last executing test programs:

8m50.344061703s ago: executing program 1 (id=50):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
socket$can_raw(0x1d, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, 0x4, 0x6, 0x101, 0x0, 0x0, {0x7, 0x0, 0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x28000010)

8m49.034232978s ago: executing program 1 (id=53):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, &(0x7f0000000100)})
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

8m48.821656853s ago: executing program 1 (id=57):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x17, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000840)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
shmget$private(0x0, 0x1000, 0x0, &(0x7f0000038000/0x1000)=nil)
r3 = syz_open_dev$video(&(0x7f0000000000), 0x101, 0xab02)
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f0000000180)=0x1)
ioctl$VIDIOC_S_CROP(r3, 0x4014563c, &(0x7f00000001c0)={0x9, {0x3c, 0x7, 0x10000000}})
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000100)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x6}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xffff}}]}, 0x3, 0x570, &(0x7f0000000c00)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r4 = open(&(0x7f00000000c0)='./file1\x00', 0x14927e, 0x6)
fallocate(r4, 0x0, 0x0, 0x1001f0)
fallocate(r4, 0x8, 0x0, 0x10000)
r5 = socket(0x1e, 0x4, 0x0)
r6 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r5, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, 0x0, 0x54)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x101ac1, 0x0)
r7 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r7, &(0x7f0000000840), 0x0)

8m45.335778152s ago: executing program 1 (id=63):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
socket$can_raw(0x1d, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, 0x4, 0x6, 0x101, 0x0, 0x0, {0x7, 0x0, 0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x28000010)

8m41.564142023s ago: executing program 1 (id=70):
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f0000000180)=ANY=[], 0x1, 0xc4d, &(0x7f0000001b40)="$eJzs3V1sXGdaB/DnnWMndsqyU9qmXbpIsxSxaZoE56OtUVrkbIy1K0VtVMcLNyCP40kY1R67trNKK1gFCbgBQVCRVsAFuUHigovcIKEVQhE3iwRIEajSIpAItI1WQoBXsLBiJYzOzDv22BvXbr6cNL/fbvKfc+Y9M++Z9jlzpprnTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEV/46RNDh9NOzwIAuJ9eG39j6Kj3fwB4pJzx+R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK2lKOKtSPHe2HKabC93DJxqti5cnBgdu/VmgylSVKJojy//DBw+cvTYiy+9PNzNj97+bvtMvD5+5kTt5Nzs/EJjcbExXZtoNc/OTTe2/Qh3uv1G+9svQG32zQvT584t1o4cOrru7ovVm7sf21s9Pvzsgee7YydGx8bGe8b09d/2s3+fdPceik+QXVHEFyPFNw5+K9UjohJ3XgtbHDvutcHoK+uvvRMTo2PtHZlp1ltL5Z2pkkf1RVR7Nhrp1sh9qMU7MhJxqfznVE54f7l74/P1hfrUTKN2ur6w1FxqzrVSpTPbcn+qUYnhFDEfEcvFTk+eB01/FPFqpLj5veU0FRFFtw5eeG38jaGjm2/Ydx8nucnTV4uI6/EQ1Cw8oHZHEb8dKd6dHIqzua7aZfNBxOfLfCXirTKvpbicl1N5gBiO+Lb3E3io9UURfxMp5tJymu7Wfvu88tSXa19qnZvrGds9r3zoPx/cT85NeIANRBFT7TP+5XT7/7ELAAAAAAAAAAAAALg/ivh6pLg6uy/NR29PabN1vnamPjXT+VZw97v/tbzVysrKSjV1spZzKOdIztM5J3PO57yU83LOKzmv5ryW83rOGzmXc0YlP3/OWs6hnCM5T+eczDmf81LOyzmvdLLb0bhyLa+/nvNGzuWcoe8JAAAAAAAAAAAAAAAAAACAu2wwiviNSPHvv/+V9u9KR/t36T99fPjkqU/1/mb8M1s8Tjn2UER8Pbb3m7y78m+Np0r5v7u/X8DWBqKIr+bf//vlnZ4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQKhEEb8SKb72neUUKSJGIiajkzeKnZ4dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDanYp4NVL87O+OrK7ri4jU/n/HvvKvYzFS5HyizFdi5HA7KyMnyhyIOLQD8wdu3+Lb77xZn5lpLLjhhhturN7Y6SMTAAAAAAAAAAAAAAAAADzCUhF/Hyl+8veWUzUiLlZv7n5sb/X48LMHni+iaF8EIPWOf338zInaybnZ+YXG4mJjujbRap6dm25s9+kGTjVbFy5OjI7dk53Z0uA9nv/gwMm5+bcXmud/YemW9+8ZODG1uLRQP3vru2Mw+iKGetfsb094YnSsPemZZr3V3jRVNplgX0RtuzvDI29PKuJ/I8V7B78Zj+d1+fof/Z2lter/w19cW/rhvvW5+q9j+/jx6ePDJ/c8t53babsT3d8uvLIQxsZ7VvflWf5Qz7pqnte2HxseUWX9vxApfv6PitStoVz/P9BZKlbH/s9X12rq+IZctUP1/0TPuuP5qNXfFzGwNDvf/3TEwOLb7xxsztbPN843WseOvPzS8LGXXzz2Uv+uiIFzzZnG0Nqtbb92AAAAAAAAAAAAAAAAAHCv9KcivhApfunv/nK1bzz3/32qs7TW/9fb/7tvw+P0Xjdgs9u37PXboq+vV/mcKRXxVKR49s+eac83xR4973Cb9qQivlvW0/QX0+fyulz/ubP/1vV/aUOu2qH+38d71l3Kx4n/iBSP/8Ez8bme48TG7t5y3F9Eiqkf+WweF7vKcd3H6/REdxqDy7FfiRTvn14/tts3/cTa2MPb3S3YSWX9z0aKf/itv40fzevWX//j1vW/Z0Ou2qH6f7J3nyJi8e133qzPzDQWFrf9UsAjp6z/X48Uf/0n34zn8rqPuv5P9zo/+55bn4PdQTtU/0/1rKvmef3Yx3wtAAAAAAAAAAAA4GGxJxXxT5Hiz//0QDqY123n+7/TG3LVDn3/7+meddPrvv97725s+0UGAIAHRH8q4icixR9Pf5C6vbGb9v++stb/M7rxxL19Tv+D7T7/j3Wu/zH6/8vnTKmI/8t9vUNb9PX+eKT4tZ86kMelveW4ke50238PvDbXOnhiZmbubH2pPjXTqI3P1882ym33R4p//bfP5m0r7T7fbn90pzd4rSf4dyLFz33YHdvpCe72Uj65NvZwOfZgpPju++vHdvuunlobe6Qc+5uRYuy/bz1279rYo+XYf4wU//lurTt2Tzm2+3nu6bWxh87OzXzfRzYAAAAAAAAAAAAAAAAAAAB2Xn8qIkWKaz9zZbU3fv31v7rXAVh//a+N7tXv/1fvzm4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEMhRRH/FSneG1tON4pyuWPgVLN14eLE6NitNxtMkaISRXt8+Wfg8JGjx1586eXhbn709nfbZ+L18TMnaifnZucXGouLjenaRKt5dm66se1HuL3ti03v2d9+AWqzb16YPndusXbk0NF1d1+s3tz92N7q8eFnDzzfHTsxOjY23jOmr3/bs99SunsPxSfIrijiryLFNw5+K/1zEVGJ266FVVscO+61wegr66+9ExOjY+0dmWnWW0vlnamSR/VFVHs2GunWyH2oxTsyEnEpIirlhPeXuzc+X1+oT800aqfrC0vNpeZcK1U6sy33pxqVGE4R8xGxvPnRikdUfxRxLVLc/N5y+pei84bWroMXXht/Y+jo5hv23cdJbvL01SLiejwENQsPqN1RxJOR4t3JoXi/6NRVu2w+iPh8ma9EvFXmtRSX83IqDxDDEd/2fgIPtb4o4nSkmEvL6YMi1377vPLUl2tfap2b6xnbPa986D8f3E/OTXiADUQRH7bP+JfTh97PAQAAAAAAAAAAAOABV8SrkeLq7L7U7g9d7Sltts7XztSnZjpf6+9+97+Wt1pZWVmppk7Wcg7lHMl5Oudkzvmcl3Jeznkl59Wc13Jez3mjnbvbjYnlclTy8+es5RzKOZLzdM7JnPM5L+W8nPNKzqs5r+W8nvNGzuWcH9H1DwAAAAAAAAAAAAAAAAAAd6QSRfxqpPjad5bTStH5fdnJ6OSN9X2uu3ZqjsC98f8BAAD//3zgG/w=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0x8000c61)
socket$kcm(0x29, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
write$FUSE_WRITE(r5, &(0x7f00000000c0)={0x18}, 0xfffffdef)

8m40.217277023s ago: executing program 1 (id=74):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60140, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x390, 0x0, 0x43, 0xa0, 0x2f8, 0x98, 0x2f8, 0x178, 0x178, 0x2f8, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00', {0xff}, {}, 0x9}, 0x12a, 0x190, 0x1b0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x4, 0x0, 'syz0\x00'}}, @common=@ttl={{0x28}, {0x0, 0xa}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xe0, 0x148, 0x0, {}, [@common=@unspec=@cluster={{0x30}, {0x2, 0x0, 0x1ff}}, @common=@unspec=@connlimit={{0x40}, {[0xffffff00, 0xff, 0xffffff00, 0xff000000], 0x3, 0x1, {0x4413}}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x10, 0x2, 0xaf76, 0x1, '\x00', 'syz0\x00', {0x7fffffff}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x3f0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, 0x0}], 0x1, 0x78, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

8m24.387706302s ago: executing program 32 (id=74):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60140, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x390, 0x0, 0x43, 0xa0, 0x2f8, 0x98, 0x2f8, 0x178, 0x178, 0x2f8, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00', {0xff}, {}, 0x9}, 0x12a, 0x190, 0x1b0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x4, 0x0, 'syz0\x00'}}, @common=@ttl={{0x28}, {0x0, 0xa}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xe0, 0x148, 0x0, {}, [@common=@unspec=@cluster={{0x30}, {0x2, 0x0, 0x1ff}}, @common=@unspec=@connlimit={{0x40}, {[0xffffff00, 0xff, 0xffffff00, 0xff000000], 0x3, 0x1, {0x4413}}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x10, 0x2, 0xaf76, 0x1, '\x00', 'syz0\x00', {0x7fffffff}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x3f0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, 0x0}], 0x1, 0x78, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

7m33.174566746s ago: executing program 2 (id=194):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000007c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000800)=ANY=[@ANYBLOB="bf16000000000000b7070000010000004070000000000000400000004000e1ff95000000000000002ba76bb33123751c4e3409e62751ee00ba19ce670d25010000020000040000009fc404000000c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965dac03d046837d907b09ec39e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e3e8eea3fd8cf49827ca315f5b87e1ca6433a8acd715f5888b2007f0000000000000000010089937090c34410000000000000090000000000414027efc842b6d6f800005335001db43a5c000000000000000024000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000000cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617da7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cb8e52cbdce57a79d6fce424c22001f6c3784a1975fa657d05003a32a4fd67ce446ac5430207db79240acaf091231b986e77d05d988d6edc71df48dca02113a38300c2bd2b5543ffc16695572361629d1022f722ec23812b70d72cd0010000007881bfa35b9fd6864e90ddb31f75f6324989cdc7044f563a1f74d4efe895fdbc463f747c08f40105869035000000000003000000000000000000000000000000000000080000003ddf4aa4b1c8b8a0ae6feb6737c275dc2740f742b5425f1d5819610608bbab35471cdb0500000000000000d4123f955267fe4a75c114f874e086287547d4099aeec9f15b8ee25a2a5ccf4a9b603c88e12ff25184d4e3c2f7f623559435b2c505fb7113400000f0bc440550ee91302f5a00000000000000000000000000000000e67ccc00148ac4c43021cce9f24f4b2f9492c32e7a92a557ac2b44b8f7a49789906d922b3e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec0c0acef5383b5a2720caeb68f1e9c05b05d89467ded84da092dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696abaa042a7097ddefe0671f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb328790700000021e041254f06bd7f000000000000000000000000000000282ffe000000000000000431e8e3204a7d95938c5334a0dd177f1a7389ee570d95e543a27546d3770740f354df6dfdb3d1179b4b9fccd0cd5b7578802c66f5dbf22ad0bd03cbe0fecd096bcf419d35988948d1cd4c51c406040000000090a3bc3cbc08255975f3cee08dab765d8a4ef870aaae3f81ed6364837171ce5564f3cf6feba1b6745409000000000000003459263499fae97e7dcb30e4cff009e0f4f78c155c4ab19b878fcb4cc14b8d2823643a17120418f42b42ed879cb23e6d4e0d11db988d0bc46de02702d29243b72215d5563bdae8c2ccda4498687cd50f3a9058f61d52d70aabccb18d41d75788faf60ce9be97c13e4252d9d112d9ac47368829f8a29eca17de807c840293dd387eee13fdecf3d5a334350f045a22b9adb0539d44d58a00fb9e83ebf4fea36b87e2afdf63f7abf5caf2b01317a5f65f22c8bcf36b390dece1e98541ae932ec3486f74c1eea673c1647568acb17efcef24a9c3504dfa7c7eefe3dcb8d570a730a0837839f54527ce334b8173e7bf73bcd8d80ef294fde6549a0f1a23b78b41f79ea543d2b38b80d3d28c6c93901b763fc8b88794aa74facc345e28f0ad79de4df5afd52e7dfc387e4d2ca4d5caca74754987dbbd4d64e233b4a1d81a9aeb981734ca5416cacf516ca8384d85310f24d393fd48c668465546117377547d11a61bd2bd9e35fa0da5118554a1d93147b103a51baf94aeb1b6292038300423344e6add2226ba5f6724a08567ef515898f0f7dfd3fc198092af3265c5df377a66bbde4fa4a049692e06ee5022c58290bdc37eeb16f4e099e33679044ba21898f76c982c8203663f1adb7bbb42ed8d9b0bb8bd9255e342959b822fa8b3d08b29f2201dfe3a3c5c8bf8bc82f249e7eb9f8571823d730fdc78c6b3122a3fd9209dcae70c10c7b17e83dd759a52fe5c362358dbb780a52f540000000000000000000011230e1d6f9fd3315ada8ecee55fc0ec6ec0ec950c0ad006a06a162035d5729795c4a58b59f9a252723480b08ae9bd52c176380a42b972a3400b5d28b273e60000007cac9d35a991c27e23ce5217fec9ce89ea2dea8ddb383e53cdd077e7c2d73404b7450664f70225897307d8a140ba97bfc2232dccdb1dd0496c219315c02f2ef46f30add1aa13e52d67116328c3a5ee3356eadea07abe8506767771d68e760f"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000001c0)=r3, 0x4)
write$cgroup_subtree(r2, &(0x7f0000000180)=ANY=[], 0x9)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r4, 0x4010ae68, &(0x7f00000000c0)={0x10000, 0x110000})
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x7)
syz_kvm_setup_cpu$x86(r9, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f00000006c0)="2ef2dd050080000048b84441000000000000b9130b00000f320f21f8350000ce00010123f836362e6726af4b0f20c1350e000000440f22c0b805000000b9009800000f01d97c0f01c9c947338c01c4c40f79d226660f013b", 0x58}], 0x1, 0x50, 0x0, 0x0)
clock_nanosleep(0xb, 0x0, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

7m30.859929453s ago: executing program 2 (id=197):
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x200000087}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000180)={0x1})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r5, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
sendmmsg$inet(r5, &(0x7f0000000800)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast2}, 0x10, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0xf00)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000100)={'macvlan1\x00', &(0x7f00000000c0)=@ethtool_stats})
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r6, 0x890b, &(0x7f0000000140)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @remote}, {0x2, 0x0, @private}, 0xd0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000006c0)='rpcb_getport\x00', 0xffffffffffffffff, 0x0, 0xffffeffffffffff0}, 0x18)
r7 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r7, 0xc004500a, &(0x7f0000000000))
clock_gettime(0x0, &(0x7f0000000f00)={<r8=>0x0, <r9=>0x0})
recvmmsg(0xffffffffffffffff, &(0x7f0000000e80), 0x0, 0x40000042, &(0x7f0000000f40)={r8, r9+60000000})
r10 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SNDCTL_DSP_SYNC(r10, 0x5001, 0x0)
write$dsp(r7, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)

7m29.535065626s ago: executing program 2 (id=200):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0e000000040000000800000001"], 0x50)
socket(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1806000000000300000000000000c29c18120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r2}, &(0x7f0000000280), &(0x7f00000002c0)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xd50, 0x0, &(0x7f0000000000)="43227504000000b32415f73227b2", 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

7m28.810226876s ago: executing program 2 (id=202):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94)
socket$packet(0x11, 0x0, 0x300)
gettid()
socket(0x11, 0x3, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000480)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0xff, 0x7fff0010}]})
syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='\x00'], 0x1, 0x225, &(0x7f0000000300)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrEwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XaYvHlVRBQDA2Om0j0zpgPiKYqMAgw8Il9PPWBIZuCPZbCc573mUlDmlKtCb5fuB6n3Cq3cxMConsK/aM6GCU4zecHGMkZG/UUyh/mAzCwOkEEMDAyT/0Tce8AiySCCZJYoxz+xUy3LV5l13meY0TEtjYGRE+IYBt2Zdga83UxQM4srq7ITc3JSi4rPMKCaP5lxP5MiI0jdmb9Xgx8w2jF0xzIwMsht8Fdb/O2PVOXGTfWR06siaqZ2N91cuj6OYZv+3ysmUu8nZoT9f3BIUMsiL//DPBml75sb5nyoqXti4tjZqDyXv/Xy33fvY2qLE9SYHot3FbLxJ7hp1XxydnKzfDw3vbp9S7Higqw0l4nHpl78m3B8LQPD5AtPbPVrzhyKV4zhlHKrnBtz1y1ekGuZ+vm6NwwMB6M+T2RgXM64n4mBYWbYzj3I/ipvgEYGAzMDA4MKAwMDPwMLQ1pmTqqBBwMjAzOUY8gCVQVTzcTAAZbQS87PSWlnYGRghGlbzsDCwATT9piBFc4xQuYYWzSgGgixHAQ8oPRyKP0YSsujJRuWBlBU9UN5Gg0MDGwMFYklJUWGbAwMUBZczAguZiTQwAD3BMTWuUyobjnOxDAKRsEoGAWjYBSMglEwCkbBKBgFIxkAAgAA///R9rbb")
open(&(0x7f0000000080)='./file0/file0\x00', 0x103000, 0x2)
mount(&(0x7f00000004c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000080)='./file1\x00', &(0x7f00000001c0)='ufs\x00', 0x10001, 0x0)

7m26.894490581s ago: executing program 2 (id=206):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$NBD_PRINT_DEBUG(r0, 0xab06)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r4 = open(0x0, 0x80, 0x122)
fcntl$notify(r4, 0x402, 0x8000003d)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x3a)
sendfile(r2, r1, 0x0, 0x20000023893)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x2c}}, 0x488c2)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x90}, 0x20000840)
memfd_secret(0x0)

7m23.1618761s ago: executing program 2 (id=215):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x17, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
shmget$private(0x0, 0x1000, 0x0, &(0x7f0000038000/0x1000)=nil)
ioctl$VIDIOC_S_CROP(0xffffffffffffffff, 0x4014563c, &(0x7f00000001c0)={0x9, {0x3c, 0x7, 0x10000000}})
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000100)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x6}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xffff}}]}, 0x3, 0x570, &(0x7f0000000c00)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r2 = open(&(0x7f00000000c0)='./file1\x00', 0x14927e, 0x6)
fallocate(r2, 0x0, 0x0, 0x1001f0)
fallocate(r2, 0x8, 0x0, 0x10000)

7m7.515616247s ago: executing program 33 (id=215):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x17, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
shmget$private(0x0, 0x1000, 0x0, &(0x7f0000038000/0x1000)=nil)
ioctl$VIDIOC_S_CROP(0xffffffffffffffff, 0x4014563c, &(0x7f00000001c0)={0x9, {0x3c, 0x7, 0x10000000}})
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000100)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x6}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xffff}}]}, 0x3, 0x570, &(0x7f0000000c00)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r2 = open(&(0x7f00000000c0)='./file1\x00', 0x14927e, 0x6)
fallocate(r2, 0x0, 0x0, 0x1001f0)
fallocate(r2, 0x8, 0x0, 0x10000)

7m6.30350483s ago: executing program 4 (id=247):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0e000000040000000800000001"], 0x50)
socket(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1806000000000300000000000000c29c18120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r2}, &(0x7f0000000280), &(0x7f00000002c0)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r2], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xd50, 0x0, &(0x7f0000000000)="43227504000000b32415f73227b2", 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

7m5.787879045s ago: executing program 4 (id=248):
add_key(&(0x7f0000000000)='big_key\x00', 0x0, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x235, &(0x7f0000000300)="$eJzs3T9oFFkcB/Df7J/LJVmO3F1zcHAniIgGQuwEm9goBCSIiKBCRMRKEiUmbWJlY6G1SiqbaGu0FJtgExGsgqaIjaBBxGChxcrsJBLNiuLGHXE+H5jdmd335veGme/bbYYJoLB6ImIgIsoR0RsR1YhI1jfYki09q5vTnXPDEfX6oVdJo122nVnr1x0RUxGx+2Y9U4mYmD229HZh//ZL49VtN2aPdrb1IFctLy0eWLk+dPH24K6Jh49fDCUxELVPjmvzJU0+qyQRf/2IYj+JpJL3CPgW5+aHXqe5/zsitjbyX41SZCfv8thv96ux89qX+l55+ejfdo4V2Hz1ejX9DZyqA4VTiohaJKW+iMjWS6W+vuw//JNyV+nM6Nj53tOj4yOn8p6pgM1Si1jcd7fjTvdn+X9ezvIP/LrS/B8+OPM0XV8p5z0aoJ3S/PeemNwR8g+FI/9QXPIPxSX/UFzyD8Ul/1Bc8g/FJf9QXPIPxSX/UFzr8w8AFEu9I+87kIG85D3/AAAAAAAAAAAAAAAAAAAAG013zg2vLe2q+eBqxPLeiKg0q19uPI844vfGa9ebJG32UZJ1a8nx/1vcQYtu5Xz39R/P8q0//1++9SdHIqYuRER/pbLx+ktWr7/v9+dXvq+ebLFAi/Ycybf++5l86w8uRNxL55/+ZvNPKf5pvDeff2rp+Wux/tl3Le4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAtvkQAAD//4XCc8o=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
sysinfo(&(0x7f0000000400)=""/245)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x440102, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
r4 = userfaultfd(0x1)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000080))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x1})
ioctl$UFFDIO_ZEROPAGE(r4, 0xc020aa07, &(0x7f00000005c0)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})

7m4.391454131s ago: executing program 4 (id=250):
r0 = socket$key(0xf, 0x3, 0x2)
ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'virt_wifi0\x00', 0xfffffff9})
ioctl(r0, 0x8b27, 0x0)

7m3.878857628s ago: executing program 4 (id=251):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000001440)={[{@noinit_itable}, {@usrquota}, {@jqfmt_vfsv0}, {@abort}, {@nodelalloc}, {@lazytime}, {@noload}, {}, {@noauto_da_alloc}]}, 0x1, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x189000, 0x1)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x8004587d, &(0x7f0000000140)={0x2, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})
syz_open_procfs(0x0, 0x0)
pipe(0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file0/file0/file0\x00', &(0x7f00000000c0), &(0x7f0000000100)=ANY=[], 0xfe37, 0x0)

7m2.558268877s ago: executing program 4 (id=253):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, &(0x7f0000000500)=ANY=[], 0xc, 0xac, &(0x7f0000000100)="$eJzs0jFqwzAUBuBnY7cdu3foDXwHn6BnMB3tzZNLJ9+nlyh07RFygwxZsygYyUP2QAh8H0hPP/8ikP7PP2+xRryvESmlJu2aSPPyNQ7TvLTjMEVEG3+RVWU+Bw+uLs/ZR/4DWz72uatKfzh9f+4rNx+/eT7d7+IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEPV63Wuo+vK8WXbLgEAAP//2Bwh+A==")
open(&(0x7f00000000c0)='./file1\x00', 0x14927e, 0x6)
truncate(0x0, 0x3000000)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)='Q', 0x1, 0x200980)

7m1.402442178s ago: executing program 4 (id=256):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000a40)={[{@quota}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@test_dummy_encryption_v1}, {@abort}]}, 0x4, 0x756, &(0x7f00000002c0)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKD1Jmk27aty4KxQKbmtITkLISSZkJrUTC7auhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzuSjNGam0ybpSPr7wcl53vP1vE/m8GYO5D0BvLReL38kEUMRcTUiqpvb04g42o6ORdzeOG790a2pckmi1br2S1KeFuut6va1ks31yWifEv+PiAeViHPv/z1vvbk6P1kU+fJme6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/9+2ba2vffdW4+9rA+SQm2nXHZm09XuaZbPxOKjGxY/viQSTro6TfHQAAoCfl9/wjETHQ/pZajSPtCAAAADhMWoMtAAAA4NBLot89AAAAAA7W1v8BbM3tPah5sJ38/EZEDO+Wf6A9hzjiWFQi4sR68sTMhGTjNNiT23ci4v7Ezvvvi/IOu73Ha4/uaD85R/roHq/Ofrhfjj8Tu40/6fb4E7uMPwNb707Yo87j3+P8RzqMf1d7zPH1p69UOua/E/HqwG75k+38SYf8b/eY/+7aB/c67Wt9HnFm178/yRO5urwfYmJmruj6+oEHf5592K3+E53yJ93rX+qx/nfXf5vvNJaU+c+e6v7575a/vCc+3OxHGhH3Ntdle21HjlML33/Trf7piNbzfP6f9Vj/j18O3uzxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhLI2IokjTbjtM0yyJORsR/40Ra1OqNczO1lcXpcl/EcFTSmbkiH42I6kY7Kdtj7fhx+8KO9nhE/OeH4xtJ54o8m6oV0/0uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG0nI2IokjSLiDQifq+maZZFDPRw7uAL6B8AAACwT4b73QEAAADgwHn+BwAAgMPveZ//k33uBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoXb1ypVxa649uTZXt6RvNlfnajfPTeX0+W1iZyqZqy0vZbK02W+TZVG3hadcrarWlsUuxcnOkkdcbI/Xm6vWF2spi4/rcwuRsfj2vvJCqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFZD7SVJs4hI23GaZlnEvyJiOCrJzFyRj0bEvyPiYbUyWLbH+t1pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9l29uTo/WRT5skAgeGHBexHxD+hGl6DfIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1Qb67OTxZFvlzvd08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADor/SnJCLK5Uz19NDOvUeTP6rtdUS888m1j25ONhrLY+X2X7e3Nz7e3H6hH/0HAACAl8LlZzl46zl96zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/Xm6vxkUeTLewsuR3O1lXQ4pt81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz+evAAAA//8KQsc4")
chdir(&(0x7f0000000240)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r4, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)={0x30, r5, 0x1, 0x70bd2d, 0x25dfdbfb, {{}, {0x0, 0x410c, 0xea}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}, 0x1, 0x0, 0x0, 0x51}, 0x40000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000ac0)="b4941ad722225b42c2a171cb6e97c46aab01c8cd5f29d422e1b60bf78f7f7b04ecc0bd1594209575133cb355b8d477087910bdedc0e6fce1e6cd436ef49b41a6deb13a3560e71d2d7a65828f1292c60ecd745c9b06056f63314d638d6efab350f9ea7cd2d63c1bcabeb3864e41ab0983374250f7d7fda3a08f01b3501c54a9c56ef81e2e17628d8b3a3d20abcab5c2c6cc8290e21863d1ea8b46c7242cb492080dd20eaf917ffddf3489d785747d07399affd5df64100d76341905f46a68036ff90ec1ad29a5cfc064e958a729bd5b94ab7ec3", 0xd3)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000000000404c054b0200000000000109022400010000000009040000010300000009210000009c22f80409058103"], 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000000, 0x10010, r4, 0xa6750000)

6m58.884237838s ago: executing program 34 (id=256):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000a40)={[{@quota}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@test_dummy_encryption_v1}, {@abort}]}, 0x4, 0x756, &(0x7f00000002c0)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKD1Jmk27aty4KxQKbmtITkLISSZkJrUTC7auhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzuSjNGam0ybpSPr7wcl53vP1vE/m8GYO5D0BvLReL38kEUMRcTUiqpvb04g42o6ORdzeOG790a2pckmi1br2S1KeFuut6va1ks31yWifEv+PiAeViHPv/z1vvbk6P1kU+fJme6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/9+2ba2vffdW4+9rA+SQm2nXHZm09XuaZbPxOKjGxY/viQSTro6TfHQAAoCfl9/wjETHQ/pZajSPtCAAAADhMWoMtAAAA4NBLot89AAAAAA7W1v8BbM3tPah5sJ38/EZEDO+Wf6A9hzjiWFQi4sR68sTMhGTjNNiT23ci4v7Ezvvvi/IOu73Ha4/uaD85R/roHq/Ofrhfjj8Tu40/6fb4E7uMPwNb707Yo87j3+P8RzqMf1d7zPH1p69UOua/E/HqwG75k+38SYf8b/eY/+7aB/c67Wt9HnFm178/yRO5urwfYmJmruj6+oEHf5592K3+E53yJ93rX+qx/nfXf5vvNJaU+c+e6v7575a/vCc+3OxHGhH3Ntdle21HjlML33/Trf7piNbzfP6f9Vj/j18O3uzxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhLI2IokjTbjtM0yyJORsR/40Ra1OqNczO1lcXpcl/EcFTSmbkiH42I6kY7Kdtj7fhx+8KO9nhE/OeH4xtJ54o8m6oV0/0uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG0nI2IokjSLiDQifq+maZZFDPRw7uAL6B8AAACwT4b73QEAAADgwHn+BwAAgMPveZ//k33uBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoXb1ypVxa649uTZXt6RvNlfnajfPTeX0+W1iZyqZqy0vZbK02W+TZVG3hadcrarWlsUuxcnOkkdcbI/Xm6vWF2spi4/rcwuRsfj2vvJCqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFZD7SVJs4hI23GaZlnEvyJiOCrJzFyRj0bEvyPiYbUyWLbH+t1pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9l29uTo/WRT5skAgeGHBexHxD+hGl6DfIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1Qb67OTxZFvlzvd08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADor/SnJCLK5Uz19NDOvUeTP6rtdUS888m1j25ONhrLY+X2X7e3Nz7e3H6hH/0HAACAl8LlZzl46zl96zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/Xm6vxkUeTLewsuR3O1lXQ4pt81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz+evAAAA//8KQsc4")
chdir(&(0x7f0000000240)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r4, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)={0x30, r5, 0x1, 0x70bd2d, 0x25dfdbfb, {{}, {0x0, 0x410c, 0xea}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}, 0x1, 0x0, 0x0, 0x51}, 0x40000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000ac0)="b4941ad722225b42c2a171cb6e97c46aab01c8cd5f29d422e1b60bf78f7f7b04ecc0bd1594209575133cb355b8d477087910bdedc0e6fce1e6cd436ef49b41a6deb13a3560e71d2d7a65828f1292c60ecd745c9b06056f63314d638d6efab350f9ea7cd2d63c1bcabeb3864e41ab0983374250f7d7fda3a08f01b3501c54a9c56ef81e2e17628d8b3a3d20abcab5c2c6cc8290e21863d1ea8b46c7242cb492080dd20eaf917ffddf3489d785747d07399affd5df64100d76341905f46a68036ff90ec1ad29a5cfc064e958a729bd5b94ab7ec3", 0xd3)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000000000404c054b0200000000000109022400010000000009040000010300000009210000009c22f80409058103"], 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000000, 0x10010, r4, 0xa6750000)

1m40.307523738s ago: executing program 3 (id=773):
socket$inet6(0xa, 0x1, 0x8010000000000084)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
fsync(r0)
r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VHOST_GET_FEATURES(r4, 0x8008af00, &(0x7f0000000100))
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)
fcntl$getown(0xffffffffffffffff, 0x9)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000844}, 0x40000)

1m39.07218158s ago: executing program 3 (id=775):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x17, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r1 = syz_open_dev$video(&(0x7f0000000000), 0x101, 0xab02)
ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, &(0x7f0000000180)=0x1)
ioctl$VIDIOC_S_CROP(r1, 0x4014563c, &(0x7f00000001c0)={0x9, {0x3c, 0x7, 0x10000000}})
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000100)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x6}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xffff}}]}, 0x3, 0x570, &(0x7f0000000c00)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r2 = open(&(0x7f00000000c0)='./file1\x00', 0x14927e, 0x6)
fallocate(r2, 0x0, 0x0, 0x1001f0)
fallocate(r2, 0x8, 0x0, 0x10000)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, 0x0, 0x54)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x101ac1, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840), 0x0)

1m38.660631339s ago: executing program 3 (id=776):
r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000140)={0x3f, 0x1, 0x0, "1c13ebdaf2f20d55806ba058e8edb1439bfcc1000000efffffffffffffff00", 0x494e4f4b})

1m37.880039073s ago: executing program 3 (id=778):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000003380))
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
io_uring_setup(0x177d, &(0x7f00000002c0)={0x0, 0x6992, 0x8, 0x40002, 0xfc})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000000c0)='westwood\x00', 0x9)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

1m37.624687522s ago: executing program 0 (id=779):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
io_uring_setup(0x5a0f, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r4, &(0x7f0000001240)=""/102400, 0x200000, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, 0x0, 0x0)
sendmsg$inet6(r0, 0x0, 0x4008000)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
socket(0x40000000015, 0x5, 0x0)

1m36.519626738s ago: executing program 0 (id=781):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000c40), r0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$vim2m(0x0, 0x52cd, 0x2)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18)
listen(0xffffffffffffffff, 0x3)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000040)={0x3, 0x6576, 0xd})

1m32.070025907s ago: executing program 3 (id=789):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x3})

1m30.47662229s ago: executing program 0 (id=793):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000001b00), 0x200, 0x0)
readv(r3, &(0x7f0000000100)=[{&(0x7f0000000040)=""/175, 0xaf}], 0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1m29.45012833s ago: executing program 0 (id=795):
syz_open_dev$video4linux(&(0x7f00000000c0), 0x400, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1180, 0xffffffffffffffff})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=@newlink={0x20, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x880}}, 0x20}}, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000180), 0x800, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = socket$l2tp(0x2, 0x2, 0x73)
sendto$inet(r3, 0x0, 0xfe, 0x20008041, &(0x7f00000000c0)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x2e}}, 0x10)
pselect6(0x40, &(0x7f0000000140)={0x0, 0x2, 0xc, 0x1000000004, 0x8, 0x9, 0x0, 0x5}, 0x0, 0x0, 0x0, 0x0)
r4 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f00000004c0)={0x1, 0x80000000, 0x2})
dup3(r1, r0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x1000000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000100)=0xd)
r8 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r9 = dup(r8)
write$UHID_INPUT(r9, &(0x7f0000001040)={0x18, {"a2e3ad21ed6b52f99cfbf4c087f70c9b3e6ee7ff7fc6e5539b9b3b0e8b9b411b5d30091b080d29428f0e1ac6e7049b3468959b4c9a242a9b67f3988f7ef319520200ffe8d178708c523c921b1b25380a169b63d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x100d}}, 0xfffffdef)

1m26.353716323s ago: executing program 3 (id=802):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETOFFLOAD(r3, 0x400454c9, 0xba98575a95aeb70d)
write$cgroup_devices(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="1e0308004d6b71ef288563"], 0xffdd)
close_range(r0, 0xffffffffffffffff, 0x0)

1m25.678788108s ago: executing program 0 (id=804):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x20000023896)
io_setup(0x8, 0x0)
syz_open_procfs(0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
read$eventfd(r2, &(0x7f0000000040), 0x8)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)=0x10000)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40106308, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r4, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x3})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r5, 0x40305829, &(0x7f0000000240)={0x17c04, 0xffffffffffffffff, 0x4ffa1, 0x100000001})

1m23.660436075s ago: executing program 0 (id=809):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/clear_refs\x00', 0x1, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f0000000240)=ANY=[@ANYBLOB="1c0000f5"], 0xfd1)
write$sysctl(r1, &(0x7f0000000380)='1\x00', 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_io_uring_setup(0x496, &(0x7f0000000380)={0x0, 0x607b, 0x1000, 0x0, 0x284}, &(0x7f0000000540), &(0x7f00000001c0))

1m11.226663248s ago: executing program 35 (id=802):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETOFFLOAD(r3, 0x400454c9, 0xba98575a95aeb70d)
write$cgroup_devices(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="1e0308004d6b71ef288563"], 0xffdd)
close_range(r0, 0xffffffffffffffff, 0x0)

1m8.406381012s ago: executing program 36 (id=809):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/clear_refs\x00', 0x1, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f0000000240)=ANY=[@ANYBLOB="1c0000f5"], 0xfd1)
write$sysctl(r1, &(0x7f0000000380)='1\x00', 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_io_uring_setup(0x496, &(0x7f0000000380)={0x0, 0x607b, 0x1000, 0x0, 0x284}, &(0x7f0000000540), &(0x7f00000001c0))

12.837321242s ago: executing program 7 (id=908):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = getpid()
ioctl$int_in(r0, 0x5452, &(0x7f0000000480)=0x5)
ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000100)=r4)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

11.922113867s ago: executing program 5 (id=909):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$kcm(0x29, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x2, 0x1, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
set_mempolicy_home_node(&(0x7f0000349000/0xa000)=nil, 0xa000, 0x0, 0x0)
r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
ioctl$CEC_DQEVENT(r3, 0xc0506107, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
socket$igmp(0x2, 0x3, 0x2)
socket$igmp(0x2, 0x3, 0x2)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/raw\x00')
preadv(r4, &(0x7f0000000600)=[{&(0x7f00000002c0)=""/79, 0x4f}, {&(0x7f0000000340)=""/103, 0x67}, {0x0}], 0x3, 0x1, 0xfffffffe)
io_uring_setup(0x4fc4, 0x0)

9.970826318s ago: executing program 5 (id=911):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
openat$nci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
lsetxattr$trusted_overlay_redirect(0x0, 0x0, 0x0, 0x0, 0x1)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x840)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000e00)={0x0, 0x0, 0x0}, 0x0)
bind$nfc_llcp(r0, 0x0, 0x0)

9.584018074s ago: executing program 7 (id=913):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x10008, &(0x7f0000000700), 0xff, 0x49d, &(0x7f0000000740)="$eJzs3M9vFFUcAPDv7LallR+tiCgIWkEj8UdLCyoHD2o08aCJiR7wWNuCyEINrQmQRosxeDQk3o1HE/8Cb16MejAmXjXxaEiINiYUTzWzM0OX7bZ0S9uV7ueTbPe9nZl97zvz3u6beZ0NoG31p3+SiG0R8VtE9GbZW1foz57mZqdHb8xOjyYxP//WX0l1veuz06PFqsV2W/PMoVJE6dMkXkwWlzt54eLpkUpl/FyeH5w688Hg5IWLz5w6M3Jy/OT42eFjx44eGXr+ueFn1yTONK7rez+a2LfntXeuvDF6/Mq7P36TVmv3/mx5bRy3daNBQA30p3vt7/mq+mWPN1H3u8H2mnTS0cKK0JRyRKSHq7Pa/3ujHAsHrzde/aSllQPWVfrdtGXpxTPzwCaWRKtrALRG8UWfnv8Wjw0aevwvXHspoitPz81Oj87djL8jSvnrnetYfn9EHJ/598v0Ec1ehwAAWIXq2ObpRuO/UuyuPmdzHTvyOZS+iLg3InZGxH0RsSsi7o+orvtARDyYbTzfu8Ly++vyi8c/pasN67xG0vHfCzVjv7ma+POnvnKe216NvzM5caoyfjjfJ4eic0uaH1qmjO9e+fXzpZbVjv/SR1p+MRbMK3C1o+4C3djI1Mha7YRrlyL2djSKP7k5E5C2gD0Rsbe5t95RJE49+fW+pVa6ffzLWIN5pvmvIp7Ijv9M1MVfSJafnxzsjsr44cGiVSz20y+X31yq/DuKfw1cO/BQllg4/nVr9P6T9OTJSmX83GTzZVz+/bMlz2lW2/67krerc9Y/v5e9dn5kaurcUERX8no1X5zTVV8fXtj2/MhUT5ov1k/b/6GDjfv/znyb9PineyltxPsj4uGIeCSv+6MRcSAiDi4T/w8vP/b+MvEnkUTrjv+liLGGn383239fUjtfv4pE+fT33y41Y76y4380ZqqftZnq599trLSCd7j7AAAA4K5QiohtkZQGsnT/tiiVBgay/+HfFfeUKhOTU0+dmPjw7Fh2j0BfdJaKK129NddDh5KZ/B2z/HB+rbhYfiS/bvxFuaeaHxidqIy1OHZod1tv7f9R9P/Un+VW1w5Yd+7XgvZV3/9LLaoHsPFW8v3vXAA2p1v7f3f6p6dVdQE2lvN/aF+N+v/HdXnjf9icFvf/Pxr8ZB2wGRn/Q/vS/6F96f/Qlu7kvv6FRHdENLNVcbPA6gvtXvEd/u2SKH7xYj3L6omLp7vyV6LUokjLTTa2TZFIe8zGFrrwGyoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB3s/8CAAD//90I3/s=")
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$VIDIOC_TRY_DECODER_CMD(0xffffffffffffffff, 0xc0485661, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="150008d5a36a44", @ANYRES32, @ANYBLOB="04000000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0x17, &(0x7f0000000c80)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {0x7, 0x0, 0xb, 0x2}, {0x85, 0x0, 0x0, 0x51}}, {}, [@printk={@d, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x76}}], {{}, {}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000000)='GPL\x00'}, 0x7b)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000400)="5aee41dea43e9eee28e622e563a3", 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
futex_waitv(&(0x7f00000015c0)=[{0x9, &(0x7f0000000180)=0x80000000, 0x2}, {0x7, &(0x7f0000000280)=0x7fffffff, 0x2}, {0x800, &(0x7f0000000380), 0x82}, {0x5, &(0x7f00000003c0)=0xffffffffffffffff, 0x2}, {0xb, &(0x7f0000000500)=0x84, 0x2}, {0x4, &(0x7f0000000540), 0x2}, {0x5, &(0x7f0000000580)=0x4, 0x2}, {0x7, &(0x7f00000005c0)=0x6, 0x2}, {0xff, &(0x7f0000000600)=0x1, 0x2}, {0x2, &(0x7f0000000640)=0xffffffffffffffff, 0x2}, {0x593b0b33, &(0x7f0000000680)=0xfffffffffffff000, 0x82}, {0xffff, &(0x7f00000006c0)=0x7a02d88f, 0x82}, {0xe9, &(0x7f0000000c00)=0x9, 0x2}, {0x4, &(0x7f0000000d40)=0x446, 0x2}, {0x0, &(0x7f0000000d80)=0x4, 0x82}, {0x8, &(0x7f0000000dc0)=0x1, 0x82}, {0x2, &(0x7f0000000e00)=0x5, 0x80}, {0x0, &(0x7f0000000e40), 0x82}, {0x20000000000000, &(0x7f0000000e80)=0x3d7}, {0x0, &(0x7f0000000ec0)=0x8, 0x82}, {0x0, &(0x7f0000000f00)=0x4, 0x82}, {0x7, &(0x7f0000000f40)=0x89c, 0x2}, {0x5, &(0x7f0000000f80)=0x7}, {0x7, &(0x7f0000000fc0)=0x8, 0x2}, {0x1, &(0x7f0000001000)=0x1fd, 0x2}, {0x8000, &(0x7f0000001040)=0x1, 0x82}, {0x1000, &(0x7f0000001080)=0xf5, 0x82}, {0x167, &(0x7f00000010c0)=0x4, 0x82}, {0x2, &(0x7f0000001100)=0x8, 0x82}, {0x8e, &(0x7f0000001140)=0x9a5, 0x2}, {0x5, &(0x7f0000001180)=0x8, 0x82}, {0x58f, &(0x7f00000011c0)=0x8, 0x82}, {0x9, &(0x7f0000001200)=0x7, 0x82}, {0xfff, &(0x7f0000001240)=0x1, 0x82}, {0x40, &(0x7f0000001280)=0x8, 0x82}, {0x80000000, &(0x7f00000012c0)=0x4, 0x2}, {0x4, &(0x7f0000001300), 0x2}, {0x8, &(0x7f0000001340)=0x9, 0x2}, {0x7f, &(0x7f0000001380)=0x8001, 0x82}, {0x1, &(0x7f00000013c0)=0x40, 0x82}, {0x3, &(0x7f0000001400), 0x82}, {0x0, &(0x7f0000001440)=0x2, 0x2}, {0x6, &(0x7f0000001480)=0xe27, 0x2}, {0x4, &(0x7f00000014c0)=0xa427, 0x2}, {0xfffffffffffffffb, &(0x7f0000001500)=0xec79, 0x82}, {0x0, &(0x7f0000001540)=0x1f7, 0x2}, {0x6, &(0x7f0000001580), 0x2}], 0x2f, 0x0, &(0x7f0000001a40), 0x1)

9.40406549s ago: executing program 5 (id=914):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$packet(0x11, 0x3, 0x300)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000"], 0x50)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000100))
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
unshare(0x68040200)
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000080)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f00000000c0)={@hyper})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r2, 0x7ab, &(0x7f0000000040)={&(0x7f0000000780)={{@host}, {@hyper}, 0x400, "884fbe2726aa0a32f3e65f908292456e0332e6c11577b514f0bb8db731789d860e9589c4cbdd60b7a851a8a3c55ada2f90c51a69bf4a5c3e32296535dc838ef00dc18a32a79118dc858628f741f107552021e5a81d38e4374a8a717a7ca9015083cfff5d16156ef9cabf4f60c0da46870a10bf520cc5abcf9e3a437761ea75776763139fadd55c46daf5338870951822f6a803ccfbab9c3f507672d7c39ea9ccf81d9bc2b4649e7b44ed9fd7cb9bd389240cd41c415113d1caac4536f05c07e596d6addad2a4d27ba21a3b655753c508caedcc812ca235a7cd1686426b208bdecf8a4265ba8f6824aa60306e2d623481eed301b6dc21041fa8b6592be00bb74de1989a45a5aa32c189e9f5a5bb878281d0129afcfb8410cd1fa5acd080993d2d084213130a9b8d517d13251e6605a03d9b8faf507e820205a1f471af7b261419e79e09c547f7c10fd3f1ad876f59fdcc5e07d0ff4dee6ea2e3856616a352d648b9b5261b6263020fc3ae8eb404bc25703b3d3b83172d07ff22907d6631d226c8247c92c1826ff814590dfe8c7fc54dfb265e906f756846546316b20e0105e2a5355a210b2b7f5db61d8f90bb783b41ce368233bd08044e9283531fffe49e3d305ecfb16075a047557f57bb7baf8babfc02975ad0d60ed8de9cf8adc9f667bc6826cbea8e260e4bff28a5ec19d38d1fc019db3cfaf310e764d78619cb27fb17af05a0e8ae831ce8413721e71138e62cc4ad8e7974d1506b4fb581c549a3dd7b7ef44ac37201aa3bce6f37f648d781bcb4f303000000a640f1b04efb38a36e0ed0e2abcb07e4ad88ae3edfb6d840d75340204243d0e1c1c3139823b0d5ad196430bf4566619a1a97df4376a7e9a9e9c1d97b9f773c921778f2cb5165c02da10b01b78e3fe5520bdfae2b3dbe42db0f0eb55bbcb19038018d45ccdb8b0df400085a02c607000000000000008e090c65798bc49d35e049d276fd1952d2b3dfd92a2548411e21be26216fe68fc3cf1c6625031260153708a53255b3d3d0411da80e8ab2102a97e539c34e9c769a7dafb87c5918deb59ef05e928c2c52775de467fa843cbcdabc290097eeb2ee7c58d86e3fccc39a5b694c18a4cc0d6af1e6579c69e6466bc0cbef1536519ca409876268625f8c3f358fb7d567cbea52e1bc289bd8effda4e362a729e8cd3064970b97e3f72535d9ba88e97a14834cfd8dc86b5d2f9b35425a4162e6abe8b785ef462883e716c91b8eb281d81f68f606f16fcbc5cddfdec3b515818a647d86a4c17bae6ad525e95598052c49cdee821ceb45b2350dda13628db0dd266f30285241a2b147d65113b8ed3665a3451f7a56cf430ec98aeac702d9b9f776d97520a9d039e5b2fff34ac4d4e0a32e1f35c8f38e4f4fe1b3212a70f185ad71ec86b8c90000000000000100"}, 0x418, 0xfffffffe})

6.048880768s ago: executing program 6 (id=916):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x18)
openat$ppp(0xffffffffffffff9c, 0x0, 0x1a01, 0x0)
io_submit(0x0, 0x0, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r2=>0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r1, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r2, 0x0, <r3=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_REPLACE(r1, 0x3ba0, &(0x7f0000000280)={0x48, 0x13, r3, 0x0, r2})

5.954575844s ago: executing program 7 (id=917):
openat$kvm(0x0, 0x0, 0x80, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha20-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000013a40)={0x0, 0x0, &(0x7f0000013a00)={&(0x7f00000158c0), 0x10b8c}}, 0x0)
recvmmsg$unix(r4, &(0x7f0000003800)=[{{0x0, 0x0, &(0x7f0000003740)=[{&(0x7f0000001600)=""/4086, 0x10b8c}], 0x1}}], 0x1, 0x0, 0x0)

5.041848602s ago: executing program 6 (id=918):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1, 0x70bd2b}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000001640)={@remote, 0x52})
socket(0x28, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
munlockall()
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
mknodat$loop(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)

4.645437336s ago: executing program 6 (id=919):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$kcm(0x29, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0x2, 0x1, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
set_mempolicy_home_node(&(0x7f0000349000/0xa000)=nil, 0xa000, 0x0, 0x0)
r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
ioctl$CEC_DQEVENT(r3, 0xc0506107, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
socket$igmp(0x2, 0x3, 0x2)
socket$igmp(0x2, 0x3, 0x2)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/raw\x00')
preadv(r4, &(0x7f0000000600)=[{&(0x7f00000002c0)=""/79, 0x4f}, {&(0x7f0000000340)=""/103, 0x67}, {0x0}], 0x3, 0x1, 0xfffffffe)
io_uring_setup(0x4fc4, 0x0)

3.950802617s ago: executing program 7 (id=920):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002d9d7000000000000900020073797a30000000000800410073697700140033006c6f00"/56], 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
connect$inet(r3, &(0x7f0000001980)={0x2, 0x1, @loopback}, 0x10)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = syz_io_uring_setup(0x10c, &(0x7f00000000c0)={0x0, 0x8006d89, 0x400, 0x2, 0x66}, &(0x7f0000000400)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000980)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000180)='io_uring_poll_arm\x00', r8}, 0x18)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x100})
io_uring_enter(r5, 0x8aa, 0x0, 0x0, 0x0, 0x0)

3.724221983s ago: executing program 6 (id=921):
r0 = getpid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESDEC=r0], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
r3 = syz_open_dev$evdev(0x0, 0x2, 0x842)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000340)='.\x00', 0x0, 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r3}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
r5 = getpid()
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="660a0000070000006111700000000000180000000000950000000000ff00"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = accept4(r2, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000001c0)="00940a37", 0x4)
sendto$unix(r8, &(0x7f0000000440)="36d9a32e92c131d730b1abaedb51eb66fd2d5b1f7eda4f0e859fdaf294bad70673813533d8bf1c6a77b65a7afdc01b29e73571071a68d5def5d7df839810da130b9348f4d9d407eb478d5bfb298c552a498271af70914e14ba9476fd2a0e47984c25ea20afab3064a748add27a7149e9c4705475bda2ecec9ec30214f28c5e16fd3f50f604f20232c534409e52bff64fc6ca0f5e254083aec2794b7216e002e87caf3d0fa7d04ff9e3b03e81595a04979594ff6ea888bf13de8e8f74c6178e31e47593732ae1a501ad3641d423195a788efdb643f50a8c8b9794a62f7b8dfa0fa7da9d391b92ce2a7f9fe0f9d584a3775f", 0x703d59595f6742a8, 0x800, 0x0, 0x0)
recvfrom(r8, &(0x7f00000017c0)=""/4123, 0x101b, 0x1, 0x0, 0x0)

2.618836725s ago: executing program 5 (id=922):
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f0000000180)=ANY=[], 0x1, 0xc4d, &(0x7f0000001b40)="$eJzs3V1sXGdaB/DnnWMndsqyU9qmXbpIsxSxaZoE56OtUVrkbIy1K0VtVMcLNyCP40kY1R67trNKK1gFCbgBQVCRVsAFuUHigovcIKEVQhE3iwRIEajSIpAItI1WQoBXsLBiJYzOzDv22BvXbr6cNL/fbvKfc+Y9M++Z9jlzpprnTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEV/46RNDh9NOzwIAuJ9eG39j6Kj3fwB4pJzx+R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK2lKOKtSPHe2HKabC93DJxqti5cnBgdu/VmgylSVKJojy//DBw+cvTYiy+9PNzNj97+bvtMvD5+5kTt5Nzs/EJjcbExXZtoNc/OTTe2/Qh3uv1G+9svQG32zQvT584t1o4cOrru7ovVm7sf21s9Pvzsgee7YydGx8bGe8b09d/2s3+fdPceik+QXVHEFyPFNw5+K9UjohJ3XgtbHDvutcHoK+uvvRMTo2PtHZlp1ltL5Z2pkkf1RVR7Nhrp1sh9qMU7MhJxqfznVE54f7l74/P1hfrUTKN2ur6w1FxqzrVSpTPbcn+qUYnhFDEfEcvFTk+eB01/FPFqpLj5veU0FRFFtw5eeG38jaGjm2/Ydx8nucnTV4uI6/EQ1Cw8oHZHEb8dKd6dHIqzua7aZfNBxOfLfCXirTKvpbicl1N5gBiO+Lb3E3io9UURfxMp5tJymu7Wfvu88tSXa19qnZvrGds9r3zoPx/cT85NeIANRBFT7TP+5XT7/7ELAAAAAAAAAAAAALg/ivh6pLg6uy/NR29PabN1vnamPjXT+VZw97v/tbzVysrKSjV1spZzKOdIztM5J3PO57yU83LOKzmv5ryW83rOGzmXc0YlP3/OWs6hnCM5T+eczDmf81LOyzmvdLLb0bhyLa+/nvNGzuWcoe8JAAAAAAAAAAAAAAAAAACAu2wwiviNSPHvv/+V9u9KR/t36T99fPjkqU/1/mb8M1s8Tjn2UER8Pbb3m7y78m+Np0r5v7u/X8DWBqKIr+bf//vlnZ4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQKhEEb8SKb72neUUKSJGIiajkzeKnZ4dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDanYp4NVL87O+OrK7ri4jU/n/HvvKvYzFS5HyizFdi5HA7KyMnyhyIOLQD8wdu3+Lb77xZn5lpLLjhhhturN7Y6SMTAAAAAAAAAAAAAAAAADzCUhF/Hyl+8veWUzUiLlZv7n5sb/X48LMHni+iaF8EIPWOf338zInaybnZ+YXG4mJjujbRap6dm25s9+kGTjVbFy5OjI7dk53Z0uA9nv/gwMm5+bcXmud/YemW9+8ZODG1uLRQP3vru2Mw+iKGetfsb094YnSsPemZZr3V3jRVNplgX0RtuzvDI29PKuJ/I8V7B78Zj+d1+fof/Z2lter/w19cW/rhvvW5+q9j+/jx6ePDJ/c8t53babsT3d8uvLIQxsZ7VvflWf5Qz7pqnte2HxseUWX9vxApfv6PitStoVz/P9BZKlbH/s9X12rq+IZctUP1/0TPuuP5qNXfFzGwNDvf/3TEwOLb7xxsztbPN843WseOvPzS8LGXXzz2Uv+uiIFzzZnG0Nqtbb92AAAAAAAAAAAAAAAAAHCv9KcivhApfunv/nK1bzz3/32qs7TW/9fb/7tvw+P0Xjdgs9u37PXboq+vV/mcKRXxVKR49s+eac83xR4973Cb9qQivlvW0/QX0+fyulz/ubP/1vV/aUOu2qH+38d71l3Kx4n/iBSP/8Ez8bme48TG7t5y3F9Eiqkf+WweF7vKcd3H6/REdxqDy7FfiRTvn14/tts3/cTa2MPb3S3YSWX9z0aKf/itv40fzevWX//j1vW/Z0Ou2qH6f7J3nyJi8e133qzPzDQWFrf9UsAjp6z/X48Uf/0n34zn8rqPuv5P9zo/+55bn4PdQTtU/0/1rKvmef3Yx3wtAAAAAAAAAAAA4GGxJxXxT5Hiz//0QDqY123n+7/TG3LVDn3/7+meddPrvv97725s+0UGAIAHRH8q4icixR9Pf5C6vbGb9v++stb/M7rxxL19Tv+D7T7/j3Wu/zH6/8vnTKmI/8t9vUNb9PX+eKT4tZ86kMelveW4ke50238PvDbXOnhiZmbubH2pPjXTqI3P1882ym33R4p//bfP5m0r7T7fbn90pzd4rSf4dyLFz33YHdvpCe72Uj65NvZwOfZgpPju++vHdvuunlobe6Qc+5uRYuy/bz1279rYo+XYf4wU//lurTt2Tzm2+3nu6bWxh87OzXzfRzYAAAAAAAAAAAAAAAAAAAB2Xn8qIkWKaz9zZbU3fv31v7rXAVh//a+N7tXv/1fvzm4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEMhRRH/FSneG1tON4pyuWPgVLN14eLE6NitNxtMkaISRXt8+Wfg8JGjx1586eXhbn709nfbZ+L18TMnaifnZucXGouLjenaRKt5dm66se1HuL3ti03v2d9+AWqzb16YPndusXbk0NF1d1+s3tz92N7q8eFnDzzfHTsxOjY23jOmr3/bs99SunsPxSfIrijiryLFNw5+K/1zEVGJ266FVVscO+61wegr66+9ExOjY+0dmWnWW0vlnamSR/VFVHs2GunWyH2oxTsyEnEpIirlhPeXuzc+X1+oT800aqfrC0vNpeZcK1U6sy33pxqVGE4R8xGxvPnRikdUfxRxLVLc/N5y+pei84bWroMXXht/Y+jo5hv23cdJbvL01SLiejwENQsPqN1RxJOR4t3JoXi/6NRVu2w+iPh8ma9EvFXmtRSX83IqDxDDEd/2fgIPtb4o4nSkmEvL6YMi1377vPLUl2tfap2b6xnbPa986D8f3E/OTXiADUQRH7bP+JfTh97PAQAAAAAAAAAAAOABV8SrkeLq7L7U7g9d7Sltts7XztSnZjpf6+9+97+Wt1pZWVmppk7Wcg7lHMl5Oudkzvmcl3Jeznkl59Wc13Jez3mjnbvbjYnlclTy8+es5RzKOZLzdM7JnPM5L+W8nPNKzqs5r+W8nvNGzuWcH9H1DwAAAAAAAAAAAAAAAAAAd6QSRfxqpPjad5bTStH5fdnJ6OSN9X2uu3ZqjsC98f8BAAD//3zgG/w=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0x8000c61)
socket$kcm(0x29, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
write$FUSE_WRITE(r3, &(0x7f00000000c0)={0x18}, 0xfffffdef)

2.408460728s ago: executing program 7 (id=923):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x24, 0x65, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f, 0xa6}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

1.822734367s ago: executing program 5 (id=924):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x22400049, &(0x7f00000002c0)={[{@dioread_nolock}, {@noinit_itable}, {@nomblk_io_submit}, {@noblock_validity}, {@data_err_abort}, {@jqfmt_vfsold}, {@jqfmt_vfsv0}, {@barrier_val={'barrier', 0x3d, 0xd95a}}, {@debug}]}, 0x84, 0x471, &(0x7f0000000bc0)="$eJzs3M9vFFUcAPDvzLZFfpQuiD9AlFUkNqItLagcvGg04WJiogc91lIJsoChNRFCBI3Bo/EvUI8m/gWe9GLUk8ar3o0JMVxED2bN7M7Att3WdrfLgvP5JNN9b3699+bN67yZt7MBlFYt+5NEbIuIXyJirBVdvEKt9XH92sXZv65dnE2i0Xjlj6S53p/XLs4Wq27LP7fm+xxPI9IPk7jcId358xdOzdTrc+fy+OTC6bcn589fePLk6ZkTcyfmzkwfPXrk8NQzT08/tSHlHM3yuue9s3t3H3v9k5dmG/HG919m+a/ky9vL0VLtOc1a1KLRaDTSRXNHmn8P9Lz328toWzgZGmBGWJfs/M+qa7jZ/seiEjcrbyxe/GCgmQP6Krs+7Vg2t3VVTA8kzeXA/5U2DmVVXPGz+99iurU9kMG6+lzrBigr9/V8ai0Ziuy+Pam27tgrfUp/W0S8dvnvT7MpOj6HAADYWF9n/Z8nOvX/0ri3bb3t+dhQNSIORsTOiLg7InZFxD0RzXXvi4j715l+bUl8ef/np81dFWyNsv7fs/nY1uL+341Rm2olj402yz+cvHmyPncoPybjMbwpi0+tksY3L/z88UrLam39v2zK0i/6gnk+fh/atHib4zMLM72Uud3V9yP2DHUqf3JjJCCJiN0RsaeL/WfH7OTjX+zNwtu3Ll/+3+VfxQaMMzU+j3isVf+XY0n5C0krpZXGJyfvivrcocnirFjuhx+vvNweH24L91T+DZDV/5aO539e/qIZFOO18+tP48qvH614T9Pt+T+SvNoMj+Tz3p1ZWDg3FTGSz1g0f/rmtkW8WD8r//j+zu1/Z8Q/n+XbPRAR2Un8YEQ8FBH78rw/HBGPRMT+Vcr/3fOPvrX6ERps/R9frf4jqkn7eH0Xgcqpb79aKf211f+RZmg8n7OW/39rzWAvxw4AAADuFGlzDDpJJ26E03RiovUd/l2xJa2fnV84WIt3zhxvjVVXYzgtnnSNtT0PncqfDRfx6SXxwxGxo/lNo83N+MTs2frooAsPJbd1hfaf+a1fX3oBbh/rGkdL+pcP4NbzviaUl/YP5aX9Q3lp/1Bendr/pYjrA8gKcIu5/kN5af9QXto/lJf2D6W0/JX44udWunnT/2Zg57GeNi9RoNKnPUf7j3b0IRDpwA9d94H0dsjGvjywKSLWutWlvtbp0vMHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgzvdvAAAA//+bHeQQ")
ppoll(&(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
select(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x80044940, &(0x7f0000001b00))
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000200)={0x0, 0x401f, 0x3})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = getpgrp(0x0)
timer_gettime(0x0, 0x0)
kcmp$KCMP_EPOLL_TFD(r5, 0x0, 0x7, 0xffffffffffffffff, 0x0)

1.822314568s ago: executing program 7 (id=925):
r0 = socket(0xa, 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
write(r1, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000080)=0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008aec1, &(0x7f0000000000))
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)

1.536253278s ago: executing program 6 (id=926):
add_key(0x0, 0x0, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x235, &(0x7f0000000300)="$eJzs3T9oFFkcB/Df7J/LJVmO3F1zcHAniIgGQuwEm9goBCSIiKBCRMRKEiUmbWJlY6G1SiqbaGu0FJtgExGsgqaIjaBBxGChxcrsJBLNiuLGHXE+H5jdmd335veGme/bbYYJoLB6ImIgIsoR0RsR1YhI1jfYki09q5vTnXPDEfX6oVdJo122nVnr1x0RUxGx+2Y9U4mYmD229HZh//ZL49VtN2aPdrb1IFctLy0eWLk+dPH24K6Jh49fDCUxELVPjmvzJU0+qyQRf/2IYj+JpJL3CPgW5+aHXqe5/zsitjbyX41SZCfv8thv96ux89qX+l55+ejfdo4V2Hz1ejX9DZyqA4VTiohaJKW+iMjWS6W+vuw//JNyV+nM6Nj53tOj4yOn8p6pgM1Si1jcd7fjTvdn+X9ezvIP/LrS/B8+OPM0XV8p5z0aoJ3S/PeemNwR8g+FI/9QXPIPxSX/UFzyD8Ul/1Bc8g/FJf9QXPIPxSX/UFzr8w8AFEu9I+87kIG85D3/AAAAAAAAAAAAAAAAAAAAG013zg2vLe2q+eBqxPLeiKg0q19uPI844vfGa9ebJG32UZJ1a8nx/1vcQYtu5Xz39R/P8q0//1++9SdHIqYuRER/pbLx+ktWr7/v9+dXvq+ebLFAi/Ycybf++5l86w8uRNxL55/+ZvNPKf5pvDeff2rp+Wux/tl3Le4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAtvkQAAD//4XCc8o=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sysinfo(&(0x7f0000000400)=""/245)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x440102, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
r3 = userfaultfd(0x1)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x1})
ioctl$UFFDIO_ZEROPAGE(r3, 0xc020aa07, &(0x7f00000005c0)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})

324.799992ms ago: executing program 6 (id=927):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000c40), r0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$vim2m(0x0, 0x52cd, 0x2)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18)
listen(0xffffffffffffffff, 0x3)
getpid()
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000040)={0x3, 0x6576, 0xd, 0x0, <r4=>0x0})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r3, 0x100000000)
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r3, 0xc00464b4, &(0x7f0000000080)={r4})

0s ago: executing program 5 (id=928):
openat$kvm(0x0, 0x0, 0x80, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha20-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000013a40)={0x0, 0x0, &(0x7f0000013a00)={&(0x7f00000158c0), 0x10b8c}}, 0x0)
recvmmsg$unix(r3, &(0x7f0000003800)=[{{0x0, 0x0, &(0x7f0000003740)=[{&(0x7f0000001600)=""/4086, 0x10b8c}], 0x1}}], 0x1, 0x0, 0x0)

kernel console output (not intermixed with test programs):

 promiscuous mode
[  346.096800][ T8442] loop5: detected capacity change from 0 to 32768
[  346.104771][ T8442] XFS: ikeep mount option is deprecated.
[  346.164964][ T8299] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  346.188183][ T8442] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  346.227120][ T8299] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  346.324906][   T51] Bluetooth: hci2: command tx timeout
[  346.394847][ T8456] loop0: detected capacity change from 0 to 1024
[  346.422670][ T8442] XFS (loop5): Ending clean mount
[  346.432484][ T8442] XFS (loop5): Quotacheck needed: Please wait.
[  346.459920][ T8456] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  346.529895][ T8299] team0: Port device team_slave_0 added
[  346.590174][ T8442] XFS (loop5): Quotacheck: Done.
[  346.609972][ T8299] team0: Port device team_slave_1 added
[  346.763786][ T8456] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  347.039795][ T8299] batman_adv: batadv0: Adding interface: batadv_slave_0
[  347.047788][ T8299] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  347.076751][ T8299] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  347.645601][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.766974][ T6338] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  347.814051][ T8299] batman_adv: batadv0: Adding interface: batadv_slave_1
[  347.821446][ T8299] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  347.891750][ T8299] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  348.403742][   T51] Bluetooth: hci2: command tx timeout
[  349.024139][ T8299] hsr_slave_0: entered promiscuous mode
[  349.030786][ T8299] hsr_slave_1: entered promiscuous mode
[  349.165027][ T8394] chnl_net:caif_netlink_parms(): no params data found
[  350.578821][ T8495] loop5: detected capacity change from 0 to 1024
[  351.480701][ T8495] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  352.711213][ T6338] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.952057][ T8394] bridge0: port 1(bridge_slave_0) entered blocking state
[  353.065496][ T8394] bridge0: port 1(bridge_slave_0) entered disabled state
[  353.176537][ T8394] bridge_slave_0: entered allmulticast mode
[  353.246264][ T8394] bridge_slave_0: entered promiscuous mode
[  353.289472][ T8394] bridge0: port 2(bridge_slave_1) entered blocking state
[  353.324225][ T8394] bridge0: port 2(bridge_slave_1) entered disabled state
[  353.331852][ T8394] bridge_slave_1: entered allmulticast mode
[  353.340188][ T8394] bridge_slave_1: entered promiscuous mode
[  353.340717][ T8509] loop5: detected capacity change from 0 to 65
[  353.352763][ T3442] bridge_slave_1: left allmulticast mode
[  353.361009][ T3442] bridge_slave_1: left promiscuous mode
[  353.393790][ T3442] bridge0: port 2(bridge_slave_1) entered disabled state
[  353.411465][ T3442] bridge_slave_0: left allmulticast mode
[  353.414956][ T8509] bfs: Unknown parameter ''
[  353.423458][ T3442] bridge_slave_0: left promiscuous mode
[  353.455454][ T3442] bridge0: port 1(bridge_slave_0) entered disabled state
[  353.644955][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.667573][ T8517] loop0: detected capacity change from 0 to 1024
[  353.768623][ T8517] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.825612][ T8517] ext4 filesystem being mounted at /110/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  354.180797][ T8524] loop3: detected capacity change from 0 to 32768
[  354.189297][ T8524] XFS: ikeep mount option is deprecated.
[  354.740138][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.777424][ T8524] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  354.873752][ T8524] XFS (loop3): Ending clean mount
[  354.880971][ T8524] XFS (loop3): Quotacheck needed: Please wait.
[  354.947511][ T8524] XFS (loop3): Quotacheck: Done.
[  355.211115][ T3442] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  355.262574][ T3442] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  355.372288][ T3442] bond0 (unregistering): Released all slaves
[  355.983068][ T5831] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  356.754254][ T3442] hsr_slave_0: left promiscuous mode
[  356.967444][ T3442] hsr_slave_1: left promiscuous mode
[  357.015003][ T3442] batman_adv: batadv0: Removing interface: batadv_slave_0
[  357.192385][ T8560] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  357.944884][ T3442] batman_adv: batadv0: Removing interface: batadv_slave_1
[  358.354792][ T3442] team0 (unregistering): Port device team_slave_1 removed
[  358.421578][ T3442] team0 (unregistering): Port device team_slave_0 removed
[  358.586625][ T8570] loop5: detected capacity change from 0 to 1024
[  358.878813][ T8570] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  359.225512][ T8394] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  359.263274][ T8394] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  359.596468][ T8394] team0: Port device team_slave_0 added
[  359.681635][ T8577] loop3: detected capacity change from 0 to 1024
[  359.728290][ T8394] team0: Port device team_slave_1 added
[  359.757463][ T8577] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  359.806337][ T8577] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  359.852528][ T8394] batman_adv: batadv0: Adding interface: batadv_slave_0
[  359.872573][ T8394] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  360.087347][ T8394] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  360.133905][ T8394] batman_adv: batadv0: Adding interface: batadv_slave_1
[  360.141134][ T8394] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  360.178606][ T8394] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  361.172870][   T30] kauditd_printk_skb: 57 callbacks suppressed
[  361.172888][   T30] audit: type=1800 audit(1751407437.942:226): pid=8582 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.460" name="file1" dev="loop3" ino=15 res=0 errno=0
[  361.339501][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  362.455928][ T8394] hsr_slave_0: entered promiscuous mode
[  362.462904][ T8394] hsr_slave_1: entered promiscuous mode
[  362.469760][ T8394] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  362.478146][ T8394] Cannot create hsr debugfs directory
[  362.632815][ T8593] loop3: detected capacity change from 0 to 64
[  364.773431][ T8588] syz.3.462: attempt to access beyond end of device
[  364.773431][ T8588] loop3: rw=0, sector=128, nr_sectors = 2 limit=64
[  364.786932][ T8588] Trying to free block not in datazone
[  364.792460][ T8588] Trying to free block not in datazone
[  364.798025][ T8588] Trying to free block not in datazone
[  364.803494][ T8588] Trying to free block not in datazone
[  364.809680][ T8588] Trying to free block not in datazone
[  364.815351][ T8588] Trying to free block not in datazone
[  364.820973][ T8588] minix_free_block (loop3:6): bit already cleared
[  365.623785][ T8601] loop3: detected capacity change from 0 to 2048
[  366.127822][ T8601] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  366.162753][ T8601] UDF-fs: Scanning with blocksize 512 failed
[  366.257267][ T8601] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  366.714694][ T8299] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  366.742009][ T8299] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  366.767225][ T6338] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.784830][ T8600] UDF-fs: warning (device loop3): udf_truncate_tail_extent: Too long extent after EOF in inode 818: i_size: 134285904 lbcount: 134288384 extent 65+34816
[  366.832756][ T8299] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  366.888054][ T8299] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  366.996772][ T7835] kworker/u8:14: attempt to access beyond end of device
[  366.996772][ T7835] loop3: rw=1, sector=2048, nr_sectors = 2 limit=2048
[  367.088766][ T7835] buffer_io_error: 24 callbacks suppressed
[  367.088784][ T7835] Buffer I/O error on dev loop3, logical block 1024, lost async page write
[  367.129744][ T7835] kworker/u8:14: attempt to access beyond end of device
[  367.129744][ T7835] loop3: rw=1, sector=2048, nr_sectors = 2 limit=2048
[  367.210049][ T7835] Buffer I/O error on dev loop3, logical block 1024, lost async page write
[  367.242900][ T7835] kworker/u8:14: attempt to access beyond end of device
[  367.242900][ T7835] loop3: rw=1, sector=2050, nr_sectors = 2 limit=2048
[  367.286928][ T7835] Buffer I/O error on dev loop3, logical block 1025, lost async page write
[  367.452140][ T7835] kworker/u8:14: attempt to access beyond end of device
[  367.452140][ T7835] loop3: rw=1, sector=2050, nr_sectors = 2 limit=2048
[  367.469954][ T7835] Buffer I/O error on dev loop3, logical block 1025, lost async page write
[  367.481617][ T7835] kworker/u8:14: attempt to access beyond end of device
[  367.481617][ T7835] loop3: rw=1, sector=2052, nr_sectors = 2 limit=2048
[  368.364968][ T7835] Buffer I/O error on dev loop3, logical block 1026, lost async page write
[  368.374493][ T7835] kworker/u8:14: attempt to access beyond end of device
[  368.374493][ T7835] loop3: rw=1, sector=2052, nr_sectors = 2 limit=2048
[  368.388787][ T7835] Buffer I/O error on dev loop3, logical block 1026, lost async page write
[  368.406248][ T7835] kworker/u8:14: attempt to access beyond end of device
[  368.406248][ T7835] loop3: rw=1, sector=2054, nr_sectors = 2 limit=2048
[  368.420664][ T7835] Buffer I/O error on dev loop3, logical block 1027, lost async page write
[  368.550090][ T7835] kworker/u8:14: attempt to access beyond end of device
[  368.550090][ T7835] loop3: rw=1, sector=2054, nr_sectors = 2 limit=2048
[  368.571570][ T8635] loop0: detected capacity change from 0 to 512
[  368.629324][ T7835] Buffer I/O error on dev loop3, logical block 1027, lost async page write
[  368.654255][ T7835] kworker/u8:14: attempt to access beyond end of device
[  368.654255][ T7835] loop3: rw=1, sector=2056, nr_sectors = 2 limit=2048
[  368.671733][ T8635] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.471: casefold flag without casefold feature
[  368.673900][ T7835] Buffer I/O error on dev loop3, logical block 1028, lost async page write
[  368.697059][ T7835] Buffer I/O error on dev loop3, logical block 1028, lost async page write
[  368.755301][ T8635] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.471: couldn't read orphan inode 15 (err -117)
[  368.771212][ T8635] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  368.788249][ T8299] 8021q: adding VLAN 0 to HW filter on device bond0
[  369.914137][ T8643] tty tty31: ldisc open failed (-12), clearing slot 30
[  369.927687][ T8299] 8021q: adding VLAN 0 to HW filter on device team0
[  370.000603][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.097028][ T3442] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.104246][ T3442] bridge0: port 1(bridge_slave_0) entered forwarding state
[  370.184765][ T3442] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.191908][ T3442] bridge0: port 2(bridge_slave_1) entered forwarding state
[  370.395849][ T8656] loop0: detected capacity change from 0 to 64
[  373.403728][ T8299] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  373.414402][ T8299] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  373.644198][ T8652] bio_check_eod: 9 callbacks suppressed
[  373.644210][ T8652] syz.0.473: attempt to access beyond end of device
[  373.644210][ T8652] loop0: rw=0, sector=128, nr_sectors = 2 limit=64
[  373.662963][ T8652] Trying to free block not in datazone
[  373.668503][ T8652] Trying to free block not in datazone
[  373.673990][ T8652] Trying to free block not in datazone
[  373.679456][ T8652] Trying to free block not in datazone
[  373.684979][ T8652] Trying to free block not in datazone
[  373.690454][ T8652] Trying to free block not in datazone
[  373.695944][ T8652] minix_free_block (loop0:6): bit already cleared
[  373.799503][ T8663] __vm_enough_memory: pid: 8663, comm: syz.5.475, bytes: 21199863869440 not enough memory for the allocation
[  373.982218][ T8394] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  374.256664][ T8394] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  374.612327][ T8394] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  374.706421][ T8394] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  374.917989][ T8669] loop0: detected capacity change from 0 to 32768
[  374.941257][ T8669] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.477 (8669)
[  374.997242][ T8669] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  375.007428][ T8669] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  375.016027][ T8669] BTRFS info (device loop0): disk space caching is enabled
[  375.023232][ T8669] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  375.360331][ T8669] BTRFS info (device loop0): rebuilding free space tree
[  375.420374][ T8669] BTRFS info (device loop0): disabling free space tree
[  375.427430][ T8669] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  375.437109][ T8669] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  375.524971][   T30] audit: type=1800 audit(1751407452.302:227): pid=8669 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.477" name="bus" dev="loop0" ino=264 res=0 errno=0
[  375.894772][ T5843] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  375.922302][ T8299] 8021q: adding VLAN 0 to HW filter on device batadv0
[  376.691274][ T8394] 8021q: adding VLAN 0 to HW filter on device bond0
[  376.836233][ T8394] 8021q: adding VLAN 0 to HW filter on device team0
[  376.922368][ T1114] bridge0: port 1(bridge_slave_0) entered blocking state
[  376.929685][ T1114] bridge0: port 1(bridge_slave_0) entered forwarding state
[  377.281011][ T8724] binder: 8715:8724 ioctl c0306201 0 returned -14
[  377.361477][ T7428] bridge0: port 2(bridge_slave_1) entered blocking state
[  377.368773][ T7428] bridge0: port 2(bridge_slave_1) entered forwarding state
[  378.334814][ T8721] loop3: detected capacity change from 0 to 4096
[  378.599439][ T8736] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  378.661326][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  378.671283][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  378.931412][ T8299] veth0_vlan: entered promiscuous mode
[  378.980943][ T8299] veth1_vlan: entered promiscuous mode
[  379.256974][ T8746] loop3: detected capacity change from 0 to 64
[  379.432718][ T8744] syz.3.485: attempt to access beyond end of device
[  379.432718][ T8744] loop3: rw=0, sector=128, nr_sectors = 2 limit=64
[  379.446723][ T8744] Trying to free block not in datazone
[  379.452268][ T8744] Trying to free block not in datazone
[  379.457880][ T8744] Trying to free block not in datazone
[  379.463347][ T8744] Trying to free block not in datazone
[  379.469050][ T8744] Trying to free block not in datazone
[  379.474569][ T8744] Trying to free block not in datazone
[  379.481222][ T8744] minix_free_block (loop3:6): bit already cleared
[  380.049632][ T8299] veth0_macvtap: entered promiscuous mode
[  380.098148][ T8299] veth1_macvtap: entered promiscuous mode
[  380.667956][ T8299] batman_adv: batadv0: Interface activated: batadv_slave_0
[  380.718648][ T8299] batman_adv: batadv0: Interface activated: batadv_slave_1
[  380.782340][ T3442] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  380.839894][ T8394] 8021q: adding VLAN 0 to HW filter on device batadv0
[  380.906340][ T8762] netlink: 36 bytes leftover after parsing attributes in process `syz.0.488'.
[  380.926132][ T3442] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  380.947779][ T8762] netlink: 16 bytes leftover after parsing attributes in process `syz.0.488'.
[  380.971279][ T3442] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  380.986975][ T8762] netlink: 36 bytes leftover after parsing attributes in process `syz.0.488'.
[  380.998130][ T3442] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  381.007866][ T8762] netlink: 36 bytes leftover after parsing attributes in process `syz.0.488'.
[  381.099033][ T1114] Bluetooth: (null): Invalid header checksum
[  381.131596][ T1114] Bluetooth: (null): Invalid header checksum
[  381.144845][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  381.153211][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  381.206112][   T12] Bluetooth: (null): Invalid header checksum
[  381.410142][ T7428] Bluetooth: (null): Invalid header checksum
[  381.454761][ T7428] Bluetooth: (null): Invalid header checksum
[  381.462256][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  381.615764][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  382.611906][ T8787] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  383.296116][ T8394] veth0_vlan: entered promiscuous mode
[  383.370247][ T8394] veth1_vlan: entered promiscuous mode
[  383.566358][ T8394] veth0_macvtap: entered promiscuous mode
[  383.578040][ T8394] veth1_macvtap: entered promiscuous mode
[  383.598165][ T8394] batman_adv: batadv0: Interface activated: batadv_slave_0
[  383.610824][ T8394] batman_adv: batadv0: Interface activated: batadv_slave_1
[  383.623996][ T8799] binder: 8792:8799 ioctl c0306201 0 returned -14
[  384.631438][ T3442] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  384.707501][ T3442] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  384.752149][ T3442] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  384.766299][ T8813] netlink: 36 bytes leftover after parsing attributes in process `syz.0.498'.
[  384.819750][   T12] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  384.839331][ T8813] netlink: 16 bytes leftover after parsing attributes in process `syz.0.498'.
[  384.883757][ T8813] netlink: 36 bytes leftover after parsing attributes in process `syz.0.498'.
[  384.913260][ T8813] netlink: 36 bytes leftover after parsing attributes in process `syz.0.498'.
[  385.018706][   T12] Bluetooth: (null): Invalid header checksum
[  385.052584][   T12] Bluetooth: (null): Invalid header checksum
[  385.091613][   T12] Bluetooth: (null): Invalid header checksum
[  385.202281][   T36] Bluetooth: (null): Invalid header checksum
[  385.305771][ T3480] Bluetooth: (null): Invalid header checksum
[  385.601560][ T8825] loop0: detected capacity change from 0 to 64
[  387.418610][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.482568][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  387.490972][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.529412][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  387.630888][ T8824] syz.0.501: attempt to access beyond end of device
[  387.630888][ T8824] loop0: rw=0, sector=128, nr_sectors = 2 limit=64
[  387.644150][ T8824] Trying to free block not in datazone
[  387.649633][ T8824] Trying to free block not in datazone
[  387.655149][ T8824] Trying to free block not in datazone
[  387.660627][ T8824] Trying to free block not in datazone
[  387.666292][ T8824] Trying to free block not in datazone
[  387.672265][ T8824] Trying to free block not in datazone
[  387.677762][ T8824] minix_free_block (loop0:6): bit already cleared
[  388.158020][ T8834] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  388.539946][ T8841] loop7: detected capacity change from 0 to 512
[  388.882609][ T8841] EXT4-fs error (device loop7): ext4_orphan_get:1393: inode #15: comm syz.7.258: casefold flag without casefold feature
[  388.952708][ T8841] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.258: couldn't read orphan inode 15 (err -117)
[  389.051445][ T8841] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  389.695396][ T8857] __vm_enough_memory: pid: 8857, comm: syz.0.505, bytes: 21199626473472 not enough memory for the allocation
[  389.968952][ T8394] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  391.542327][ T8877] netlink: 36 bytes leftover after parsing attributes in process `syz.7.510'.
[  391.697407][ T8880] snd_dummy snd_dummy.0: control 0:129:-2:syz0:5 is already present
[  391.707757][ T8877] netlink: 16 bytes leftover after parsing attributes in process `syz.7.510'.
[  391.807034][ T8878] loop0: detected capacity change from 0 to 2048
[  391.828212][ T8877] netlink: 36 bytes leftover after parsing attributes in process `syz.7.510'.
[  393.415628][ T8877] netlink: 36 bytes leftover after parsing attributes in process `syz.7.510'.
[  395.214992][ T8878] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  395.287400][ T8878] UDF-fs: Scanning with blocksize 512 failed
[  395.490687][ T8893] loop7: detected capacity change from 0 to 64
[  396.259435][ T8890] syz.7.512: attempt to access beyond end of device
[  396.259435][ T8890] loop7: rw=0, sector=128, nr_sectors = 2 limit=64
[  396.275100][ T8890] Trying to free block not in datazone
[  396.280711][ T8890] Trying to free block not in datazone
[  396.286337][ T8890] Trying to free block not in datazone
[  396.291891][ T8890] Trying to free block not in datazone
[  396.297573][ T8890] Trying to free block not in datazone
[  396.303391][ T8890] Trying to free block not in datazone
[  396.309205][ T8890] minix_free_block (loop7:6): bit already cleared
[  396.390064][ T8892] binder: 8889:8892 ioctl c0306201 0 returned -14
[  396.524648][ T8878] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  396.582550][ T8896] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  396.811830][ T8901] loop3: detected capacity change from 0 to 512
[  397.038598][ T8901] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.516: casefold flag without casefold feature
[  397.328677][ T8910] loop0: detected capacity change from 0 to 32768
[  397.336182][ T8910] XFS: ikeep mount option is deprecated.
[  397.349442][ T8901] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.516: couldn't read orphan inode 15 (err -117)
[  397.406181][ T8910] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  397.431319][ T8901] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  397.504969][ T8910] XFS (loop0): Ending clean mount
[  397.515634][ T8910] XFS (loop0): Quotacheck needed: Please wait.
[  397.563674][ T8910] XFS (loop0): Quotacheck: Done.
[  397.971795][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  398.879327][ T5843] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  398.934897][ T8925] __vm_enough_memory: pid: 8925, comm: syz.7.518, bytes: 21199674286080 not enough memory for the allocation
[  400.214091][ T8936] netlink: 36 bytes leftover after parsing attributes in process `syz.7.522'.
[  400.279066][ T8936] netlink: 16 bytes leftover after parsing attributes in process `syz.7.522'.
[  400.376795][ T8936] netlink: 36 bytes leftover after parsing attributes in process `syz.7.522'.
[  400.474799][ T8936] netlink: 36 bytes leftover after parsing attributes in process `syz.7.522'.
[  402.310123][ T8959] loop6: detected capacity change from 0 to 64
[  403.509599][ T8959] syz.6.526: attempt to access beyond end of device
[  403.509599][ T8959] loop6: rw=0, sector=128, nr_sectors = 2 limit=64
[  403.523393][ T8959] Trying to free block not in datazone
[  403.529115][ T8959] Trying to free block not in datazone
[  403.534779][ T8959] Trying to free block not in datazone
[  403.540844][ T8959] Trying to free block not in datazone
[  403.547069][ T8959] Trying to free block not in datazone
[  403.552800][ T8959] Trying to free block not in datazone
[  403.558540][ T8959] minix_free_block (loop6:6): bit already cleared
[  403.735096][ T8958] loop7: detected capacity change from 0 to 2048
[  403.955150][ T8958] UDF-fs: warning (device loop7): udf_load_vrs: No anchor found
[  404.016372][ T8958] UDF-fs: Scanning with blocksize 512 failed
[  404.048624][ T8958] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  404.948322][ T8973] loop6: detected capacity change from 0 to 512
[  405.114885][ T8973] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #15: comm syz.6.529: casefold flag without casefold feature
[  405.223986][ T8974] loop0: detected capacity change from 0 to 32768
[  405.231229][ T8974] XFS: ikeep mount option is deprecated.
[  405.241352][ T8973] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.529: couldn't read orphan inode 15 (err -117)
[  405.500242][ T8974] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  405.786670][ T8973] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  405.893193][ T8982] loop5: detected capacity change from 0 to 4096
[  406.301068][ T8974] XFS (loop0): Ending clean mount
[  406.314896][ T8974] XFS (loop0): Quotacheck needed: Please wait.
[  406.358626][ T8998] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  406.521744][ T8299] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  407.140759][ T8974] XFS (loop0): Quotacheck: Done.
[  408.308533][ T5843] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  409.372388][ T9018] loop5: detected capacity change from 0 to 64
[  411.955267][ T9017] syz.5.537: attempt to access beyond end of device
[  411.955267][ T9017] loop5: rw=0, sector=128, nr_sectors = 2 limit=64
[  411.968393][ T5904] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  411.976632][ T9017] Trying to free block not in datazone
[  411.982244][ T9017] Trying to free block not in datazone
[  411.988002][ T9017] Trying to free block not in datazone
[  411.993978][ T9017] Trying to free block not in datazone
[  411.999586][ T9017] Trying to free block not in datazone
[  412.005233][ T9017] Trying to free block not in datazone
[  412.010909][ T9017] minix_free_block (loop5:6): bit already cleared
[  412.241840][ T5904] usb 1-1: Using ep0 maxpacket: 32
[  412.281923][ T9026] overlayfs: missing 'lowerdir'
[  413.049548][ T9034] loop0: detected capacity change from 0 to 512
[  413.056978][ T9034] EXT4-fs: Ignoring removed mblk_io_submit option
[  413.478213][ T9034] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  413.633070][ T9032] loop3: detected capacity change from 0 to 64
[  413.773086][ T9034] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  413.811742][ T9034] System zones: 1-12
[  413.944738][ T9032] syz.3.540: attempt to access beyond end of device
[  413.944738][ T9032] loop3: rw=0, sector=128, nr_sectors = 2 limit=64
[  413.983478][ T9034] EXT4-fs error (device loop0): ext4_iget_extra_inode:5034: inode #15: comm syz.0.535: corrupted in-inode xattr: e_value size too large
[  414.078647][ T9034] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.535: couldn't read orphan inode 15 (err -117)
[  414.161097][ T9032] Trying to free block not in datazone
[  414.220411][ T9034] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  414.318001][ T9032] Trying to free block not in datazone
[  414.329926][ T5904] usb 1-1: unable to get BOS descriptor or descriptor too short
[  414.337750][ T5904] usb 1-1: too many configurations: 81, using maximum allowed: 8
[  414.348242][ T5904] usb 1-1: unable to read config index 0 descriptor/start: -71
[  414.358519][ T9032] Trying to free block not in datazone
[  414.401613][ T9032] Trying to free block not in datazone
[  414.423848][ T9041] loop7: detected capacity change from 0 to 512
[  414.432732][ T9032] Trying to free block not in datazone
[  414.437009][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.440497][ T5904] usb 1-1: can't read configurations, error -71
[  414.473698][ T9032] Trying to free block not in datazone
[  414.479188][ T9032] minix_free_block (loop3:6): bit already cleared
[  414.527752][ T9041] EXT4-fs error (device loop7): ext4_orphan_get:1393: inode #15: comm syz.7.544: casefold flag without casefold feature
[  414.609688][ T9041] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.544: couldn't read orphan inode 15 (err -117)
[  414.656704][ T9049] syz.5.543: attempt to access beyond end of device
[  414.656704][ T9049] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  414.679471][ T9049] snd_dummy snd_dummy.0: control 0:129:-2:syz0:5 is already present
[  414.729072][ T9041] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  416.165117][ T8394] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  416.505345][ T9064] loop3: detected capacity change from 0 to 32768
[  416.512765][ T9064] XFS: ikeep mount option is deprecated.
[  416.675989][ T9064] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  417.509268][ T9064] XFS (loop3): Ending clean mount
[  417.518967][ T9064] XFS (loop3): Quotacheck needed: Please wait.
[  417.825592][ T9064] XFS (loop3): Quotacheck: Done.
[  419.039309][ T9094] loop5: detected capacity change from 0 to 512
[  419.060312][ T5831] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  419.089648][ T9080] loop0: detected capacity change from 0 to 4096
[  419.123094][ T9094] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.552: casefold flag without casefold feature
[  419.179930][ T9094] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.552: couldn't read orphan inode 15 (err -117)
[  419.290999][ T9094] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  419.336209][ T9080] NILFS (loop0): error -4 creating segctord thread
[  419.361370][ T9100] overlayfs: missing 'lowerdir'
[  419.691950][ T9104] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  421.105851][ T5890] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  421.297530][ T5890] usb 8-1: Using ep0 maxpacket: 32
[  421.657242][ T5936] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  421.701231][ T9098] loop6: detected capacity change from 0 to 32768
[  421.867792][ T9098] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.551 (9098)
[  421.919425][ T5936] usb 1-1: Using ep0 maxpacket: 32
[  422.046175][ T9123] loop7: detected capacity change from 0 to 512
[  422.058708][ T9123] EXT4-fs: Ignoring removed mblk_io_submit option
[  422.134373][ T9123] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  422.186374][ T9123] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  422.195178][ T9123] System zones: 1-12
[  422.202844][ T9123] EXT4-fs error (device loop7): ext4_iget_extra_inode:5034: inode #15: comm syz.7.556: corrupted in-inode xattr: e_value size too large
[  422.228072][ T9123] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.556: couldn't read orphan inode 15 (err -117)
[  422.267182][ T9123] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  422.981189][ T9130] loop0: detected capacity change from 0 to 512
[  422.990719][ T9130] EXT4-fs: Ignoring removed mblk_io_submit option
[  423.123637][ T9130] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  423.168505][ T9130] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  423.177269][ T9130] System zones: 1-12
[  423.187789][ T9130] EXT4-fs error (device loop0): ext4_iget_extra_inode:5034: inode #15: comm syz.0.555: corrupted in-inode xattr: e_value size too large
[  423.221605][ T9130] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.555: couldn't read orphan inode 15 (err -117)
[  423.259932][ T9130] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  423.893392][ T5890] usb 8-1: unable to get BOS descriptor or descriptor too short
[  423.908396][ T9137] netlink: 36 bytes leftover after parsing attributes in process `syz.3.560'.
[  423.971264][ T5890] usb 8-1: too many configurations: 81, using maximum allowed: 8
[  423.982476][ T9137] netlink: 16 bytes leftover after parsing attributes in process `syz.3.560'.
[  424.006356][ T5890] usb 8-1: unable to read config index 0 descriptor/start: -71
[  424.051362][ T5890] usb 8-1: can't read configurations, error -71
[  424.063839][ T9137] netlink: 36 bytes leftover after parsing attributes in process `syz.3.560'.
[  424.165618][ T8394] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.251389][ T9137] netlink: 36 bytes leftover after parsing attributes in process `syz.3.560'.
[  424.624680][ T5936] usb 1-1: unable to get BOS descriptor or descriptor too short
[  424.632488][ T5936] usb 1-1: too many configurations: 81, using maximum allowed: 8
[  424.655314][ T5936] usb 1-1: unable to read config index 0 descriptor/start: -71
[  424.663004][ T5936] usb 1-1: can't read configurations, error -71
[  424.697994][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  425.974826][ T9156] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  426.085149][ T6338] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  426.173931][ T9162] overlayfs: missing 'lowerdir'
[  427.199276][ T9175] loop5: detected capacity change from 0 to 4096
[  427.216250][ T9176] loop7: detected capacity change from 0 to 64
[  427.277060][ T9176] syz.7.567: attempt to access beyond end of device
[  427.277060][ T9176] loop7: rw=0, sector=128, nr_sectors = 2 limit=64
[  427.290383][ T9176] Trying to free block not in datazone
[  427.295926][ T9176] Trying to free block not in datazone
[  427.301899][ T9176] Trying to free block not in datazone
[  427.307424][ T9176] Trying to free block not in datazone
[  427.312888][ T9176] Trying to free block not in datazone
[  427.318467][ T9176] Trying to free block not in datazone
[  427.323972][ T9176] minix_free_block (loop7:6): bit already cleared
[  427.414457][ T9179] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  427.794077][ T5919] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  427.994345][ T5919] usb 4-1: Using ep0 maxpacket: 32
[  428.707392][ T9170] loop0: detected capacity change from 0 to 32768
[  428.748547][ T9170] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.569 (9170)
[  428.854868][ T5904] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  428.860381][ T9170] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  428.920155][ T9170] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  429.429185][ T9208] loop3: detected capacity change from 0 to 512
[  429.436561][ T9208] EXT4-fs: Ignoring removed mblk_io_submit option
[  429.598361][ T9208] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  429.622403][ T9208] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  429.630688][ T9208] System zones: 1-12
[  429.637503][ T9170] BTRFS info (device loop0): using free-space-tree
[  429.672490][ T9208] EXT4-fs error (device loop3): ext4_iget_extra_inode:5034: inode #15: comm syz.3.571: corrupted in-inode xattr: e_value size too large
[  429.692352][ T9208] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.571: couldn't read orphan inode 15 (err -117)
[  429.713710][ T5904] usb 6-1: Using ep0 maxpacket: 32
[  429.713791][ T9170] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  429.725278][ T9208] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  429.766244][ T9170] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  429.766588][ T9170] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  429.867103][ T9170] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  429.980841][ T9170] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  430.133741][ T9227] loop5: detected capacity change from 0 to 512
[  430.156783][ T9227] EXT4-fs: Ignoring removed mblk_io_submit option
[  430.169467][ T9170] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  430.189196][ T9170] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  430.503199][ T9170] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  430.520281][ T9227] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  430.840145][ T5919] usb 4-1: unable to get BOS descriptor or descriptor too short
[  430.856213][ T9227] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  430.864456][ T9227] System zones: 1-12
[  430.869498][ T9227] EXT4-fs error (device loop5): ext4_iget_extra_inode:5034: inode #15: comm syz.5.573: corrupted in-inode xattr: e_value size too large
[  430.882506][ T5919] usb 4-1: too many configurations: 81, using maximum allowed: 8
[  430.902687][ T9227] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.573: couldn't read orphan inode 15 (err -117)
[  430.903056][ T9170] BTRFS error (device loop0): open_ctree failed: -12
[  430.934625][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  430.935971][ T9227] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  431.010261][ T5919] usb 4-1: unable to read config index 0 descriptor/start: -71
[  431.081451][ T9239] loop6: detected capacity change from 0 to 64
[  431.733380][ T5919] usb 4-1: can't read configurations, error -71
[  433.729876][ T5904] usb 6-1: unable to get BOS descriptor or descriptor too short
[  433.760270][ T5904] usb 6-1: too many configurations: 81, using maximum allowed: 8
[  433.809490][ T6338] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  433.844413][ T5904] usb 6-1: unable to read config index 0 descriptor/start: -71
[  433.868939][ T5904] usb 6-1: can't read configurations, error -71
[  434.090419][ T9247] loop3: detected capacity change from 0 to 1024
[  434.141282][ T9247] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  434.190283][ T9250] overlayfs: missing 'lowerdir'
[  434.490154][ T9258] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  435.607753][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  437.586619][ T9289] loop0: detected capacity change from 0 to 512
[  437.638939][ T9297] overlayfs: missing 'lowerdir'
[  437.659296][ T9289] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.589: casefold flag without casefold feature
[  437.688703][ T9289] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.589: couldn't read orphan inode 15 (err -117)
[  437.715371][ T9289] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  437.969578][ T9304] loop5: detected capacity change from 0 to 64
[  439.113851][ T9304] syz.5.590: attempt to access beyond end of device
[  439.113851][ T9304] loop5: rw=0, sector=128, nr_sectors = 2 limit=64
[  439.127412][ T9304] Trying to free block not in datazone
[  439.132952][ T9304] Trying to free block not in datazone
[  439.138577][ T9304] Trying to free block not in datazone
[  439.144193][ T9304] Trying to free block not in datazone
[  439.149873][ T9304] Trying to free block not in datazone
[  439.155615][ T9304] Trying to free block not in datazone
[  439.161220][ T9304] minix_free_block (loop5:6): bit already cleared
[  440.162887][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  440.182998][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  440.565808][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  443.518149][ T9360] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  443.724527][ T9370] netlink: 8 bytes leftover after parsing attributes in process `syz.5.608'.
[  443.766486][ T9370] netlink: 4 bytes leftover after parsing attributes in process `syz.5.608'.
[  445.621972][ T9382] loop5: detected capacity change from 0 to 512
[  445.820472][ T9382] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.610: casefold flag without casefold feature
[  445.841253][ T9353] ALSA: mixer_oss: invalid OSS volume ''
[  445.994111][ T9382] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.610: couldn't read orphan inode 15 (err -117)
[  446.048626][ T9382] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  447.512147][ T6338] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  447.620083][ T9403] loop0: detected capacity change from 0 to 64
[  447.760219][ T9403] syz.0.612: attempt to access beyond end of device
[  447.760219][ T9403] loop0: rw=0, sector=128, nr_sectors = 2 limit=64
[  447.774612][ T9403] Trying to free block not in datazone
[  447.780549][ T9403] Trying to free block not in datazone
[  447.786427][ T9403] Trying to free block not in datazone
[  447.793850][ T9403] Trying to free block not in datazone
[  447.799476][ T9403] Trying to free block not in datazone
[  447.806575][ T9403] Trying to free block not in datazone
[  447.812278][ T9403] minix_free_block (loop0:6): bit already cleared
[  447.957428][ T9360] syz.7.606 (9360): drop_caches: 2
[  452.057057][ T9438] loop6: detected capacity change from 0 to 64
[  452.130945][ T9438] syz.6.620: attempt to access beyond end of device
[  452.130945][ T9438] loop6: rw=0, sector=128, nr_sectors = 2 limit=64
[  452.144807][ T9438] Trying to free block not in datazone
[  452.150395][ T9438] Trying to free block not in datazone
[  452.156042][ T9438] Trying to free block not in datazone
[  452.161624][ T9438] Trying to free block not in datazone
[  452.167317][ T9438] Trying to free block not in datazone
[  452.172883][ T9438] Trying to free block not in datazone
[  452.178692][ T9438] minix_free_block (loop6:6): bit already cleared
[  452.406551][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  453.297726][ T9449] loop3: detected capacity change from 0 to 512
[  453.459066][ T9449] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.625: casefold flag without casefold feature
[  453.932447][ T9449] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.625: couldn't read orphan inode 15 (err -117)
[  454.006335][ T9449] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  454.483063][ T9466] loop0: detected capacity change from 0 to 1024
[  454.749146][ T9466] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  455.024326][ T9473] loop6: detected capacity change from 0 to 64
[  455.514617][ T9473] syz.6.630: attempt to access beyond end of device
[  455.514617][ T9473] loop6: rw=0, sector=128, nr_sectors = 2 limit=64
[  455.528277][ T9473] Trying to free block not in datazone
[  455.533981][ T9473] Trying to free block not in datazone
[  455.539577][ T9473] Trying to free block not in datazone
[  455.545192][ T9473] Trying to free block not in datazone
[  455.550990][ T9473] Trying to free block not in datazone
[  455.556694][ T9473] Trying to free block not in datazone
[  455.562788][ T9473] minix_free_block (loop6:6): bit already cleared
[  455.734780][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  458.761312][ T9500] loop6: detected capacity change from 0 to 512
[  459.454310][ T9500] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #15: comm syz.6.637: casefold flag without casefold feature
[  459.684572][   T24] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  459.727596][ T9500] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.637: couldn't read orphan inode 15 (err -117)
[  460.216326][ T9500] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  460.257403][ T9518] loop5: detected capacity change from 0 to 2048
[  460.293631][   T24] usb 1-1: Using ep0 maxpacket: 32
[  460.632307][ T9521] loop0: detected capacity change from 0 to 512
[  460.639872][ T9521] EXT4-fs: Ignoring removed mblk_io_submit option
[  460.676185][ T9521] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  460.688043][ T9518] EXT4-fs: Invalid want_extra_isize 4
[  460.747569][ T9524] loop7: detected capacity change from 0 to 1024
[  460.763287][ T9521] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  460.771630][ T9521] System zones: 1-12
[  460.780232][ T9521] EXT4-fs error (device loop0): ext4_iget_extra_inode:5034: inode #15: comm syz.0.640: corrupted in-inode xattr: e_value size too large
[  460.834565][ T9521] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.640: couldn't read orphan inode 15 (err -117)
[  460.856188][ T9521] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  460.930236][ T9531] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  461.008082][ T9524] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  461.063836][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  461.663834][ T8394] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  461.803861][ T1570] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  461.965237][ T9541] __vm_enough_memory: pid: 9541, comm: syz.7.644, bytes: 21199674286080 not enough memory for the allocation
[  462.259288][ T1570] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  462.652418][ T5836] Bluetooth: hci2: command 0x0406 tx timeout
[  462.752602][ T1570] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  462.762945][   T24] usb 1-1: unable to get BOS descriptor or descriptor too short
[  462.821542][ T1570] usb 6-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  462.835975][   T24] usb 1-1: too many configurations: 81, using maximum allowed: 8
[  462.865550][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  462.868967][ T1570] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  462.903141][   T24] usb 1-1: unable to read config index 0 descriptor/start: -71
[  462.926230][   T24] usb 1-1: can't read configurations, error -71
[  462.965038][ T1570] usb 6-1: config 0 descriptor??
[  463.019399][ T1570] usbhid 6-1:0.0: can't add hid device: -22
[  463.044978][ T1570] usbhid 6-1:0.0: probe with driver usbhid failed with error -22
[  463.656623][ T8299] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  463.798183][ T9556] loop6: detected capacity change from 0 to 256
[  464.051372][ T9556] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[  465.120848][ T5919] usb 6-1: USB disconnect, device number 6
[  465.375839][ T9575] exFAT-fs (loop6): valid_size(150994954) is greater than size(10)
[  465.728703][ T9581] snd_dummy snd_dummy.0: control 0:129:-2:syz0:5 is already present
[  467.451754][ T9595] Device name not specified.
[  467.451754][ T9595] 
[  468.184296][ T9600] __vm_enough_memory: pid: 9600, comm: syz.3.656, bytes: 21199977992192 not enough memory for the allocation
[  468.999519][ T9606] loop0: detected capacity change from 0 to 512
[  469.715190][ T9593] loop5: detected capacity change from 0 to 4096
[  469.742944][ T9606] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.658: casefold flag without casefold feature
[  469.813824][ T9606] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.658: couldn't read orphan inode 15 (err -117)
[  469.953903][ T9606] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  470.131964][ T9622] loop7: detected capacity change from 0 to 2048
[  470.336322][ T9622] EXT4-fs: Invalid want_extra_isize 4
[  470.899303][ T9625] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  471.253746][ T1570] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  471.465787][ T1570] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  471.496446][ T1570] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  471.692543][ T1570] usb 8-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  471.702375][ T1570] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  471.725312][ T1570] usb 8-1: config 0 descriptor??
[  471.737454][ T1570] usbhid 8-1:0.0: can't add hid device: -22
[  471.753704][ T1570] usbhid 8-1:0.0: probe with driver usbhid failed with error -22
[  472.651507][ T9653] loop5: detected capacity change from 0 to 512
[  472.948314][ T9653] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.664: casefold flag without casefold feature
[  472.972894][ T9653] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.664: couldn't read orphan inode 15 (err -117)
[  472.995499][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  473.105674][ T9653] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  473.143995][ T5890] usb 8-1: USB disconnect, device number 4
[  473.506734][ T9667] snd_dummy snd_dummy.0: control 0:129:-2:syz0:5 is already present
[  474.186401][ T6338] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  475.587732][ T9680] binder: 9679:9680 ioctl c0306201 0 returned -14
[  477.428575][ T9701] loop6: detected capacity change from 0 to 4096
[  478.534603][ T9716] loop0: detected capacity change from 0 to 2048
[  479.162749][ T9716] EXT4-fs: Invalid want_extra_isize 4
[  479.677292][ T9726] loop3: detected capacity change from 0 to 512
[  479.743648][ T1570] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  479.756053][ T9726] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.677: casefold flag without casefold feature
[  479.973845][ T9726] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.677: couldn't read orphan inode 15 (err -117)
[  479.992536][ T1570] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  480.018615][ T9726] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  480.041726][ T1570] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  480.077678][ T1570] usb 1-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  480.313630][ T1570] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.346300][ T1570] usb 1-1: config 0 descriptor??
[  480.370849][ T9738] loop7: detected capacity change from 0 to 1024
[  480.415371][ T1570] usbhid 1-1:0.0: can't add hid device: -22
[  480.432660][ T9738] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  480.437318][ T1570] usbhid 1-1:0.0: probe with driver usbhid failed with error -22
[  480.609800][ T8394] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  480.634229][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  480.871814][ T9749] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  481.805452][ T5919] usb 1-1: USB disconnect, device number 8
[  482.018607][ T9759] binder: 9758:9759 ioctl c0306201 0 returned -14
[  482.191183][ T9765] netlink: 12 bytes leftover after parsing attributes in process `syz.5.686'.
[  485.102340][ T9787] loop5: detected capacity change from 0 to 4096
[  486.678361][ T9815] syz.0.693: attempt to access beyond end of device
[  486.678361][ T9815] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  486.703388][ T9815] snd_dummy snd_dummy.0: control 0:129:-2:syz0:5 is already present
[  487.305949][ T9819] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  487.360472][ T9792] loop7: detected capacity change from 0 to 32768
[  487.370410][ T9792] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.689 (9792)
[  487.538248][ T9792] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  487.567367][ T9792] BTRFS info (device loop7): using crc32c (crc32c-lib) checksum algorithm
[  488.493407][ T9792] BTRFS info (device loop7): using free-space-tree
[  488.500830][ T9792] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  488.501223][ T9792] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  488.523992][ T9792] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  488.541248][ T9792] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  488.557125][ T9792] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  488.586636][ T9792] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  488.605137][ T9792] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  488.626972][ T9792] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  488.646650][ T9792] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  488.661463][ T9792] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  488.671552][ T9792] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  488.758979][ T9792] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  488.859969][ T9850] __vm_enough_memory: pid: 9850, comm: syz.6.698, bytes: 21199884136448 not enough memory for the allocation
[  489.436464][ T9792] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  489.664287][ T9792] BTRFS error (device loop7): open_ctree failed: -12
[  490.588390][ T9866] loop5: detected capacity change from 0 to 512
[  491.034045][ T9866] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.701: casefold flag without casefold feature
[  491.062848][ T9866] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.701: couldn't read orphan inode 15 (err -117)
[  491.095039][ T9866] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  494.557691][ T6338] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  497.331924][ T9910] loop3: detected capacity change from 0 to 1024
[  498.115963][ T9910] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  498.193310][ T9919] syz.6.709 uses obsolete (PF_INET,SOCK_PACKET)
[  498.423036][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  500.405350][ T9940] loop3: detected capacity change from 0 to 512
[  501.336458][ T9940] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.714: casefold flag without casefold feature
[  501.408240][ T9940] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.714: couldn't read orphan inode 15 (err -117)
[  501.498422][ T9940] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  501.539427][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  501.546455][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  505.608810][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  505.643221][ T9982] loop0: detected capacity change from 0 to 2048
[  505.772265][ T9986] loop7: detected capacity change from 0 to 4096
[  505.792429][ T9982] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  505.848038][ T9982] UDF-fs: Scanning with blocksize 512 failed
[  505.926276][ T9982] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  507.205418][T10006] loop3: detected capacity change from 0 to 1024
[  507.375531][T10006] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  508.269076][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  508.750701][ T9993] loop6: detected capacity change from 0 to 32768
[  508.795916][ T9993] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.727 (9993)
[  508.944145][T10034] syz.0.732: attempt to access beyond end of device
[  508.944145][T10034] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  508.964563][T10034] snd_dummy snd_dummy.0: control 0:129:-2:syz0:5 is already present
[  512.164289][T10062] loop7: detected capacity change from 0 to 64
[  514.124223][T10059] syz.7.737: attempt to access beyond end of device
[  514.124223][T10059] loop7: rw=0, sector=128, nr_sectors = 2 limit=64
[  514.139846][T10059] Trying to free block not in datazone
[  514.145584][T10059] Trying to free block not in datazone
[  514.151140][T10059] Trying to free block not in datazone
[  514.156732][T10059] Trying to free block not in datazone
[  514.162292][T10059] Trying to free block not in datazone
[  514.168211][T10059] Trying to free block not in datazone
[  514.173934][T10059] minix_free_block (loop7:6): bit already cleared
[  515.753727][T10072] loop6: detected capacity change from 0 to 40427
[  515.813869][T10072] F2FS-fs (loop6): invalid crc value
[  516.100856][T10072] F2FS-fs (loop6): Start checkpoint disabled!
[  516.136129][T10072] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  516.817756][T10083] loop5: detected capacity change from 0 to 4096
[  516.955224][T10092] snd_dummy snd_dummy.0: control 0:129:-2:syz0:5 is already present
[  517.409851][T10083] loop5: detected capacity change from 0 to 32768
[  517.576230][T10083] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  517.576246][T10083]   allowing incompatible features above 0.0: (unknown version)
[  517.576252][T10083]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  517.615289][T10083] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[  517.623599][T10083] bcachefs (loop5): initializing new filesystem
[  517.635555][T10083] bcachefs (loop5): going read-write
[  517.644242][T10083] bcachefs (loop5): marking superblocks
[  517.654122][T10083] bcachefs (loop5): initializing freespace
[  517.661651][T10083] bcachefs (loop5): done initializing freespace
[  517.669445][T10083] bcachefs (loop5): reading snapshots table
[  517.675435][T10083] bcachefs (loop5): reading snapshots done
[  517.868532][T10083] bcachefs (loop5): done starting filesystem
[  518.462801][ T6338] bcachefs (loop5): shutting down
[  518.499151][ T6338] bcachefs (loop5): going read-only
[  518.544348][ T6338] bcachefs (loop5): finished waiting for writes to stop
[  518.623583][ T6338] bcachefs (loop5): flushing journal and stopping allocators, journal seq 3
[  519.579408][ T6338] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 4
[  519.653740][ T6338] bcachefs (loop5): clean shutdown complete, journal seq 5
[  519.662515][ T6338] bcachefs (loop5): marking filesystem clean
[  520.081955][T10131] loop3: detected capacity change from 0 to 64
[  520.354099][T10128] syz.3.751: attempt to access beyond end of device
[  520.354099][T10128] loop3: rw=0, sector=128, nr_sectors = 2 limit=64
[  520.367800][T10128] Trying to free block not in datazone
[  520.373372][T10128] Trying to free block not in datazone
[  520.379316][T10128] Trying to free block not in datazone
[  520.385250][T10128] Trying to free block not in datazone
[  520.391050][T10128] Trying to free block not in datazone
[  520.396846][T10128] Trying to free block not in datazone
[  520.402529][T10128] minix_free_block (loop3:6): bit already cleared
[  520.946577][ T6338] bcachefs (loop5): shutdown complete
[  521.116914][T10139] loop6: detected capacity change from 0 to 2048
[  521.165673][T10139] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  521.236532][T10139] UDF-fs: Scanning with blocksize 512 failed
[  521.468157][T10139] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  521.965242][T10132] loop0: detected capacity change from 0 to 32768
[  521.988657][T10132] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.752 (10132)
[  522.042537][T10132] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  522.158862][T10132] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  522.298343][T10132] BTRFS info (device loop0): using free-space-tree
[  523.801559][ T5843] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  524.826206][T10201] syz.3.759: attempt to access beyond end of device
[  524.826206][T10201] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  524.847503][T10201] snd_dummy snd_dummy.0: control 0:129:-2:syz0:5 is already present
[  526.669591][T10220] loop0: detected capacity change from 0 to 512
[  526.712327][T10220] EXT4-fs: Ignoring removed nomblk_io_submit option
[  526.852763][T10220] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal
[  527.466349][T10236] loop6: detected capacity change from 0 to 64
[  527.919420][T10233] syz.6.765: attempt to access beyond end of device
[  527.919420][T10233] loop6: rw=0, sector=128, nr_sectors = 2 limit=64
[  528.253788][T10233] Trying to free block not in datazone
[  528.259291][T10233] Trying to free block not in datazone
[  528.337122][T10233] Trying to free block not in datazone
[  528.363121][T10233] Trying to free block not in datazone
[  528.392693][T10233] Trying to free block not in datazone
[  528.430961][T10233] Trying to free block not in datazone
[  528.453707][T10233] minix_free_block (loop6:6): bit already cleared
[  531.428720][T10281] kvm: pic: non byte write
[  532.924297][T10293] loop3: detected capacity change from 0 to 1024
[  533.023330][T10293] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  533.272148][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.622451][T10308] loop7: detected capacity change from 0 to 2048
[  533.652734][T10308] UDF-fs: warning (device loop7): udf_load_vrs: No anchor found
[  533.698588][T10308] UDF-fs: Scanning with blocksize 512 failed
[  533.770124][T10294] ALSA: mixer_oss: invalid OSS volume ''
[  533.843107][T10308] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  539.400941][T10354] loop5: detected capacity change from 0 to 1024
[  539.461250][T10354] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  539.590703][ T6338] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  539.715720][ T5936] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  539.932208][ T5936] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  540.037400][ T5936] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  540.171554][ T5936] usb 8-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  540.280358][ T5936] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  540.472050][ T5936] usb 8-1: config 0 descriptor??
[  540.545847][T10356] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  540.984985][T10356] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  541.007268][T10356] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  541.094131][ T5936] usbhid 8-1:0.0: can't add hid device: -71
[  541.103849][ T5936] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  541.160984][ T5936] usb 8-1: USB disconnect, device number 5
[  541.353639][    T9] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  541.663635][    T9] usb 6-1: Using ep0 maxpacket: 16
[  541.719501][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  541.887074][    T9] usb 6-1: config 0 has no interfaces?
[  541.955248][    T9] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 4.00
[  542.059918][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  542.370947][    T9] usb 6-1: Product: syz
[  542.377059][    T9] usb 6-1: Manufacturer: syz
[  542.403298][    T9] usb 6-1: SerialNumber: syz
[  542.570343][    T9] usb 6-1: config 0 descriptor??
[  543.058041][T10384] binder: 10382:10384 ioctl c0306201 0 returned -14
[  543.627232][    T9] usb 6-1: USB disconnect, device number 7
[  544.681660][T10395] loop6: detected capacity change from 0 to 2048
[  544.743941][T10395] EXT4-fs: Invalid want_extra_isize 4
[  545.483696][ T5936] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  545.653721][ T5936] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  545.693599][ T5936] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  545.713776][ T5936] usb 7-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  545.717468][T10408] syzkaller0: create flow: hash 3620802910 index 0
[  545.729847][ T5936] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  545.763034][ T5936] usb 7-1: config 0 descriptor??
[  545.789854][ T5936] usbhid 7-1:0.0: can't add hid device: -22
[  545.810580][ T5936] usbhid 7-1:0.0: probe with driver usbhid failed with error -22
[  546.024407][ T5890] usb 7-1: USB disconnect, device number 2
[  546.209115][T10406] loop5: detected capacity change from 0 to 32768
[  546.242141][T10406] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  546.352272][T10406] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  546.488627][T10410] loop7: detected capacity change from 0 to 32768
[  546.524761][T10413] loop0: detected capacity change from 0 to 40427
[  546.565095][T10410] XFS: ikeep mount option is deprecated.
[  546.618936][T10413] F2FS-fs (loop0): invalid crc value
[  546.729422][T10413] F2FS-fs (loop0): Start checkpoint disabled!
[  546.742799][ T6338] ocfs2: Unmounting device (7,5) on (node local)
[  546.743663][T10413] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  546.779614][T10410] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  548.215429][ T3480] kworker/u8:9: attempt to access beyond end of device
[  548.215429][ T3480] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  548.366863][T10410] XFS (loop7): Ending clean mount
[  548.541783][T10410] XFS (loop7): Quotacheck needed: Please wait.
[  548.963585][    C0] syzkaller0 (unregistering): delete flow: hash 3620802910 index 0
[  549.316004][ T3480] CPU: 0 UID: 0 PID: 3480 Comm: kworker/u8:9 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  549.316059][ T3480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  549.316072][ T3480] Workqueue: writeback wb_workfn (flush-7:0)
[  549.316109][ T3480] Call Trace:
[  549.316117][ T3480]  <TASK>
[  549.316126][ T3480]  dump_stack_lvl+0x189/0x250
[  549.316157][ T3480]  ? __pfx_dump_stack_lvl+0x10/0x10
[  549.316180][ T3480]  ? __pfx_queue_work_on+0x10/0x10
[  549.316204][ T3480]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  549.316227][ T3480]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  549.316252][ T3480]  ? f2fs_hw_is_readonly+0x39b/0x470
[  549.316279][ T3480]  f2fs_handle_critical_error+0x37c/0x540
[  549.316307][ T3480]  f2fs_write_end_io+0x495/0x810
[  549.316328][ T3480]  ? blkg_put+0x22/0x240
[  549.316365][ T3480]  __submit_merged_bio+0x27a/0x6a0
[  549.316393][ T3480]  __submit_merged_write_cond+0x255/0x530
[  549.316422][ T3480]  f2fs_write_data_pages+0x261d/0x3000
[  549.316480][ T3480]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  549.316586][ T3480]  ? f2fs_write_meta_pages+0x357/0x450
[  549.316618][ T3480]  ? __lock_acquire+0xab9/0xd20
[  549.316644][ T3480]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  549.316667][ T3480]  do_writepages+0x32e/0x550
[  549.316697][ T3480]  ? reacquire_held_locks+0x127/0x1d0
[  549.316718][ T3480]  ? writeback_sb_inodes+0x384/0x1010
[  549.316750][ T3480]  __writeback_single_inode+0x145/0xff0
[  549.316773][ T3480]  ? do_raw_spin_unlock+0x122/0x240
[  549.316796][ T3480]  writeback_sb_inodes+0x6c7/0x1010
[  549.316846][ T3480]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  549.316913][ T3480]  ? rcu_is_watching+0x15/0xb0
[  549.316945][ T3480]  wb_writeback+0x43b/0xaf0
[  549.316977][ T3480]  ? queue_io+0x3d1/0x590
[  549.317003][ T3480]  ? __pfx_wb_writeback+0x10/0x10
[  549.317035][ T3480]  ? _raw_spin_unlock_irq+0x23/0x50
[  549.317069][ T3480]  wb_workfn+0x409/0xef0
[  549.317105][ T3480]  ? __pfx_wb_workfn+0x10/0x10
[  549.317131][ T3480]  ? __lock_acquire+0xab9/0xd20
[  549.317163][ T3480]  ? process_scheduled_works+0x9ef/0x17b0
[  549.317191][ T3480]  ? _raw_spin_unlock_irq+0x23/0x50
[  549.317211][ T3480]  ? process_scheduled_works+0x9ef/0x17b0
[  549.317231][ T3480]  ? process_scheduled_works+0x9ef/0x17b0
[  549.317255][ T3480]  process_scheduled_works+0xae1/0x17b0
[  549.317309][ T3480]  ? __pfx_process_scheduled_works+0x10/0x10
[  549.317350][ T3480]  worker_thread+0x8a0/0xda0
[  549.317375][ T3480]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  549.317407][ T3480]  ? __kthread_parkme+0x7b/0x200
[  549.317440][ T3480]  kthread+0x70e/0x8a0
[  549.317461][ T3480]  ? __pfx_worker_thread+0x10/0x10
[  549.317482][ T3480]  ? __pfx_kthread+0x10/0x10
[  549.317501][ T3480]  ? _raw_spin_unlock_irq+0x23/0x50
[  549.317523][ T3480]  ? lockdep_hardirqs_on+0x9c/0x150
[  549.317546][ T3480]  ? __pfx_kthread+0x10/0x10
[  549.317564][ T3480]  ret_from_fork+0x3fc/0x770
[  549.317589][ T3480]  ? __pfx_ret_from_fork+0x10/0x10
[  549.317617][ T3480]  ? __switch_to_asm+0x39/0x70
[  549.317633][ T3480]  ? __switch_to_asm+0x33/0x70
[  549.317648][ T3480]  ? __pfx_kthread+0x10/0x10
[  549.317666][ T3480]  ret_from_fork_asm+0x1a/0x30
[  549.317701][ T3480]  </TASK>
[  549.320771][ T3480] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  549.720271][ T3480] CPU: 1 UID: 0 PID: 3480 Comm: kworker/u8:9 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  549.720301][ T3480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  549.720313][ T3480] Workqueue: writeback wb_workfn (flush-7:0)
[  549.720342][ T3480] Call Trace:
[  549.720349][ T3480]  <TASK>
[  549.720357][ T3480]  dump_stack_lvl+0x189/0x250
[  549.720386][ T3480]  ? __pfx_dump_stack_lvl+0x10/0x10
[  549.720406][ T3480]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  549.720429][ T3480]  ? __pfx_queue_work_on+0x10/0x10
[  549.720452][ T3480]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  549.720474][ T3480]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  549.720498][ T3480]  ? f2fs_hw_is_readonly+0x39b/0x470
[  549.720525][ T3480]  f2fs_handle_critical_error+0x37c/0x540
[  549.720552][ T3480]  f2fs_write_end_io+0x495/0x810
[  549.720571][ T3480]  ? blkg_put+0x22/0x240
[  549.720606][ T3480]  __submit_merged_bio+0x27a/0x6a0
[  549.720634][ T3480]  __submit_merged_write_cond+0x255/0x530
[  549.720664][ T3480]  f2fs_write_data_pages+0x261d/0x3000
[  549.720731][ T3480]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  549.720832][ T3480]  ? f2fs_write_meta_pages+0x357/0x450
[  549.720865][ T3480]  ? __lock_acquire+0xab9/0xd20
[  549.720890][ T3480]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  549.720913][ T3480]  do_writepages+0x32e/0x550
[  549.720940][ T3480]  ? reacquire_held_locks+0x127/0x1d0
[  549.720961][ T3480]  ? writeback_sb_inodes+0x384/0x1010
[  549.720992][ T3480]  __writeback_single_inode+0x145/0xff0
[  549.721016][ T3480]  ? do_raw_spin_unlock+0x122/0x240
[  549.721039][ T3480]  writeback_sb_inodes+0x6c7/0x1010
[  549.721091][ T3480]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  549.721155][ T3480]  ? rcu_is_watching+0x15/0xb0
[  549.721192][ T3480]  wb_writeback+0x43b/0xaf0
[  549.721224][ T3480]  ? queue_io+0x3d1/0x590
[  549.721249][ T3480]  ? __pfx_wb_writeback+0x10/0x10
[  549.721279][ T3480]  ? _raw_spin_unlock_irq+0x23/0x50
[  549.721307][ T3480]  wb_workfn+0x409/0xef0
[  549.721343][ T3480]  ? __pfx_wb_workfn+0x10/0x10
[  549.721369][ T3480]  ? __lock_acquire+0xab9/0xd20
[  549.721401][ T3480]  ? process_scheduled_works+0x9ef/0x17b0
[  549.721430][ T3480]  ? _raw_spin_unlock_irq+0x23/0x50
[  549.721450][ T3480]  ? process_scheduled_works+0x9ef/0x17b0
[  549.721470][ T3480]  ? process_scheduled_works+0x9ef/0x17b0
[  549.721492][ T3480]  process_scheduled_works+0xae1/0x17b0
[  549.721543][ T3480]  ? __pfx_process_scheduled_works+0x10/0x10
[  549.721584][ T3480]  worker_thread+0x8a0/0xda0
[  549.721609][ T3480]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  549.721639][ T3480]  ? __kthread_parkme+0x7b/0x200
[  549.721671][ T3480]  kthread+0x70e/0x8a0
[  549.721692][ T3480]  ? __pfx_worker_thread+0x10/0x10
[  549.721720][ T3480]  ? __pfx_kthread+0x10/0x10
[  549.721739][ T3480]  ? _raw_spin_unlock_irq+0x23/0x50
[  549.721761][ T3480]  ? lockdep_hardirqs_on+0x9c/0x150
[  549.721783][ T3480]  ? __pfx_kthread+0x10/0x10
[  549.721800][ T3480]  ret_from_fork+0x3fc/0x770
[  549.721824][ T3480]  ? __pfx_ret_from_fork+0x10/0x10
[  549.721852][ T3480]  ? __switch_to_asm+0x39/0x70
[  549.721867][ T3480]  ? __switch_to_asm+0x33/0x70
[  549.721882][ T3480]  ? __pfx_kthread+0x10/0x10
[  549.721899][ T3480]  ret_from_fork_asm+0x1a/0x30
[  549.721935][ T3480]  </TASK>
[  549.721964][ T3480] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  549.969507][T10410] XFS (loop7): Quotacheck: Done.
[  550.675345][ T8394] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  551.049158][T10447] loop5: detected capacity change from 0 to 4096
[  551.380908][T10447] loop5: detected capacity change from 0 to 32768
[  551.468192][T10450] syz.6.813: attempt to access beyond end of device
[  551.468192][T10450] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  551.489193][T10450] snd_dummy snd_dummy.0: control 0:129:-2:syz0:5 is already present
[  553.739750][T10447] workqueue: Failed to create a rescuer kthread for wq "bcachefs": -EINTR
[  553.739874][T10447] bcachefs (loop5): shutdown complete
[  555.636276][T10463] loop7: detected capacity change from 0 to 40427
[  555.693858][T10463] F2FS-fs (loop7): invalid crc value
[  555.914823][T10463] F2FS-fs (loop7): Start checkpoint disabled!
[  555.950909][T10463] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  556.027211][ T1089] kworker/u8:5: attempt to access beyond end of device
[  556.027211][ T1089] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  556.057623][ T1089] CPU: 0 UID: 0 PID: 1089 Comm: kworker/u8:5 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  556.057652][ T1089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  556.057664][ T1089] Workqueue: writeback wb_workfn (flush-7:7)
[  556.057694][ T1089] Call Trace:
[  556.057702][ T1089]  <TASK>
[  556.057710][ T1089]  dump_stack_lvl+0x189/0x250
[  556.057741][ T1089]  ? __pfx_dump_stack_lvl+0x10/0x10
[  556.057762][ T1089]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  556.057785][ T1089]  ? __pfx_queue_work_on+0x10/0x10
[  556.057810][ T1089]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  556.057831][ T1089]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  556.057853][ T1089]  ? f2fs_hw_is_readonly+0x39b/0x470
[  556.057878][ T1089]  f2fs_handle_critical_error+0x37c/0x540
[  556.057905][ T1089]  f2fs_write_end_io+0x495/0x810
[  556.057927][ T1089]  ? blkg_put+0x22/0x240
[  556.057963][ T1089]  __submit_merged_bio+0x27a/0x6a0
[  556.057990][ T1089]  __submit_merged_write_cond+0x255/0x530
[  556.058019][ T1089]  f2fs_write_data_pages+0x261d/0x3000
[  556.058076][ T1089]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  556.058186][ T1089]  ? f2fs_write_meta_pages+0x357/0x450
[  556.058218][ T1089]  ? __lock_acquire+0xab9/0xd20
[  556.058244][ T1089]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  556.058267][ T1089]  do_writepages+0x32e/0x550
[  556.058296][ T1089]  ? reacquire_held_locks+0x127/0x1d0
[  556.058318][ T1089]  ? writeback_sb_inodes+0x384/0x1010
[  556.058350][ T1089]  __writeback_single_inode+0x145/0xff0
[  556.058372][ T1089]  ? do_raw_spin_unlock+0x122/0x240
[  556.058394][ T1089]  writeback_sb_inodes+0x6c7/0x1010
[  556.058444][ T1089]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  556.058511][ T1089]  ? rcu_is_watching+0x15/0xb0
[  556.058543][ T1089]  wb_writeback+0x43b/0xaf0
[  556.058575][ T1089]  ? queue_io+0x3d1/0x590
[  556.058601][ T1089]  ? __pfx_wb_writeback+0x10/0x10
[  556.058633][ T1089]  ? _raw_spin_unlock_irq+0x23/0x50
[  556.058661][ T1089]  wb_workfn+0x409/0xef0
[  556.058697][ T1089]  ? __pfx_wb_workfn+0x10/0x10
[  556.058722][ T1089]  ? __lock_acquire+0xab9/0xd20
[  556.058753][ T1089]  ? process_scheduled_works+0x9ef/0x17b0
[  556.058781][ T1089]  ? _raw_spin_unlock_irq+0x23/0x50
[  556.058802][ T1089]  ? process_scheduled_works+0x9ef/0x17b0
[  556.058822][ T1089]  ? process_scheduled_works+0x9ef/0x17b0
[  556.058845][ T1089]  process_scheduled_works+0xae1/0x17b0
[  556.058898][ T1089]  ? __pfx_process_scheduled_works+0x10/0x10
[  556.058937][ T1089]  worker_thread+0x8a0/0xda0
[  556.058987][ T1089]  kthread+0x70e/0x8a0
[  556.059008][ T1089]  ? __pfx_worker_thread+0x10/0x10
[  556.059027][ T1089]  ? __pfx_kthread+0x10/0x10
[  556.059044][ T1089]  ? _raw_spin_unlock_irq+0x23/0x50
[  556.059063][ T1089]  ? lockdep_hardirqs_on+0x9c/0x150
[  556.059084][ T1089]  ? __pfx_kthread+0x10/0x10
[  556.059102][ T1089]  ret_from_fork+0x3fc/0x770
[  556.059134][ T1089]  ? __pfx_ret_from_fork+0x10/0x10
[  556.059162][ T1089]  ? __switch_to_asm+0x39/0x70
[  556.059177][ T1089]  ? __switch_to_asm+0x33/0x70
[  556.059192][ T1089]  ? __pfx_kthread+0x10/0x10
[  556.059210][ T1089]  ret_from_fork_asm+0x1a/0x30
[  556.059244][ T1089]  </TASK>
[  556.059251][ T1089] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  556.449585][T10447] bcachefs: bch2_fs_get_tree() error: ENOMEM_fs_other_alloc
[  557.725411][T10482] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  557.732279][T10482] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  557.750025][T10482] vhci_hcd vhci_hcd.0: Device attached
[  558.000848][ T5917] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  558.371704][T10483] vhci_hcd: connection reset by peer
[  558.382784][ T6210] vhci_hcd: stop threads
[  558.389481][ T6210] vhci_hcd: release socket
[  558.408751][ T6210] vhci_hcd: disconnect device
[  559.141318][   T30] audit: type=1326 audit(1751407635.862:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10486 comm="syz.7.817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e0b8e929 code=0x7fc00000
[  559.178909][   T30] audit: type=1326 audit(1751407635.872:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10486 comm="syz.7.817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb7e0b90847 code=0x7fc00000
[  559.202133][   T30] audit: type=1326 audit(1751407635.872:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10486 comm="syz.7.817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e0b8e929 code=0x7fc00000
[  559.224872][   T30] audit: type=1326 audit(1751407635.872:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10486 comm="syz.7.817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e0b8e929 code=0x7fc00000
[  559.258947][   T30] audit: type=1326 audit(1751407635.872:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10486 comm="syz.7.817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e0b8e929 code=0x7fc00000
[  559.281488][   T30] audit: type=1326 audit(1751407635.872:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10486 comm="syz.7.817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e0b8e929 code=0x7fc00000
[  559.304774][   T30] audit: type=1326 audit(1751407635.872:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10486 comm="syz.7.817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e0b8e929 code=0x7fc00000
[  559.327234][   T30] audit: type=1326 audit(1751407635.872:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10486 comm="syz.7.817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e0b8e929 code=0x7fc00000
[  559.349680][   T30] audit: type=1326 audit(1751407635.872:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10486 comm="syz.7.817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e0b8e929 code=0x7fc00000
[  559.372564][   T30] audit: type=1326 audit(1751407635.872:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10486 comm="syz.7.817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e0b8e929 code=0x7fc00000
[  562.969893][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  562.976342][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  563.206463][ T5836] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  563.207222][ T5917] vhci_hcd: vhci_device speed not set
[  563.219871][ T5836] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  563.245331][ T5836] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  563.268145][ T5836] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  563.276061][ T5836] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  564.484711][T10513] loop5: detected capacity change from 0 to 1024
[  564.525342][T10513] EXT4-fs: Ignoring removed bh option
[  564.531470][ T5836] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  564.554028][ T5836] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  564.564607][ T5836] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  564.583133][ T5836] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  564.593144][ T5836] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  564.703609][T10513] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 296352743428)!
[  564.819481][T10513] EXT4-fs (loop5): group descriptors corrupted!
[  565.657727][   T51] Bluetooth: hci0: command tx timeout
[  566.383318][T10527] loop7: detected capacity change from 0 to 40427
[  566.474218][T10527] F2FS-fs (loop7): invalid crc value
[  566.542058][T10527] F2FS-fs (loop7): Start checkpoint disabled!
[  566.675552][   T51] Bluetooth: hci3: command tx timeout
[  567.034225][T10527] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  567.722673][   T51] Bluetooth: hci0: command tx timeout
[  567.777368][ T3442] kworker/u8:8: attempt to access beyond end of device
[  567.777368][ T3442] loop7: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  567.804719][ T3442] kworker/u8:8: attempt to access beyond end of device
[  567.804719][ T3442] loop7: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  567.820548][ T3442] CPU: 0 UID: 0 PID: 3442 Comm: kworker/u8:8 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  567.820574][ T3442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  567.820586][ T3442] Workqueue: writeback wb_workfn (flush-7:7)
[  567.820617][ T3442] Call Trace:
[  567.820624][ T3442]  <TASK>
[  567.820632][ T3442]  dump_stack_lvl+0x189/0x250
[  567.820664][ T3442]  ? __pfx_dump_stack_lvl+0x10/0x10
[  567.820685][ T3442]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  567.820710][ T3442]  ? __pfx_queue_work_on+0x10/0x10
[  567.820735][ T3442]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  567.820758][ T3442]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  567.820782][ T3442]  ? f2fs_hw_is_readonly+0x39b/0x470
[  567.820812][ T3442]  f2fs_handle_critical_error+0x37c/0x540
[  567.820842][ T3442]  f2fs_write_end_io+0x495/0x810
[  567.820863][ T3442]  ? blkg_put+0x22/0x240
[  567.820902][ T3442]  __submit_merged_bio+0x27a/0x6a0
[  567.820932][ T3442]  __submit_merged_write_cond+0x255/0x530
[  567.820960][ T3442]  f2fs_write_data_pages+0x261d/0x3000
[  567.821025][ T3442]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  567.821152][ T3442]  ? f2fs_write_meta_pages+0x357/0x450
[  567.821188][ T3442]  ? __lock_acquire+0xab9/0xd20
[  567.821215][ T3442]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  567.821239][ T3442]  do_writepages+0x32e/0x550
[  567.821269][ T3442]  ? reacquire_held_locks+0x127/0x1d0
[  567.821291][ T3442]  ? writeback_sb_inodes+0x384/0x1010
[  567.821325][ T3442]  __writeback_single_inode+0x145/0xff0
[  567.821349][ T3442]  ? do_raw_spin_unlock+0x122/0x240
[  567.821372][ T3442]  writeback_sb_inodes+0x6c7/0x1010
[  567.821429][ T3442]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  567.821507][ T3442]  ? rcu_is_watching+0x15/0xb0
[  567.821543][ T3442]  wb_writeback+0x43b/0xaf0
[  567.821577][ T3442]  ? queue_io+0x3d1/0x590
[  567.821605][ T3442]  ? __pfx_wb_writeback+0x10/0x10
[  567.821639][ T3442]  ? _raw_spin_unlock_irq+0x23/0x50
[  567.821668][ T3442]  wb_workfn+0x409/0xef0
[  567.821707][ T3442]  ? __pfx_wb_workfn+0x10/0x10
[  567.821734][ T3442]  ? __lock_acquire+0xab9/0xd20
[  567.821773][ T3442]  ? process_scheduled_works+0x9ef/0x17b0
[  567.821803][ T3442]  ? _raw_spin_unlock_irq+0x23/0x50
[  567.821823][ T3442]  ? process_scheduled_works+0x9ef/0x17b0
[  567.821843][ T3442]  ? process_scheduled_works+0x9ef/0x17b0
[  567.821867][ T3442]  process_scheduled_works+0xae1/0x17b0
[  567.821926][ T3442]  ? __pfx_process_scheduled_works+0x10/0x10
[  567.821970][ T3442]  worker_thread+0x8a0/0xda0
[  567.822028][ T3442]  kthread+0x70e/0x8a0
[  567.822050][ T3442]  ? __pfx_worker_thread+0x10/0x10
[  567.822071][ T3442]  ? __pfx_kthread+0x10/0x10
[  567.822092][ T3442]  ? _raw_spin_unlock_irq+0x23/0x50
[  567.822113][ T3442]  ? lockdep_hardirqs_on+0x9c/0x150
[  567.822140][ T3442]  ? __pfx_kthread+0x10/0x10
[  567.822159][ T3442]  ret_from_fork+0x3fc/0x770
[  567.822186][ T3442]  ? __pfx_ret_from_fork+0x10/0x10
[  567.822217][ T3442]  ? __switch_to_asm+0x39/0x70
[  567.822233][ T3442]  ? __switch_to_asm+0x33/0x70
[  567.822249][ T3442]  ? __pfx_kthread+0x10/0x10
[  567.822269][ T3442]  ret_from_fork_asm+0x1a/0x30
[  567.822308][ T3442]  </TASK>
[  567.822315][ T3442] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  568.231065][ T3442] CPU: 0 UID: 0 PID: 3442 Comm: kworker/u8:8 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  568.231092][ T3442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  568.231104][ T3442] Workqueue: writeback wb_workfn (flush-7:7)
[  568.231134][ T3442] Call Trace:
[  568.231142][ T3442]  <TASK>
[  568.231151][ T3442]  dump_stack_lvl+0x189/0x250
[  568.231183][ T3442]  ? __pfx_dump_stack_lvl+0x10/0x10
[  568.231205][ T3442]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  568.231229][ T3442]  ? __pfx_queue_work_on+0x10/0x10
[  568.231254][ T3442]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  568.231277][ T3442]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  568.231309][ T3442]  ? f2fs_hw_is_readonly+0x39b/0x470
[  568.231337][ T3442]  f2fs_handle_critical_error+0x37c/0x540
[  568.231368][ T3442]  f2fs_write_end_io+0x495/0x810
[  568.231390][ T3442]  ? blkg_put+0x22/0x240
[  568.231430][ T3442]  __submit_merged_bio+0x27a/0x6a0
[  568.231460][ T3442]  __submit_merged_write_cond+0x255/0x530
[  568.231492][ T3442]  f2fs_write_data_pages+0x261d/0x3000
[  568.231557][ T3442]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  568.231680][ T3442]  ? f2fs_write_meta_pages+0x357/0x450
[  568.231715][ T3442]  ? __lock_acquire+0xab9/0xd20
[  568.231746][ T3442]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  568.231770][ T3442]  do_writepages+0x32e/0x550
[  568.231801][ T3442]  ? reacquire_held_locks+0x127/0x1d0
[  568.231823][ T3442]  ? writeback_sb_inodes+0x384/0x1010
[  568.231857][ T3442]  __writeback_single_inode+0x145/0xff0
[  568.231881][ T3442]  ? do_raw_spin_unlock+0x122/0x240
[  568.231905][ T3442]  writeback_sb_inodes+0x6c7/0x1010
[  568.231961][ T3442]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  568.232038][ T3442]  ? rcu_is_watching+0x15/0xb0
[  568.232073][ T3442]  wb_writeback+0x43b/0xaf0
[  568.232107][ T3442]  ? queue_io+0x3d1/0x590
[  568.232134][ T3442]  ? __pfx_wb_writeback+0x10/0x10
[  568.232168][ T3442]  ? _raw_spin_unlock_irq+0x23/0x50
[  568.232198][ T3442]  wb_workfn+0x409/0xef0
[  568.232238][ T3442]  ? __pfx_wb_workfn+0x10/0x10
[  568.232265][ T3442]  ? __lock_acquire+0xab9/0xd20
[  568.232305][ T3442]  ? process_scheduled_works+0x9ef/0x17b0
[  568.232335][ T3442]  ? _raw_spin_unlock_irq+0x23/0x50
[  568.232356][ T3442]  ? process_scheduled_works+0x9ef/0x17b0
[  568.232377][ T3442]  ? process_scheduled_works+0x9ef/0x17b0
[  568.232401][ T3442]  process_scheduled_works+0xae1/0x17b0
[  568.232461][ T3442]  ? __pfx_process_scheduled_works+0x10/0x10
[  568.232506][ T3442]  worker_thread+0x8a0/0xda0
[  568.232563][ T3442]  kthread+0x70e/0x8a0
[  568.232585][ T3442]  ? __pfx_worker_thread+0x10/0x10
[  568.232607][ T3442]  ? __pfx_kthread+0x10/0x10
[  568.232628][ T3442]  ? _raw_spin_unlock_irq+0x23/0x50
[  568.232650][ T3442]  ? lockdep_hardirqs_on+0x9c/0x150
[  568.232672][ T3442]  ? __pfx_kthread+0x10/0x10
[  568.232691][ T3442]  ret_from_fork+0x3fc/0x770
[  568.232717][ T3442]  ? __pfx_ret_from_fork+0x10/0x10
[  568.232747][ T3442]  ? __switch_to_asm+0x39/0x70
[  568.232763][ T3442]  ? __switch_to_asm+0x33/0x70
[  568.232778][ T3442]  ? __pfx_kthread+0x10/0x10
[  568.232797][ T3442]  ret_from_fork_asm+0x1a/0x30
[  568.232836][ T3442]  </TASK>
[  568.232843][ T3442] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  568.885028][   T51] Bluetooth: hci3: command tx timeout
[  569.763659][   T51] Bluetooth: hci0: command tx timeout
[  570.362523][ T1089] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  570.377291][T10559] binder: 10557:10559 ioctl c0306201 0 returned -14
[  570.703375][ T1089] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  570.849451][ T1089] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  570.889718][T10564] loop6: detected capacity change from 0 to 4096
[  570.973941][   T51] Bluetooth: hci3: command tx timeout
[  571.006986][T10562] loop7: detected capacity change from 0 to 32768
[  571.018323][T10562] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.831 (10562)
[  571.044526][ T1089] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  571.126052][T10562] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  571.362928][T10562] BTRFS info (device loop7): using crc32c (crc32c-lib) checksum algorithm
[  571.404096][T10562] BTRFS info (device loop7): disk space caching is enabled
[  571.411344][T10562] BTRFS warning (device loop7): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  571.855086][   T51] Bluetooth: hci0: command tx timeout
[  573.053763][   T51] Bluetooth: hci3: command tx timeout
[  573.720913][T10562] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  573.721176][T10562] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  574.909354][T10562] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  575.023835][T10562] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  575.063220][T10562] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  575.078293][T10562] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  575.153398][T10562] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  575.304244][T10562] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  575.313206][T10562] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  575.428162][T10562] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  575.499333][T10593] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  575.970079][T10562] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  576.023825][T10562] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  576.085853][T10562] BTRFS error (device loop7): open_ctree failed: -12
[  576.188797][T10514] chnl_net:caif_netlink_parms(): no params data found
[  576.227793][ T1089] bridge_slave_1: left allmulticast mode
[  576.233479][ T1089] bridge_slave_1: left promiscuous mode
[  576.254550][ T1089] bridge0: port 2(bridge_slave_1) entered disabled state
[  576.327507][ T1089] bridge_slave_0: left allmulticast mode
[  576.333207][ T1089] bridge_slave_0: left promiscuous mode
[  576.355117][ T1089] bridge0: port 1(bridge_slave_0) entered disabled state
[  578.788657][T10620] binder: 10614:10620 ioctl c0306201 0 returned -14
[  583.796352][T10632] loop6: detected capacity change from 0 to 2048
[  583.842316][T10632] EXT4-fs: Invalid want_extra_isize 4
[  584.014761][ T1089] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  584.026848][ T1089] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  584.038195][ T1089] bond0 (unregistering): Released all slaves
[  584.162109][ T5936] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  584.194041][T10506] chnl_net:caif_netlink_parms(): no params data found
[  584.319318][ T5936] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 227, changing to 11
[  584.333029][ T5936] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34791, setting to 1024
[  584.347427][ T5936] usb 7-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  584.357201][ T5936] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  584.380384][ T5936] usb 7-1: config 0 descriptor??
[  584.388716][T10633] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  584.399184][ T5936] usbhid 7-1:0.0: can't add hid device: -22
[  584.416770][ T5936] usbhid 7-1:0.0: probe with driver usbhid failed with error -22
[  584.604684][ T5936] usb 7-1: USB disconnect, device number 3
[  585.165241][T10648] loop6: detected capacity change from 0 to 512
[  585.193918][T10648] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #15: comm syz.6.851: casefold flag without casefold feature
[  585.300860][T10648] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.851: couldn't read orphan inode 15 (err -117)
[  585.396804][T10648] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  586.177394][T10660] snd_dummy snd_dummy.0: control 0:129:-2:syz0:5 is already present
[  586.238174][ T8299] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  586.551296][T10514] bridge0: port 1(bridge_slave_0) entered blocking state
[  586.588812][T10514] bridge0: port 1(bridge_slave_0) entered disabled state
[  586.596244][T10514] bridge_slave_0: entered allmulticast mode
[  586.604268][T10514] bridge_slave_0: entered promiscuous mode
[  586.613849][T10514] bridge0: port 2(bridge_slave_1) entered blocking state
[  586.621083][T10514] bridge0: port 2(bridge_slave_1) entered disabled state
[  586.632097][T10514] bridge_slave_1: entered allmulticast mode
[  586.644583][T10514] bridge_slave_1: entered promiscuous mode
[  586.887996][T10672] loop6: detected capacity change from 0 to 64
[  588.104772][T10665] syz.6.853: attempt to access beyond end of device
[  588.104772][T10665] loop6: rw=0, sector=128, nr_sectors = 2 limit=64
[  588.120269][T10665] Trying to free block not in datazone
[  588.127304][T10665] Trying to free block not in datazone
[  588.133792][T10665] Trying to free block not in datazone
[  588.141276][T10665] Trying to free block not in datazone
[  588.148891][T10665] Trying to free block not in datazone
[  588.154386][T10665] Trying to free block not in datazone
[  588.159854][T10665] minix_free_block (loop6:6): bit already cleared
[  588.307346][ T1089] hsr_slave_0: left promiscuous mode
[  588.331635][ T1089] hsr_slave_1: left promiscuous mode
[  588.356557][ T1089] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  588.380984][ T1089] batman_adv: batadv0: Removing interface: batadv_slave_0
[  588.411380][ T1089] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  588.431189][ T1089] batman_adv: batadv0: Removing interface: batadv_slave_1
[  588.532731][T10682] loop6: detected capacity change from 0 to 24
[  588.542088][T10682] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  589.533868][T10682] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  590.094523][T10682] VFS: Lookup of 'file0' in romfs loop6 would have caused loop
[  590.276849][ T1089] veth1_macvtap: left promiscuous mode
[  590.282437][ T1089] veth0_macvtap: left promiscuous mode
[  590.661692][ T1089] veth1_vlan: left promiscuous mode
[  590.703791][ T1089] veth0_vlan: left promiscuous mode
[  590.849977][T10692] binder: 10686:10692 ioctl c0306201 0 returned -14
[  591.352383][ T1089] team0 (unregistering): Port device team_slave_1 removed
[  591.396505][ T1089] team0 (unregistering): Port device team_slave_0 removed
[  592.183376][T10707] loop7: detected capacity change from 0 to 2048
[  592.544571][T10514] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  592.612447][T10707] EXT4-fs: Invalid want_extra_isize 4
[  592.830189][T10514] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  592.840309][T10506] bridge0: port 1(bridge_slave_0) entered blocking state
[  592.848390][T10506] bridge0: port 1(bridge_slave_0) entered disabled state
[  592.855805][T10506] bridge_slave_0: entered allmulticast mode
[  592.862817][T10506] bridge_slave_0: entered promiscuous mode
[  592.893454][T10506] bridge0: port 2(bridge_slave_1) entered blocking state
[  592.915405][T10506] bridge0: port 2(bridge_slave_1) entered disabled state
[  592.951735][T10506] bridge_slave_1: entered allmulticast mode
[  592.969825][T10506] bridge_slave_1: entered promiscuous mode
[  593.056176][T10714] __vm_enough_memory: pid: 10714, comm: syz.5.862, bytes: 21199863869440 not enough memory for the allocation
[  593.099492][T10514] team0: Port device team_slave_0 added
[  593.963636][    T9] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  594.150847][T10514] team0: Port device team_slave_1 added
[  594.709093][T10506] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  594.719198][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  594.745575][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  594.792621][    T9] usb 8-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  594.833813][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  594.851739][    T9] usb 8-1: config 0 descriptor??
[  594.913088][    T9] usbhid 8-1:0.0: can't add hid device: -22
[  594.981386][T10514] batman_adv: batadv0: Adding interface: batadv_slave_0
[  594.988823][    T9] usbhid 8-1:0.0: probe with driver usbhid failed with error -22
[  595.029344][T10514] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  595.094333][T10514] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  595.149836][T10506] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  595.325961][T10514] batman_adv: batadv0: Adding interface: batadv_slave_1
[  595.332962][T10514] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  595.402631][T10735] loop5: detected capacity change from 0 to 4096
[  595.423927][T10514] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  595.506855][T10506] team0: Port device team_slave_0 added
[  595.684192][   T43] usb 8-1: USB disconnect, device number 6
[  595.741733][T10728] loop6: detected capacity change from 0 to 32768
[  595.757399][T10514] hsr_slave_0: entered promiscuous mode
[  595.794638][T10514] hsr_slave_1: entered promiscuous mode
[  595.818118][T10728] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.865 (10728)
[  595.841869][T10514] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  595.882402][T10514] Cannot create hsr debugfs directory
[  595.899004][T10506] team0: Port device team_slave_1 added
[  595.908482][T10728] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  595.936960][T10743] loop5: detected capacity change from 0 to 4096
[  595.953757][T10728] BTRFS info (device loop6): using sha256 (sha256-x86_64) checksum algorithm
[  595.962649][T10728] BTRFS info (device loop6): using free-space-tree
[  597.380964][T10728] BTRFS error (device loop6): open_ctree failed: -4
[  597.389939][T10768] binder: 10766:10768 ioctl c0306201 0 returned -14
[  597.543047][T10506] batman_adv: batadv0: Adding interface: batadv_slave_0
[  597.559459][T10506] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  597.624024][T10775] loop6: detected capacity change from 0 to 1024
[  597.655395][T10775] EXT4-fs: Ignoring removed bh option
[  597.681041][T10775] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 296352743428)!
[  597.710630][T10506] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  597.727643][T10775] EXT4-fs (loop6): group descriptors corrupted!
[  598.486228][ T7835] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  598.703087][T10506] batman_adv: batadv0: Adding interface: batadv_slave_1
[  598.730261][T10781] __vm_enough_memory: pid: 10781, comm: syz.5.873, bytes: 21199863869440 not enough memory for the allocation
[  598.742866][T10506] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  598.770745][T10506] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  598.823426][T10783] snd_dummy snd_dummy.0: control 0:129:-2:syz0:5 is already present
[  599.512249][T10506] hsr_slave_0: entered promiscuous mode
[  599.576929][T10506] hsr_slave_1: entered promiscuous mode
[  599.596840][T10505] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  599.612085][T10506] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  599.621951][T10506] Cannot create hsr debugfs directory
[  599.650353][ T7835] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  599.883622][T10505] usb 6-1: Using ep0 maxpacket: 32
[  600.057965][ T7835] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  600.202752][T10789] loop5: detected capacity change from 0 to 512
[  600.230940][T10789] EXT4-fs: Ignoring removed mblk_io_submit option
[  600.244217][T10789] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  600.283918][T10789] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  600.292087][T10792] loop6: detected capacity change from 0 to 2048
[  600.292253][T10789] System zones: 1-12
[  600.326143][T10789] EXT4-fs error (device loop5): ext4_iget_extra_inode:5034: inode #15: comm syz.5.875: corrupted in-inode xattr: e_value size too large
[  600.356515][T10789] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.875: couldn't read orphan inode 15 (err -117)
[  600.375252][T10792] EXT4-fs: Invalid want_extra_isize 4
[  600.383022][T10789] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  600.501360][ T7835] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  601.103753][ T5936] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  601.258631][T10514] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  601.325942][T10514] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  601.327638][ T5936] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  601.391298][ T7835] bridge_slave_1: left allmulticast mode
[  601.405042][ T7835] bridge_slave_1: left promiscuous mode
[  601.410848][ T7835] bridge0: port 2(bridge_slave_1) entered disabled state
[  601.415191][ T5936] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  601.471250][ T7835] bridge_slave_0: left allmulticast mode
[  601.472276][ T5936] usb 7-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  601.492549][ T7835] bridge_slave_0: left promiscuous mode
[  601.511211][ T7835] bridge0: port 1(bridge_slave_0) entered disabled state
[  601.534334][ T5936] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  601.579099][ T5936] usb 7-1: config 0 descriptor??
[  601.617230][ T5936] usbhid 7-1:0.0: can't add hid device: -22
[  601.646922][ T5936] usbhid 7-1:0.0: probe with driver usbhid failed with error -22
[  602.251780][T10505] usb 6-1: unable to get BOS descriptor or descriptor too short
[  602.276860][T10505] usb 6-1: too many configurations: 81, using maximum allowed: 8
[  602.314347][T10505] usb 6-1: unable to read config index 0 descriptor/start: -71
[  602.357358][T10505] usb 6-1: can't read configurations, error -71
[  602.557037][ T6338] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  602.670079][T10817] syz.7.879: attempt to access beyond end of device
[  602.670079][T10817] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  602.689307][T10817] snd_dummy snd_dummy.0: control 0:129:-2:syz0:5 is already present
[  602.830769][T10819] loop5: detected capacity change from 0 to 4096
[  603.079194][ T7835] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  603.658098][ T5936] usb 7-1: USB disconnect, device number 4
[  604.262578][ T7835] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  604.287911][ T7835] bond0 (unregistering): Released all slaves
[  604.335830][T10514] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  604.350397][T10514] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  604.816780][T10506] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  604.831048][T10837] __vm_enough_memory: pid: 10837, comm: syz.7.883, bytes: 21199674286080 not enough memory for the allocation
[  604.881242][T10506] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  604.911320][T10506] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  605.006390][ T7835] hsr_slave_0: left promiscuous mode
[  605.017949][ T7835] hsr_slave_1: left promiscuous mode
[  605.030985][ T7835] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  605.041053][ T7835] batman_adv: batadv0: Removing interface: batadv_slave_0
[  605.053233][ T7835] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  605.068838][ T7835] batman_adv: batadv0: Removing interface: batadv_slave_1
[  605.119944][ T7835] veth1_macvtap: left promiscuous mode
[  605.126721][T10843] loop7: detected capacity change from 0 to 128
[  605.134072][ T7835] veth0_macvtap: left promiscuous mode
[  605.141758][ T7835] veth1_vlan: left promiscuous mode
[  605.149263][ T7835] veth0_vlan: left promiscuous mode
[  605.177417][T10843] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  605.209304][T10843] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  605.305934][T10843] EXT4-fs warning (device loop7): ext4_group_extend:1862: can't shrink FS - resize aborted
[  606.169523][ T8394] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  606.529628][   T24] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  606.711124][T10868] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  606.748567][T10868] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  606.783591][T10868] iommufd_mock iommufd_mock2: Adding to iommu group 2
[  606.938854][   T24] usb 6-1: Using ep0 maxpacket: 32
[  607.540871][T10856] loop6: detected capacity change from 0 to 32768
[  607.613141][T10875] loop5: detected capacity change from 0 to 512
[  607.640566][T10875] EXT4-fs: Ignoring removed mblk_io_submit option
[  607.738616][T10875] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  607.762367][T10856] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  607.888811][T10875] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  607.981529][T10875] System zones: 1-12
[  608.003723][T10875] EXT4-fs error (device loop5): ext4_iget_extra_inode:5034: inode #15: comm syz.5.887: corrupted in-inode xattr: e_value size too large
[  608.130943][ T8299] ocfs2: Unmounting device (7,6) on (node local)
[  608.143787][T10875] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.887: couldn't read orphan inode 15 (err -117)
[  608.208297][T10875] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  608.375396][ T7835] team0 (unregistering): Port device team_slave_1 removed
[  608.767044][ T7835] team0 (unregistering): Port device team_slave_0 removed
[  609.566763][   T24] usb 6-1: unable to get BOS descriptor or descriptor too short
[  609.581538][   T24] usb 6-1: too many configurations: 81, using maximum allowed: 8
[  609.605697][   T24] usb 6-1: unable to read config index 0 descriptor/start: -71
[  609.613317][   T24] usb 6-1: can't read configurations, error -71
[  609.745433][ T6338] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  610.037424][T10893] loop6: detected capacity change from 0 to 1024
[  610.048981][T10893] EXT4-fs: inline encryption not supported
[  610.055287][T10893] EXT4-fs: Ignoring removed bh option
[  610.528616][T10894] syz.5.892: attempt to access beyond end of device
[  610.528616][T10894] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  610.547595][T10894] snd_dummy snd_dummy.0: control 0:129:-2:syz0:5 is already present
[  610.604824][T10893] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  610.700306][T10890] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.891: Allocating blocks 497-513 which overlap fs metadata
[  610.719590][T10890] EXT4-fs (loop6): Remounting filesystem read-only
[  610.848449][T10888] EXT4-fs (loop6): pa ffff888030e4dcb0: logic 256, phys. 385, len 8
[  611.025291][ T8299] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  611.126586][T10506] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  611.232971][T10902] __vm_enough_memory: pid: 10902, comm: syz.6.893, bytes: 21199884136448 not enough memory for the allocation
[  613.103360][T10514] 8021q: adding VLAN 0 to HW filter on device bond0
[  613.465816][T10514] 8021q: adding VLAN 0 to HW filter on device team0
[  613.481245][ T1098] bridge0: port 1(bridge_slave_0) entered blocking state
[  613.488441][ T1098] bridge0: port 1(bridge_slave_0) entered forwarding state
[  613.951709][ T1098] bridge0: port 2(bridge_slave_1) entered blocking state
[  613.958940][ T1098] bridge0: port 2(bridge_slave_1) entered forwarding state
[  614.162875][T10506] 8021q: adding VLAN 0 to HW filter on device bond0
[  614.549036][T10506] 8021q: adding VLAN 0 to HW filter on device team0
[  614.735297][ T1089] bridge0: port 1(bridge_slave_0) entered blocking state
[  614.742482][ T1089] bridge0: port 1(bridge_slave_0) entered forwarding state
[  615.133387][ T7835] bridge0: port 2(bridge_slave_1) entered blocking state
[  615.140620][ T7835] bridge0: port 2(bridge_slave_1) entered forwarding state
[  615.814908][T10947] loop7: detected capacity change from 0 to 512
[  615.927670][T10947] EXT4-fs error (device loop7): ext4_orphan_get:1393: inode #15: comm syz.7.901: casefold flag without casefold feature
[  615.999391][T10947] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.901: couldn't read orphan inode 15 (err -117)
[  616.038367][T10514] 8021q: adding VLAN 0 to HW filter on device batadv0
[  616.065575][T10947] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  617.609807][ T8394] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  617.966773][T10988] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  618.891825][T10506] 8021q: adding VLAN 0 to HW filter on device batadv0
[  619.931882][T10514] veth0_vlan: entered promiscuous mode
[  619.986997][T10514] veth1_vlan: entered promiscuous mode
[  620.975113][T11012] loop6: detected capacity change from 0 to 64
[  621.512100][T11012] syz.6.910: attempt to access beyond end of device
[  621.512100][T11012] loop6: rw=0, sector=128, nr_sectors = 2 limit=64
[  621.526159][T11012] Trying to free block not in datazone
[  621.531703][T11012] Trying to free block not in datazone
[  621.537830][T11012] Trying to free block not in datazone
[  621.544002][T11012] Trying to free block not in datazone
[  621.550593][T11012] Trying to free block not in datazone
[  621.557064][T11012] Trying to free block not in datazone
[  621.563155][T11012] minix_free_block (loop6:6): bit already cleared
[  621.761768][T10514] veth0_macvtap: entered promiscuous mode
[  621.858777][T10514] veth1_macvtap: entered promiscuous mode
[  622.128323][T10514] batman_adv: batadv0: Interface activated: batadv_slave_0
[  622.225710][T11027] loop6: detected capacity change from 0 to 2048
[  622.238271][T10514] batman_adv: batadv0: Interface activated: batadv_slave_1
[  622.343679][ T6210] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  622.362774][ T6210] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  622.375286][T11032] loop7: detected capacity change from 0 to 512
[  622.389519][T11027] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  622.443028][T11027] UDF-fs: Scanning with blocksize 512 failed
[  622.503184][T11032] EXT4-fs error (device loop7): ext4_orphan_get:1393: inode #15: comm syz.7.913: casefold flag without casefold feature
[  622.570031][T11027] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  622.614702][ T6210] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  622.637792][T11032] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.913: couldn't read orphan inode 15 (err -117)
[  622.671055][ T6210] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  622.748400][T11032] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  623.285684][T11026] UDF-fs: warning (device loop6): udf_truncate_tail_extent: Too long extent after EOF in inode 818: i_size: 134285904 lbcount: 134288384 extent 65+34816
[  623.438314][ T7835] kworker/u8:14: attempt to access beyond end of device
[  623.438314][ T7835] loop6: rw=1, sector=2048, nr_sectors = 2 limit=2048
[  623.500168][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  623.539999][ T7835] buffer_io_error: 7 callbacks suppressed
[  623.540015][ T7835] Buffer I/O error on dev loop6, logical block 1024, lost async page write
[  623.558967][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  623.613869][ T7835] kworker/u8:14: attempt to access beyond end of device
[  623.613869][ T7835] loop6: rw=1, sector=2048, nr_sectors = 2 limit=2048
[  623.663618][ T7835] Buffer I/O error on dev loop6, logical block 1024, lost async page write
[  623.672329][ T7835] kworker/u8:14: attempt to access beyond end of device
[  623.672329][ T7835] loop6: rw=1, sector=2050, nr_sectors = 2 limit=2048
[  623.763091][ T7835] Buffer I/O error on dev loop6, logical block 1025, lost async page write
[  623.793654][ T7835] kworker/u8:14: attempt to access beyond end of device
[  623.793654][ T7835] loop6: rw=1, sector=2050, nr_sectors = 2 limit=2048
[  623.868637][ T7835] Buffer I/O error on dev loop6, logical block 1025, lost async page write
[  623.917481][ T7835] kworker/u8:14: attempt to access beyond end of device
[  623.917481][ T7835] loop6: rw=1, sector=2052, nr_sectors = 2 limit=2048
[  623.978966][ T7835] Buffer I/O error on dev loop6, logical block 1026, lost async page write
[  624.001388][ T7835] kworker/u8:14: attempt to access beyond end of device
[  624.001388][ T7835] loop6: rw=1, sector=2052, nr_sectors = 2 limit=2048
[  624.037567][T11046] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  624.080681][T11046] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  624.084115][ T7835] Buffer I/O error on dev loop6, logical block 1026, lost async page write
[  624.113692][T11046] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  624.129870][ T7835] kworker/u8:14: attempt to access beyond end of device
[  624.129870][ T7835] loop6: rw=1, sector=2054, nr_sectors = 2 limit=2048
[  624.130028][T11046] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  624.164425][T11046] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  624.233121][ T7835] Buffer I/O error on dev loop6, logical block 1027, lost async page write
[  624.252115][ T7835] kworker/u8:14: attempt to access beyond end of device
[  624.252115][ T7835] loop6: rw=1, sector=2054, nr_sectors = 2 limit=2048
[  624.293982][ T7835] Buffer I/O error on dev loop6, logical block 1027, lost async page write
[  624.302702][ T7835] kworker/u8:14: attempt to access beyond end of device
[  624.302702][ T7835] loop6: rw=1, sector=2056, nr_sectors = 2 limit=2048
[  624.355528][ T7835] Buffer I/O error on dev loop6, logical block 1028, lost async page write
[  624.364364][ T7835] Buffer I/O error on dev loop6, logical block 1028, lost async page write
[  624.423171][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  624.429566][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  625.535242][T11046] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  625.547894][T11046] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  625.559390][T11046] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  625.571512][T11046] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  625.588655][T11046] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  625.826660][ T8394] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  625.939365][T11066] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  626.324444][T11046] Bluetooth: hci0: command tx timeout
[  627.802697][T11046] Bluetooth: hci3: command tx timeout
[  628.470277][   T51] Bluetooth: hci0: command tx timeout
[  628.739945][T11088] lo speed is unknown, defaulting to 1000
[  628.746470][T11088] lo speed is unknown, defaulting to 1000
[  628.755054][T11088] lo speed is unknown, defaulting to 1000
[  628.769036][T11088] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  628.787169][T11088] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  628.999799][T11045] chnl_net:caif_netlink_parms(): no params data found
[  629.021868][T11088] lo speed is unknown, defaulting to 1000
[  629.214095][T11088] lo speed is unknown, defaulting to 1000
[  629.223003][T11088] lo speed is unknown, defaulting to 1000
[  629.233227][T11088] lo speed is unknown, defaulting to 1000
[  629.240941][T11088] lo speed is unknown, defaulting to 1000
[  629.248707][T11088] lo speed is unknown, defaulting to 1000
[  629.256448][T11088] lo speed is unknown, defaulting to 1000
[  629.441591][T11098] loop5: detected capacity change from 0 to 2048
[  629.493618][T11098] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[  629.521825][T11098] UDF-fs: Scanning with blocksize 512 failed
[  629.605060][T11098] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  629.840683][T11097] UDF-fs: warning (device loop5): udf_truncate_tail_extent: Too long extent after EOF in inode 818: i_size: 134285904 lbcount: 134288384 extent 65+34816
[  629.873910][T11046] Bluetooth: hci3: command tx timeout
[  629.965132][   T36] bio_check_eod: 9 callbacks suppressed
[  629.965149][   T36] kworker/u8:2: attempt to access beyond end of device
[  629.965149][   T36] loop5: rw=1, sector=2048, nr_sectors = 2 limit=2048
[  629.988989][   T36] buffer_io_error: 7 callbacks suppressed
[  629.989008][   T36] Buffer I/O error on dev loop5, logical block 1024, lost async page write
[  630.008688][   T36] kworker/u8:2: attempt to access beyond end of device
[  630.008688][   T36] loop5: rw=1, sector=2048, nr_sectors = 2 limit=2048
[  630.025103][   T36] Buffer I/O error on dev loop5, logical block 1024, lost async page write
[  630.033886][   T36] kworker/u8:2: attempt to access beyond end of device
[  630.033886][   T36] loop5: rw=1, sector=2050, nr_sectors = 2 limit=2048
[  630.047528][   T36] Buffer I/O error on dev loop5, logical block 1025, lost async page write
[  630.059049][   T36] kworker/u8:2: attempt to access beyond end of device
[  630.059049][   T36] loop5: rw=1, sector=2050, nr_sectors = 2 limit=2048
[  630.072719][   T36] Buffer I/O error on dev loop5, logical block 1025, lost async page write
[  630.081518][   T36] kworker/u8:2: attempt to access beyond end of device
[  630.081518][   T36] loop5: rw=1, sector=2052, nr_sectors = 2 limit=2048
[  630.095225][   T36] Buffer I/O error on dev loop5, logical block 1026, lost async page write
[  630.104113][   T36] kworker/u8:2: attempt to access beyond end of device
[  630.104113][   T36] loop5: rw=1, sector=2052, nr_sectors = 2 limit=2048
[  630.117889][   T36] Buffer I/O error on dev loop5, logical block 1026, lost async page write
[  630.126683][   T36] kworker/u8:2: attempt to access beyond end of device
[  630.126683][   T36] loop5: rw=1, sector=2054, nr_sectors = 2 limit=2048
[  630.140220][   T36] Buffer I/O error on dev loop5, logical block 1027, lost async page write
[  630.148954][   T36] kworker/u8:2: attempt to access beyond end of device
[  630.148954][   T36] loop5: rw=1, sector=2054, nr_sectors = 2 limit=2048
[  630.163116][   T36] Buffer I/O error on dev loop5, logical block 1027, lost async page write
[  630.174526][   T36] kworker/u8:2: attempt to access beyond end of device
[  630.174526][   T36] loop5: rw=1, sector=2056, nr_sectors = 2 limit=2048
[  630.188092][   T36] Buffer I/O error on dev loop5, logical block 1028, lost async page write
[  630.196859][   T36] kworker/u8:2: attempt to access beyond end of device
[  630.196859][   T36] loop5: rw=1, sector=2056, nr_sectors = 2 limit=2048
[  630.218734][   T36] Buffer I/O error on dev loop5, logical block 1028, lost async page write
[  630.367844][T11117] loop6: detected capacity change from 0 to 128
[  630.397732][T11117] EXT4-fs warning (device loop6): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  630.420550][T11045] bridge0: port 1(bridge_slave_0) entered blocking state
[  630.475614][T11045] bridge0: port 1(bridge_slave_0) entered disabled state
[  630.482896][T11045] bridge_slave_0: entered allmulticast mode
[  630.488963][T11046] Bluetooth: hci0: command tx timeout
[  630.493699][T11117] EXT4-fs (loop6): Encoding requested by superblock is unknown
[  630.520930][T11122] loop5: detected capacity change from 0 to 512
[  630.531210][T11045] bridge_slave_0: entered promiscuous mode
[  630.550234][ T1089] bridge_slave_1: left allmulticast mode
[  630.578474][T11122] EXT4-fs: Ignoring removed nomblk_io_submit option
[  630.590529][T11122] EXT4-fs (loop5): can't mount with data_err=abort, fs mounted w/o journal
[  630.600744][ T1089] bridge_slave_1: left promiscuous mode
[  630.611301][ T1089] bridge0: port 2(bridge_slave_1) entered disabled state
[  630.760819][ T1089] bridge_slave_0: left allmulticast mode
[  630.788836][ T1089] bridge_slave_0: left promiscuous mode
[  630.799180][ T1089] bridge0: port 1(bridge_slave_0) entered disabled state
[  631.933740][T11046] Bluetooth: hci3: command tx timeout
[  632.170601][    C0] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 [#1] SMP KASAN PTI
[  632.182533][    C0] KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047]
[  632.190952][    C0] CPU: 0 UID: 0 PID: 1089 Comm: kworker/u8:5 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  632.202582][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  632.212646][    C0] Workqueue: netns cleanup_net
[  632.217443][    C0] RIP: 0010:__cpa_flush_tlb+0x123/0x270
[  632.223003][    C0] Code: 8b 44 24 30 80 3c 18 00 74 08 4c 89 e7 e8 d5 c1 ae 00 4d 8b 24 24 85 ed 0f 85 ad 00 00 00 e8 c4 ad 4a 00 4c 89 e0 48 c1 e8 03 <80> 3c 18 00 4c 89 f5 74 08 4c 89 e7 e8 ac c1 ae 00 49 c1 e5 0c 4d
[  632.242607][    C0] RSP: 0018:ffffc90000007ef0 EFLAGS: 00010003
[  632.248660][    C0] RAX: 0000000000000008 RBX: dffffc0000000000 RCX: ffff888026960000
[  632.256613][    C0] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000000
[  632.264563][    C0] RBP: 0000000000000000 R08: ffffffff8fa17437 R09: 1ffffffff1f42e86
[  632.272515][    C0] R10: dffffc0000000000 R11: ffffffff81751cb0 R12: 0000000000000046
[  632.280463][    C0] R13: 0000000000000000 R14: ffffc9000423f480 R15: 0000000000000001
[  632.288414][    C0] FS:  0000000000000000(0000) GS:ffff888125c1d000(0000) knlGS:0000000000000000
[  632.297321][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  632.303887][    C0] CR2: 00007f639489130e CR3: 000000004f758000 CR4: 00000000003526f0
[  632.311843][    C0] Call Trace:
[  632.315105][    C0]  <IRQ>
[  632.317933][    C0]  ? __pfx___cpa_flush_tlb+0x10/0x10
[  632.323206][    C0]  __flush_smp_call_function_queue+0x370/0xaa0
[  632.329344][    C0]  ? __pfx___cpa_flush_tlb+0x10/0x10
[  632.334611][    C0]  __sysvec_call_function_single+0xa8/0x3d0
[  632.340482][    C0]  sysvec_call_function_single+0x9e/0xc0
[  632.346096][    C0]  </IRQ>
[  632.349008][    C0]  <TASK>
[  632.351918][    C0]  asm_sysvec_call_function_single+0x1a/0x20
[  632.357876][    C0] RIP: 0010:preempt_schedule_irq+0xb0/0x150
[  632.363751][    C0] Code: 24 20 f6 44 24 21 02 74 0c 90 0f 0b 48 f7 03 08 00 00 00 74 64 bf 01 00 00 00 e8 4b 6c 1f f6 e8 26 94 56 f6 fb bf 01 00 00 00 <e8> 1b ab ff ff 48 c7 44 24 40 00 00 00 00 9c 8f 44 24 40 8b 44 24
[  632.383338][    C0] RSP: 0018:ffffc9000402f4c0 EFLAGS: 00000282
[  632.389388][    C0] RAX: 6f5b54d61d387c00 RBX: 0000000000000000 RCX: 6f5b54d61d387c00
[  632.397339][    C0] RDX: 0000000000000006 RSI: ffffffff8d992cd0 RDI: 0000000000000001
[  632.405290][    C0] RBP: ffffc9000402f570 R08: ffffffff8fa17437 R09: 1ffffffff1f42e86
[  632.413242][    C0] R10: dffffc0000000000 R11: fffffbfff1f42e87 R12: 0000000000000000
[  632.421198][    C0] R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff92000805e98
[  632.429161][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  632.434869][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  632.440658][    C0]  irqentry_exit+0x6f/0x90
[  632.445058][    C0]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  632.450496][    C0] RIP: 0010:lockdep_unregister_key+0x2c5/0x310
[  632.456632][    C0] Code: 65 48 8b 05 1d 73 02 11 48 3b 44 24 10 0f 84 26 fe ff ff e8 ed e1 d1 09 e8 18 e3 d1 09 41 f7 c7 00 02 00 00 74 bd fb 40 84 ed <75> bc eb cd 90 0f 0b 90 e9 19 ff ff ff 90 0f 0b 90 e9 2a ff ff ff
[  632.476213][    C0] RSP: 0018:ffffc9000402f638 EFLAGS: 00000246
[  632.482267][    C0] RAX: 6f5b54d61d387c00 RBX: ffff8880301d9a98 RCX: 6f5b54d61d387c00
[  632.490219][    C0] RDX: ffffffff9363e358 RSI: ffffffff8d9a65dc RDI: ffffffff8be31d00
[  632.498174][    C0] RBP: ffff8880301d9a00 R08: 0000000000000000 R09: ffffffff81aaac58
[  632.506125][    C0] R10: dffffc0000000000 R11: fffffbfff1f42e87 R12: 0000000000000000
[  632.514080][    C0] R13: 0000000000001000 R14: 0000000000000000 R15: 0000000000000206
[  632.522034][    C0]  ? __is_module_percpu_address+0x28/0x3f0
[  632.527830][    C0]  __qdisc_destroy+0x166/0x420
[  632.532575][    C0]  dev_shutdown+0x34c/0x440
[  632.537059][    C0]  unregister_netdevice_many_notify+0xea7/0x2320
[  632.543373][    C0]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  632.550116][    C0]  ? unregister_netdevice_queue+0x1b3/0x380
[  632.555991][    C0]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  632.562212][    C0]  ? net_generic+0x1e/0x240
[  632.566709][    C0]  ops_undo_list+0x3dc/0x990
[  632.571278][    C0]  ? __pfx_ops_undo_list+0x10/0x10
[  632.576367][    C0]  cleanup_net+0x4c5/0x800
[  632.580763][    C0]  ? __pfx_cleanup_net+0x10/0x10
[  632.585679][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  632.590857][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  632.596554][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  632.602256][    C0]  process_scheduled_works+0xae1/0x17b0
[  632.607790][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  632.613755][    C0]  worker_thread+0x8a0/0xda0
[  632.618336][    C0]  kthread+0x70e/0x8a0
[  632.622381][    C0]  ? __pfx_worker_thread+0x10/0x10
[  632.627473][    C0]  ? __pfx_kthread+0x10/0x10
[  632.632039][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  632.637219][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  632.642402][    C0]  ? __pfx_kthread+0x10/0x10
[  632.646967][    C0]  ret_from_fork+0x3fc/0x770
[  632.651543][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  632.656633][    C0]  ? __switch_to_asm+0x39/0x70
[  632.661374][    C0]  ? __switch_to_asm+0x33/0x70
[  632.666114][    C0]  ? __pfx_kthread+0x10/0x10
[  632.670680][    C0]  ret_from_fork_asm+0x1a/0x30
[  632.675424][    C0]  </TASK>
[  632.678433][    C0] Modules linked in:
[  632.682317][    C0] ---[ end trace 0000000000000000 ]---
[  632.687746][    C0] RIP: 0010:__cpa_flush_tlb+0x123/0x270
[  632.693276][    C0] Code: 8b 44 24 30 80 3c 18 00 74 08 4c 89 e7 e8 d5 c1 ae 00 4d 8b 24 24 85 ed 0f 85 ad 00 00 00 e8 c4 ad 4a 00 4c 89 e0 48 c1 e8 03 <80> 3c 18 00 4c 89 f5 74 08 4c 89 e7 e8 ac c1 ae 00 49 c1 e5 0c 4d
[  632.712860][    C0] RSP: 0018:ffffc90000007ef0 EFLAGS: 00010003
[  632.718909][    C0] RAX: 0000000000000008 RBX: dffffc0000000000 RCX: ffff888026960000
[  632.726861][    C0] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000000
[  632.734813][    C0] RBP: 0000000000000000 R08: ffffffff8fa17437 R09: 1ffffffff1f42e86
[  632.742765][    C0] R10: dffffc0000000000 R11: ffffffff81751cb0 R12: 0000000000000046
[  632.750717][    C0] R13: 0000000000000000 R14: ffffc9000423f480 R15: 0000000000000001
[  632.758667][    C0] FS:  0000000000000000(0000) GS:ffff888125c1d000(0000) knlGS:0000000000000000
[  632.767572][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  632.774132][    C0] CR2: 00007f639489130e CR3: 000000004f758000 CR4: 00000000003526f0
[  632.782084][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[  632.789499][    C0] Kernel Offset: disabled
[  632.793803][    C0] Rebooting in 86400 seconds..