170.897396][T16815] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1171.005974][T16815] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1171.730920][T16815] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1171.752660][T16815] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1171.812860][T16815] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1172.012851][T14664] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[ 1172.042074][T16815] hsr_slave_0: entered promiscuous mode
[ 1172.063850][T16815] hsr_slave_1: entered promiscuous mode
[ 1172.079938][T16815] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1172.092637][T16815] Cannot create hsr debugfs directory
[ 1172.217574][T14664] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1172.252762][T14664] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1172.305212][T14664] usb 8-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[ 1172.341857][T14664] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1172.379780][T14664] usb 8-1: config 0 descriptor??
[ 1172.835067][T14664] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0
[ 1172.842474][T14664] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0
[ 1172.886671][T14664] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/0003:0D8C:0022.0004/input/input8
[ 1173.012234][T14664] cm6533_jd 0003:0D8C:0022.0004: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.7-1/input0
[ 1173.178581][T16782] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1173.418948][T14664] usb 8-1: USB disconnect, device number 12
[ 1173.450310][T16782] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1173.481384][T16985] fido_id[16985]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/8-1/report_descriptor': No such file or directory
[ 1173.642312][T16782] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1173.721380][T16782] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1176.338745][T16782] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1176.566841][T16782] 8021q: adding VLAN 0 to HW filter on device team0
[ 1176.639382][ T9497] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1176.646593][ T9497] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1176.729382][ T9497] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1176.736620][ T9497] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1177.009241][ T1083] hsr_slave_0: left promiscuous mode
[ 1177.017208][ T1083] hsr_slave_1: left promiscuous mode
[ 1177.034521][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1177.042020][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1177.102198][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1177.123206][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1177.141485][ T1083] bridge_slave_1: left allmulticast mode
[ 1177.167734][ T1083] bridge_slave_1: left promiscuous mode
[ 1177.175473][ T1083] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1177.203646][ T1083] bridge_slave_0: left allmulticast mode
[ 1177.209335][ T1083] bridge_slave_0: left promiscuous mode
[ 1177.232784][ T1083] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1177.329087][ T1083] veth1_macvtap: left promiscuous mode
[ 1177.388218][ T1083] veth0_macvtap: left promiscuous mode
[ 1177.554937][ T1083] veth1_vlan: left promiscuous mode
[ 1177.568361][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.574929][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.636383][ T1083] veth0_vlan: left promiscuous mode
[ 1178.479987][T17044] loop7: detected capacity change from 0 to 32768
[ 1178.567103][ T5791] Bluetooth: hci1: Received unexpected HCI Event 0x00
[ 1179.830766][ T1083] team0 (unregistering): Port device team_slave_1 removed
[ 1179.902286][ T1083] team0 (unregistering): Port device team_slave_0 removed
[ 1179.976884][ T1083] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1180.087278][ T1083] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1181.766440][ T5791] Bluetooth: hci1: unexpected event for opcode 0x200b
[ 1182.128705][ T1083] bond0 (unregistering): Released all slaves
[ 1182.258665][T16815] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1182.294992][T16815] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1182.313445][T16815] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1182.350223][T16815] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1182.887360][T16815] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1182.908029][T16815] 8021q: adding VLAN 0 to HW filter on device team0
[ 1182.940499][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1182.947668][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1182.979390][ T1083] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1182.986653][ T1083] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1183.824863][T16815] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1183.938228][T16782] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1183.952041][T17108] loop8: detected capacity change from 0 to 16384
[ 1184.076122][T16782] veth0_vlan: entered promiscuous mode
[ 1184.119097][T16782] veth1_vlan: entered promiscuous mode
[ 1184.255988][T16782] veth0_macvtap: entered promiscuous mode
[ 1184.299474][T16782] veth1_macvtap: entered promiscuous mode
[ 1184.323012][T17110] loop8: detected capacity change from 16384 to 16383
[ 1184.378310][T16815] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1184.415449][T16782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1184.433879][T16782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1184.472846][T16782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1184.502659][T16782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1184.528143][T16782] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1184.559830][T16782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1184.592412][T16782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1184.608021][T16782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1184.619132][T16782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1184.631505][T16782] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1184.682923][T16782] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1184.702011][T16782] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1184.711917][T16782] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1184.729408][T16782] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1184.980721][ T6969] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1184.991019][T16815] veth0_vlan: entered promiscuous mode
[ 1185.017910][ T6969] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1185.062546][T16815] veth1_vlan: entered promiscuous mode
[ 1185.152713][T16815] veth0_macvtap: entered promiscuous mode
[ 1185.176571][ T3433] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1185.192426][T16815] veth1_macvtap: entered promiscuous mode
[ 1185.212941][ T3433] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1185.241216][T16815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1185.282506][T16815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1185.293633][T16815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1185.304646][T16815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1185.319285][T16815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1185.331911][T16815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1185.352045][T16815] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1185.407441][T16815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1185.452822][T16815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1185.481309][T16815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1185.510972][T16815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1185.525342][T16815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1185.552726][T16815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1185.584357][T16815] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1185.640414][T16815] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1185.666848][T16815] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1185.675742][T16815] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1185.686759][T16815] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1185.924888][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1185.944691][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1186.952130][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1186.961519][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1187.349482][T17118] loop2: detected capacity change from 0 to 32768
[ 1187.377932][T17118] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.2552 (17118)
[ 1187.475448][T17118] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1187.512910][T17118] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[ 1187.540322][T17118] BTRFS info (device loop2): enabling disk space caching
[ 1187.567270][T17118] BTRFS info (device loop2): enabling auto defrag
[ 1187.580977][T17118] BTRFS info (device loop2): doing ref verification
[ 1187.597282][T17118] BTRFS info (device loop2): use no compression
[ 1187.620324][T17118] BTRFS info (device loop2): force clearing of disk cache
[ 1187.637733][T17118] BTRFS info (device loop2): turning on sync discard
[ 1187.668980][T17118] BTRFS info (device loop2): disabling disk space caching
[ 1187.859098][T17118] BTRFS info (device loop2): enabling ssd optimizations
[ 1187.895995][T17118] BTRFS info (device loop2): rebuilding free space tree
[ 1188.018892][T17118] BTRFS info (device loop2): disabling free space tree
[ 1188.032968][T17118] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1188.066256][T17118] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1188.311771][T17157] loop1: detected capacity change from 0 to 512
[ 1188.413234][T17157] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[ 1188.643001][T17157] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.2608: bad orphan inode 15
[ 1188.692730][T17157] ext4_test_bit(bit=14, block=18) = 1
[ 1188.698256][T17157] is_bad_inode(inode)=0
[ 1188.702437][T17157] NEXT_ORPHAN(inode)=1023
[ 1188.707301][T17157] max_ino=32
[ 1188.710588][T17157] i_nlink=0
[ 1188.728687][T17157] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[ 1188.750412][T17157] ext2 filesystem being mounted at /1/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff)
[ 1189.336295][T16782] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1190.216288][T16815] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[ 1192.555258][T17196] loop2: detected capacity change from 0 to 64
[ 1192.907444][T17179] loop1: detected capacity change from 0 to 32768
[ 1192.953808][ T5791] Bluetooth: hci3: Received unexpected HCI Event 0x00
[ 1193.874226][T17220] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1194.754947][T11468] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[ 1194.964212][T11468] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1194.992634][T11468] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1195.042759][T11468] usb 8-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1195.051892][T11468] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1195.194584][T11468] usb 8-1: config 0 descriptor??
[ 1196.864763][T11468] uclogic 0003:256C:006D.0005: failed retrieving string descriptor #100: -71
[ 1196.898019][T11468] uclogic 0003:256C:006D.0005: failed retrieving pen parameters: -71
[ 1196.923884][T11468] uclogic 0003:256C:006D.0005: failed probing pen v1 parameters: -71
[ 1196.951727][T11468] uclogic 0003:256C:006D.0005: failed probing parameters: -71
[ 1196.976327][T11468] uclogic: probe of 0003:256C:006D.0005 failed with error -71
[ 1197.034892][T11468] usb 8-1: USB disconnect, device number 13
[ 1198.163235][T17271] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1198.890266][T17284] loop1: detected capacity change from 0 to 64
[ 1200.454570][T14664] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[ 1200.673472][T14664] usb 3-1: Using ep0 maxpacket: 8
[ 1200.714493][T14664] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1200.734201][T14664] usb 3-1: config 7 has an invalid interface number: 59 but max is 0
[ 1200.744168][T14664] usb 3-1: config 7 has no interface number 0
[ 1200.750341][T14664] usb 3-1: config 7 interface 59 has no altsetting 0
[ 1200.845583][T14664] usb 3-1: New USB device found, idVendor=0d46, idProduct=0078, bcdDevice=cc.70
[ 1200.876588][T14664] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1200.889115][T14664] usb 3-1: Product: syz
[ 1200.896969][T14664] usb 3-1: Manufacturer: syz
[ 1200.901611][T14664] usb 3-1: SerialNumber: syz
[ 1201.142387][T14664] kobil_sct 3-1:7.59: required endpoints missing
[ 1201.169861][T14664] usb 3-1: USB disconnect, device number 6
[ 1201.300112][T17332] loop7: detected capacity change from 0 to 64
[ 1202.474425][T17341] loop7: detected capacity change from 0 to 32768
[ 1202.553013][ T5791] Bluetooth: hci1: Received unexpected HCI Event 0x00
[ 1203.702379][T17351] loop2: detected capacity change from 0 to 32768
[ 1203.822223][T17351] ERROR: (device loop2): duplicateIXtree: 
[ 1203.822223][T17351] 
[ 1203.888461][T17351] ERROR: (device loop2): remounting filesystem as read-only
[ 1203.960426][T17351] BUG: Bad page state in process syz.2.2647  pfn:67985
[ 1203.969040][T17351] page:ffffea00019e6140 refcount:0 mapcount:0 mapping:0000000000000000 index:0x33 pfn:0x67985
[ 1203.992817][T17351] flags: 0xfff0000000800c(referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff)
[ 1204.002479][T17351] page_type: 0xffffffff()
[ 1204.036972][T17351] raw: 00fff0000000800c ffffea00019bd348 ffffc9000509f940 0000000000000000
[ 1204.079823][T17351] raw: 0000000000000033 ffff8880635249b0 00000000ffffffff 0000000000000000
[ 1204.110800][T17381] ERROR: (device loop2): dtSearch: stack overrun!
[ 1204.110800][T17381] 
[ 1204.141662][T17351] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 1204.178234][T17381] btstack dump:
[ 1204.188216][T17351] page_owner tracks the page as allocated
[ 1204.220770][T17381] bn = 0, index = 0
[ 1204.225239][T17381] bn = 2d, index = 0
[ 1204.229164][T17381] bn = 0, index = 0
[ 1204.250184][T17351] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 17351, tgid 17350 (syz.2.2647), ts 1203944370123, free_ts 1203938883817
[ 1204.268732][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1204.362215][T17381] bn = 2d, index = 0
[ 1204.366580][T17381] bn = 0, index = 0
[ 1204.370564][T17381] bn = 2d, index = 0
[ 1204.403647][T17351]  post_alloc_hook+0x1cd/0x210
[ 1204.414821][T17381] bn = 0, index = 0
[ 1204.416505][T17351]  get_page_from_freelist+0x195c/0x19f0
[ 1204.430951][T17351]  __alloc_pages+0x1e3/0x460
[ 1204.436178][T17381] bn = 0, index = 0
[ 1204.439113][T17351]  folio_alloc+0x1e/0x30
[ 1204.453128][T17381] jfs_lookup: dtSearch returned -5
[ 1204.463349][T17351]  filemap_alloc_folio+0xdf/0x470
[ 1204.468562][T17351]  __filemap_get_folio+0x3ee/0xbc0
[ 1204.474114][T17351]  pagecache_get_page+0x2a/0x250
[ 1204.479162][T17351]  __get_metapage+0x2a8/0xfa0
[ 1204.484397][T17351]  diNewExt+0xa81/0x3120
[ 1204.488694][T17351]  diAllocAG+0xe7a/0x1de0
[ 1204.493535][T17351]  diAlloc+0x1d5/0x1660
[ 1204.497752][T17351]  ialloc+0x8c/0x950
[ 1204.501719][T17351]  jfs_mkdir+0x191/0xa30
[ 1204.509319][T17351]  vfs_mkdir+0x296/0x440
[ 1204.517051][T17351]  do_mkdirat+0x1d4/0x440
[ 1204.521657][T17351]  __x64_sys_mkdirat+0x89/0xa0
[ 1204.526760][T17351] page last free stack trace:
[ 1204.532530][T17351]  free_unref_page_prepare+0x7ce/0x8e0
[ 1204.538531][T17351]  free_unref_page_list+0xbe/0x860
[ 1204.544012][T17351]  release_pages+0x1fa0/0x2220
[ 1204.548894][T17351]  tlb_flush_mmu+0x368/0x4f0
[ 1204.553898][T17351]  tlb_finish_mmu+0xc3/0x1d0
[ 1204.558805][T17351]  exit_mmap+0x3f0/0xb50
[ 1204.563415][T17351]  __mmput+0x118/0x3c0
[ 1204.568959][T17351]  exit_mm+0x1da/0x2c0
[ 1204.573451][T17351]  do_exit+0x88e/0x23c0
[ 1204.577734][T17351]  do_group_exit+0x21b/0x2d0
[ 1204.582472][T17351]  __x64_sys_exit_group+0x3f/0x40
[ 1204.588249][T17351]  do_syscall_64+0x55/0xb0
[ 1204.593241][T17351]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1204.602143][T17351] Modules linked in:
[ 1204.609167][T17351] CPU: 1 PID: 17351 Comm: syz.2.2647 Not tainted 6.6.101-syzkaller #0
[ 1204.617367][T17351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1204.627465][T17351] Call Trace:
[ 1204.630769][T17351]  <TASK>
[ 1204.633732][T17351]  dump_stack_lvl+0x16c/0x230
[ 1204.638448][T17351]  ? show_regs_print_info+0x20/0x20
[ 1204.643680][T17351]  ? swiotlb_print_info+0x70/0x70
[ 1204.648743][T17351]  ? dump_page+0xba7/0x14d0
[ 1204.653295][T17351]  bad_page+0x14b/0x170
[ 1204.657486][T17351]  free_unref_page_prepare+0x887/0x8e0
[ 1204.662993][T17351]  free_unref_page_list+0xbe/0x860
[ 1204.668143][T17351]  ? __folio_memcg+0x63/0x160
[ 1204.672885][T17351]  ? folio_memcg+0x127/0x480
[ 1204.677500][T17351]  release_pages+0x1fa0/0x2220
[ 1204.682290][T17351]  ? lru_cache_disable+0x30/0x30
[ 1204.687223][T17351]  ? mlock_drain_local+0x79/0x490
[ 1204.692248][T17351]  ? mlock_drain_local+0x79/0x490
[ 1204.697446][T17351]  ? mlock_drain_local+0x28d/0x490
[ 1204.702579][T17351]  __folio_batch_release+0x71/0xe0
[ 1204.707696][T17351]  truncate_inode_pages_range+0x358/0xf00
[ 1204.713418][T17351]  ? mapping_evict_folio+0x510/0x510
[ 1204.718717][T17351]  ? __static_call_return0+0x9/0x10
[ 1204.723933][T17351]  ? shrink_dentry_list+0x685/0x6a0
[ 1204.729150][T17351]  ? sync_filesystem+0x107/0x220
[ 1204.734090][T17351]  jfs_remount+0x33b/0x5b0
[ 1204.738503][T17351]  ? jfs_statfs+0x550/0x550
[ 1204.743000][T17351]  reconfigure_super+0x21e/0x880
[ 1204.747928][T17351]  path_mount+0xd19/0xfe0
[ 1204.752250][T17351]  __se_sys_mount+0x2da/0x3c0
[ 1204.756936][T17351]  ? __x64_sys_mount+0xc0/0xc0
[ 1204.761709][T17351]  ? lockdep_hardirqs_on+0x98/0x150
[ 1204.766904][T17351]  ? __x64_sys_mount+0x20/0xc0
[ 1204.771671][T17351]  do_syscall_64+0x55/0xb0
[ 1204.776081][T17351]  ? clear_bhb_loop+0x40/0x90
[ 1204.780740][T17351]  ? clear_bhb_loop+0x40/0x90
[ 1204.785406][T17351]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1204.791309][T17351] RIP: 0033:0x7f034358ebe9
[ 1204.795736][T17351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1204.815346][T17351] RSP: 002b:00007f03444a8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1204.823777][T17351] RAX: ffffffffffffffda RBX: 00007f03437b5fa0 RCX: 00007f034358ebe9
[ 1204.831913][T17351] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[ 1204.839880][T17351] RBP: 00007f0343611e19 R08: 0000000000000000 R09: 0000000000000000
[ 1204.847876][T17351] R10: 0000000002236824 R11: 0000000000000246 R12: 0000000000000000
[ 1204.855843][T17351] R13: 00007f03437b6038 R14: 00007f03437b5fa0 R15: 00007ffecaf36878
[ 1204.863816][T17351]  </TASK>
[ 1204.866884][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1204.874071][T17351] Disabling lock debugging due to kernel taint
[ 1204.891873][T17351] BUG: Bad page state in process syz.2.2647  pfn:66f4d
[ 1204.913834][T17351] page:ffffea00019bd340 refcount:0 mapcount:0 mapping:0000000000000000 index:0x32 pfn:0x66f4d
[ 1204.926146][T17351] flags: 0xfff0000000800c(referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff)
[ 1204.935993][T17351] page_type: 0xffffffff()
[ 1204.941213][T17351] raw: 00fff0000000800c ffffea0001a947c8 ffffc9000509f940 0000000000000000
[ 1204.950112][T17351] raw: 0000000000000032 ffff888063524e88 00000000ffffffff 0000000000000000
[ 1204.959288][T17351] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 1204.967155][T17351] page_owner tracks the page as allocated
[ 1204.973129][T17351] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 17351, tgid 17350 (syz.2.2647), ts 1203944249443, free_ts 1203938896871
[ 1205.008954][T17351]  post_alloc_hook+0x1cd/0x210
[ 1205.013913][T17351]  get_page_from_freelist+0x195c/0x19f0
[ 1205.019654][T17351]  __alloc_pages+0x1e3/0x460
[ 1205.024400][T17351]  folio_alloc+0x1e/0x30
[ 1205.028790][T17351]  filemap_alloc_folio+0xdf/0x470
[ 1205.033995][T17351]  __filemap_get_folio+0x3ee/0xbc0
[ 1205.039230][T17351]  pagecache_get_page+0x2a/0x250
[ 1205.045066][T17351]  __get_metapage+0x2a8/0xfa0
[ 1205.049858][T17351]  diNewExt+0xa81/0x3120
[ 1205.054312][T17351]  diAllocAG+0xe7a/0x1de0
[ 1205.058802][T17351]  diAlloc+0x1d5/0x1660
[ 1205.063100][T17351]  ialloc+0x8c/0x950
[ 1205.067108][T17351]  jfs_mkdir+0x191/0xa30
[ 1205.071525][T17351]  vfs_mkdir+0x296/0x440
[ 1205.075914][T17351]  do_mkdirat+0x1d4/0x440
[ 1205.080363][T17351]  __x64_sys_mkdirat+0x89/0xa0
[ 1205.085536][T17351] page last free stack trace:
[ 1205.090331][T17351]  free_unref_page_prepare+0x7ce/0x8e0
[ 1205.096110][T17351]  free_unref_page_list+0xbe/0x860
[ 1205.101363][T17351]  release_pages+0x1fa0/0x2220
[ 1205.107883][T17351]  tlb_flush_mmu+0x368/0x4f0
[ 1205.117576][T17351]  tlb_finish_mmu+0xc3/0x1d0
[ 1205.122356][T17351]  exit_mmap+0x3f0/0xb50
[ 1205.126923][T17351]  __mmput+0x118/0x3c0
[ 1205.131133][T17351]  exit_mm+0x1da/0x2c0
[ 1205.137706][T17351]  do_exit+0x88e/0x23c0
[ 1205.143477][T17351]  do_group_exit+0x21b/0x2d0
[ 1205.148232][T17351]  __x64_sys_exit_group+0x3f/0x40
[ 1205.155685][T17351]  do_syscall_64+0x55/0xb0
[ 1205.160260][T17351]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1205.167950][T17351] Modules linked in:
[ 1205.172007][T17351] CPU: 1 PID: 17351 Comm: syz.2.2647 Tainted: G    B              6.6.101-syzkaller #0
[ 1205.181662][T17351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1205.191734][T17351] Call Trace:
[ 1205.195031][T17351]  <TASK>
[ 1205.197979][T17351]  dump_stack_lvl+0x16c/0x230
[ 1205.202682][T17351]  ? show_regs_print_info+0x20/0x20
[ 1205.207904][T17351]  ? swiotlb_print_info+0x70/0x70
[ 1205.212952][T17351]  ? dump_page+0xba7/0x14d0
[ 1205.217485][T17351]  bad_page+0x14b/0x170
[ 1205.221658][T17351]  free_unref_page_prepare+0x887/0x8e0
[ 1205.227146][T17351]  free_unref_page_list+0xbe/0x860
[ 1205.232291][T17351]  ? __folio_memcg+0x63/0x160
[ 1205.236994][T17351]  ? folio_memcg+0x127/0x480
[ 1205.241610][T17351]  release_pages+0x1fa0/0x2220
[ 1205.246401][T17351]  ? lru_cache_disable+0x30/0x30
[ 1205.251357][T17351]  ? mlock_drain_local+0x79/0x490
[ 1205.256402][T17351]  ? mlock_drain_local+0x79/0x490
[ 1205.261448][T17351]  ? mlock_drain_local+0x28d/0x490
[ 1205.266582][T17351]  __folio_batch_release+0x71/0xe0
[ 1205.271725][T17351]  truncate_inode_pages_range+0x358/0xf00
[ 1205.277476][T17351]  ? mapping_evict_folio+0x510/0x510
[ 1205.282797][T17351]  ? __static_call_return0+0x9/0x10
[ 1205.288029][T17351]  ? shrink_dentry_list+0x685/0x6a0
[ 1205.293257][T17351]  ? sync_filesystem+0x107/0x220
[ 1205.298225][T17351]  jfs_remount+0x33b/0x5b0
[ 1205.302667][T17351]  ? jfs_statfs+0x550/0x550
[ 1205.307196][T17351]  reconfigure_super+0x21e/0x880
[ 1205.312171][T17351]  path_mount+0xd19/0xfe0
[ 1205.316700][T17351]  __se_sys_mount+0x2da/0x3c0
[ 1205.321399][T17351]  ? __x64_sys_mount+0xc0/0xc0
[ 1205.326183][T17351]  ? lockdep_hardirqs_on+0x98/0x150
[ 1205.331408][T17351]  ? __x64_sys_mount+0x20/0xc0
[ 1205.336199][T17351]  do_syscall_64+0x55/0xb0
[ 1205.340640][T17351]  ? clear_bhb_loop+0x40/0x90
[ 1205.345338][T17351]  ? clear_bhb_loop+0x40/0x90
[ 1205.350035][T17351]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1205.355956][T17351] RIP: 0033:0x7f034358ebe9
[ 1205.360385][T17351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1205.380014][T17351] RSP: 002b:00007f03444a8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1205.388451][T17351] RAX: ffffffffffffffda RBX: 00007f03437b5fa0 RCX: 00007f034358ebe9
[ 1205.396444][T17351] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[ 1205.404436][T17351] RBP: 00007f0343611e19 R08: 0000000000000000 R09: 0000000000000000
[ 1205.412512][T17351] R10: 0000000002236824 R11: 0000000000000246 R12: 0000000000000000
[ 1205.420502][T17351] R13: 00007f03437b6038 R14: 00007f03437b5fa0 R15: 00007ffecaf36878
[ 1205.428503][T17351]  </TASK>
[ 1205.431623][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1205.445370][T17351] BUG: Bad page state in process syz.2.2647  pfn:6a51f
[ 1205.453574][T17351] page:ffffea0001a947c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x31 pfn:0x6a51f
[ 1205.464194][T17351] flags: 0xfff0000000800c(referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff)
[ 1205.478505][T17351] page_type: 0xffffffff()
[ 1205.485987][T17351] raw: 00fff0000000800c ffffea0001434208 ffffc9000509f940 0000000000000000
[ 1205.495122][T17351] raw: 0000000000000031 ffff888024f38000 00000000ffffffff 0000000000000000
[ 1205.504014][T17351] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 1205.511544][T17351] page_owner tracks the page as allocated
[ 1205.517607][T17351] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 17351, tgid 17350 (syz.2.2647), ts 1203944193237, free_ts 1203939233796
[ 1205.536451][T17351]  post_alloc_hook+0x1cd/0x210
[ 1205.541377][T17351]  get_page_from_freelist+0x195c/0x19f0
[ 1205.547568][T17351]  __alloc_pages+0x1e3/0x460
[ 1205.557897][T17351]  folio_alloc+0x1e/0x30
[ 1205.562303][T17351]  filemap_alloc_folio+0xdf/0x470
[ 1205.567684][T17351]  __filemap_get_folio+0x3ee/0xbc0
[ 1205.574931][T17351]  pagecache_get_page+0x2a/0x250
[ 1205.580027][T17351]  __get_metapage+0x2a8/0xfa0
[ 1205.585347][T17351]  diNewExt+0xa81/0x3120
[ 1205.589744][T17351]  diAllocAG+0xe7a/0x1de0
[ 1205.596479][T17351]  diAlloc+0x1d5/0x1660
[ 1205.600791][T17351]  ialloc+0x8c/0x950
[ 1205.605330][T17351]  jfs_mkdir+0x191/0xa30
[ 1205.609733][T17351]  vfs_mkdir+0x296/0x440
[ 1205.616179][T17351]  do_mkdirat+0x1d4/0x440
[ 1205.620688][T17351]  __x64_sys_mkdirat+0x89/0xa0
[ 1205.626099][T17351] page last free stack trace:
[ 1205.630967][T17351]  free_unref_page_prepare+0x7ce/0x8e0
[ 1205.638635][T17351]  free_unref_page+0x32/0x2e0
[ 1205.643975][T17351]  tlb_finish_mmu+0x112/0x1d0
[ 1205.648804][T17351]  exit_mmap+0x3f0/0xb50
[ 1205.654824][T17351]  __mmput+0x118/0x3c0
[ 1205.659023][T17351]  exit_mm+0x1da/0x2c0
[ 1205.663672][T17351]  do_exit+0x88e/0x23c0
[ 1205.667984][T17351]  do_group_exit+0x21b/0x2d0
[ 1205.677156][T17351]  __x64_sys_exit_group+0x3f/0x40
[ 1205.682368][T17351]  do_syscall_64+0x55/0xb0
[ 1205.687139][T17351]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1205.695581][T17351] Modules linked in:
[ 1205.699620][T17351] CPU: 1 PID: 17351 Comm: syz.2.2647 Tainted: G    B              6.6.101-syzkaller #0
[ 1205.709268][T17351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1205.719427][T17351] Call Trace:
[ 1205.722719][T17351]  <TASK>
[ 1205.725672][T17351]  dump_stack_lvl+0x16c/0x230
[ 1205.730389][T17351]  ? show_regs_print_info+0x20/0x20
[ 1205.735614][T17351]  ? swiotlb_print_info+0x70/0x70
[ 1205.740661][T17351]  ? dump_page+0xba7/0x14d0
[ 1205.745192][T17351]  bad_page+0x14b/0x170
[ 1205.749370][T17351]  free_unref_page_prepare+0x887/0x8e0
[ 1205.754861][T17351]  free_unref_page_list+0xbe/0x860
[ 1205.760004][T17351]  ? __folio_memcg+0x63/0x160
[ 1205.764702][T17351]  ? folio_memcg+0x127/0x480
[ 1205.769326][T17351]  release_pages+0x1fa0/0x2220
[ 1205.774125][T17351]  ? lru_cache_disable+0x30/0x30
[ 1205.779093][T17351]  ? mlock_drain_local+0x79/0x490
[ 1205.784142][T17351]  ? mlock_drain_local+0x79/0x490
[ 1205.789196][T17351]  ? mlock_drain_local+0x28d/0x490
[ 1205.794331][T17351]  __folio_batch_release+0x71/0xe0
[ 1205.799461][T17351]  truncate_inode_pages_range+0x358/0xf00
[ 1205.805223][T17351]  ? mapping_evict_folio+0x510/0x510
[ 1205.810567][T17351]  ? __static_call_return0+0x9/0x10
[ 1205.815798][T17351]  ? shrink_dentry_list+0x685/0x6a0
[ 1205.821039][T17351]  ? sync_filesystem+0x107/0x220
[ 1205.826011][T17351]  jfs_remount+0x33b/0x5b0
[ 1205.830450][T17351]  ? jfs_statfs+0x550/0x550
[ 1205.834991][T17351]  reconfigure_super+0x21e/0x880
[ 1205.839957][T17351]  path_mount+0xd19/0xfe0
[ 1205.844497][T17351]  __se_sys_mount+0x2da/0x3c0
[ 1205.849218][T17351]  ? __x64_sys_mount+0xc0/0xc0
[ 1205.854006][T17351]  ? lockdep_hardirqs_on+0x98/0x150
[ 1205.859284][T17351]  ? __x64_sys_mount+0x20/0xc0
[ 1205.864075][T17351]  do_syscall_64+0x55/0xb0
[ 1205.868512][T17351]  ? clear_bhb_loop+0x40/0x90
[ 1205.873206][T17351]  ? clear_bhb_loop+0x40/0x90
[ 1205.877906][T17351]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1205.883834][T17351] RIP: 0033:0x7f034358ebe9
[ 1205.888278][T17351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1205.907917][T17351] RSP: 002b:00007f03444a8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1205.916358][T17351] RAX: ffffffffffffffda RBX: 00007f03437b5fa0 RCX: 00007f034358ebe9
[ 1205.924361][T17351] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[ 1205.932361][T17351] RBP: 00007f0343611e19 R08: 0000000000000000 R09: 0000000000000000
[ 1205.940357][T17351] R10: 0000000002236824 R11: 0000000000000246 R12: 0000000000000000
[ 1205.948353][T17351] R13: 00007f03437b6038 R14: 00007f03437b5fa0 R15: 00007ffecaf36878
[ 1205.956355][T17351]  </TASK>
[ 1205.959420][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1205.979685][T17351] BUG: Bad page state in process syz.2.2647  pfn:50d0a
[ 1205.986735][T17351] page:ffffea0001434280 refcount:0 mapcount:0 mapping:0000000000000000 index:0xd pfn:0x50d0a
[ 1205.999503][T17351] flags: 0xfff0800000820c(referenced|uptodate|workingset|private|node=0|zone=1|lastcpupid=0x7ff)
[ 1206.010348][T17351] page_type: 0xffffffff()
[ 1206.017386][T17351] raw: 00fff0800000820c ffffea0000b1bdc8 ffffea0001b20648 0000000000000000
[ 1206.026661][T17351] raw: 000000000000000d ffff888024f384d8 00000000ffffffff 0000000000000000
[ 1206.037750][T17351] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 1206.045348][T17351] page_owner tracks the page as allocated
[ 1206.051224][T17351] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 17351, tgid 17350 (syz.2.2647), ts 1203741065077, free_ts 1203677716747
[ 1206.072341][T17351]  post_alloc_hook+0x1cd/0x210
[ 1206.080293][T17351]  get_page_from_freelist+0x195c/0x19f0
[ 1206.086214][T17351]  __alloc_pages+0x1e3/0x460
[ 1206.090975][T17351]  folio_alloc+0x1e/0x30
[ 1206.105015][T17351]  filemap_alloc_folio+0xdf/0x470
[ 1206.110113][T17351]  do_read_cache_folio+0x36c/0x7e0
[ 1206.115298][T17351]  do_read_cache_page+0x32/0x250
[ 1206.120397][T17351]  __get_metapage+0x31a/0xfa0
[ 1206.128533][T17351]  diReadSpecial+0x25b/0x710
[ 1206.133227][T17351]  jfs_mount+0x3d1/0x860
[ 1206.137599][T17351]  jfs_fill_super+0x4e2/0xac0
[ 1206.142305][T17351]  mount_bdev+0x22b/0x2d0
[ 1206.148945][T17351]  legacy_get_tree+0xea/0x180
[ 1206.153711][T17351]  vfs_get_tree+0x8c/0x280
[ 1206.158274][T17351]  do_new_mount+0x24b/0xa40
[ 1206.165041][T17351]  __se_sys_mount+0x2da/0x3c0
[ 1206.170991][T17351] page last free stack trace:
[ 1206.175765][T17351]  free_unref_page_prepare+0x7ce/0x8e0
[ 1206.181412][T17351]  free_unref_page+0x32/0x2e0
[ 1206.192505][T17351]  tlb_finish_mmu+0x112/0x1d0
[ 1206.198971][T17351]  exit_mmap+0x3f0/0xb50
[ 1206.206853][T17351]  __mmput+0x118/0x3c0
[ 1206.210973][T17351]  exit_mm+0x1da/0x2c0
[ 1206.215121][T17351]  do_exit+0x88e/0x23c0
[ 1206.219435][T17351]  do_group_exit+0x21b/0x2d0
[ 1206.226397][T17351]  get_signal+0x12fc/0x1400
[ 1206.230955][T17351]  arch_do_signal_or_restart+0x96/0x780
[ 1206.236872][T17351]  exit_to_user_mode_loop+0x70/0x110
[ 1206.242202][T17351]  exit_to_user_mode_prepare+0xb1/0x140
[ 1206.248112][T17351]  syscall_exit_to_user_mode+0x1a/0x50
[ 1206.253659][T17351]  do_syscall_64+0x61/0xb0
[ 1206.258209][T17351]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1206.264407][T17351] Modules linked in:
[ 1206.268759][T17351] CPU: 0 PID: 17351 Comm: syz.2.2647 Tainted: G    B              6.6.101-syzkaller #0
[ 1206.278415][T17351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1206.288497][T17351] Call Trace:
[ 1206.291792][T17351]  <TASK>
[ 1206.294740][T17351]  dump_stack_lvl+0x16c/0x230
[ 1206.299465][T17351]  ? show_regs_print_info+0x20/0x20
[ 1206.304691][T17351]  ? swiotlb_print_info+0x70/0x70
[ 1206.309743][T17351]  ? dump_page+0xba7/0x14d0
[ 1206.314286][T17351]  bad_page+0x14b/0x170
[ 1206.318512][T17351]  free_unref_page_prepare+0x887/0x8e0
[ 1206.324012][T17351]  free_unref_page_list+0xbe/0x860
[ 1206.329172][T17351]  ? __folio_memcg+0x63/0x160
[ 1206.333880][T17351]  ? folio_memcg+0x127/0x480
[ 1206.338500][T17351]  release_pages+0x1fa0/0x2220
[ 1206.343293][T17351]  ? lru_cache_disable+0x30/0x30
[ 1206.348253][T17351]  ? mlock_drain_local+0x79/0x490
[ 1206.353395][T17351]  ? mlock_drain_local+0x79/0x490
[ 1206.358443][T17351]  ? mlock_drain_local+0x28d/0x490
[ 1206.363581][T17351]  __folio_batch_release+0x71/0xe0
[ 1206.368718][T17351]  truncate_inode_pages_range+0x358/0xf00
[ 1206.374478][T17351]  ? mapping_evict_folio+0x510/0x510
[ 1206.379804][T17351]  ? __static_call_return0+0x9/0x10
[ 1206.385038][T17351]  ? shrink_dentry_list+0x685/0x6a0
[ 1206.390275][T17351]  ? sync_filesystem+0x107/0x220
[ 1206.395248][T17351]  jfs_remount+0x33b/0x5b0
[ 1206.399700][T17351]  ? jfs_statfs+0x550/0x550
[ 1206.404238][T17351]  reconfigure_super+0x21e/0x880
[ 1206.409204][T17351]  path_mount+0xd19/0xfe0
[ 1206.413563][T17351]  __se_sys_mount+0x2da/0x3c0
[ 1206.418266][T17351]  ? __x64_sys_mount+0xc0/0xc0
[ 1206.423057][T17351]  ? lockdep_hardirqs_on+0x98/0x150
[ 1206.428288][T17351]  ? __x64_sys_mount+0x20/0xc0
[ 1206.433075][T17351]  do_syscall_64+0x55/0xb0
[ 1206.437519][T17351]  ? clear_bhb_loop+0x40/0x90
[ 1206.442218][T17351]  ? clear_bhb_loop+0x40/0x90
[ 1206.446919][T17351]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1206.452851][T17351] RIP: 0033:0x7f034358ebe9
[ 1206.457291][T17351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1206.476917][T17351] RSP: 002b:00007f03444a8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1206.485357][T17351] RAX: ffffffffffffffda RBX: 00007f03437b5fa0 RCX: 00007f034358ebe9
[ 1206.493350][T17351] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[ 1206.501345][T17351] RBP: 00007f0343611e19 R08: 0000000000000000 R09: 0000000000000000
[ 1206.509424][T17351] R10: 0000000002236824 R11: 0000000000000246 R12: 0000000000000000
[ 1206.517416][T17351] R13: 00007f03437b6038 R14: 00007f03437b5fa0 R15: 00007ffecaf36878
[ 1206.525413][T17351]  </TASK>
[ 1206.552100][  T110] BUG: Bad page state in process jfsCommit  pfn:640ec
[ 1206.559032][  T110] page:ffffea0001903b00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x2d pfn:0x640ec
[ 1206.569589][  T110] flags: 0xfff0000000800d(locked|referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff)
[ 1206.584217][  T110] page_type: 0xffffffff()
[ 1206.588660][  T110] raw: 00fff0000000800d dead000000000100 dead000000000122 0000000000000000
[ 1206.621097][  T110] raw: 000000000000002d ffff88823bcf4f48 00000000ffffffff 0000000000000000
[ 1206.630420][  T110] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 1206.638107][  T110] page_owner tracks the page as allocated
[ 1206.646111][  T110] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 17351, tgid 17350 (syz.2.2647), ts 1203945334390, free_ts 1203938870743
[ 1206.667014][  T110]  post_alloc_hook+0x1cd/0x210
[ 1206.671904][  T110]  get_page_from_freelist+0x195c/0x19f0
[ 1206.679625][  T110]  __alloc_pages+0x1e3/0x460
[ 1206.686549][  T110]  folio_alloc+0x1e/0x30
[ 1206.690904][  T110]  filemap_alloc_folio+0xdf/0x470
[ 1206.696190][  T110]  __filemap_get_folio+0x3ee/0xbc0
[ 1206.701494][  T110]  pagecache_get_page+0x2a/0x250
[ 1206.708886][  T110]  __get_metapage+0x2a8/0xfa0
[ 1206.713852][  T110]  dtSplitRoot+0x203/0x16b0
[ 1206.718470][  T110]  dtInsert+0xeec/0x5f40
[ 1206.725113][  T110]  jfs_mkdir+0x6c6/0xa30
[ 1206.729476][  T110]  vfs_mkdir+0x296/0x440
[ 1206.734121][  T110]  do_mkdirat+0x1d4/0x440
[ 1206.738666][  T110]  __x64_sys_mkdirat+0x89/0xa0
[ 1206.750599][  T110]  do_syscall_64+0x55/0xb0
[ 1206.756274][  T110]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1206.762286][  T110] page last free stack trace:
[ 1206.769513][  T110]  free_unref_page_prepare+0x7ce/0x8e0
[ 1206.775569][  T110]  free_unref_page_list+0xbe/0x860
[ 1206.781398][  T110]  release_pages+0x1fa0/0x2220
[ 1206.788642][  T110]  tlb_flush_mmu+0x368/0x4f0
[ 1206.793501][  T110]  tlb_finish_mmu+0xc3/0x1d0
[ 1206.798197][  T110]  exit_mmap+0x3f0/0xb50
[ 1206.804921][  T110]  __mmput+0x118/0x3c0
[ 1206.809092][  T110]  exit_mm+0x1da/0x2c0
[ 1206.813416][  T110]  do_exit+0x88e/0x23c0
[ 1206.817676][  T110]  do_group_exit+0x21b/0x2d0
[ 1206.822347][  T110]  __x64_sys_exit_group+0x3f/0x40
[ 1206.830129][  T110]  do_syscall_64+0x55/0xb0
[ 1206.834809][  T110]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1206.840842][  T110] Modules linked in:
[ 1206.847325][  T110] CPU: 1 PID: 110 Comm: jfsCommit Tainted: G    B              6.6.101-syzkaller #0
[ 1206.856934][  T110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1206.867012][  T110] Call Trace:
[ 1206.870299][  T110]  <TASK>
[ 1206.873238][  T110]  dump_stack_lvl+0x16c/0x230
[ 1206.877932][  T110]  ? show_regs_print_info+0x20/0x20
[ 1206.883154][  T110]  ? swiotlb_print_info+0x70/0x70
[ 1206.888198][  T110]  ? dump_page+0xba7/0x14d0
[ 1206.892726][  T110]  bad_page+0x14b/0x170
[ 1206.896900][  T110]  free_unref_page_prepare+0x887/0x8e0
[ 1206.902384][  T110]  free_unref_page+0x32/0x2e0
[ 1206.907090][  T110]  ? __folio_put+0xef/0x210
[ 1206.911609][  T110]  txUnlock+0x27e/0xcb0
[ 1206.915789][  T110]  jfs_lazycommit+0x570/0xa60
[ 1206.920485][  T110]  ? txFreelock+0x5a0/0x5a0
[ 1206.925007][  T110]  ? do_task_dead+0xd0/0xd0
[ 1206.929523][  T110]  ? __kthread_parkme+0x7a/0x1c0
[ 1206.934481][  T110]  kthread+0x2fa/0x390
[ 1206.938563][  T110]  ? txFreelock+0x5a0/0x5a0
[ 1206.943082][  T110]  ? kthread_blkcg+0xd0/0xd0
[ 1206.947687][  T110]  ret_from_fork+0x48/0x80
[ 1206.952122][  T110]  ? kthread_blkcg+0xd0/0xd0
[ 1206.956729][  T110]  ret_from_fork_asm+0x11/0x20
[ 1206.961518][  T110]  </TASK>
[ 1206.964571][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1206.982992][  T110] page:ffffea0001903b00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x2d pfn:0x640ec
[ 1206.994247][  T110] flags: 0xfff0000000800d(locked|referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff)
[ 1207.006321][  T110] page_type: 0xffffffff()
[ 1207.010829][  T110] raw: 00fff0000000800d dead000000000100 dead000000000122 0000000000000000
[ 1207.020269][  T110] raw: 000000000000002d ffff88823bcf4f48 00000000ffffffff 0000000000000000
[ 1207.028945][  T110] page dumped because: VM_BUG_ON_FOLIO(((unsigned int) folio_ref_count(folio) + 127u <= 127u))
[ 1207.039888][  T110] page_owner tracks the page as allocated
[ 1207.045701][  T110] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 17351, tgid 17350 (syz.2.2647), ts 1203945334390, free_ts 1203938870743
[ 1207.064546][  T110]  post_alloc_hook+0x1cd/0x210
[ 1207.069477][  T110]  get_page_from_freelist+0x195c/0x19f0
[ 1207.076855][  T110]  __alloc_pages+0x1e3/0x460
[ 1207.081489][  T110]  folio_alloc+0x1e/0x30
[ 1207.090382][  T110]  filemap_alloc_folio+0xdf/0x470
[ 1207.099030][  T110]  __filemap_get_folio+0x3ee/0xbc0
[ 1207.104254][  T110]  pagecache_get_page+0x2a/0x250
[ 1207.109313][  T110]  __get_metapage+0x2a8/0xfa0
[ 1207.116241][  T110]  dtSplitRoot+0x203/0x16b0
[ 1207.120783][  T110]  dtInsert+0xeec/0x5f40
[ 1207.125365][  T110]  jfs_mkdir+0x6c6/0xa30
[ 1207.129638][  T110]  vfs_mkdir+0x296/0x440
[ 1207.136170][  T110]  do_mkdirat+0x1d4/0x440
[ 1207.141146][  T110]  __x64_sys_mkdirat+0x89/0xa0
[ 1207.145995][  T110]  do_syscall_64+0x55/0xb0
[ 1207.150557][  T110]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1207.158750][  T110] page last free stack trace:
[ 1207.164067][  T110]  free_unref_page_prepare+0x7ce/0x8e0
[ 1207.169566][  T110]  free_unref_page_list+0xbe/0x860
[ 1207.177594][  T110]  release_pages+0x1fa0/0x2220
[ 1207.182402][  T110]  tlb_flush_mmu+0x368/0x4f0
[ 1207.188028][  T110]  tlb_finish_mmu+0xc3/0x1d0
[ 1207.199190][  T110]  exit_mmap+0x3f0/0xb50
[ 1207.205309][  T110]  __mmput+0x118/0x3c0
[ 1207.209432][  T110]  exit_mm+0x1da/0x2c0
[ 1207.215879][  T110]  do_exit+0x88e/0x23c0
[ 1207.220076][  T110]  do_group_exit+0x21b/0x2d0
[ 1207.224769][  T110]  __x64_sys_exit_group+0x3f/0x40
[ 1207.229961][  T110]  do_syscall_64+0x55/0xb0
[ 1207.236789][  T110]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1207.244496][  T110] ------------[ cut here ]------------
[ 1207.249977][  T110] kernel BUG at include/linux/mm.h:1447!
[ 1207.258053][  T110] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 1207.264166][  T110] CPU: 0 PID: 110 Comm: jfsCommit Tainted: G    B              6.6.101-syzkaller #0
[ 1207.273546][  T110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1207.283617][  T110] RIP: 0010:put_metapage+0x253/0x340
[ 1207.288931][  T110] Code: 38 c1 0f 8c 32 ff ff ff 4c 89 ef e8 d7 ac dd fe e9 25 ff ff ff e8 ed 66 86 fe 48 8b 3c 24 48 c7 c6 80 f4 e3 8a e8 fd 27 c6 fe <0f> 0b f3 0f 1e fa 4c 8b 2c 24 4c 89 ee 48 81 e6 ff 0f 00 00 31 ff
[ 1207.308572][  T110] RSP: 0018:ffffc90002607cc0 EFLAGS: 00010246
[ 1207.314667][  T110] RAX: 8d346f0def880700 RBX: ffff88823bcf4f48 RCX: 8d346f0def880700
[ 1207.322690][  T110] RDX: 0000000000000000 RSI: ffffffff8afc6760 RDI: ffffffff8afc6720
[ 1207.330679][  T110] RBP: 000000000000007f R08: ffffffff8e4a84ef R09: 1ffffffff1c9509d
[ 1207.338674][  T110] R10: dffffc0000000000 R11: fffffbfff1c9509e R12: ffff88823bcf4f70
[ 1207.346668][  T110] R13: ffffea0001903b34 R14: 1ffff1104779e9ee R15: 1ffff1104779e9fb
[ 1207.354661][  T110] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1207.363608][  T110] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1207.370209][  T110] CR2: 000055766df96950 CR3: 0000000030e6c000 CR4: 00000000003506f0
[ 1207.378208][  T110] Call Trace:
[ 1207.381505][  T110]  <TASK>
[ 1207.384449][  T110]  txUnlock+0x427/0xcb0
[ 1207.388635][  T110]  jfs_lazycommit+0x570/0xa60
[ 1207.393355][  T110]  ? txFreelock+0x5a0/0x5a0
[ 1207.397878][  T110]  ? do_task_dead+0xd0/0xd0
[ 1207.402419][  T110]  ? __kthread_parkme+0x7a/0x1c0
[ 1207.407404][  T110]  kthread+0x2fa/0x390
[ 1207.411505][  T110]  ? txFreelock+0x5a0/0x5a0
[ 1207.416028][  T110]  ? kthread_blkcg+0xd0/0xd0
[ 1207.420731][  T110]  ret_from_fork+0x48/0x80
[ 1207.425161][  T110]  ? kthread_blkcg+0xd0/0xd0
[ 1207.429767][  T110]  ret_from_fork_asm+0x11/0x20
[ 1207.434551][  T110]  </TASK>
[ 1207.437581][  T110] Modules linked in:
[ 1207.460264][  T110] ---[ end trace 0000000000000000 ]---
[ 1207.468265][  T110] RIP: 0010:put_metapage+0x253/0x340
[ 1207.473976][  T110] Code: 38 c1 0f 8c 32 ff ff ff 4c 89 ef e8 d7 ac dd fe e9 25 ff ff ff e8 ed 66 86 fe 48 8b 3c 24 48 c7 c6 80 f4 e3 8a e8 fd 27 c6 fe <0f> 0b f3 0f 1e fa 4c 8b 2c 24 4c 89 ee 48 81 e6 ff 0f 00 00 31 ff
[ 1207.506081][  T110] RSP: 0018:ffffc90002607cc0 EFLAGS: 00010246
[ 1207.512214][  T110] RAX: 8d346f0def880700 RBX: ffff88823bcf4f48 RCX: 8d346f0def880700
[ 1207.522801][  T110] RDX: 0000000000000000 RSI: ffffffff8afc6760 RDI: ffffffff8afc6720
[ 1207.530816][  T110] RBP: 000000000000007f R08: ffffffff8e4a84ef R09: 1ffffffff1c9509d
[ 1207.541264][  T110] R10: dffffc0000000000 R11: fffffbfff1c9509e R12: ffff88823bcf4f70
[ 1207.550252][  T110] R13: ffffea0001903b34 R14: 1ffff1104779e9ee R15: 1ffff1104779e9fb
[ 1207.567907][  T110] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1207.577386][  T110] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1207.585956][  T110] CR2: 00007fdfaaa5fe80 CR3: 000000000cb30000 CR4: 00000000003506f0
[ 1207.594419][  T110] Kernel panic - not syncing: Fatal exception
[ 1207.600703][  T110] Kernel Offset: disabled
[ 1207.605029][  T110] Rebooting in 86400 seconds..