last executing test programs:

8m36.091314731s ago: executing program 1 (id=649):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x200000c, 0x3032, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xbf22}, 0x48)
r1 = socket(0x2c, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r2, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r1}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r0, &(0x7f0000000140), &(0x7f0000000080)=@udp=r1}, 0x20)
syz_usb_connect$uac1(0x0, 0xab, &(0x7f0000000980)=ANY=[@ANYBLOB="12010000000000086b1d01014000010203010902990003010000000904000000010100000a"], 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(0xffffffffffffffff, 0x80049367, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff8000}]})
close_range(r3, 0xffffffffffffffff, 0x0)

8m30.637866405s ago: executing program 1 (id=658):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @void}, 0x10)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000340)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000580)=""/67, 0x0})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0000000000000000010001"], 0x50)

8m27.240635147s ago: executing program 1 (id=665):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff})
r3 = syz_io_uring_setup(0x49a, &(0x7f0000000200)={0x0, 0xbe5b, 0x10, 0x22, 0x2a}, &(0x7f0000000280)=<r4=>0x0, &(0x7f0000000380)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffa, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, r2, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0, 0x40000164, 0x4aa52520f215cfe4, {0x2}})
io_uring_enter(r3, 0x154e, 0xffffffff, 0x1, 0x0, 0x0)

8m16.333987536s ago: executing program 1 (id=685):
r0 = syz_usb_connect(0x1, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0)
r1 = socket$inet6(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r1, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c)
getsockname$inet6(r1, 0x0, &(0x7f0000000200))
syz_usb_control_io(r0, 0x0, &(0x7f00000008c0)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x40, 0x13, 0x6, @remote}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x140, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x4e22, 0x2, 0xa, 0x0, 0x20, 0x6c, 0x0, 0xee00}, {@in=@multicast2, 0xfe, 0x32}, @in6=@mcast1, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x5, 0x543}, {0x7, 0x7fffffffffffffff}, {0x0, 0xfffffffc}, 0x70bd2d, 0x3500, 0xa, 0x1, 0x0, 0x50}, [@algo_aead={0x4e, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x10, 0x60, "2104"}}]}, 0x140}}, 0x8802)
syz_usb_control_io$printer(r0, 0x0, 0x0)

8m10.430891504s ago: executing program 1 (id=693):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x4, 0x4, 0x3e8, 0xffffffff, 0xf0, 0x0, 0x0, 0xfeffffff, 0xffffffff, 0x318, 0x318, 0x318, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x1, 0x35, {0x3}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00', 0x1, 0x3d, {0x6}}}}, {{@ipv6={@private0, @loopback, [0xff, 0x0, 0xff000000, 0xff000000], [0x0, 0xff, 0xff000000, 0xffffff00], 'team0\x00', 'batadv_slave_0\x00', {0xff}, {}, 0xff, 0xe7, 0x4, 0x44}, 0x0, 0xf0, 0x138, 0x0, {}, [@common=@dst={{0x48}, {0x4, 0x9, 0x1, [0x3, 0x8575, 0x9, 0xfff, 0x8, 0x101, 0x1, 0x101, 0x8, 0x5, 0x800, 0xb9e, 0x6, 0x8, 0x7, 0x4], 0xf}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00', 0x0, 0x2, {0x7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x448)

8m8.995823187s ago: executing program 1 (id=694):
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_usb_connect$rtl8150(0x3, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x21)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000080), 0x4, 0x80000)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x4, 0x1000003, 0x1, 0x4ddf, 0x2})
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)

7m53.876818026s ago: executing program 32 (id=694):
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_usb_connect$rtl8150(0x3, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x21)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000080), 0x4, 0x80000)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x4, 0x1000003, 0x1, 0x4ddf, 0x2})
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)

6m36.689027997s ago: executing program 3 (id=892):
r0 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x4], 0x0, 0x0, 0x1, 0x1}}, 0x40)
r2 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
r3 = openat$binfmt(0xffffffffffffff9c, r2, 0x42, 0x1ff)
mq_open(0x0, 0x1, 0x0, &(0x7f0000000040)={0x20001294, 0x2, 0x5})
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r4=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r4, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f00001f8000/0x4000)=nil, 0x4000, 0x0, 0x12012, r3, 0x0)

6m33.748345561s ago: executing program 3 (id=899):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000300)={[{@nodioread_nolock}, {@nodiscard}, {@noblock_validity}, {@noinit_itable}, {@journal_dev={'journal_dev', 0x3d, 0x7}}, {@data_err_ignore}, {@barrier}, {@nodiscard}, {@mb_optimize_scan}, {@sysvgroups}]}, 0x1, 0x5ba, &(0x7f0000002480)="$eJzs3T1sG9cdAPD/HUnLH2rlAi3QFh6MtoALGKYkf7RuJ3stasCAhwJdWoGiBUOUaIhUawkCKu9GUQ9FG3hxtmTImCBDhiBLxqxZ8jEHMGIhASwPCQOKR1mWSZtSRFERfz/gyPfujvz/H4/vkXe4wwUwtE43H9KIX0TE9SRibMuyfGQLT7fWW19bKT1dWykl0Wjc+DKJJCKerK2U2usn2fOJiFiNiJ9HxAeFiLPp5lseaRdqS8uzU5VKeSGrj9fnbo/XlpbP3ZqbminPlOcv/P4Ply5fvDR5fnJruk8bW2uFnbX13qf3/33voz89vP/mW6dWS/+dSuJKjGbLtrZjL7U+k0Jc2Tb/Yj+CDVAy6ATYlVzWz5td6WcxFrms13fS2Do4jOxLekAfNUYiGpu2FIEhkOj0MKTa/wOa+7/taT//fzy62toBacZdX1sp/Sva8fOtYxNxdGPf5PhXyXN7Js39zZP7mSiH0urdiJjI51/8/ifZ92/3JvYiQfrq/autDfXi9k83x5/oMP6Mto+dfk/t8W89G//WO8TPdRn/rvcY45u/fv5a1/h3R+KXHeMnm/GTDvHTiPh7j/Ef/OXdy92WNV6POBOd47clLz8+PH7zVqU80XrsGOO9M6f+2L39Ece7xG8dsz26kcjW9h/Jckp7bP87H779q9WXxP/tr1++/Tt9/sci4j/b6t385Mkbf+627NHd5HHzX8BOt38ShXj4qoZnfnfl9CdZ0VFDAAAAAAAAAADYQ+nGuWxJWtwsp2mx2LqG96dxPK1Ua/WzN6uL89Otc95ORiFtn2k11qonzfpkdj5uu35+W/1CLguYO7ZRL5aqlekBtx0AAAAAAAAAAAAAAAAAAAAOihPbrv//Ordx/f/221UDh1X3W34Dh90O+7/hAg6R5zt0MrA8gP3nBx2GVkP/h+Gl/8Pw0v9heOn/MLw69v9j+58HsP/8/sPw0v8BAAAAAAAAAAAAAAAAAAAAAAAAAKAvrl+71pwaT9dWSs36dH5pcbb6j3PT5dpscW6xVCxVF24XZ6rVmUq5WKrOver9kmr19kTML94Zr5dr9fHa0vLf5qqL8+17ipYLfW8RAAAAAAAAAAAAAAAAAAAA/PCMbkxJWowotOppWixG/CgiTiaR3LxVKU9ExI8j4uNcYaRZnxx00gAAAAAAAAAAAAAAAAAAAHDI1JaWZ6cqlfJC/wr5LFRvr/qs3td88jtZOSJW9zaN5jvu+FWF7APs72bqsZBExAFIY9eF3Ivfw6MHIrGDVhjgoAQAAAAAAAAAAAAAAAAAAEPq2UW/vb7i2/4mBAAAAAAAAAAAAAAAAAAAAEMp/SKJiOZ0Zuw3o9uXHknWcxvPEfHPBzf+d2eqXl+YbM5/vDm//v9s/vlB5A/0Jh/tfppGRLMfAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM/UlpZnpyqV8sIuCyM9rDPoNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsxncBAAD//yZjzMs=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141442, 0x40)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x2, 0x11, r1, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000300), 0xd, 0x5f1, &(0x7f0000001200)="$eJzs3c9vVFUbAOD3zrSlpfC1kC/fJy6kiTGQKC0tYIhxAVtDGvwRN26stCBSoKE1WjShJLgxMW6MMXHlQvwvlMiWla5MdOPKkBA1LE0cc2fuLZ32TktLO7cyz5MMvfeeuT3vMH3nnDlzzp0AOtZQ+k8lYl9EzCQRA8nCYllXZIVDjfvd//PDM+ktiVrt1d+TSLJj+f2T7Gd/dnJvRPzwfRJ7qyvrnZ2/emFienrqSrY/MndxZmR2/uqh8xcnzk2dm7o09vzY8WNHjx0fPbyhx3Wt4NipG++8N/Dx+Btff/lXMvrNL+NJnIiXsjsufRybZSiG6v8nycqi/uObXVlJqtnfydKnOOkqMSDWJX/+uiPi/zEQ1Xjw5A3ERy+XGhywpWpJRA3oUIn8hw6V9wPy9/bL3wdXSumVAO1w72RjAGBl/nc1xgajtz42sPN+EkuHdZKI2NjIXLNdEXHn9viNs7fHb8QWjcMBxRauR8QTRfmf1PN/MHpjsJ7/lab8T/sFp7PXgfT4Kxusf/lQsfyH9mnkf++q+R8t8v/N9Ofuxv5bG6x/6MHm231N+d+3wd8IAAAAAAAAnevWyYh4rujz/8ri/J8omP/THxEnNqH+oWX7Kz//r9zdhGqAAvdORrxYOP+3ks/+HaxmW7vr8wG6k7Pnp6cOR8R/IuJgdO9I90dXqePQJ3u/aFU2lM3/y29p/XeyuYBZHHe7djSfMzkxN/GojxuIuHc94snC+b/JYvufFLT/6evBzEPWsfeZm6dbla2d/8BWqX0VcaCw/X9w1Ypk9etzjNT7AyN5ryCzZOHQUx98+m2r+jea/y4xAY8ubf93rp7/g8nS6/XMrr+OI/NdtVZlG+3/9ySv1S8505Mde39ibu7KaERPcqqaHm06Prb+mOFxlOdDni9p/h98evXxv6L+f19ELCz73ckfzWuKc//7u//XVvHo/0N50vyfXFf7v/6NsZuD37Wq/+Ha/6P1tv5gdsT4HzR8nqdpT/PxgnTsKipqd7wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DioRMSuSCrDi9uVyvBwRH9E/Dd2VqYvz849e/byu5cm07L69/9X8m/6HWjsJ/n3/w8u2R9btn8kIvZExGfVvvr+8JnL05NlP3gAAAAAAAAAAAAAAAAAAADYJvpbrP9P/VYtOzpgy3WVHQBQmoL8/7GMOID20/5D55L/0LnkP3Su4vz/ue1xAO2n/YfOJf+hc8l/6FzyHwAAAAAAHit79t/6KYmIhRf66rdUT1bWXWpkwFarlB0AUJrGJX5qZYcBlMDUH+hc3uMDyRrlvS1PWuvM1cyceYSTAQAAAAAAAAAAAKDjHNhn/T90qlXX/59uXxxA+1XLDgAoTb7+f3/JcQDt5z0+EGus5C9c/7/mWQAAAAAAAAAAAADAZpqdv3phYnp66oqN17dHGO3cqNVq19K/gu0Sz798I58Kv13iWbaRr/V7uLPKe00CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACa/RMAAP//oY8m+g==")
read(r1, &(0x7f0000001400)=""/4096, 0x1000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r0)
getsockname$packet(r0, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(0xffffffffffffffff, 0x8936, 0x0)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r2, 0x0, 0x4000014)
fallocate(r0, 0x0, 0xfff, 0x9)
write$UHID_INPUT(r0, &(0x7f0000001440)={0x8, {"715b1a6a9fca300288d0d6f164694e9be52056879d4f7f9e17a2f387a1e887ad9fea8a741f3a85292a8ca98e1512418fbd5b5beafe58966442a9c6d52bdef586966362501755a16514ded809c856f4e58261695dbfb4d87cd5d13b78c6cf696afecb55cca3e7607479bc2ceded20d446347481aa05e3083992814f23f6ba955daa8c5988fcc3e1f4a1657a94b74a6161fb233fa5146129889ae615315f974fd1e2c6db572e40a4ec1325c81eff25243f2fbe74fc9cc389297c04d98213ca54c33fe33622c7ebe8f6e9712c07be77c43bddb575411faf61123d450d3c608e581d9d1fd5562abd932bbdf70ff573330754d8f2a3c38906aefc04f438f74482b6e4ec9501b6b43d08d910bda4fc230cfbdc06b2447775f53c6aa87b73a284167aee5e05fc8d867afd4b6b8c3ec81a23be5df245d8e21aa8a630de4b680f34fee2af9de02aeaf31aa7d15edbee78a2a7a621305217678c619a19d41e927e798df495ff28a6485e978bb29cf5f82e31ee8e142134e0845f5c1eaa9664c7dbbfcfcd9dc0567fd447f25de86bea1c28e8a9973e3d5f00e74d022f2b9a97ff08f404af3911f7f086643bfd9004c2500b1684e73c885374cb382bcb37fc82a31c79991b2547fbbba3c005b4d88825488599a8cf0cdaebb4d137232516c9f897d72d034a5b69d03be18c0a0958495e3c0f9b7b31f7684236be8772de10aef1446909f13fb49b4516d00f889efe72769585f4e1ffaa5fc9c0dbfa7b05efbaa14a3e240cf7603c6a487f4155f92bc22c262f496e2f30eef1b95cf28235c0273f295a136f122539ceccb412f7c08a019efb4c270a417db7deb6973a6d0370df72d12456b2d2187c4abdb632bc6323eaaa10f6e8c829d9b556b04498de35a355907c9a17b99b2effaca8ffbfe486493740f3dded005e8bf91b417e2cde579f9232c04807dd2f2da29faf183dee67430972a0c85ee9e9319a7b55b03b3db7d2623f3b16da80eee507de1f18b298a045f32970903d4ee04f99c8a6c086c93f465ad8493f3f2e0579993374b1941818c67c448c4e218e64467ea9755042b593a33f5f909ba7eb4c14be439964ff2c5ff2367710438f2d306e721042b39499b21b034cf9a95048a43e8d96eb88c7e372ee61e7a909b6e947d416b2ac672fa3683771cf6986bda28ccd50c448e31985adf2b836349d8e1ac3ea17dd9256bac1f3c47f39953fceddef2e12b9956ad44347142d836ef531528fd9cbc0c132ac6e270c9f5e4d950d62b788dfb1e337be9629a02f945897bdd5168d73d78ec3a7651465949f5027dcd0affb6b24063499d4afb57b80aa62efaefe607fb9073c79d7083c629bf11a56527fe85a41c3b347c7ef54c85a6e6d046994101ae7627e74d14337a9bb042f5f0aeca0a6199dedb3e4b1aa30760131e8d76d43d9991ac1b3c443b25d7c4c8153d1c7763e6f2fda8c404697668f6aa61f8e28d568320ed190ca635c74d9948adcaa53776a2db303b848723b414bd192511f557f2a426822acecfa3ce6f9bfd60c0144b1a55294387238fbb196addf0502ee9af4108682d056f8965ce4fca03d8ecdcf5f302eaea2de59bf663b15bf8a20ce874ff7d3958fe6da3301b678c2930129b3cb4413400388a59ae939c58d96043d93a57a980ed6b9f35751e059ef6c06cffa4f5c3f8ba1ba67f0160390ec77311e4e67d921bb40a29d448f274da50115c2c67baa3d6f39f9ddfaf3e67392d9e3802c353f0b855c927d6a45e445f58526a09793bcc2e72163fb1b7a779d99f230bd95e5bce797cacb0b8343dcf1be080f18040fe288b157b01b074d25fe44ab6b3c0362f1931f6b174412a8d6a2a645270e7430b3884ac16930105786e469d1d8bcf9ed4010ee3accf78ecc138a8b11c15798eeb29ef4fc3bc5b376807348e1647148c35a1aa3d7ed05dc3a11274887f04f035837a9ea81fcb5eaccd4f43f2f6bbf3c426f72e1423c9175c2b234be0fd3c40c15e5e35c5c7359c894e95f82797c48fdca7ef07a6fa6f0dd0bb9a24c4aa9050000000000005c67e60f8814f67d86caba122def954662ae2c6f4f99cfbb55214c61216e8c8f84e9b172129642d754a49c923c6c6f1ba820e99a513308a03c9a080be7224244f2bc1d99d93ddcb25a3d2e0a6b4b868f877760b019c8c475c3e0b90109c21c309e7bc0ffc48753aeb70e7884c8eac52b2fb8576ae917199bfeea255da4b54667320798db03440fabaebb1e8e181506bf93ac67ba128a14c9dcc45d9f07ddfea21e7da2bf4215bc73e82e9a7187cd5fa7c17f7710f2cdf59bb22ce786328af52f17349c42ca7bce681619246b8b467b7b4c60125ea5687e1cd9bf36a67023759a8baeccb60e84c7102f284436584d0508486d96af8ea8358f7ac1f9a21c1229eda8a1a273b999a74f39d3851b6aec92d120f2c4ca0b2852844b5529eb40db91749f221568850f23f089dd704434b6fe736ab7eb67ebd52943000770e0a57c6ff7c1420a225fdeca0cddcf4083a3f5f9fb37490dfdf2c8aae282558c8a4af6ec41f7788d6340053ff69311489323c403becde20ae84c6a8968717e8923c13723be082aab3edd7cf0fd1b2a1f64692911d9e49c4d7d20f8c9364c454fdb51ff376abbae26df57ab7d458772a919879ea7caada2c17fb0011ecc8ced3d7dfa39250fc3c8cc9d0f377860d8b58fd81952f50d732adc73e470c1f5778a49d7f3d507e5ab5cb798420f3a56d9d3ad76b75e5d41921a7ae04099968867c816f6d44c4a41cefbe31623d6899a00c28454bdc0ea17f284dcb39a0221989e3c2bbcc5556e8f870bbf98be4b57be438797995d221ecd0515e4c89c431ff7b595f35527911371cc324cd4c76d4ea68cfdd1eed120ec16e89e4ec4c5ac28039de8b3aa451e1e55631d599612e94630ad3d67ba79e03c4ff023e8ddfd10c09517df736a01af5488a87f551c7e8e41dd0d0d10c58f3053cbdef2c4fd72e51c2d9724360687ab6d0395023626bbfcab24737a50bb27d78ebfe11b5e40a71b2141254074b3dca3cf45456ea1860704b0d5da04710667bf6454c81b33b5b429d2764afd13338d60b928140c05e0b7f41c6fb19b911216ca2357d8171b3673b454b5017bbf34dabdf5fd0d7fb602399ec434f40bc0450cd6e418713c68b349b7deb3ef014b8ec7a62f686b37b1c3a8b60340d0bbf09a6965013c68317d7a2e07bcd3bcaa7cd2cbf34d64534e1ff9cb4ba32d9a5cde63e2da7dfdfcc86886a0ee01fa0d95b78a12085d6dfb62d622041e97d8f03f4727e865be656d9286d628a8950b55dc71058b6dec200049738824a8200023be3f93e740f2a8d241e57deeb642ff28140ee91424db3cf2fafdd8a7d9fc80a7a54da30029ef65df2e7900059ab1141985376e7f9f46e712b4536ed49778e0629d284f56eef0906d21536427333d8a7d6d7e74591031a526eea16a627c5d9f399ec4628a26d9812b68b501716b602564504ab8f16e76a19c608ac550fa52fb80af1e81b48abf13c9996cf47f34d8e943b7d48de31c0d5d794af157c16209d3c0632c2801ab17f05de2c2fb9b9b8c0a257c18a832ac743c9341042af1e56619154fc4f7b20c8de3edbb1636f0a098ed6f6858c27905b00798fd8bedda5eaeeb12ff19943dad0a7f069a9e01dfc9730568784a07c0a6b01623b11a1e6f86cab4d95bf256cd28b00c17b5df66dd4c393471f0f18c68aeae404f5f3fb66bbfd62f1511b35caddad004408fe3b182edf81ad50ac3a639121236968c6be1ba7f7bee6409a91f4c7caf077c2a94c6d8d547cc680a1d7e6cd57c328f6e21312ab76491565c5f4271cbf64ed2be12d770e927cba3cfa0fb89452285a69fe205bc9943eee4466ca8f9998997e2c1a1fe782c9e2241c51dc008bb8f6fe9a49edefae6f43d3e0cd207439745dfd4c347058a4ec3c3bbd56f3108b9a034600f78dc5c889621a6b78e2f7256034d53ae7877de459b6895d5849eb4a8099a62a4bd50d5b4d48cf82fae64985e1e22435fe5d5a4b9119eed5d8ee03a6d1675b7b75d47b8e20a44c05812b36cc2e31947a02c48262c5a875e562dbd4a1a8d045a37afabb28079d3904f53d466e5abab09b8e5e0a56dbae4c4cd9bc6640b47cc6616b2e7cf19c6e9591d32ab0cf87880c81d63948a508ad0cbd50e348d399daf51efb2b96ef9d56a8ba89d04bf5e7d4f7353f71d1a6cb78da6644574664d08e848cf97bab16d6acf70f0e8a06dad5c741cb5eb483f809c4c35307595f00d00bf6a1474aef94cfc913d08c612387172aabc802c17753c6ccd752eaa81e7eefd61c037f958e23bcb9c1510ea47bcaefa72f070809de9f79faede74c87231411b17b353382974bcd334cf983c85ad9e1844cdbd9181a5bb976c35b6a638ae8dd20119858f8c525d735779b2f8e244ed2fc0d900445fe1fe775b4bcb1d2e8d456fd6234ddfcad7fe7abf716d9f4b4a6ee83be812cdda17ec43a895a5c03e5359cce3de61d9736f8a4d66051891b1431f2e61a324f252bd0e9b32e23bd31a5405642bbd2cdc5d3e45b56530568f05a72d475a7d3505b26d9fcdaeb30a62ddf09bcd9e59c1f34e375149782b8019a7a9883fd93397acb338af428f1e015a671b5c11651d3c0168f747fdc6e1fb084bdcbd760adce881492b2bbb76c0a1327e76c9c7ce0afff2f80ec30f2be04d9f93a9b291cc01bcc03f7b67e16a7f1bcc838aab9240df99691a2781da614fdcecf5115382e1357460f4b8e3a577d3ae922379eadc2416d40028c785905bb43a41f5fb7189a8704b8e492c86bd82d0560f81796693e74f08739b632e5226d3c3a963caf5db455ac20288d472611e7dc243531fd66718e94daa2bf93a30a38e6a497a50f2472a72bf9c4689e54105c44cd074bb87e087735791b436d6553c5f2b61ff75dc64ba597b77f7ea42a0ec14dc08107e7bbe97ae519beb5e18a8859493afd097d4609a3a2025fe9603b85f2b1350336d92e15d0bdea3a42bb8775ff2b38babf2ec27e77452c93a05a798ec789a6a012047481ea8e1a8dfc77a9f0f6ddebb9f3503702b147f663f01f70cdfc29afe0cfd7823823fa2e139ea7d1a010a67bb3a31e620aff5cbe1a99ac3cd0f91c472dd021213edf5a9225941b575e27f99c0cb94eb9598a443ec7665335305895ebc28e3f8d34adf6aa37084f823d293ba9dcb2f73d88457d0a55c9202dd309a9b36daa4e50c8f9c93ec7644a7a730b6b947f0f2381a34d67bce50e790a7655a34a2f70723f360af014befa4fd3dbbb8bc2f1461eb48b987a8b772b3ad31a1077c59ef45e4b2870739454ef56402115ab427527e67b6a6a97b2bb3d7a2c13d2a55d1032a64b83efc13939589e46abd78bcc493529cf38581fe3160b2c6eb5a9ac6cee0b05618e51450af077fba0dc943089f112e67a2c654ad94157e95295219d0bbab3a02a2c9ec08ce9d904a703760dc41a7943d52561aeb5519e82d0d390365cfd796434c3decf733d8f09789af0b990f4f9b791cf0d677f34d85fc2b3583b21737955cbaa098963bfa39755f335329f265db75c5d406a0a91ed76563a3ed5f3d2877c2b4b81dc1eaccde6d642c0d8791482e27c64103fc87a55ae91e7adf49ddc1dace5c3108d6a496d678ec5ba09b2a9e6990cb63ac3e4b787661800d11c73da87bf5d297c1fb531aa105d30464b0e023e4212a0d4a0ac119c1568280d49d084729e680a0f453a725ed08454fa874cf22f5718e2afd995a1d7acbe92e0a49307f1b322367dc12b3673708024a85fcc643bd00", 0x1000}}, 0x1006)

6m29.893237261s ago: executing program 3 (id=903):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x5885, 0x100, 0x0, 0xffeffc03}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000240)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x3400, 0x1})
io_uring_enter(r3, 0x351e, 0x483, 0x0, 0x0, 0x0)

6m27.731739878s ago: executing program 3 (id=908):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setresuid(0x0, 0x0, 0x0)
add_key(&(0x7f00000003c0)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f0000000380)='i', 0x1, 0xfffffffffffffffe)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)

6m25.482713613s ago: executing program 3 (id=912):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b78, &(0x7f0000000040)={0x0, 0xca72, 0xc000, 0x0, 0x20002fb})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000740)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
accept$alg(r1, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x2, 0x9}}, 0x20)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

6m24.949356543s ago: executing program 3 (id=915):
timer_create(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)

6m8.798776262s ago: executing program 33 (id=915):
timer_create(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)

4m59.175388383s ago: executing program 7 (id=1083):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
socket$inet6_sctp(0xa, 0x1, 0x84)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

4m57.041574302s ago: executing program 7 (id=1086):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000001280)=ANY=[@ANYBLOB="b601ffffffd40000bd110000000000008510000002000000850000007600000095000000000000009500a5050000000077d8f3b4000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d75357f21699cdc6751dfb265a0e3ccae669e173a649c1cfd6587d472d64e7cc955d77578f4c35235138d5421f9453559c35da860e8ef14142b2a3e314422b854421eed734ceb1efeecb9c66854c3b3ffe1b4ce25d7c983c005c03b1d1ca4cb3e26e7a23129d6606fd28a697a9d552af6d9a9df2c3af333e2008e11bbec0727cb3f647535deb6277f5696833a71011a7d06602e2fd5234712596b696418f163d1a13ed38a682f87925bfa753f631cd027edd68149ee99eebc6f7d6dd4ae59af7588c8e1f4efab57644ccb1973d7879b70a70001040000000000000000d7900a820b63278f4e9a217b98ef7042ad2a923132f208fd8289eaf8cd00000000000009d27d753a300800000000000000a5686f2fccc33e3e34c3969c5ad781302d40e97a8ad10ce0cbe17366d5ac6af2fca2360a15b80400d52040ef7b28d300747877e176fe4c4b8e40dbf260f5a9f7eee30293c1b163b795d0aef4deb851a30000f569dc8f39943f889008e1ec914faa9e6cd0b3b4b3b5db666ebeb49d6a62019d76459e70b459543c4ac42e53b4ad4c77cff373ebd95848f01864e456969cd28000170996016aceb583df5ee4dd722e8c350af489f9a900000000a0dcc391a65c674a9cce0439f832a20d7cbdcda5dff3ba92dd66afb9dcd3e7784dbea1e51a15b0f1a040cc63177f8fafa3192fc8e5552da1a982ab8dfe31ad1a0968faa47c2069d6bf09c3aa4f0fc128cb578d99b08a150b4cc4b22f6a464c6398c952519818a44a1b450ff502df87865c276588ea478e328e8277e811b99ce1acfecaf8e2c55ccc4b8eae0a61635514e99ffd438784060f23ba74c0b30b1180d935832deb686d789ba1d436d116394534e88492a42b8bcab12fcc661a2dc50b3a1dcfbc871e5c27e3d7260f6fa589e40000b89db451ff994845f6b49c12e89291398bcb3c06ef1289f74e0b0e2cab592d35f82a69e7284223a171c616b1f0fee6c4711d7aecb69746064d2c096554975d605ebe646302bf3d5cf32a9a09915ae3f3d4eb96615d7b237da56cd5e9904a19e145f25b6d98eb2c019967f553b61d0e80d6913cee9f8d18469a654a239a84a85debbc0284c5a5d51f0e115ab159e3b513a68284d2efc30587e433431b2896a3bd48020af67e9ac071b2dd6dc3b9efae4ff03558fa619aea909c7f2416e7e7da1c51ccc7e6ac27412f728dc6d80da8adf317ca863ed683897321f8c8bb5a5d953d6783b7a06353ee496bbdff418de3e53234df87756eb99e330253cf5da4aa1a9648a38f07e2d302b4165983db4f7b8972923fffa8c03c288512a3a38fbd7c816a44634f7a03fab30811b7b93257bea4369ba46024dee5e9b0b2c3d3324e9b7c1f99ab9bb3f498b1485373b79ec84a67dad4e37575dab87ce55a9a69ed856a4c4410d1242ac1bd1539094a641cc086c2c53e363beafc74ab4e9ff320373705cbf5644586ffe60d293944fa2d9dc18b55f1af5c42f27747bef1ffd0c1766f062d47d61bf9f64e6ee288fa7fc12d48da526527b9f5c318c93ec447cb8b5eee7aa8a1e85696af3dfef96657c0545c8ebd96528d9c28828e5befd80d684b03b6d153da3e3cbd3bfbf4a9375b8ad04a1d241bcb5d5505cb6cc7a44e2e24bd0b1ca4879caaff59d0ce39dc7f3fea447f4e46967855208e63ec988bd2692afefbed2b001205e4b30ee8fe417defa566a73ace8f01f7181de0ef25f1744896a3c38859e6148c42454949cd64b1a888e7fe9c2d86bb01023b6dde4ab67f5eb038af3e460c771518a4126c338b0390d459361e03adf6e6b558b3651a0e33d101b5febfff82794203da18db6fcf89715c2d338f78d8b9220171b418528f857a7cb79ca990de1208777e13faaa9b9cb9e67797b07d9eb9e909410b50c5d981d9a72aa36498b630519d1530ef0000000000000000000037fcffffffffffffff8db8379bd2044c652dff399a9f8bfa4e9c507f049d18837464276830461ee203ba51f6102d262fc9a26bc3638ecce24e65c55da6efaa462f03e0d3ab2b71d0e119c963a8c7a522b59f5a7b44d018cb2648383073d9e032492cae44350bc0a85697f431392eb22cae093e85954af97d6d7b2e6e8f43353062275ad1578a431594243452a2bfb89f91d8eaac00000000000080014573789425c4c22da528d89356aa6d2ae6da082e756c80cf39053431080ea6cbf9997a5a0ddad0b9d12bc3f880476ab32f0feaac5f16e61f7b72b8c9082eec423c6b3eaecfdcc9ec72795e7696421c83b76c2d6bac19bc875d009679778d8ef97d7e05329649d97b0dc54bea9b650873de2d3d702690176e0b23ee5cb5e469a8d1612d611722e6200e3a297d92f8e1de98326c5ef2b89d4e2d47767c0700783e5d865e373338e96ceb8399f296c59b2d70ca27735ecaff62982616d3ac1ab041733bce119d8002a6c8a2b08b32551b2313b1a2ff41b3f04af61c69c85cb2da48215727271bac2ffdeb62d9f5dc4845f1c3f63dc806e615ee8d28d6d7f181e30807afa27f41d0364c746a65a47464db68f3c433d88dd625db35fded2c86d75af88efaf20c8b37c644b6c4e773a9589200faa553bc92f916b75ddbfa18ab73979f46947b35914286d2499a0b8c970000000000000000f4fe74e0c26ab52329bd600627b256ca44dd121ffc8dbb6e5f70cbe03efccac70375b30cc927574d254d1b46c607e8b1ca7d1511568c4d885723734a3ef4b6b885f4582bdcef74e5e010627fc8e4fe00000000000000000000869d9640f06b11df2971909b90133983308ea4f033de613763f32d913bcbe9dd082a6fff197a20730269e6cfd31275395833f1c2b8a50a94c30cceae2a11fe9b9b835d0da73891c0b3ce22dea6bf31e7f51808cf72f44b4455b77a778440795e152dc1b7bb0a5636aa4742ce4d331a47de5836539cdf289176527277b70c8162aaf6f9475418b478329f3565450acfaf07000000eab8cabfa97e35081967bb92a264b07e8003d2f15537e72a1e4ca5ec1e2aaaf8236ecdefbaf512c75e636b6b6f518ad20521f909b12e9bc97e408e0dc82f950d12705f35708bc862196abb27e8d7991b5273987f38c4706289ff4f6130cee76465d487a07a74452f87da2029bd3debd9870335d58d3fe1ac809c227aa25842f75981bc6f569ffdb10ba3f20a86d95128d13e0c778998d3b3114bfb07bd61e4bff8a5e2ce4aa572c63e09b44ca4a181bcfe4eec3ce843c65c4948169fe639a186acc2b4a96c6b8d4d2e6d53ab97bea01eab953e6e89e3af34d4ada217bc6fda0fb2095c49195d0d6f365ca80a955b9ec81240a84ef672afa369fc8e3d444ba35d0f51a0065a3b982d09dfc6874fc0d8079b185447cb8a695e132d4d613a529d9c77e2a8f7320ecf698e8a2b170fd601dc1a9767a38b10788e92d1356f6a6c1bcfb2d31b46e735db13f1be80bac1b6be04fd98610000000000000000000000000000139af5493f74751c5e2501a4936bc4a0fa516117f4ccadc692003adee0a080eba2f1059660c0ee0e9aec72d4d0fe095632e4f641b0e34c611c5b3e0ba05fa36542d40837dda323910672a9097d68398fd3539686e4288db0d6bf7cb8a1835f46dfe11865a66ef47e736dada06677a5bca133d6cbc8fe5c4557e51b006bdccd7c5f32ff1d9e8b130f77df09236870fb3de5b87b4f8acc13df534eba329b86670000000000000000b27a2616c03cdf6c009447a652bca9b325e73c0737d5b717945e4fe7a169c5e2c54fc71a4104aa7cf0f5d30e2fcd9503650edbd8a5971a9a1fde5e5df37469ae204a6e899eacc1e63034cbabc5604739881cb82604bed3e53696a0606b26b879ef232a1a038291389593d1575cb79aa8284cf01a7e1a456acab9d8d608ad69d4c4b56492af7004e7ed9d47c5db3d76a00bea7c804f3a3638408bc1636f1009b7f185f51606918eaa0ab6"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)

4m54.728468321s ago: executing program 7 (id=1089):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$vbi(0x0, 0x0, 0x2)
r3 = syz_open_procfs(0x0, &(0x7f0000000100)='net/sockstat\x00')
read$FUSE(r3, &(0x7f0000002780)={0x2020}, 0x5ecfb203)

4m52.388851792s ago: executing program 7 (id=1094):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x2f00020b, 0xd, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b9", 0x0, 0x7515, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="220000000400000010000000"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r1}, 0x4)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000640)={r0, <r4=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x7, 0x1c, &(0x7f0000000680)=ANY=[@ANYBLOB="18080000cbb60000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000008000000bf0920000000000035090100000000009500000000000000b7080000000000007b8af8ff00000000b7080000020000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7050000080000000700000000000000bf9800000000000056080000000000008500000005000000b70000000200000095"], &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)

4m51.091315996s ago: executing program 7 (id=1099):
syz_usb_connect$lan78xx(0x3, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000380)={'syz1\x00', {0x0, 0x7fff, 0x2, 0x2}, 0x51, [0x3ff, 0x2, 0x10000, 0x0, 0x7ca6, 0x9, 0xc2ad, 0x4, 0x9, 0x9, 0x5, 0x9, 0x8, 0x200, 0x5, 0x3, 0x8, 0x5, 0xfffffff9, 0x6, 0x3, 0xfff, 0x7f, 0x4152, 0x8b3, 0x9, 0x861, 0x7, 0x5, 0x0, 0x3c, 0x4, 0x1005, 0x4, 0x8, 0x38, 0x8, 0x8, 0xd5bb, 0x3, 0x1, 0x9de9, 0x8, 0x3, 0x3, 0x7f, 0x5, 0x8, 0x0, 0x1, 0x3ff, 0x6, 0x2e, 0x800, 0x846c, 0x3, 0x6, 0x31b, 0x8, 0xa, 0x1, 0x7, 0xffffffff, 0x3], [0x4a, 0x19a78cbf, 0xe936, 0x0, 0x200, 0x81, 0x2, 0x7d, 0x10001, 0x8, 0x3ff, 0x1, 0x7, 0x8f, 0x1, 0x5, 0x1ff, 0x200, 0x6f8, 0x7, 0xd, 0x7, 0x788, 0x6, 0x0, 0x0, 0x8, 0x3, 0x5, 0x2, 0xa, 0x7, 0x80, 0x5aa, 0xfffff000, 0x400, 0x2, 0x7, 0x6, 0x6, 0x5, 0x3, 0x88, 0x22e2, 0x502, 0xffffffff, 0x7, 0x1ff, 0x6, 0x10001, 0x9e, 0x1, 0x5, 0x101, 0xfffffffa, 0x0, 0x2, 0x2, 0x6, 0x1ff, 0x8, 0x3, 0x6], [0x2, 0x94da, 0xffffffff, 0x7, 0xc0000, 0x4, 0x4, 0xfffffffa, 0x6, 0x7, 0xea, 0x7, 0x6, 0x400, 0xfffeffff, 0xfc000000, 0x8, 0x8, 0xd1, 0x2, 0xb66, 0x3, 0x4, 0x52c, 0x4, 0x10001, 0xfffffff8, 0x2, 0x9, 0x1, 0x7, 0xe86, 0x8, 0x100, 0x7, 0x1, 0x746a6ffd, 0x3, 0x4, 0x0, 0x1, 0x45a6c325, 0x8, 0x10000, 0x1000, 0x2, 0x5, 0x0, 0x2, 0x2, 0x1, 0x8, 0x2, 0x2, 0x81, 0x200, 0x3ff, 0xffffffcc, 0x6, 0xa000000, 0x8, 0xfff, 0x4000, 0x1], [0x8, 0x7, 0x3, 0xfffffffc, 0x8000, 0x2, 0x8, 0x1ff, 0xfffffffe, 0x10, 0x5e, 0x4, 0x8, 0x8, 0x5, 0x8, 0xfb, 0xf25, 0xd, 0x1ff, 0x2, 0x95, 0x9, 0x9, 0x1, 0xc, 0xffff6f9e, 0x4, 0xfffffff7, 0x10000, 0x7, 0x52a, 0x5, 0xc1a4, 0x4, 0x8, 0x3, 0x9, 0x5, 0xb7af, 0x3, 0x4, 0x0, 0x1ff8, 0x2, 0x7, 0x6, 0x80000000, 0x652d, 0x7, 0x7fffffff, 0xd, 0x40, 0x3ff, 0xc, 0x1ff, 0x9, 0x6, 0x0, 0x1000, 0x9, 0x2, 0x9, 0x4]}, 0x45c)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000004}, 0x4)

4m44.957530651s ago: executing program 7 (id=1105):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_open_dev$sndpcmc(0x0, 0xb, 0x6a980)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000000)=0x5)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r3, 0x0, 0x482, &(0x7f0000000000)=""/149, &(0x7f00000000c0)=0x210)

4m28.246440966s ago: executing program 34 (id=1105):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_open_dev$sndpcmc(0x0, 0xb, 0x6a980)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000000)=0x5)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r3, 0x0, 0x482, &(0x7f0000000000)=""/149, &(0x7f00000000c0)=0x210)

1m36.267513102s ago: executing program 4 (id=1414):
socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@mcast1, 0x0, 0x1, 0xffff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x1, 0x0, 0x4, 0x4}, {0x0, 0x1}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {{@in=@rand_addr=0x64010102, 0x4d5, 0x3c}, 0x2, @in6=@loopback, 0x0, 0x0, 0x0, 0xb7, 0x0, 0x8000000}}, 0xe8)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)

1m33.925553178s ago: executing program 4 (id=1418):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r0, 0x7d4165c9)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r3, 0x7d4165c9)
listen(r2, 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000780)={@in6={{0xa, 0x4e24, 0x2, @empty, 0xc}}, 0x0, 0x0, 0x20, 0x0, "9c0fe2154aa786d10084ecfbe8e86f7d312fcc8fde38d5823d22fbbb55a7837e5f2329f4d662f2185f18fae43e09d661d12a01669d6eef2e4733c2c29a3c3d16ef45c7c1c8ecfcc76b47d9ab9a573f11"}, 0xd8)
listen(r5, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r5, 0x6, 0xe, &(0x7f0000000680)={@in6={{0xa, 0x4e21, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x81}}, 0x0, 0x0, 0x40, 0x0, "2b20a1a47cddc63b223be606d7303a4d4d11e10450d766feb63b382d54bab577021cad5de4fe7630a33b6deca160b1267ff02123bc27830000000000ffff40000000000000b5b29049cb65f00300"}, 0xd8)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000540)=[{&(0x7f0000000180)="580000001400192340834b80040d8c560a066f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0effeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1)

1m32.693597805s ago: executing program 4 (id=1423):
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x890)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x400000000000000, 0x0, &(0x7f0000000080)={0x0, 0xd0}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0xe7, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20008000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
syz_clone(0x2000, 0x0, 0xff36, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0)

1m26.848962402s ago: executing program 4 (id=1436):
socket(0x10, 0x3, 0x0)
syz_open_dev$sg(&(0x7f0000007700), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$key(0xf, 0x3, 0x2)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
syz_io_uring_setup(0x3dec, &(0x7f0000000340)={0x0, 0x3019, 0x400, 0x2, 0x3b9}, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x48240)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000001c0)=[0x7fffffff], 0x0, 0x1})

1m24.343381631s ago: executing program 4 (id=1440):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x5, &(0x7f0000000040)=0x29)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x14b000)
close(r5)

1m22.14368902s ago: executing program 4 (id=1443):
openat$dir(0xffffffffffffff9c, 0x0, 0x42, 0x80)
syz_open_dev$vim2m(0x0, 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0xfffffffffffffe02, &(0x7f00000002c0)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x4040000)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000000)='./file0\x00', 0x2000898, &(0x7f00000003c0), 0x1, 0x55ae, &(0x7f000000abc0)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$dri(0x0, 0x1, 0x0)
acct(0x0)
acct(0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181c42, 0x56)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

1m7.140349885s ago: executing program 35 (id=1443):
openat$dir(0xffffffffffffff9c, 0x0, 0x42, 0x80)
syz_open_dev$vim2m(0x0, 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0xfffffffffffffe02, &(0x7f00000002c0)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x4040000)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000000)='./file0\x00', 0x2000898, &(0x7f00000003c0), 0x1, 0x55ae, &(0x7f000000abc0)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$dri(0x0, 0x1, 0x0)
acct(0x0)
acct(0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181c42, 0x56)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

15.455345373s ago: executing program 0 (id=1554):
syz_mount_image$iso9660(&(0x7f0000000fc0), &(0x7f0000000000)='./file1\x00', 0x8800, &(0x7f0000000d80)=ANY=[], 0x23, 0x7f3, &(0x7f0000001800)="$eJzs3U9oHOfZAPBnFMmWFfAX8n3kM8ZxxnZKbeoqu1KiVOSQbFYjeRJpV+yuik0pSYhtMJaTEBPS+NDEl6QtLaWnHtNcQy6FHgo9lPbQFgqF5tBLD4VATiWFFkpLCajM7K71x1pJTmQrTX8/Yb2z7z7zzjOzo3l21ruzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEUp+pVKrJwYhYOpsOVp9pNRe2uL8/3s/XNVssNyIp/sXoaBzqdh36v9W77yt+HY8j3VtHYrRoRuPa3ffd89j/Dg/1598ioU/q2A7jkog3iqQuPzcUcTsSuYO+87NbnuWfK8XvuayRt5v5Qm0uS/N2M52emqo8dGa2nc7m81n7XLuTLaT1VlbrNFvpyfqptDo9PZlm4+eaS425mdp81u989MsTlcpU+tT4YlZrtZuNh54ab9fP5PPzeWOujJmovBpFzKPFjvh03kk7WW0hTS9eWr4wuV2qRVB1Xc/+dY/XkQfv+fCVD/526UKxQw4aJOntmBPV6sREdeqR6UcerVSGJyoT6zsqG8SNiBiKKCJuy07LZ92B1YPE7h284VMa6tb/iPnIoxFLcTbSSGOo/L36MxKjMROtaMZCcfsPIxvuv6n+f+Ghv/xuq+WW9futoqiP3qjyh1bvPhxl/T/avXV0QP0vDsob89jZz4FbnePKbyPe62aztv9qvBbX4nI8F8uxHBfi5U+Yzx37Gdph3Gj/kdg6bi6yaEQe7WhGHgtRK3vSXk8a0zEVU1GJZ+JMzEY70piNPOYji3aci3Z0Iiv3qHq0IotadKIZrUjjZNTjVKRRjemYjslII4vxOBfNWIpGzMVM1MpRLsalcrtPbsjrvm8+m7zx+w/fLqZvBFW3WJGkeDJXBP11Xff6/aRXzB+IHdX/A70tuD4iiXR4j2sRu6r/p7LT+F04asPuWCnr//BepwEAAADcRkn56nsSESNxfzk1m89nX9vrtAAAAIBdVL6v+UjRjBRT90dSnP9XNol8/47nBgAAAOyOpPyMXRIRY/FAd6r/canNXgQAAAAA/gOV//9/tGjGIl4vO5z/AwAAwOfMtwZdY/+Dfb1r7LcX9yd39aIXzz6YXKkVU7Urvb5e89UbI3ZmDycHe4OUzdTwtbuTiBiuZ0eS/tUvP97fbT8qRzi8egHCQdf6T1qtkeT64ARi6wTKW/HdONaNOXa+257v39NdythsPp+N15vzj1WT3osjnVdeuPSNiGLp324sHEzi4qXlC+PPv7h8vszlejHK9Su9y8Mnt5DLSm8LxP2br/FI+UGM3nLHusutrF3/oe7sQ1svM1m7zDfjeDfm+Fi3HVu//qPFMqvjj1WjVjs41MnOdl5ZWbP2vSyqn3LN34wT3ZgTJ090m02ymFiXxQs3ZzGxNoudbYstsyj0s3j72Otn//6rZpJNbpfF5KfMAmCvXCyv+rNahQ6UVehfK11F/d9Qd/tXNd/0KPfFn/SOoRuOchdXn2X0519T64Zjd6r7m3GyDPnFye7zieHD6+rKE2VdqWxyRH/p0ku/7h3RH373hz/6+tHf/Hi1um04Rj/RfVYwOIt341Q3stfEvb+8qboVQ1TLLfu9DVX1nWKOdwZW1fb8RDISESv/c+Pu8nGKiInJqcrDlcojEzFSPlXoNYMz3b/zvQSAz5ttv2NnB9/C8/DmZ9XRr3j33nhLwXg8Hy/GcpyP0+WnDSLigc1HHVvzNoTT25y1jq35hpfT25xbrsZObIzdfyKJAbGTa7bY//+gbP5x+x4TALjdjm9Th3dS/0/3zrtj8/PuDbX8VPeLc/tnxzG4lm/mK7d7gwDAf4Gs9VEy1nkrabXyxWeq09PVWudMlraa9afTVj4zl6V5o5O16mdqjbksXWw1O816/wXxmaydtpcWF5sfd9LZZitdbLbzs+U3v6e9r35vZwu1xqtRby/OZ7V2ltabjU6t3kln8nY9XVx6cj5vn8la5cztxayez+b1WidvNtJ2c6lVz8bTtJ1lawLzmazRyWfzYrKRLrbyhVrrekTMLy1k6UzWrrfyxU6zO2B/WXljttlaqA1Y/T/fwU0NAJ8ZV1+7dvm55eULL6+fWEk29mw+8ccdxFyNWNnr1QQA1lhbpQEAAAAAAAAAAAAAgM+mmz+uV/Ru+5G+tRMjcQvBGyb2xyeZ6/M78aX3ug/Lbgy4yTj7tpzrrtWeA+se0329nWXvt88tTzz7+OOXB8U8+fqhM3/KIrYfZ/O/lKt337T3xlsHI/b99Pvdnifu1Jq+H921iOFbmn0l2SJmzw5JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDQvwMAAP//wexOyQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
keyctl$setperm(0x5, 0x0, 0x3000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000780), 0x83, 0x2)

12.947969347s ago: executing program 0 (id=1548):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x53, &(0x7f0000000000)={0x0, 0x0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = syz_clone(0xa1302400, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
ptrace(0x8, r4)
r5 = syz_pidfd_open(r4, 0x0)
process_mrelease(r5, 0x700000000000000)

12.712754944s ago: executing program 5 (id=1549):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
socket$packet(0x11, 0x2, 0x300)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0xb, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x48043)
r2 = dup(r0)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0xbffc, 0xe652, 0x2, 0x4, 0x48, 0xff}, 0x9c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c)
pipe2$9p(&(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r4, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a)
splice(r3, 0x0, r0, 0x0, 0xffff, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x10001fc, 0x6, 0xffff1896, 0x3, 0x26, 0xffffffb9, 0x1a}, 0x9c)

10.884000085s ago: executing program 6 (id=1551):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
setxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5421, &(0x7f0000000100)=0x9)
connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc008561c, 0x0)
r3 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280)=0x15)

10.062651628s ago: executing program 0 (id=1552):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r0, 0x0, 0xd0, 0x0, 0x0)

9.995202595s ago: executing program 2 (id=1553):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f00000002c0)={0x1f, 0x0, @any, 0xfffa}, 0xe)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000340)={r0, r0, 0xb, 0x24, &(0x7f0000000300)="6fd6137e49cd27ac39bb7bef28bdcd2d524581d6e6f5d76646d79cf73267d2442a769f70", 0xdf, 0x1, 0x5, 0x1, 0xc43, 0x3, 0xfffffb57, 'syz0\x00'})
r2 = socket(0x15, 0x5, 0x0)
getsockopt(r2, 0x200000000114, 0x2711, 0x0, &(0x7f0000000000))
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r3, 0x0, 0xd0, &(0x7f0000000600), 0x4)
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)

9.791129282s ago: executing program 5 (id=1556):
munmap(&(0x7f0000694000/0x3000)=nil, 0x3000)
mremap(&(0x7f00003fd000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil)
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)

8.703663832s ago: executing program 6 (id=1557):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000580)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
r4 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0x3, 0x80}, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x2, &(0x7f0000000300)=[r3], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x6000, @fd_index, 0x80000001, 0x0, 0x0, 0xf})
io_uring_enter(r4, 0x47f6, 0x0, 0x0, 0x0, 0x0)

7.45075116s ago: executing program 6 (id=1558):
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000000))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940))
socket$inet(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000002c0)='children\x00')
syz_open_procfs(0x0, &(0x7f0000000300)='task\x00')
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e26, @broadcast}, {0x2, 0x4e21, @local}, {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x4a, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x4, 0x8})
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES8=r0], 0x1c}, 0x1, 0x0, 0x0, 0x20000844}, 0x48885)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000000), 0xd)

7.29960608s ago: executing program 6 (id=1559):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB="040001"], 0x5c}, 0x1, 0x0, 0x0, 0x20000804}, 0x8000)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000080)={0x2001}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff)
r4 = syz_open_dev$vim2m(&(0x7f0000002c80), 0x0, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000000)={0x2, @meta={0x3854454d, 0x4b6a643f, 0x81ee, 0x4301, 0x487a6f19}})
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x103042, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
unlink(&(0x7f0000000280)='./file2\x00')
getdents64(r5, &(0x7f0000000380)=""/55, 0x37)
bind$tipc(r1, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff})
recvmsg$unix(r6, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x46}, 0x60000123)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x30, r3, 0x1, 0x0, 0x100000, {{}, {}, {0x14, 0x19, {0x2, 0x1, 0x0, 0x2000000}}}}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x1004)

7.083725313s ago: executing program 0 (id=1560):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f0000001140)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b", @ANYRES8, @ANYRESOCT, @ANYRESOCT, @ANYRESDEC], 0x6, 0x2c1, &(0x7f0000001880)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2rrAwMpOZzWSNMZHNyu1+Ps0++8zznfk9k4fsbJEnH748Obqfx8MnX/wSWZZEZxjDOEliEJ1ofBULht8EAPAsOymK+L2Y2SSXRES2vbIAgC1a7+9/d9786VLKAgC26N677729f3Bw550ssrg7+fp4VP5nX/6cHd9/GB/HOB7Ea9GP04jqQWE3qqeFsnm3KIppNy8N4uZkejwqk5MPntbn3/8tosrvRT8GVdfZ00aVf+vgzl4+08pPyzqer68/LPO3ox8vnoUX8reX5GOUxquvtOq/Ff34+aP4JMZxvypinv9yL8/fLL794/P3y/LKfDI9HvWqcXPFziW/NAAAAAAAAAAAAAAAAAAAAAAAXGG36r1zepHfiJuTsqvef2fnNNLy17wxWNyfZ5ZPmhO19wcqimJaxPetLQXzoh44z3fjpW57Y0EAAAAAAAAAAAAAAAAAAAC4vh5/+tnR4Xj84NGFNJrdALoR8ee9iP96nmGr50asHtyrr3k4Hnfq5sKYp2m7J3aaMUnEyjLKSVzQbfm3xnPna24aP/xYTnCTE2atnteXT3B3+/NqVtfRYbL8Wr1oerJ6kXyXRszHpLHmtdJ/OlTEJssvXXqov/Hc0xeqxnTFmEhWFfbGr7M7V/ck52eRVnd1aXy3brTi59bGWq97ZLP4398rkmq3jt723owAAAAAAAAAAAAAAAAAAOCam3/6d8nBJyujncJHgQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4Iubf/79BY1qH1xicxqPH//MUAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuAb+CgAA//8HIVi7")
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
inotify_init()
socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61122400000000006113340000000000bf1000000000000015000200091b00003d030100000000008701000000000000bc26000000000000bf67000000000000560300000ee600f06702000014000000160300000ee600f0bf050000000000000f610000000000006507f4ff02000400070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe7030586e3f640f9f7e9a73b761ad4f0952a70046270d2b6436fdeecd791614ed46de741eb8cf91c046ef9beca574b350021c7ec6ef130f53748068ca432dae4e248b22b9ad8b2811f67916a1764578cba4b069037bfb3362d5691ac397f7e207145d970f0d97867552629b146645c785fb77dbeca38e49a9d5221f1f45f0a25890d04d91a15a05ae7e7ed6252c3d6c1973fb858de1da70d67317e7872b0603ce47ed2c1520e71b527bb42aa2e20e1e85df73736ed0a782ab7e7278dd54358cfdf6313d40f926332623625b49626481054787ab2dff85a9bebd6b317f26c691a65aa97bb3d1506a3a565e9c7ea5ad4611d2d77ee8a5c1b23814a26b6a20061fbb65bdd03770fa849f2a29ba69f90625f42592a70ba890f7a92878ae73574c3a233ee5954119931a1905210715fa77a8795f2fbec3797cb90f59fe8a4abec25f40c87bf25b750bbaa"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)

7.083300349s ago: executing program 2 (id=1561):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x103}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_create_resource$binfmt(&(0x7f0000000000)='./file1\x00')
r4 = openat$binfmt(0xffffffffffffff9c, r3, 0x42, 0x1ff)
write$binfmt_script(r4, &(0x7f0000000080)={'#! ', './file1'}, 0xb)
close(r4)
execveat$binfmt(0xffffffffffffff9c, r3, 0x0, 0x0, 0x0)

6.974231712s ago: executing program 5 (id=1571):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
gettid()
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = inotify_init()
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast2, 0x1000}}}, 0x108)
socket$xdp(0x2c, 0x3, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

5.649882834s ago: executing program 2 (id=1562):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xbf5ce000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000018c0)=ANY=[@ANYBLOB="0a000000d2cf00003d36000002"], 0x48)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
listen(r4, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000380)={r3, &(0x7f0000001940), &(0x7f00000002c0)=""/187}, 0x20)

3.703426141s ago: executing program 5 (id=1563):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="05000000760000004600000001"], 0x50)
lsetxattr$security_capability(&(0x7f0000000000)='./cgroup/cgroup.procs\x00', &(0x7f0000000100), &(0x7f0000000140)=@v2={0x2000000, [{0x4, 0x3}, {0x4, 0x4}]}, 0x14, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r3, 0xffffffffffffffff, 0x0)

3.702544742s ago: executing program 6 (id=1574):
openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000)
r1 = socket$l2tp(0x2, 0x2, 0x73)
connect$inet(r1, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000180)={0x0, &(0x7f00000000c0)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000440)={0x0, 0x0, r3, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r2, 0xc01864b0, &(0x7f0000000000)={r3, r4, 0x1, 0x0, 0x1000000000000})

3.519332412s ago: executing program 0 (id=1564):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xbf5ce000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
setfsgid(0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000018c0)=ANY=[@ANYBLOB="0a000000d2cf00003d36000002"], 0x48)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
listen(r4, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000380)={r3, &(0x7f0000001940), &(0x7f00000002c0)=""/187}, 0x20)

3.197719055s ago: executing program 2 (id=1565):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000480)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x80800)
sendmmsg$alg(r2, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x10, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x1f}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2, 0x0, 0x0, 0xf5000000}, 0x0)

2.296023251s ago: executing program 5 (id=1566):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r3 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x7, 0x20002f7})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x5c8c, 0x0, @empty, @mcast1, 0x80, 0x0, 0x0, 0x20000000}})
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x2d, 0x0, 0x1f, 0x2}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x4)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)

2.180056342s ago: executing program 6 (id=1567):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
unshare(0x24020400)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x149002, 0x0)
write$P9_RSTATu(r1, &(0x7f00000004c0)={0x293, 0x7d, 0x0, {{0x500, 0xf0, 0x0, 0x5000000, {}, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x04nodev{cvfox\x92\xff\xff\xff\x81\x02\x00\x00\x00\x00\x001\xff\xce\xbc\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05\xf7\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00;Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x12, '\xcf\xc2\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3\x13\xf6\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x232)
r2 = socket$rxrpc(0x21, 0x2, 0xa)
connect$rxrpc(r2, &(0x7f0000000000)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @mcast1}}, 0x24)
sendmsg$inet(r2, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x18, 0x4c00}, 0x0)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0xfffffffffffffd90, &(0x7f0000000380)={&(0x7f0000000240)={0x14, r3, 0x701, 0x74bd2b, 0x0, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x20004074}, 0x0)

2.07526542s ago: executing program 2 (id=1568):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
syz_emit_vhci(&(0x7f00000002c0)=@HCI_SCODATA_PKT={0x3, {0xc9}}, 0x4)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x22020600)
r3 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfec9}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_UNLINKAT={0x24, 0x8, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0xc2e999eabd050ec2})
io_uring_enter(r3, 0xdb4, 0x0, 0x0, 0x0, 0x0)

885.031165ms ago: executing program 0 (id=1569):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
setxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5421, &(0x7f0000000100)=0x9)
connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc008561c, 0x0)
r3 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280)=0x15)

883.407615ms ago: executing program 5 (id=1570):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000000c0)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000180)=0x3)
r3 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r4 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r4, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r4, 0x40946400, &(0x7f00000000c0)={'mpc624\x00', [0x4fa7, 0x105, 0x2, 0x10000421, 0x0, 0xcc7, 0x7ffffffe, 0x5c952398, 0x5, 0x3ff, 0x2, 0x300, 0x1, 0x1, 0x9, 0x0, 0x100, 0x8, 0x48f3, 0x5, 0x80000089, 0xa, 0x1400000, 0x8001, 0xffffeadb, 0x3, 0x3d, 0x8, 0x4, 0x7ffffff, 0x485f]})

0s ago: executing program 2 (id=1572):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f00000002c0)={0x1f, 0x0, @any, 0xfffa}, 0xe)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000340)={r0, r0, 0xb, 0x24, &(0x7f0000000300)="6fd6137e49cd27ac39bb7bef28bdcd2d524581d6e6f5d76646d79cf73267d2442a769f70", 0xdf, 0x1, 0x5, 0x1, 0xc43, 0x3, 0xfffffb57, 'syz0\x00'})
r2 = socket(0x15, 0x5, 0x0)
getsockopt(r2, 0x200000000114, 0x2711, 0x0, &(0x7f0000000000))
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r3, 0x0, 0xd0, &(0x7f0000000600), 0x4)
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

atadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   96.463524][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1
[   96.470542][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   96.496718][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.525243][ T5825] team0: Port device team_slave_0 added
[   96.572138][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   96.584472][ T5825] team0: Port device team_slave_1 added
[   96.646298][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   96.671785][ T5829] team0: Port device team_slave_0 added
[   96.678123][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0
[   96.685111][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   96.711606][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   96.724552][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1
[   96.731887][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   96.758352][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.783465][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.790815][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.798173][ T5827] bridge_slave_0: entered allmulticast mode
[   96.806050][ T5827] bridge_slave_0: entered promiscuous mode
[   96.828682][ T5829] team0: Port device team_slave_1 added
[   96.899504][ T5824] hsr_slave_0: entered promiscuous mode
[   96.906284][ T5824] hsr_slave_1: entered promiscuous mode
[   96.914399][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.921985][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.929303][ T5827] bridge_slave_1: entered allmulticast mode
[   96.937130][ T5827] bridge_slave_1: entered promiscuous mode
[   96.974112][ T5826] team0: Port device team_slave_0 added
[   96.987489][ T5828] hsr_slave_0: entered promiscuous mode
[   96.994727][ T5828] hsr_slave_1: entered promiscuous mode
[   97.001177][ T5828] debugfs: 'hsr0' already exists in 'hsr'
[   97.007102][ T5828] Cannot create hsr debugfs directory
[   97.030466][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0
[   97.037616][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   97.064316][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   97.078423][ T5826] team0: Port device team_slave_1 added
[   97.133049][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1
[   97.140356][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   97.166644][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   97.261183][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   97.275531][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   97.286282][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0
[   97.293430][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   97.319645][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   97.338752][ T5825] hsr_slave_0: entered promiscuous mode
[   97.345389][ T5825] hsr_slave_1: entered promiscuous mode
[   97.351971][ T5825] debugfs: 'hsr0' already exists in 'hsr'
[   97.358057][ T5825] Cannot create hsr debugfs directory
[   97.403969][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1
[   97.411211][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   97.437375][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   97.597437][ T5829] hsr_slave_0: entered promiscuous mode
[   97.607831][ T5829] hsr_slave_1: entered promiscuous mode
[   97.614313][ T5829] debugfs: 'hsr0' already exists in 'hsr'
[   97.620134][ T5829] Cannot create hsr debugfs directory
[   97.628253][ T5827] team0: Port device team_slave_0 added
[   97.683105][ T5827] team0: Port device team_slave_1 added
[   97.836167][ T5826] hsr_slave_0: entered promiscuous mode
[   97.842951][ T5826] hsr_slave_1: entered promiscuous mode
[   97.849342][ T5826] debugfs: 'hsr0' already exists in 'hsr'
[   97.855066][ T5826] Cannot create hsr debugfs directory
[   97.898668][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0
[   97.905635][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   97.931861][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   97.997819][ T5832] Bluetooth: hci1: command tx timeout
[   98.016305][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1
[   98.023641][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   98.049840][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   98.158433][ T5832] Bluetooth: hci0: command tx timeout
[   98.163902][ T5832] Bluetooth: hci2: command tx timeout
[   98.170964][ T5842] Bluetooth: hci5: command tx timeout
[   98.170988][ T5837] Bluetooth: hci3: command tx timeout
[   98.176358][ T5842] Bluetooth: hci4: command tx timeout
[   98.295866][ T5827] hsr_slave_0: entered promiscuous mode
[   98.304292][ T5827] hsr_slave_1: entered promiscuous mode
[   98.310904][ T5827] debugfs: 'hsr0' already exists in 'hsr'
[   98.316682][ T5827] Cannot create hsr debugfs directory
[   98.560203][ T5828] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   98.575306][ T5828] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   98.602741][ T5828] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   98.631467][ T5828] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   98.741255][ T5824] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   98.759926][ T5824] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   98.772253][ T5824] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   98.785822][ T5824] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   98.938643][ T5827] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   98.950980][ T5827] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   98.973441][ T5827] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   99.011461][ T5827] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   99.087426][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0
[   99.113786][ T5825] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   99.127825][ T5825] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   99.141930][ T5825] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   99.161886][ T5825] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   99.212749][ T5828] 8021q: adding VLAN 0 to HW filter on device team0
[   99.269551][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.276988][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.294625][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0
[   99.315399][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.322563][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.368949][ T5829] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   99.400989][ T5829] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   99.431214][ T5829] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   99.472862][ T5829] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   99.493796][ T5824] 8021q: adding VLAN 0 to HW filter on device team0
[   99.562660][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.570059][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.583602][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.591203][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.692382][ T5826] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   99.724431][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0
[   99.742459][ T5826] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   99.756532][ T5826] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   99.797349][ T5826] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   99.903241][ T5824] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   99.937614][ T5827] 8021q: adding VLAN 0 to HW filter on device team0
[   99.969204][  T151] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.976389][  T151] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.005291][  T151] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.012566][  T151] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.078527][ T5842] Bluetooth: hci1: command tx timeout
[  100.154325][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.184950][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.216129][ T5825] 8021q: adding VLAN 0 to HW filter on device team0
[  100.235422][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.242647][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.256768][ T5842] Bluetooth: hci3: command tx timeout
[  100.258662][ T5837] Bluetooth: hci0: command tx timeout
[  100.263216][ T5842] Bluetooth: hci4: command tx timeout
[  100.269292][ T5839] Bluetooth: hci2: command tx timeout
[  100.279823][ T5832] Bluetooth: hci5: command tx timeout
[  100.300968][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.319884][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.327151][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.485519][ T5829] 8021q: adding VLAN 0 to HW filter on device team0
[  100.589187][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.596373][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.622007][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.629233][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.646816][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.676696][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.780485][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.790780][ T5828] veth0_vlan: entered promiscuous mode
[  100.870624][ T5828] veth1_vlan: entered promiscuous mode
[  100.951060][ T5826] 8021q: adding VLAN 0 to HW filter on device team0
[  100.971362][ T5824] veth0_vlan: entered promiscuous mode
[  101.000664][ T5828] veth0_macvtap: entered promiscuous mode
[  101.024197][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.031730][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.063718][ T5828] veth1_macvtap: entered promiscuous mode
[  101.091587][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.098801][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.130595][ T5824] veth1_vlan: entered promiscuous mode
[  101.231194][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0
[  101.284480][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.304524][ T5824] veth0_macvtap: entered promiscuous mode
[  101.351481][   T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.381242][   T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.402188][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.424838][   T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.436378][   T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.462522][ T5824] veth1_macvtap: entered promiscuous mode
[  101.496601][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0
[  101.554444][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.647034][   T81] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.674901][   T81] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.716943][   T81] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.732639][   T81] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.804503][   T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.821851][ T5825] veth0_vlan: entered promiscuous mode
[  101.829695][   T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.867419][ T5827] veth0_vlan: entered promiscuous mode
[  101.883350][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.926902][ T5825] veth1_vlan: entered promiscuous mode
[  101.935717][ T5827] veth1_vlan: entered promiscuous mode
[  101.957006][ T1150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.972304][ T1150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.018585][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0
[  102.167380][   T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.167973][ T5832] Bluetooth: hci1: command tx timeout
[  102.180600][ T5825] veth0_macvtap: entered promiscuous mode
[  102.199241][   T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.201353][ T5828] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  102.313520][ T5825] veth1_macvtap: entered promiscuous mode
[  102.319790][ T5837] Bluetooth: hci0: command tx timeout
[  102.325225][ T5837] Bluetooth: hci2: command tx timeout
[  102.330732][ T5839] Bluetooth: hci4: command tx timeout
[  102.336160][ T5839] Bluetooth: hci3: command tx timeout
[  102.341745][ T5832] Bluetooth: hci5: command tx timeout
[  102.376550][ T5827] veth0_macvtap: entered promiscuous mode
[  102.399688][ T5829] veth0_vlan: entered promiscuous mode
[  102.432697][   T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.442134][ T5827] veth1_macvtap: entered promiscuous mode
[  102.458699][   T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.495357][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.570193][ T5829] veth1_vlan: entered promiscuous mode
[  102.592612][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.645907][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.695241][  T161] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.734155][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.780196][  T161] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.853615][  T161] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.884306][  T161] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.913332][ T5826] veth0_vlan: entered promiscuous mode
[  102.927193][  T161] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.954722][ T5829] veth0_macvtap: entered promiscuous mode
[  102.984955][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.996960][   T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  103.014353][ T5829] veth1_macvtap: entered promiscuous mode
[  103.131679][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  103.161290][ T5826] veth1_vlan: entered promiscuous mode
[  103.299830][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0
[  104.472877][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1
[  104.522225][  T161] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.541241][  T161] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.338105][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  105.346742][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  105.355528][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  105.441911][  T161] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.456042][  T161] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.473016][ T1150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.488562][ T1150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.535459][  T161] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.574935][  T161] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.818567][ T5826] veth0_macvtap: entered promiscuous mode
[  105.843370][  T161] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.867787][  T161] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.893011][ T5826] veth1_macvtap: entered promiscuous mode
[  105.988614][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  106.149678][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.179175][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.251010][ T5981] capability: warning: `syz.0.10' uses deprecated v2 capabilities in a way that may be insecure
[  106.269887][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0
[  106.294492][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.341275][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.361019][ T5983] process 'syz.1.2' launched '/dev/fd/3' with NULL argv: empty string added
[  106.464310][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1
[  106.553722][   T81] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.586580][  T161] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.586995][   T81] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  106.598432][  T161] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.663196][   T81] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  106.747136][   T81] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.768182][ T5991] ref_ctr increment failed for inode: 0x18 offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff888038650c40
[  108.714302][ T5991] uprobe: syz.1.12:5991 failed to unregister, leaking uprobe
[  108.888020][ T5996] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.916594][ T5996] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.187420][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.197177][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.330126][ T6014] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  110.377517][ T6036] loop4: detected capacity change from 0 to 512
[  110.429239][ T6036] EXT4-fs: Ignoring removed bh option
[  110.510027][ T6036] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  110.617019][ T6036] EXT4-fs (loop4): 1 truncate cleaned up
[  110.688976][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880721d8000: rx timeout, send abort
[  110.749417][ T6036] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.766742][ T6041] syz_tun: entered allmulticast mode
[  110.791982][ T6040] syz_tun: left allmulticast mode
[  110.916638][ T6045] loop1: detected capacity change from 0 to 512
[  110.994478][ T6045] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  111.068898][ T6045] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  111.140333][ T6045] EXT4-fs (loop1): 1 truncate cleaned up
[  111.148535][ T6045] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.189727][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880721d9400: rx timeout, send abort
[  111.198813][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880721d8000: abort rx timeout. Force session deactivation
[  111.646865][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880721d9000: rx timeout, send abort
[  111.655639][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8880721d9000: 0x2ff00: (3) A timeout occurred and this is the connection abort to close the session.
[  111.664062][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  111.698307][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880721d9400: abort rx timeout. Force session deactivation
[  112.071536][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  112.168327][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  112.176080][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  112.276222][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  112.278531][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  112.624361][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.089207][ T6070] netlink: 4 bytes leftover after parsing attributes in process `syz.0.33'.
[  113.375950][ T6075] loop2: detected capacity change from 0 to 128
[  114.852840][ T6084] netlink: 28 bytes leftover after parsing attributes in process `syz.3.38'.
[  115.327228][ T6089] netlink: 14 bytes leftover after parsing attributes in process `syz.2.39'.
[  115.354934][ T5825] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.458117][ T5964] libceph: connect (1)[c::]:6789 error -101
[  115.479124][ T6088] ceph: No mds server is up or the cluster is laggy
[  115.493467][ T5964] libceph: mon0 (1)[c::]:6789 connect error
[  117.796733][ T6118] <
[  121.334931][ T6086] vlan2: entered allmulticast mode
[  121.342973][ T6086] bond0: entered allmulticast mode
[  121.348633][ T6086] bond_slave_0: entered allmulticast mode
[  121.354503][ T6086] bond_slave_1: entered allmulticast mode
[  121.498278][ T6089] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  121.623072][ T6089] bond_slave_0: left allmulticast mode
[  121.640002][ T6089] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  121.658725][ T6089] bond_slave_1: left allmulticast mode
[  121.679678][ T6089] bond0 (unregistering): Released all slaves
[  123.793268][ T6158] bridge0: the hash_elasticity option has been deprecated and is always 16
[  123.808377][ T6158] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.817791][ T6158] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.045435][   T30] audit: type=1800 audit(1772549439.051:2): pid=6160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.56" name="file0" dev="fuse" ino=0 res=0 errno=0
[  126.239361][ T6184] could not allocate digest TFM handle hmac(streebog512)
[  126.864767][ T6206] syzkaller0: entered promiscuous mode
[  126.895132][ T6206] syzkaller0: entered allmulticast mode
[  126.918670][ T6210] syzkaller0: entered promiscuous mode
[  126.930588][ T6210] syzkaller0: entered allmulticast mode
[  127.053126][ T6210] tipc: Started in network mode
[  127.064206][ T6210] tipc: Node identity 0e0d51e60aca, cluster identity 4711
[  127.082905][ T6210] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  127.113548][ T6208] tipc: Resetting bearer <eth:syzkaller0>
[  127.245777][ T6208] tipc: Disabling bearer <eth:syzkaller0>
[  127.317817][ T5910] IPVS: starting estimator thread 0...
[  127.346714][ T6221] IPVS: sed: FWM 3 0x00000003 - no destination available
[  127.461373][ T6224] IPVS: using max 25 ests per chain, 60000 per kthread
[  127.605804][ T6232] overlayfs: missing 'lowerdir'
[  127.661823][ T6232] hugetlbfs: syz.4.82 (6232): Using mlock ulimits for SHM_HUGETLB is obsolete
[  128.044465][ T6235] loop0: detected capacity change from 0 to 40427
[  128.261389][ T6235] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  128.268976][ T6235] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  128.377302][ T6235] F2FS-fs (loop0): invalid crc value
[  128.605499][ T6245] syz_tun: entered allmulticast mode
[  128.614134][ T6241] netlink: 4 bytes leftover after parsing attributes in process `syz.5.86'.
[  128.700631][ T6248] syz.4.88 uses obsolete (PF_INET,SOCK_PACKET)
[  128.704776][ T6235] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  128.734132][ T6235] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  128.742342][ T6235] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  128.877764][ T6241] syz_tun (unregistering): left allmulticast mode
[  129.059130][ T6244] netlink: 'syz.2.87': attribute type 10 has an invalid length.
[  129.085465][ T6261] netlink: 'syz.1.89': attribute type 1 has an invalid length.
[  129.105218][ T6244] netlink: 32 bytes leftover after parsing attributes in process `syz.2.87'.
[  129.108828][ T6261] netlink: 4 bytes leftover after parsing attributes in process `syz.1.89'.
[  129.162698][ T6244] Zero length message leads to an empty skb
[  129.164273][ T5828] syz-executor: attempt to access beyond end of device
[  129.164273][ T5828] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  129.219410][ T5828] CPU: 0 UID: 0 PID: 5828 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  129.219470][ T5828] Tainted: [L]=SOFTLOCKUP
[  129.219482][ T5828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  129.219504][ T5828] Call Trace:
[  129.219515][ T5828]  <TASK>
[  129.219528][ T5828]  dump_stack_lvl+0x100/0x190
[  129.219591][ T5828]  f2fs_handle_critical_error+0x5d7/0x970
[  129.219651][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.219697][ T5828]  ? f2fs_build_fault_attr+0x53/0x280
[  129.219755][ T5828]  f2fs_write_end_io+0xc3f/0xf30
[  129.219819][ T5828]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  129.219878][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.219925][ T5828]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  129.219976][ T5828]  bio_endio+0x7a3/0x910
[  129.220035][ T5828]  submit_bio_noacct+0x64c/0x2010
[  129.220095][ T5828]  f2fs_submit_write_bio+0x133/0x350
[  129.220153][ T5828]  __submit_merged_bio+0x331/0x7b0
[  129.220219][ T5828]  __submit_merged_write_cond+0x3fe/0x510
[  129.220290][ T5828]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  129.220362][ T5828]  ? __pfx___might_resched+0x10/0x10
[  129.220400][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.220455][ T5828]  f2fs_write_cache_pages+0x21c0/0x2720
[  129.220521][ T5828]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  129.220572][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.220616][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.220761][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.220805][ T5828]  ? rcu_is_watching+0x12/0xc0
[  129.220850][ T5828]  f2fs_write_data_pages+0x799/0x16d0
[  129.220906][ T5828]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  129.220963][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.221009][ T5828]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  129.221055][ T5828]  do_writepages+0x278/0x600
[  129.221123][ T5828]  ? __pfx_do_writepages+0x10/0x10
[  129.221174][ T5828]  ? do_raw_spin_unlock+0x145/0x1e0
[  129.221213][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.221257][ T5828]  ? _raw_spin_unlock+0x28/0x50
[  129.221300][ T5828]  filemap_writeback+0x22d/0x2e0
[  129.221359][ T5828]  ? __pfx_filemap_writeback+0x10/0x10
[  129.221412][ T5828]  ? check_noncircular+0x97/0x160
[  129.221514][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.221559][ T5828]  ? find_held_lock+0x2b/0x80
[  129.221600][ T5828]  ? f2fs_sync_dirty_inodes+0x38f/0x990
[  129.221645][ T5828]  ? f2fs_sync_dirty_inodes+0x38f/0x990
[  129.221687][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.221744][ T5828]  f2fs_sync_dirty_inodes+0x452/0x990
[  129.221804][ T5828]  block_operations+0x2a6/0xfc0
[  129.221846][ T5828]  ? check_noncircular+0x97/0x160
[  129.221905][ T5828]  ? __pfx_block_operations+0x10/0x10
[  129.221947][ T5828]  ? check_noncircular+0x97/0x160
[  129.222047][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.222131][ T5828]  ? ktime_get+0x200/0x300
[  129.222176][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.222223][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.222267][ T5828]  ? rcu_is_watching+0x12/0xc0
[  129.222313][ T5828]  f2fs_write_checkpoint+0x582/0x5550
[  129.222365][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.222409][ T5828]  ? _raw_spin_unlock_irq+0x2e/0x50
[  129.222446][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.222491][ T5828]  ? __wait_for_common+0x1f3/0x4c0
[  129.222533][ T5828]  ? __pfx_schedule_timeout+0x10/0x10
[  129.222601][ T5828]  ? __pfx___wait_for_common+0x10/0x10
[  129.222643][ T5828]  ? kasan_quarantine_put+0x104/0x240
[  129.222686][ T5828]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  129.222730][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.222785][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.222836][ T5828]  ? rcu_is_watching+0x12/0xc0
[  129.222873][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.222918][ T5828]  ? kthread_stop+0x280/0x680
[  129.222980][ T5828]  kill_f2fs_super+0x3e5/0x490
[  129.223025][ T5828]  ? __pfx_kill_f2fs_super+0x10/0x10
[  129.223093][ T5828]  ? lockdep_hardirqs_on+0x78/0x100
[  129.223136][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.223182][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.223242][ T5828]  deactivate_locked_super+0xc1/0x1b0
[  129.223285][ T5828]  deactivate_super+0xe7/0x110
[  129.223329][ T5828]  cleanup_mnt+0x21f/0x450
[  129.223382][ T5828]  task_work_run+0x150/0x240
[  129.223420][ T5828]  ? __pfx_task_work_run+0x10/0x10
[  129.223456][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.223502][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  129.223556][ T5828]  exit_to_user_mode_loop+0x100/0x4a0
[  129.223619][ T5828]  do_syscall_64+0x67c/0xf80
[  129.223662][ T5828]  ? irqentry_exit+0x138/0x670
[  129.223709][ T5828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.223747][ T5828] RIP: 0033:0x7fdee4d9d9d7
[  129.223777][ T5828] Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  129.223812][ T5828] RSP: 002b:00007ffd126b8128 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  129.223846][ T5828] RAX: 0000000000000000 RBX: 00007fdee4e31f90 RCX: 00007fdee4d9d9d7
[  129.223869][ T5828] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd126b81e0
[  129.223892][ T5828] RBP: 00007ffd126b81e0 R08: 00007ffd126b91e0 R09: 00000000ffffffff
[  129.223915][ T5828] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd126b9270
[  129.223938][ T5828] R13: 00007fdee4e31f90 R14: 000000000001f7ef R15: 00007ffd126b92b0
[  129.223987][ T5828]  </TASK>
[  129.224001][ T5828] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  129.815899][ T6273] binder: BINDER_SET_CONTEXT_MGR already set
[  129.823473][ T6273] binder: 6272:6273 ioctl 4018620d 200000000200 returned -16
[  132.206616][ T6295] netlink: 176 bytes leftover after parsing attributes in process `syz.5.102'.
[  132.256611][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  132.263232][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  132.318287][ T6294] Bluetooth: MGMT ver 1.23
[  134.279027][ T6306] binder: BINDER_SET_CONTEXT_MGR already set
[  134.287787][ T6306] binder: 6302:6306 ioctl 4018620d 200000000040 returned -16
[  134.333971][ T6306] binder: 6302:6306 ioctl c0306201 2000000003c0 returned -14
[  134.518594][ T5801] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  134.847886][ T5801] usb 4-1: Using ep0 maxpacket: 16
[  135.630480][ T5801] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=28.00
[  135.640093][ T5801] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.732552][ T5801] usb 4-1: config 0 descriptor??
[  135.826040][ T5801] usb 4-1: can't set config #0, error -71
[  135.911257][ T5801] usb 4-1: USB disconnect, device number 2
[  136.813396][ T6329] loop5: detected capacity change from 0 to 512
[  136.874634][ T6329] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  138.600627][ T6341] netlink: 12 bytes leftover after parsing attributes in process `syz.2.115'.
[  138.630742][ T6329] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  138.816822][ T6329] EXT4-fs (loop5): 1 truncate cleaned up
[  138.890324][ T6329] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.960316][ T6329] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.896760][   T30] audit: type=1326 audit(1772549455.901:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6384 comm="syz.4.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a0779c799 code=0x7ffc0000
[  140.958884][   T30] audit: type=1326 audit(1772549455.901:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6384 comm="syz.4.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f9a0779c799 code=0x7ffc0000
[  141.113977][   T30] audit: type=1326 audit(1772549455.901:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6384 comm="syz.4.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a0779c799 code=0x7ffc0000
[  141.303249][   T30] audit: type=1326 audit(1772549455.911:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6384 comm="syz.4.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f9a0779c799 code=0x7ffc0000
[  141.440593][   T30] audit: type=1326 audit(1772549455.911:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6384 comm="syz.4.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a0779c799 code=0x7ffc0000
[  141.503747][   T30] audit: type=1326 audit(1772549455.911:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6384 comm="syz.4.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a0779c799 code=0x7ffc0000
[  141.649756][ T6397] 8021q: adding VLAN 0 to HW filter on device bond1
[  141.704270][   T30] audit: type=1326 audit(1772549455.911:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6384 comm="syz.4.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f9a0779c799 code=0x7ffc0000
[  141.820728][   T30] audit: type=1326 audit(1772549455.911:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6384 comm="syz.4.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a0779c799 code=0x7ffc0000
[  141.968946][   T30] audit: type=1326 audit(1772549455.911:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6384 comm="syz.4.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a0779c799 code=0x7ffc0000
[  142.115624][   T30] audit: type=1326 audit(1772549455.911:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6384 comm="syz.4.128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7f9a0779c799 code=0x7ffc0000
[  142.695034][   T10] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  143.477754][   T10] usb 1-1: Using ep0 maxpacket: 32
[  143.494155][   T10] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  143.521134][   T10] usb 1-1: config 0 has no interface number 0
[  143.550695][   T10] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  143.590969][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.636714][   T10] usb 1-1: Product: syz
[  143.690727][   T10] usb 1-1: Manufacturer: syz
[  143.733417][   T10] usb 1-1: SerialNumber: syz
[  143.881867][   T10] usb 1-1: config 0 descriptor??
[  146.566043][ T6406] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  146.643856][ T6406] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  146.970502][   T10] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): EEPROM is busy
[  147.431198][   T10] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  147.454158][   T10] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71
[  147.497470][   T10] usb 1-1: USB disconnect, device number 2
[  155.359365][ T6504] loop3: detected capacity change from 0 to 512
[  157.887240][ T6527] Set syz0 is full, maxelem 0 reached
[  160.441366][ T6541] netlink: 'syz.2.171': attribute type 30 has an invalid length.
[  160.595451][ T6541] bond0: option arp_missed_max: invalid value (0)
[  160.602169][ T6541] bond0: option arp_missed_max: allowed values 1 - 255
[  160.655143][ T6541] bond0 (unregistering): Released all slaves
[  162.130723][ T6563] loop2: detected capacity change from 0 to 512
[  163.333846][ T6563] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.437985][ T6563] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.212978][ T6563] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  165.735256][ T6585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.676469][ T6596] netlink: 12 bytes leftover after parsing attributes in process `syz.4.188'.
[  168.316018][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  168.316047][   T30] audit: type=1326 audit(1772549483.081:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6604 comm="syz.1.193" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd394b9c799 code=0x0
[  169.386849][   T30] audit: type=1326 audit(1772549484.351:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6601 comm="syz.5.192" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1a8559c799 code=0x0
[  169.804114][ T6626] netlink: 12 bytes leftover after parsing attributes in process `syz.2.196'.
[  170.697961][ T6645] netlink: 'syz.1.203': attribute type 4 has an invalid length.
[  173.682788][ T6667] loop1: detected capacity change from 0 to 256
[  177.035197][ T6684] =======================================================
[  177.035197][ T6684] WARNING: The mand mount option has been deprecated and
[  177.035197][ T6684]          and is ignored by this kernel. Remove the mand
[  177.035197][ T6684]          option from the mount to silence this warning.
[  177.035197][ T6684] =======================================================
[  179.253385][ T6711] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  182.611836][ T6748] loop3: detected capacity change from 0 to 256
[  182.761150][ T6748] exfat: Bad value for 'uid'
[  182.767716][ T6748] exfat: Bad value for 'uid'
[  183.005431][ T6754] netlink: 'syz.4.237': attribute type 1 has an invalid length.
[  183.225225][ T6760] bond1: entered promiscuous mode
[  183.279532][ T6760] bond1: entered allmulticast mode
[  183.308257][ T6760] 8021q: adding VLAN 0 to HW filter on device bond1
[  183.446029][ T6763] bridge1: entered promiscuous mode
[  183.453992][ T6763] bridge1: entered allmulticast mode
[  183.465121][ T6763] bond1: (slave bridge1): Enslaving as a backup interface with a down link
[  184.203889][ T6786] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  184.304596][ T5837] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci5/hci5:201'
[  184.314748][ T5837] CPU: 0 UID: 0 PID: 5837 Comm: kworker/u9:3 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  184.314807][ T5837] Tainted: [L]=SOFTLOCKUP
[  184.314820][ T5837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  184.314844][ T5837] Workqueue: hci5 hci_rx_work
[  184.314892][ T5837] Call Trace:
[  184.314903][ T5837]  <TASK>
[  184.314917][ T5837]  dump_stack_lvl+0x100/0x190
[  184.314976][ T5837]  sysfs_warn_dup.cold+0x1c/0x28
[  184.315030][ T5837]  sysfs_create_dir_ns+0x24b/0x2b0
[  184.315077][ T5837]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  184.315121][ T5837]  ? find_held_lock+0x2b/0x80
[  184.315165][ T5837]  ? kobject_add_internal+0x25f/0x930
[  184.315219][ T5837]  ? kobject_add_internal+0x25f/0x930
[  184.315275][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  184.315321][ T5837]  ? do_raw_spin_unlock+0x145/0x1e0
[  184.315363][ T5837]  kobject_add_internal+0x2c8/0x930
[  184.315423][ T5837]  kobject_add+0x16a/0x1e0
[  184.315473][ T5837]  ? __pfx_kobject_add+0x10/0x10
[  184.315520][ T5837]  ? class_to_subsys+0x10f/0x150
[  184.315585][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  184.315633][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  184.315678][ T5837]  ? kobject_put+0xb9/0x640
[  184.315723][ T5837]  ? _raw_spin_unlock+0x28/0x50
[  184.315774][ T5837]  device_add+0x294/0x1950
[  184.315834][ T5837]  ? __pfx_dev_set_name+0x10/0x10
[  184.315882][ T5837]  ? __pfx_device_add+0x10/0x10
[  184.315940][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  184.315985][ T5837]  ? mgmt_send_event_skb+0x2fb/0x460
[  184.316036][ T5837]  hci_conn_add_sysfs+0x1a3/0x260
[  184.316083][ T5837]  le_conn_complete_evt+0x11cb/0x1f40
[  184.316158][ T5837]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  184.316219][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  184.316281][ T5837]  hci_le_enh_conn_complete_evt+0x23d/0x3b0
[  184.316348][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  184.316393][ T5837]  ? skb_pull_data+0x15f/0x1e0
[  184.316456][ T5837]  hci_le_meta_evt+0x34a/0x5f0
[  184.316497][ T5837]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  184.316568][ T5837]  hci_event_packet+0x682/0x11c0
[  184.316606][ T5837]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  184.316649][ T5837]  ? __pfx_hci_event_packet+0x10/0x10
[  184.316687][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  184.316736][ T5837]  ? kcov_remote_start+0x374/0x660
[  184.316783][ T5837]  ? lockdep_hardirqs_on+0x78/0x100
[  184.316827][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  184.316891][ T5837]  hci_rx_work+0x451/0xfc0
[  184.316939][ T5837]  process_one_work+0x9d7/0x1920
[  184.316996][ T5837]  ? __pfx_process_one_work+0x10/0x10
[  184.317029][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  184.317090][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  184.317142][ T5837]  worker_thread+0x5da/0xe40
[  184.317195][ T5837]  ? kthread+0x13a/0x450
[  184.317249][ T5837]  ? __pfx_worker_thread+0x10/0x10
[  184.317282][ T5837]  kthread+0x370/0x450
[  184.317337][ T5837]  ? __pfx_kthread+0x10/0x10
[  184.317396][ T5837]  ret_from_fork+0x754/0xd80
[  184.317459][ T5837]  ? __pfx_ret_from_fork+0x10/0x10
[  184.317517][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  184.317562][ T5837]  ? rcu_is_watching+0x12/0xc0
[  184.317601][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  184.317649][ T5837]  ? __switch_to+0x7b4/0x1120
[  184.317690][ T5837]  ? __pfx_kthread+0x10/0x10
[  184.317750][ T5837]  ret_from_fork_asm+0x1a/0x30
[  184.317816][ T5837]  </TASK>
[  184.897865][ T5837] kobject: kobject_add_internal failed for hci5:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  184.913585][ T5837] Bluetooth: hci5: failed to register connection device
[  188.321813][ T6838] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  188.338825][ T6838] VFS: Can't find a romfs filesystem on dev nullb0.
[  188.338825][ T6838] 
[  190.939668][ T6844] netlink: 'syz.3.263': attribute type 39 has an invalid length.
[  193.692651][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  193.700578][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  198.137306][ T6900] netlink: set zone limit has 4 unknown bytes
[  200.338845][ T6909] netlink: 12 bytes leftover after parsing attributes in process `syz.4.278'.
[  201.493423][ T6909] 8021q: adding VLAN 0 to HW filter on device bond2
[  201.830826][ T6913] 8021q: adding VLAN 0 to HW filter on device bond2
[  201.886953][ T6913] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  201.999572][ T6913] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  202.931660][ T6915] macvlan2: entered promiscuous mode
[  202.937120][ T6915] macvlan2: entered allmulticast mode
[  202.963734][ T6915] bond2: (slave macvlan2): Error -98 calling set_mac_address
[  206.023256][ T6964] binder: BINDER_SET_CONTEXT_MGR already set
[  206.029668][ T6964] binder: 6958:6964 ioctl 4018620d 200000004a80 returned -16
[  214.867736][ T7025] 9pnet: p9_errstr2errno: server reported unknown error 0x000000000
[  216.320183][ T5837] Bluetooth: hci0: command 0x0000 tx timeout
[  216.328316][ T5840] Bluetooth: hci2: command 0x0406 tx timeout
[  216.330526][ T5839] Bluetooth: hci3: command 0x0406 tx timeout
[  216.334361][ T5840] Bluetooth: hci4: command 0x0406 tx timeout
[  216.340664][    C0] vcan0: j1939_tp_rxtimer: 0xffff88806e2d8c00: rx timeout, send abort
[  216.346565][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  216.367835][ T5842] Bluetooth: hci5: command 0x0406 tx timeout
[  216.801789][ T6009] libceph: connect (1)[c::]:6789 error -101
[  216.817909][ T6009] libceph: mon0 (1)[c::]:6789 connect error
[  216.835958][    C0] vcan0: j1939_tp_rxtimer: 0xffff88806e2d9400: rx timeout, send abort
[  216.854849][    C0] vcan0: j1939_tp_rxtimer: 0xffff88806e2d8c00: abort rx timeout. Force session deactivation
[  216.900809][ T7082] loop3: detected capacity change from 0 to 1024
[  216.947606][ T7073] ceph: No mds server is up or the cluster is laggy
[  217.005326][ T7082] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  217.018297][ T7082] ext4 filesystem being mounted at /56/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  217.256916][    C0] vcan0: j1939_tp_rxtimer: 0xffff88806e2db400: rx timeout, send abort
[  217.267943][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88806e2db400: 0x2ff00: (3) A timeout occurred and this is the connection abort to close the session.
[  217.344243][    C0] vcan0: j1939_tp_rxtimer: 0xffff88806e2d9400: abort rx timeout. Force session deactivation
[  217.372593][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  217.887304][ T7104] <
[  219.296246][ T7113] loop3: detected capacity change from 0 to 4096
[  219.418443][ T7113] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.629022][ T7113] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.043451][ T7132] overlayfs: failed to clone upperpath
[  222.301313][ T7155] netlink: 'syz.2.356': attribute type 1 has an invalid length.
[  222.574153][ T7155] bond0: entered promiscuous mode
[  222.680165][ T7155] 8021q: adding VLAN 0 to HW filter on device bond0
[  223.803550][ T7157] bond0: (slave gretap1): making interface the new active one
[  223.824993][ T7157] gretap1: entered promiscuous mode
[  223.865386][ T7157] bond0: (slave gretap1): Enslaving as an active interface with an up link
[  228.026891][ T7211] tipc: Enabled bearer <udp:syz2>, priority 10
[  228.105753][ T7211] tipc: Enabled bearer <eth:veth0_macvtap>, priority 0
[  228.218412][ T7214] netlink: 12 bytes leftover after parsing attributes in process `syz.5.376'.
[  229.650039][ T5964] tipc: Node number set to 80171494
[  234.321188][ T7259] syz.1.389 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  238.245823][ T7279] xt_CT: No such helper "snmp_trap"
[  240.475016][ T7300] netlink: 24 bytes leftover after parsing attributes in process `syz.4.403'.
[  241.303146][ T7319] netlink: 'syz.3.409': attribute type 4 has an invalid length.
[  242.449794][ T7324] loop0: detected capacity change from 0 to 512
[  242.770952][ T7324] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.879373][ T7324] ext4 filesystem being mounted at /57/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  243.463846][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.594673][ T7412] tipc: Started in network mode
[  252.617872][ T7412] tipc: Node identity aaaaaaaaaa34, cluster identity 4711
[  252.672970][ T7412] tipc: Enabled bearer <eth:macvlan0>, priority 10
[  253.857890][ T5945] tipc: Node number set to 10398378
[  253.956068][ T7440] Device name cannot be null; rc = [-22]
[  255.155114][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  255.163987][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  255.468261][ T7456] loop1: detected capacity change from 0 to 512
[  255.548666][ T7456] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  255.564877][ T7456] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  255.798460][ T7464] overlayfs: failed to clone upperpath
[  256.287886][ T5825] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  258.513842][ T7493] loop0: detected capacity change from 0 to 4096
[  258.961057][ T7493] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  259.475903][ T7493] ntfs3(loop0): ino=1a, mi_enum_attr
[  259.483904][ T7493] ntfs3(loop0): ino=1a, mi_enum_attr
[  259.489578][ T7493] ntfs3(loop0): Failed to initialize $Extend/$Reparse.
[  259.846799][ T7493] ntfs3(loop0): ino=1a, mi_enum_attr
[  261.746335][    T9] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  262.048011][    T9] usb 2-1: Using ep0 maxpacket: 32
[  262.119793][    T9] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  262.577713][    T9] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  262.618194][    T9] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  262.627298][    T9] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  262.668974][    T9] usb 2-1: Product: syz
[  262.673208][    T9] usb 2-1: Manufacturer: syz
[  262.749540][    T9] hub 2-1:4.0: USB hub found
[  263.017774][    T9] hub 2-1:4.0: 5 ports detected
[  263.078590][    T9] hub 2-1:4.0: insufficient power available to use all downstream ports
[  263.698233][    T9] hub 2-1:4.0: set hub depth failed
[  263.734710][    T9] usb 2-1: USB disconnect, device number 2
[  264.595955][ T7549] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  264.773278][ T7557] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  265.869464][ T7557] tipc: Enabled bearer <udp:syz0>, priority 10
[  266.560909][ T7566] netlink: 'syz.1.479': attribute type 27 has an invalid length.
[  266.568861][ T7566] netlink: 'syz.1.479': attribute type 4 has an invalid length.
[  266.576514][ T7566] netlink: 144 bytes leftover after parsing attributes in process `syz.1.479'.
[  270.755789][ T7594] xt_TPROXY: Can be used only with -p tcp or -p udp
[  271.680781][ T7596] netlink: 'syz.2.489': attribute type 1 has an invalid length.
[  271.832321][ T7596] 8021q: adding VLAN 0 to HW filter on device bond1
[  271.936777][ T7601] vlan1: entered allmulticast mode
[  272.003170][ T7601] veth0_to_bond: entered allmulticast mode
[  272.080103][ T7601] bond1: (slave vlan1): Enslaving as an active interface with a down link
[  272.622527][ T7618] loop1: detected capacity change from 0 to 256
[  272.630085][ T7618] exfat: Deprecated parameter 'utf8'
[  272.637503][ T7618] exfat: Deprecated parameter 'utf8'
[  272.643403][ T7618] exfat: Deprecated parameter 'utf8'
[  272.943820][ T7618] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  273.719032][ T7621] overlayfs: failed to clone upperpath
[  273.869662][   T30] audit: type=1800 audit(2000000089.970:17): pid=7623 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.498" name="nullb0" dev="tmpfs" ino=453 res=0 errno=0
[  273.892615][ T7625] loop1: detected capacity change from 0 to 256
[  273.982233][ T7625] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x1d73664b, utbl_chksum : 0xe619d30d)
[  274.237383][ T7625] exFAT-fs (loop1): valid_size(150994954) is greater than size(10)
[  274.282051][ T7633] trusted_key: encrypted_key: key user:syz not found
[  274.632817][ T7640] overlayfs: failed to clone upperpath
[  274.693724][ T7643] io-wq is not configured for unbound workers
[  276.296981][ T7653] loop1: detected capacity change from 0 to 512
[  276.348258][ T7650] overlayfs: failed to clone upperpath
[  276.354051][ T7653] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  280.219594][ T7677] xt_CT: You must specify a L4 protocol and not use inversions on it
[  280.998533][ T7676] netlink: 'syz.1.514': attribute type 1 has an invalid length.
[  281.228286][ T7676] 8021q: adding VLAN 0 to HW filter on device bond1
[  281.597991][ T7680] vlan2: entered allmulticast mode
[  281.611287][ T7680] veth0_to_bond: entered allmulticast mode
[  282.479833][ T7680] bond1: (slave vlan2): making interface the new active one
[  282.510398][ T7680] bond1: (slave vlan2): Enslaving as an active interface with an up link
[  284.452076][ T7703] overlayfs: failed to clone upperpath
[  291.701336][ T7754] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  294.622596][ T7779] xt_TPROXY: Can be used only with -p tcp or -p udp
[  297.010830][ T7788] netlink: 4 bytes leftover after parsing attributes in process `syz.2.546'.
[  300.070041][ T7818] input: syz1 as /devices/virtual/input/input5
[  303.328031][ T7842] tipc: Started in network mode
[  303.332977][ T7842] tipc: Node identity aaaaaaaaaa34, cluster identity 4711
[  303.480271][ T7842] tipc: Enabled bearer <eth:macvlan0>, priority 10
[  304.770362][ T5835] tipc: Node number set to 10398378
[  315.317166][ T7934] loop0: detected capacity change from 0 to 256
[  315.325040][ T7934] exfat: Deprecated parameter 'utf8'
[  315.330507][ T7934] exfat: Deprecated parameter 'utf8'
[  315.337285][ T7934] exfat: Deprecated parameter 'utf8'
[  315.448347][ T7936] Device name cannot be null; rc = [-22]
[  316.561444][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  316.798301][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  316.878226][ T7934] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  322.525015][ T7995] syz_tun: entered allmulticast mode
[  323.622912][ T7989] orangefs_mount: mount request failed with -4
[  323.628734][ T7992] netlink: 4 bytes leftover after parsing attributes in process `syz.4.600'.
[  323.873674][ T7992] syz_tun (unregistering): left allmulticast mode
[  324.947761][ T8012] Device name cannot be null; rc = [-22]
[  327.459427][ T8016] could not allocate digest TFM handle hmac(streebog512)
[  328.324157][ T8038] netlink: 12 bytes leftover after parsing attributes in process `syz.1.612'.
[  329.566696][ T8045] bond2: (slave vcan1): refused to change device type
[  332.278669][ T8066] xt_socket: unknown flags 0x50
[  337.581071][ T8098] 9p: Bad value for 'rfdno'
[  337.817908][ T5917] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  337.989793][ T5917] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  338.081081][ T5917] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  338.099956][ T8106] netlink: 20 bytes leftover after parsing attributes in process `syz.0.629'.
[  338.183381][ T5917] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  338.317949][ T5917] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  338.409901][ T5917] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  338.592814][ T5917] usb 2-1: config 0 descriptor??
[  340.195722][ T5917] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  340.531507][ T8099] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  341.338801][ T8099] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  341.540327][ T6009] usb 2-1: USB disconnect, device number 3
[  342.769372][ T8129] netlink: 4 bytes leftover after parsing attributes in process `syz.5.635'.
[  345.044833][ T8153] netlink: 'syz.5.642': attribute type 7 has an invalid length.
[  350.455352][ T8182] netlink: 'syz.3.650': attribute type 2 has an invalid length.
[  352.369631][ T5929] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  352.527804][ T5929] usb 2-1: Using ep0 maxpacket: 8
[  352.535594][ T5929] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  352.547189][ T5929] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  352.636716][ T5929] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  352.646612][ T5929] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  352.655373][ T5929] usb 2-1: Product: syz
[  353.605442][ T5929] usb 2-1: Manufacturer: syz
[  353.610955][ T5929] usb 2-1: SerialNumber: syz
[  354.217807][ T5929] usb 2-1: can't set config #1, error -71
[  355.095287][ T5929] usb 2-1: USB disconnect, device number 4
[  359.749789][ T8241] loop0: detected capacity change from 0 to 512
[  360.659178][ T8241] EXT4-fs: Ignoring removed nomblk_io_submit option
[  361.020348][ T8249] IPv6: NLM_F_CREATE should be specified when creating new route
[  361.029742][ T8249] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  361.037360][ T8249] IPv6: NLM_F_CREATE should be set when creating new route
[  361.510606][ T8241] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  361.779143][ T8241] EXT4-fs (loop0): 1 truncate cleaned up
[  362.769169][ T8241] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  363.285234][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.869098][ T8293] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  370.747964][ T6009] usb 2-1: new low-speed USB device number 5 using dummy_hcd
[  372.873083][ T6009] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  372.948329][ T6009] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.060591][ T8327] netlink: 4 bytes leftover after parsing attributes in process `syz.0.701'.
[  373.239811][ T6009] usb 2-1: config 0 descriptor??
[  373.944308][ T6009] asix 2-1:0.0: probe with driver asix failed with error -22
[  375.063159][ T5964] usb 2-1: USB disconnect, device number 5
[  378.038244][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  378.055629][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  385.423316][ T8409] netlink: 4 bytes leftover after parsing attributes in process `syz.2.713'.
[  387.114103][ T8419] netlink: 12 bytes leftover after parsing attributes in process `syz.5.716'.
[  387.427907][ T8419] bond1: (slave vcan1): refused to change device type
[  389.053790][ T8434] netlink: 'syz.5.721': attribute type 3 has an invalid length.
[  389.061650][ T8434] netlink: 'syz.5.721': attribute type 3 has an invalid length.
[  389.108029][ T8434] netlink: 'syz.5.721': attribute type 10 has an invalid length.
[  389.147005][ T8434] 8021q: adding VLAN 0 to HW filter on device team0
[  389.764037][ T8434] bond0: (slave team0): Enslaving as an active interface with an up link
[  393.720340][ T5842] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  393.740475][ T5842] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  393.749860][ T5842] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  393.766047][ T5842] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  393.789770][ T5842] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  395.968378][ T5832] Bluetooth: hci6: command tx timeout
[  397.323364][ T8492] ceph: No mds server is up or the cluster is laggy
[  397.448774][ T8468] chnl_net:caif_netlink_parms(): no params data found
[  397.999346][ T5832] Bluetooth: hci6: command tx timeout
[  398.821940][  T151] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.168034][ T8523] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  400.207798][ T5832] Bluetooth: hci6: command tx timeout
[  402.237844][ T5832] Bluetooth: hci6: command tx timeout
[  402.357551][  T151] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  402.979885][ T8547] openvswitch: netlink: Message has 592 unknown bytes.
[  402.986792][ T8547] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  403.292780][  T151] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.412291][  T151] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.853734][ T8468] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.861494][ T8468] bridge0: port 1(bridge_slave_0) entered disabled state
[  403.869271][ T8468] bridge_slave_0: entered allmulticast mode
[  403.878049][ T8468] bridge_slave_0: entered promiscuous mode
[  403.915133][ T8468] bridge0: port 2(bridge_slave_1) entered blocking state
[  403.924061][ T8468] bridge0: port 2(bridge_slave_1) entered disabled state
[  403.938502][ T8468] bridge_slave_1: entered allmulticast mode
[  404.339643][ T8468] bridge_slave_1: entered promiscuous mode
[  405.557109][ T8468] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  405.639277][ T8468] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  405.651631][  T151] bridge_slave_1: left allmulticast mode
[  405.659757][  T151] bridge_slave_1: left promiscuous mode
[  405.667884][  T151] bridge0: port 2(bridge_slave_1) entered disabled state
[  405.726478][  T151] bridge_slave_0: left allmulticast mode
[  405.753658][  T151] bridge_slave_0: left promiscuous mode
[  405.782788][  T151] bridge0: port 1(bridge_slave_0) entered disabled state
[  406.609753][  T151] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  407.306865][  T151] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  407.318737][  T151] bond0 (unregistering): Released all slaves
[  407.373907][  T151] bond1 (unregistering): (slave vlan2): Releasing active interface
[  407.422797][  T151] bond1 (unregistering): Released all slaves
[  407.538817][  T151] bond2 (unregistering): Released all slaves
[  409.600154][ T8468] team0: Port device team_slave_0 added
[  409.643149][ T8468] team0: Port device team_slave_1 added
[  409.739790][  T151] tipc: Disabling bearer <udp:syz2>
[  409.770441][  T151] tipc: Disabling bearer <eth:veth0_macvtap>
[  409.840021][ T8610] netlink: 4 bytes leftover after parsing attributes in process `syz.4.772'.
[  409.858015][  T151] tipc: Left network mode
[  409.948370][ T8468] batman_adv: batadv0: Adding interface: batadv_slave_0
[  409.957310][ T8468] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  410.025791][ T8468] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  410.111038][ T8619] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  410.118267][ T8619] overlayfs: failed to set xattr on upper
[  410.123980][ T8619] overlayfs: ...falling back to redirect_dir=nofollow.
[  410.130876][ T8619] overlayfs: ...falling back to index=off.
[  410.136673][ T8619] overlayfs: ...falling back to uuid=null.
[  410.404906][ T8622] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[  410.422477][ T8468] batman_adv: batadv0: Adding interface: batadv_slave_1
[  410.468334][ T8468] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  410.701639][ T8468] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  414.268403][ T8468] hsr_slave_0: entered promiscuous mode
[  414.299071][ T8468] hsr_slave_1: entered promiscuous mode
[  414.317170][ T8468] debugfs: 'hsr0' already exists in 'hsr'
[  414.337862][ T8468] Cannot create hsr debugfs directory
[  415.083414][  T151] hsr_slave_0: left promiscuous mode
[  415.373529][  T151] hsr_slave_1: left promiscuous mode
[  416.228840][  T151] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  416.236310][  T151] batman_adv: batadv0: Removing interface: batadv_slave_0
[  416.328965][  T151] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  416.519837][  T151] batman_adv: batadv0: Removing interface: batadv_slave_1
[  416.749118][  T151] veth1_macvtap: left promiscuous mode
[  416.780685][  T151] veth0_macvtap: left promiscuous mode
[  417.523924][  T151] veth1_vlan: left promiscuous mode
[  417.529333][  T151] veth0_vlan: left promiscuous mode
[  420.498345][  T151] team0 (unregistering): Port device team_slave_1 removed
[  420.570979][  T151] team0 (unregistering): Port device team_slave_0 removed
[  426.259539][ T8468] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  426.349455][ T8468] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  426.640725][ T8468] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  427.914285][ T8468] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  430.421120][ T8468] 8021q: adding VLAN 0 to HW filter on device bond0
[  430.520352][ T8468] 8021q: adding VLAN 0 to HW filter on device team0
[  430.580636][  T151] bridge0: port 1(bridge_slave_0) entered blocking state
[  430.588027][  T151] bridge0: port 1(bridge_slave_0) entered forwarding state
[  430.660331][ T1150] bridge0: port 2(bridge_slave_1) entered blocking state
[  430.667570][ T1150] bridge0: port 2(bridge_slave_1) entered forwarding state
[  430.732508][   T30] audit: type=1804 audit(2000000246.830:18): pid=8776 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.812" name="/newroot/125/file0" dev="tmpfs" ino=672 res=1 errno=0
[  430.763816][ T8776] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -17959, delta: 1
[  430.858855][ T8776] ref_ctr increment failed for inode: 0x2a0 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88807d156200
[  431.080137][ T8781] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -17959, delta: -1
[  431.217874][ T8781] ref_ctr decrement failed for inode: 0x2a0 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88807d156200
[  431.397900][ T8781] uprobe: syz.0.812:8781 failed to unregister, leaking uprobe
[  434.464033][ T8468] 8021q: adding VLAN 0 to HW filter on device batadv0
[  436.226097][ T8468] veth0_vlan: entered promiscuous mode
[  436.575662][ T8468] veth1_vlan: entered promiscuous mode
[  436.657078][ T8468] veth0_macvtap: entered promiscuous mode
[  436.737139][ T8468] veth1_macvtap: entered promiscuous mode
[  436.984917][ T8468] batman_adv: batadv0: Interface activated: batadv_slave_0
[  437.855639][ T8850] loop0: detected capacity change from 0 to 16
[  438.137334][ T8850] erofs (device loop0): mounted with root inode @ nid 36.
[  438.155131][ T8850] syz.0.826: attempt to access beyond end of device
[  438.155131][ T8850] loop0: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  438.259815][ T8468] batman_adv: batadv0: Interface activated: batadv_slave_1
[  438.591315][   T30] audit: type=1800 audit(2000000254.690:19): pid=8850 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.826" name="file2" dev="loop0" ino=89 res=0 errno=0
[  438.937772][ T2942] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  439.189439][ T2942] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  439.444960][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  439.451629][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  440.432473][ T2942] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  440.442472][ T2942] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  441.730284][ T8879] overlayfs: failed to clone upperpath
[  441.761281][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  441.827421][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  443.009847][  T151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  443.030315][ T8891] Bluetooth: MGMT ver 1.23
[  443.034960][  T151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  445.092246][ T8909] loop0: detected capacity change from 0 to 64
[  445.152617][ T5832] Bluetooth: hci2: Opcode 0x0401 failed: -110
[  445.159354][ T5842] Bluetooth: hci2: command 0x0406 tx timeout
[  446.471398][ T8924] warning: `syz.2.844' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  449.036761][ T8940] loop0: detected capacity change from 0 to 512
[  449.044396][ T8940] EXT4-fs: Ignoring removed bh option
[  449.279760][ T8940] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  451.893376][ T8940] EXT4-fs: error -4 creating inode table initialization thread
[  451.901789][ T8940] EXT4-fs (loop0): mount failed
[  463.507370][    C0] vcan0: j1939_tp_rxtimer: 0xffff88806e376c00: rx timeout, send abort
[  464.007558][    C0] vcan0: j1939_tp_rxtimer: 0xffff88806e376800: rx timeout, send abort
[  464.015831][    C0] vcan0: j1939_tp_rxtimer: 0xffff88806e376c00: abort rx timeout. Force session deactivation
[  464.515835][    C0] vcan0: j1939_tp_rxtimer: 0xffff88806e376800: abort rx timeout. Force session deactivation
[  466.121252][ T9089] tipc: Started in network mode
[  466.126150][ T9089] tipc: Node identity 4, cluster identity 4711
[  466.188960][ T9089] tipc: Node number set to 4
[  467.446874][ T9097] loop0: detected capacity change from 0 to 4096
[  470.490612][ T9119] uprobe: syz.3.892:9119 failed to unregister, leaking uprobe
[  470.762909][ T9133] tipc: Bearer <udp:syz2>: already 2 bearers with priority 10
[  471.637868][ T9133] tipc: Bearer <udp:syz2>: trying with adjusted priority
[  471.645279][ T9133] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  471.747961][ T9143] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  477.248100][   T10] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  478.182838][   T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  478.639034][   T10] usb 1-1: New USB device found, idVendor=056a, idProduct=0018, bcdDevice= 0.00
[  478.657755][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  479.092429][   T10] usb 1-1: config 0 descriptor??
[  480.147910][   T10] usb 1-1: can't set config #0, error -71
[  480.189671][   T10] usb 1-1: USB disconnect, device number 3
[  481.694699][ T9210] loop0: detected capacity change from 0 to 32768
[  481.729751][ T9210] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.913 (9210)
[  481.757521][ T9210] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  481.768218][ T9210] BTRFS info (device loop0): using sha256 checksum algorithm
[  481.972751][ T9210] BTRFS info (device loop0): enabling ssd optimizations
[  481.979999][ T9210] BTRFS info (device loop0): turning on async discard
[  481.986898][ T9210] BTRFS info (device loop0): enabling free space tree
[  484.154914][ T9252] syz.5.919 (9252) used greatest stack depth: 19192 bytes left
[  484.572903][ T9259] pim6reg: entered allmulticast mode
[  484.610055][ T5828] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  491.450080][ T9317] netlink: 'syz.2.930': attribute type 10 has an invalid length.
[  496.205137][ T9353] loop6: detected capacity change from 0 to 40427
[  496.854330][ T9353] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  496.862267][ T9353] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  497.029235][ T9353] F2FS-fs (loop6): invalid crc value
[  497.157479][ T9353] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  497.184457][ T9353] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  497.195732][ T9353] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  497.673105][ T9370] syz.6.940: attempt to access beyond end of device
[  497.673105][ T9370] loop6: rw=8423425, sector=78248, nr_sectors = 4 limit=40427
[  497.749160][   T30] audit: type=1800 audit(2000000313.700:20): pid=9370 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.940" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop6" ino=10 res=0 errno=0
[  498.450526][ T8468] syz-executor: attempt to access beyond end of device
[  498.450526][ T8468] loop6: rw=8390659, sector=77824, nr_sectors = 432 limit=40427
[  498.872531][ T8468] F2FS-fs (loop6): Issue discard(9728, 9728, 54) failed, ret: -5
[  498.878466][ T5842] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  498.892690][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  499.021010][ T5842] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  499.599006][ T5842] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  499.644623][ T5842] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  500.126128][ T9401] ptrace attach of "./syz-executor exec"[5827] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  500.905615][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  501.024060][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  501.767835][ T5842] Bluetooth: hci0: command tx timeout
[  503.105959][ T9381] chnl_net:caif_netlink_parms(): no params data found
[  503.254081][ T9431] loop0: detected capacity change from 0 to 1024
[  503.297233][ T9431] EXT4-fs: Ignoring removed nomblk_io_submit option
[  503.349146][ T9431] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  503.441203][ T5996] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  503.469181][   T30] audit: type=1800 audit(2000000319.560:21): pid=9431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.959" name="file1" dev="loop0" ino=15 res=0 errno=0
[  503.979514][ T5842] Bluetooth: hci0: command tx timeout
[  505.275662][ T5996] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  505.451884][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  505.682887][ T5996] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  506.048833][ T5842] Bluetooth: hci0: command tx timeout
[  506.895374][ T9381] bridge0: port 1(bridge_slave_0) entered blocking state
[  506.938787][ T9381] bridge0: port 1(bridge_slave_0) entered disabled state
[  506.946114][ T9381] bridge_slave_0: entered allmulticast mode
[  507.170549][ T9381] bridge_slave_0: entered promiscuous mode
[  507.179807][ T9381] bridge0: port 2(bridge_slave_1) entered blocking state
[  507.186975][ T9381] bridge0: port 2(bridge_slave_1) entered disabled state
[  507.194617][ T9381] bridge_slave_1: entered allmulticast mode
[  507.221196][ T9381] bridge_slave_1: entered promiscuous mode
[  507.591179][ T9469] loop0: detected capacity change from 0 to 40427
[  507.753530][ T9469] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  507.761972][ T9469] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  508.184121][ T5842] Bluetooth: hci0: command tx timeout
[  508.187858][ T9469] F2FS-fs (loop0): invalid crc value
[  508.393270][ T9469] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  508.415563][ T9469] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  508.422738][ T9469] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  508.705221][ T5996] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  508.976327][ T9480] syz.0.960: attempt to access beyond end of device
[  508.976327][ T9480] loop0: rw=8423425, sector=78248, nr_sectors = 4 limit=40427
[  509.041911][   T30] audit: type=1800 audit(2000000325.070:22): pid=9480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.960" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=10 res=0 errno=0
[  511.727915][ T9488] Driver unsupported XDP return value 0 on prog  (id 76) dev N/A, expect packet loss!
[  511.994498][ T9381] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  512.031898][ T9381] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  512.209908][ T9486] loop6: detected capacity change from 0 to 131072
[  512.383867][ T9486] F2FS-fs (loop6): Test dummy encryption mode enabled
[  512.399790][ T9486] F2FS-fs (loop6): invalid crc value
[  512.464957][ T5828] syz-executor: attempt to access beyond end of device
[  512.464957][ T5828] loop0: rw=8390659, sector=77824, nr_sectors = 432 limit=40427
[  512.484634][ T9486] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  512.510945][ T5828] F2FS-fs (loop0): Issue discard(9728, 9728, 54) failed, ret: -5
[  512.517746][ T9486] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  512.677346][ T9486] fscrypt: AES-256-XTS using implementation "xts-aes-vaes-avx2"
[  512.710729][ T9494] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  512.721610][   T30] audit: type=1800 audit(2000000328.800:23): pid=9486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.970" name="file0" dev="loop6" ino=10 res=0 errno=0
[  512.772091][ T9381] team0: Port device team_slave_0 added
[  512.831088][ T9381] team0: Port device team_slave_1 added
[  513.178095][ T9497] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  513.271076][ T9381] batman_adv: batadv0: Adding interface: batadv_slave_0
[  513.299570][ T9381] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  513.568803][ T9381] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  513.645845][ T9381] batman_adv: batadv0: Adding interface: batadv_slave_1
[  513.681196][ T9381] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  514.285042][ T9381] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  515.398339][ T9519] Invalid option length (57448) for dns_resolver key
[  516.916983][ T5996] bridge_slave_1: left allmulticast mode
[  516.953477][ T5996] bridge_slave_1: left promiscuous mode
[  516.984843][ T5996] bridge0: port 2(bridge_slave_1) entered disabled state
[  517.066093][ T5996] bridge_slave_0: left allmulticast mode
[  517.095310][ T5996] bridge_slave_0: left promiscuous mode
[  517.115892][ T5996] bridge0: port 1(bridge_slave_0) entered disabled state
[  517.340713][ T9534] loop0: detected capacity change from 0 to 8
[  517.390542][ T9137] udevd[9137]: incorrect cramfs checksum on /dev/loop0
[  517.398728][ T9534] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  517.768184][ T9544] cramfs: Error -3 while decompressing!
[  517.774357][ T9544] cramfs: ffffffff9b2a5fb8(16)->ffff8880782bb000(4096)
[  517.787735][ T9544] cramfs: Error -3 while decompressing!
[  517.793466][ T9544] cramfs: ffffffff9b2a5fb8(16)->ffff8880782bb000(4096)
[  517.809726][   T30] audit: type=1800 audit(2000000333.900:24): pid=9544 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.983" name="file0" dev="loop0" ino=244 res=0 errno=0
[  518.326763][ T5842] Bluetooth: hci6: command 0x0406 tx timeout
[  518.646173][ T5996] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  518.806972][ T5996] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  518.863911][ T5996] bond0 (unregistering): Released all slaves
[  518.951173][ T5996] bond1 (unregistering): Released all slaves
[  519.458568][ T9525] vxcan1 speed is unknown, defaulting to 1000
[  519.667717][ T9525] vxcan1 speed is unknown, defaulting to 1000
[  519.676470][ T9525] vxcan1 speed is unknown, defaulting to 1000
[  519.824672][ T9381] hsr_slave_0: entered promiscuous mode
[  519.854512][ T9381] hsr_slave_1: entered promiscuous mode
[  519.928221][ T9381] debugfs: 'hsr0' already exists in 'hsr'
[  519.935001][ T9381] Cannot create hsr debugfs directory
[  519.953533][ T9525] infiniband syz2: set active
[  519.958542][ T9525] infiniband syz2: added vxcan1
[  519.970086][ T9525] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR
[  520.000318][ T5945] vxcan1 speed is unknown, defaulting to 1000
[  520.028962][ T9525] infiniband syz2: Couldn't open port 1
[  520.316794][ T9525] RDS/IB: syz2: added
[  520.321392][ T9525] smc: adding ib device syz2 with port count 1
[  520.329665][ T9525] smc:    ib device syz2 port 1 has no pnetid
[  520.353817][ T9525] vxcan1 speed is unknown, defaulting to 1000
[  521.320887][ T6024] vxcan1 speed is unknown, defaulting to 1000
[  521.338877][ T9525] vxcan1 speed is unknown, defaulting to 1000
[  522.169951][ T9525] vxcan1 speed is unknown, defaulting to 1000
[  522.432771][ T9525] vxcan1 speed is unknown, defaulting to 1000
[  524.196011][ T9525] vxcan1 speed is unknown, defaulting to 1000
[  524.454528][ T9525] vxcan1 speed is unknown, defaulting to 1000
[  525.460706][ T9525] vxcan1 speed is unknown, defaulting to 1000
[  528.580088][ T9381] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  528.762668][ T9381] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  528.815263][ T9381] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  528.905516][ T9381] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  529.171715][ T5996] hsr_slave_0: left promiscuous mode
[  529.197777][ T5996] hsr_slave_1: left promiscuous mode
[  529.214474][ T5996] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  529.247853][ T5996] batman_adv: batadv0: Removing interface: batadv_slave_0
[  529.272860][ T5996] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  529.284301][ T5996] batman_adv: batadv0: Removing interface: batadv_slave_1
[  529.325205][ T5996] veth1_macvtap: left promiscuous mode
[  529.338635][ T5996] veth0_macvtap: left promiscuous mode
[  529.358212][ T5996] veth1_vlan: left promiscuous mode
[  529.363529][ T5996] veth0_vlan: left promiscuous mode
[  530.155189][ T5996] team0 (unregistering): Port device team_slave_1 removed
[  530.204094][ T5996] team0 (unregistering): Port device team_slave_0 removed
[  530.535909][ T9381] 8021q: adding VLAN 0 to HW filter on device bond0
[  530.596755][ T9381] 8021q: adding VLAN 0 to HW filter on device team0
[  530.626300][   T81] bridge0: port 1(bridge_slave_0) entered blocking state
[  530.633557][   T81] bridge0: port 1(bridge_slave_0) entered forwarding state
[  530.671529][   T81] bridge0: port 2(bridge_slave_1) entered blocking state
[  530.678756][   T81] bridge0: port 2(bridge_slave_1) entered forwarding state
[  531.055953][ T9381] 8021q: adding VLAN 0 to HW filter on device batadv0
[  531.475956][ T9381] veth0_vlan: entered promiscuous mode
[  531.493215][ T9381] veth1_vlan: entered promiscuous mode
[  531.547265][ T9381] veth0_macvtap: entered promiscuous mode
[  531.561359][ T9381] veth1_macvtap: entered promiscuous mode
[  531.596086][ T9381] batman_adv: batadv0: Interface activated: batadv_slave_0
[  531.632680][ T9381] batman_adv: batadv0: Interface activated: batadv_slave_1
[  531.655472][   T49] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  531.673247][   T49] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  531.707563][   T49] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  531.717271][   T49] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  531.815857][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  531.838277][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  531.886611][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  531.895008][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  537.526473][ T9751] loop7: detected capacity change from 0 to 1024
[  537.590951][ T9751] EXT4-fs: Ignoring removed nomblk_io_submit option
[  537.656655][ T9751] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  537.712743][   T30] audit: type=1800 audit(2000000353.810:25): pid=9751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1010" name="file1" dev="loop7" ino=15 res=0 errno=0
[  539.330043][ T9381] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  540.746855][ T9790] faux_driver vkms: [drm] Unknown color mode 6; guessing buffer size.
[  545.730927][ T9841] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  547.529662][ T9848] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1039'.
[  557.698865][ T9946] loop0: detected capacity change from 0 to 1024
[  559.671360][   T30] audit: type=1800 audit(2000000375.740:26): pid=9966 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1063" name="file1" dev="loop0" ino=2 res=0 errno=0
[  562.323714][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  562.333287][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  567.830844][T10037] mmap: syz.7.1083 (10037) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  568.601575][T10035] loop6: detected capacity change from 0 to 8
[  568.649103][T10035] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  568.867039][T10027] udevd[10027]: incorrect cramfs checksum on /dev/loop6
[  569.745185][T10031] udevd[10031]: incorrect cramfs checksum on /dev/loop6
[  570.836952][T10035] cramfs: Error -3 while decompressing!
[  570.842807][T10035] cramfs: ffffffff9b2a9fb8(16)->ffff88804302b000(4096)
[  570.849763][T10035] cramfs: Error -3 while decompressing!
[  570.855305][T10035] cramfs: ffffffff9b2a9fb8(16)->ffff88804302b000(4096)
[  570.863125][   T30] audit: type=1800 audit(2000000386.960:27): pid=10035 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1066" name="file0" dev="loop6" ino=244 res=0 errno=0
[  573.292432][T10074] ªªªªªª: renamed from vlan0 (while UP)
[  573.840854][T10077] syzkaller0: entered promiscuous mode
[  573.864496][T10077] syzkaller0: entered allmulticast mode
[  576.241362][T10116] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1099'.
[  576.511785][T10116] nbd: socks must be embedded in a SOCK_ITEM attr
[  578.523158][ T5964] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  580.061234][T10027] udevd[10027]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  580.116097][T10124] udevd[10124]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  581.642508][T10140] Bluetooth: MGMT ver 1.23
[  584.236717][T10161] qnx6: unable to read the first superblock
[  584.246961][T10161] qnx6: unable to read the first superblock
[  584.253431][T10161] qnx6: unable to read the first superblock
[  590.547088][ T5832] Bluetooth: hci2: hcon ffff88807e9f4000 sent 0 < count 137
[  590.554981][ T5832] Bluetooth: hci2: hcon ffff88807e9f4000 sent 0 < count 6
[  590.563278][ T5832] Bluetooth: hci2: hcon ffff88807e9f4000 sent 0 < count 255
[  590.858275][T10209] loop6: detected capacity change from 0 to 32768
[  590.884140][T10209] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1122 (10209)
[  590.930880][T10209] BTRFS info (device loop6): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  590.941848][T10209] BTRFS info (device loop6): using crc32c checksum algorithm
[  590.949679][T10209] BTRFS warning (device loop6): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  591.123368][T10209] BTRFS info (device loop6): rebuilding free space tree
[  592.048846][T10209] BTRFS info (device loop6): disabling free space tree
[  592.055826][T10209] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  592.066800][T10209] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  592.097680][T10209] BTRFS info (device loop6): enabling ssd optimizations
[  592.104772][T10209] BTRFS info (device loop6): turning on async discard
[  592.111734][T10209] BTRFS info (device loop6): enabling disk space caching
[  592.125967][T10209] BTRFS info (device loop6): force clearing of disk cache
[  592.134265][T10209] BTRFS info (device loop6): use zstd compression, level 3
[  593.369820][ T8468] BTRFS info (device loop6): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  593.982407][   T30] audit: type=1800 audit(2000000410.000:28): pid=10251 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1127" name="file1" dev="tmpfs" ino=930 res=0 errno=0
[  602.045008][ T5842] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  602.070718][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  602.089616][ T5842] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  602.133642][ T5842] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  602.141454][ T5842] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  603.805868][T10305] nbd: must specify at least one socket
[  603.884419][   T36] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  604.042764][T10289] vxcan1 speed is unknown, defaulting to 1000
[  604.244990][ T5832] Bluetooth: hci0: command tx timeout
[  604.890041][   T36] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  606.412149][ T5832] Bluetooth: hci0: command tx timeout
[  608.647089][ T5842] Bluetooth: hci0: command tx timeout
[  609.719952][   T36] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  610.718787][ T5842] Bluetooth: hci0: command tx timeout
[  615.545566][   T36] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  619.305319][T10397] random: crng reseeded on system resumption
[  620.429025][T10404] MPI: mpi too large (128392 bits)
[  620.819850][ T5842] Bluetooth: hci5: hcon ffff888025a7c000 sent 0 < count 137
[  620.827355][ T5842] Bluetooth: hci5: hcon ffff888025a7c000 sent 0 < count 6
[  620.835640][ T5842] Bluetooth: hci5: hcon ffff888025a7c000 sent 0 < count 255
[  620.975333][T10289] chnl_net:caif_netlink_parms(): no params data found
[  622.356741][T10397] syzkaller0: entered promiscuous mode
[  622.367983][T10397] syzkaller0: entered allmulticast mode
[  622.372611][T10429] syz.4.1173 (10429): attempted to duplicate a private mapping with mremap.  This is not supported.
[  623.420084][   T36] bridge_slave_1: left allmulticast mode
[  623.425772][   T36] bridge_slave_1: left promiscuous mode
[  623.457427][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  623.759283][   T36] bridge_slave_0: left allmulticast mode
[  623.766744][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  623.774997][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  624.457754][   T36] bridge_slave_0: left promiscuous mode
[  624.463589][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  629.913728][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  629.957093][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  629.979414][ T5835] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  630.000001][   T36] bond0 (unregistering): Released all slaves
[  630.189074][ T5835] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  630.225440][ T5835] usb 7-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  630.235669][ T5835] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  630.261844][ T5835] usb 7-1: config 0 descriptor??
[  630.302758][ T5835] pwc: Askey VC010 type 2 USB webcam detected.
[  630.351208][T10289] bridge0: port 1(bridge_slave_0) entered blocking state
[  630.412059][T10289] bridge0: port 1(bridge_slave_0) entered disabled state
[  630.451376][T10289] bridge_slave_0: entered allmulticast mode
[  630.500000][T10289] bridge_slave_0: entered promiscuous mode
[  630.859426][ T5835] pwc: recv_control_msg error -32 req 02 val 2b00
[  630.896454][ T5835] pwc: recv_control_msg error -32 req 02 val 2700
[  630.906229][ T5835] pwc: recv_control_msg error -32 req 02 val 2c00
[  630.941184][ T5835] pwc: recv_control_msg error -32 req 04 val 1000
[  631.086086][T10289] bridge0: port 2(bridge_slave_1) entered blocking state
[  631.668778][ T5835] pwc: recv_control_msg error -32 req 04 val 1300
[  631.699413][ T5835] pwc: recv_control_msg error -32 req 04 val 1400
[  631.719512][T10289] bridge0: port 2(bridge_slave_1) entered disabled state
[  631.737978][T10289] bridge_slave_1: entered allmulticast mode
[  631.774998][T10289] bridge_slave_1: entered promiscuous mode
[  631.921817][ T5835] pwc: recv_control_msg error -32 req 02 val 2000
[  631.930010][ T5835] pwc: recv_control_msg error -32 req 02 val 2100
[  631.937412][ T5835] pwc: recv_control_msg error -32 req 04 val 1500
[  631.944870][ T5835] pwc: recv_control_msg error -32 req 02 val 2500
[  631.952675][ T5835] pwc: recv_control_msg error -32 req 02 val 2400
[  632.593201][ T5835] pwc: recv_control_msg error -71 req 02 val 2900
[  632.608755][ T5835] pwc: recv_control_msg error -71 req 02 val 2800
[  632.630783][ T5835] pwc: recv_control_msg error -71 req 04 val 1100
[  632.644618][ T5835] pwc: recv_control_msg error -71 req 04 val 1200
[  632.664937][ T5835] pwc: Registered as video103.
[  632.691685][ T5835] input: PWC snapshot button as /devices/platform/dummy_hcd.6/usb7/7-1/input/input6
[  633.704577][ T5835] usb 7-1: USB disconnect, device number 3
[  634.179815][T10529] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1206'.
[  634.307153][T10289] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  634.323799][T10525] loop0: detected capacity change from 0 to 4096
[  634.427568][T10289] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  635.160228][T10525] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  636.410083][T10289] team0: Port device team_slave_0 added
[  636.445890][T10289] team0: Port device team_slave_1 added
[  636.470928][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  636.540510][T10533] fuse: Bad value for 'fd'
[  638.436041][T10289] batman_adv: batadv0: Adding interface: batadv_slave_0
[  638.468275][T10289] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  638.567762][T10289] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  638.590305][T10289] batman_adv: batadv0: Adding interface: batadv_slave_1
[  638.597305][T10289] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  638.657823][T10289] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  640.840889][   T36] hsr_slave_0: left promiscuous mode
[  640.908872][   T36] hsr_slave_1: left promiscuous mode
[  641.224243][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  641.231880][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  641.945106][T10580] loop0: detected capacity change from 0 to 2048
[  642.137916][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  642.246640][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  642.358433][T10580] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  642.389541][   T36] veth1_macvtap: left promiscuous mode
[  642.395166][   T36] veth0_macvtap: left promiscuous mode
[  642.416482][   T36] veth1_vlan: left promiscuous mode
[  642.423320][   T36] veth0_vlan: left promiscuous mode
[  642.566161][T10593] gfs2: gfs2 mount does not exist
[  651.331525][T10633] loop6: detected capacity change from 0 to 512
[  651.429129][T10633] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  651.618037][T10633] EXT4-fs error (device loop6): ext4_orphan_get:1391: inode #15: comm syz.6.1223: inode has both inline data and extents flags
[  652.097732][T10633] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  652.107725][    C1] EXT4-fs (loop6): error count since last fsck: 1
[  652.123876][    C1] EXT4-fs (loop6): initial error at time 2000000468: ext4_orphan_get:1391: inode 15
[  652.133430][    C1] EXT4-fs (loop6): last error at time 2000000468: ext4_orphan_get:1391: inode 15
[  652.477908][T10633] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.1223: couldn't read orphan inode 15 (err -117)
[  652.682036][T10633] loop6: lost filesystem error report for type 5 error -117
[  653.553202][T10633] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  653.694430][   T36] team0 (unregistering): Port device team_slave_1 removed
[  653.718053][ T8468] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  653.776403][   T36] team0 (unregistering): Port device team_slave_0 removed
[  655.744307][T10662] loop6: detected capacity change from 0 to 1024
[  656.099011][T10289] hsr_slave_0: entered promiscuous mode
[  656.105930][T10289] hsr_slave_1: entered promiscuous mode
[  661.846104][ T5832] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  661.865212][ T5832] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  661.877922][ T5832] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  661.888712][ T5832] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  661.908014][ T5832] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  662.095777][T10713] vxcan1 speed is unknown, defaulting to 1000
[  664.458511][T10741] 9p: Invalid uid '0x00000000ffffffff'
[  664.775891][ T5842] Bluetooth: hci1: command tx timeout
[  666.813507][ T5842] Bluetooth: hci1: command tx timeout
[  668.997880][ T5842] Bluetooth: hci1: command tx timeout
[  669.326384][T10802] fuse: Bad value for 'fd'
[  671.037761][ T5842] Bluetooth: hci1: command tx timeout
[  671.446935][   T12] bridge_slave_1: left allmulticast mode
[  671.452835][   T12] bridge_slave_1: left promiscuous mode
[  671.462517][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  671.519001][T10822] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1261'.
[  671.629460][   T12] bridge_slave_0: left allmulticast mode
[  671.636992][   T12] bridge_slave_0: left promiscuous mode
[  671.797960][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  672.220642][T10825] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1263'.
[  673.142929][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  673.201726][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  673.314124][   T12] bond0 (unregistering): Released all slaves
[  679.252819][   T12] hsr_slave_0: left promiscuous mode
[  679.337048][   T12] hsr_slave_1: left promiscuous mode
[  679.384037][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  679.539424][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  680.749160][ T5929] IPVS: starting estimator thread 0...
[  681.085142][T10891] IPVS: using max 24 ests per chain, 57600 per kthread
[  684.263248][   T12] team0 (unregistering): Port device team_slave_1 removed
[  684.505615][   T12] team0 (unregistering): Port device team_slave_0 removed
[  685.236737][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  685.243181][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  685.544047][T10923] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1287'.
[  686.175035][T10934] overlayfs: failed to clone lowerpath
[  688.520470][T10713] chnl_net:caif_netlink_parms(): no params data found
[  692.488189][T10977] overlayfs: failed to clone lowerpath
[  693.958906][T10713] bridge0: port 1(bridge_slave_0) entered blocking state
[  693.966247][T10713] bridge0: port 1(bridge_slave_0) entered disabled state
[  693.983743][T10713] bridge_slave_0: entered allmulticast mode
[  693.992830][T10713] bridge_slave_0: entered promiscuous mode
[  694.210594][T10713] bridge0: port 2(bridge_slave_1) entered blocking state
[  694.257858][T10713] bridge0: port 2(bridge_slave_1) entered disabled state
[  694.292567][T10713] bridge_slave_1: entered allmulticast mode
[  695.172407][T10713] bridge_slave_1: entered promiscuous mode
[  699.031787][T10713] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  699.200449][T10713] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  699.252448][T10713] team0: Port device team_slave_0 added
[  699.287428][T10713] team0: Port device team_slave_1 added
[  701.650677][T10713] batman_adv: batadv0: Adding interface: batadv_slave_0
[  701.659725][T10713] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  701.686443][T10713] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  701.760822][T10713] batman_adv: batadv0: Adding interface: batadv_slave_1
[  701.806992][T10713] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  702.371803][T10713] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  702.418844][T11039] loop0: detected capacity change from 0 to 128
[  704.700339][T10713] hsr_slave_0: entered promiscuous mode
[  704.707345][T10713] hsr_slave_1: entered promiscuous mode
[  710.956847][T10713] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  711.131897][T10713] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  711.179591][T10713] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  711.227557][T10713] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  714.132143][T10713] 8021q: adding VLAN 0 to HW filter on device bond0
[  716.278162][T10713] 8021q: adding VLAN 0 to HW filter on device team0
[  716.562631][ T2942] bridge0: port 1(bridge_slave_0) entered blocking state
[  716.570012][ T2942] bridge0: port 1(bridge_slave_0) entered forwarding state
[  716.660164][ T2942] bridge0: port 2(bridge_slave_1) entered blocking state
[  716.667350][ T2942] bridge0: port 2(bridge_slave_1) entered forwarding state
[  719.689976][T10713] 8021q: adding VLAN 0 to HW filter on device batadv0
[  722.986316][ T5832] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  723.029433][ T5832] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  723.039119][ T5832] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  723.059016][ T5832] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  723.068308][ T5832] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  723.209221][T11178] vxcan1 speed is unknown, defaulting to 1000
[  725.322730][ T5842] Bluetooth: hci0: command tx timeout
[  727.358018][ T5842] Bluetooth: hci0: command tx timeout
[  729.445865][ T5842] Bluetooth: hci0: command tx timeout
[  731.517983][ T5842] Bluetooth: hci0: command tx timeout
[  732.797380][T11265] 9p: Bad value for 'rfdno'
[  741.832764][T11178] chnl_net:caif_netlink_parms(): no params data found
[  743.223379][T11324] overlayfs: failed to clone lowerpath
[  743.508122][ T2942] bridge_slave_1: left allmulticast mode
[  743.513813][ T2942] bridge_slave_1: left promiscuous mode
[  743.822295][ T2942] bridge0: port 2(bridge_slave_1) entered disabled state
[  744.397432][ T2942] bridge_slave_0: left allmulticast mode
[  744.403311][ T2942] bridge_slave_0: left promiscuous mode
[  744.478227][ T2942] bridge0: port 1(bridge_slave_0) entered disabled state
[  746.818395][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  746.824769][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  747.976008][ T2942] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  748.963374][ T2942] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  749.025634][ T2942] bond0 (unregistering): Released all slaves
[  751.807273][T11178] bridge0: port 1(bridge_slave_0) entered blocking state
[  751.817988][T11178] bridge0: port 1(bridge_slave_0) entered disabled state
[  751.888148][T11178] bridge_slave_0: entered allmulticast mode
[  751.896601][T11178] bridge_slave_0: entered promiscuous mode
[  751.985688][T11178] bridge0: port 2(bridge_slave_1) entered blocking state
[  751.999058][T11178] bridge0: port 2(bridge_slave_1) entered disabled state
[  752.039985][T11178] bridge_slave_1: entered allmulticast mode
[  752.050783][T11178] bridge_slave_1: entered promiscuous mode
[  754.339713][T11178] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  756.255733][T11178] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  756.662853][ T2942] hsr_slave_0: left promiscuous mode
[  757.388353][ T2942] hsr_slave_1: left promiscuous mode
[  757.395058][ T2942] batman_adv: batadv0: Removing interface: batadv_slave_0
[  757.593568][ T2942] batman_adv: batadv0: Removing interface: batadv_slave_1
[  764.048547][ T2942] team0 (unregistering): Port device team_slave_1 removed
[  766.048399][ T2942] team0 (unregistering): Port device team_slave_0 removed
[  767.160766][T11483] Process accounting resumed
[  769.272717][T11178] team0: Port device team_slave_0 added
[  769.307951][T11178] team0: Port device team_slave_1 added
[  769.749138][T11178] batman_adv: batadv0: Adding interface: batadv_slave_0
[  769.756126][T11178] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  770.644487][T11178] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  770.847195][T11178] batman_adv: batadv0: Adding interface: batadv_slave_1
[  770.854555][T11178] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  770.891004][T11178] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  772.687541][T11178] hsr_slave_0: entered promiscuous mode
[  772.694710][T11178] hsr_slave_1: entered promiscuous mode
[  780.846582][T11178] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  780.949614][T11602] netlink: 'syz.6.1434': attribute type 4 has an invalid length.
[  783.693265][ T5832] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  783.708181][ T5832] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  783.717229][ T5832] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  783.790068][ T5832] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  783.798120][ T5832] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  785.862183][ T5842] Bluetooth: hci1: command tx timeout
[  786.022185][T11621] vxcan1 speed is unknown, defaulting to 1000
[  787.923113][ T5842] Bluetooth: hci1: command tx timeout
[  790.021618][ T5842] Bluetooth: hci1: command tx timeout
[  792.139223][ T5842] Bluetooth: hci1: command tx timeout
[  796.115230][T11621] chnl_net:caif_netlink_parms(): no params data found
[  798.625706][T11621] bridge0: port 1(bridge_slave_0) entered blocking state
[  798.720045][T11621] bridge0: port 1(bridge_slave_0) entered disabled state
[  798.727549][T11621] bridge_slave_0: entered allmulticast mode
[  798.790064][T11621] bridge_slave_0: entered promiscuous mode
[  801.759151][ T5832] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  801.776506][ T5832] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  801.798346][ T5832] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  801.838418][ T5832] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  801.842331][T11621] bridge0: port 2(bridge_slave_1) entered blocking state
[  801.854402][ T5832] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  801.919052][T11621] bridge0: port 2(bridge_slave_1) entered disabled state
[  801.926313][T11621] bridge_slave_1: entered allmulticast mode
[  802.163279][T11621] bridge_slave_1: entered promiscuous mode
[  804.858874][ T5832] Bluetooth: hci0: command tx timeout
[  805.295624][T11621] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  805.331884][T11621] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  805.619660][ T2942] bridge_slave_1: left allmulticast mode
[  806.582152][ T2942] bridge_slave_1: left promiscuous mode
[  806.588800][ T2942] bridge0: port 2(bridge_slave_1) entered disabled state
[  806.878389][ T5832] Bluetooth: hci0: command tx timeout
[  806.974348][ T2942] bridge_slave_0: left allmulticast mode
[  806.981171][ T2942] bridge_slave_0: left promiscuous mode
[  806.987471][ T2942] bridge0: port 1(bridge_slave_0) entered disabled state
[  808.494142][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  808.500729][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  808.960279][ T5832] Bluetooth: hci0: command tx timeout
[  809.063544][T11776] overlayfs: failed to clone upperpath
[  809.217945][ T2942] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  809.871656][ T5801] hid (null): unknown global tag 0xd
[  809.877294][ T5801] hid (null): unknown global tag 0xd
[  809.925720][ T5801] hid-generic 0005:0005:0001.0002: unknown global tag 0xd
[  809.962116][ T5801] hid-generic 0005:0005:0001.0002: item 0 2 1 13 parsing failed
[  809.962717][ T2942] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  809.980838][ T5801] hid-generic 0005:0005:0001.0002: probe with driver hid-generic failed with error -22
[  810.036592][ T2942] bond0 (unregistering): Released all slaves
[  810.091402][T11621] team0: Port device team_slave_0 added
[  810.196094][T11621] team0: Port device team_slave_1 added
[  811.143749][ T5832] Bluetooth: hci0: command tx timeout
[  811.357778][T11735] vxcan1 speed is unknown, defaulting to 1000
[  811.408563][T11621] batman_adv: batadv0: Adding interface: batadv_slave_0
[  811.415730][T11621] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  811.547976][T11621] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  811.619529][T11621] batman_adv: batadv0: Adding interface: batadv_slave_1
[  811.626684][T11621] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  811.697820][T11621] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  815.167879][T11824] netlink: 'syz.5.1482': attribute type 13 has an invalid length.
[  815.177779][T11824] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1482'.
[  815.318806][ T2942] hsr_slave_0: left promiscuous mode
[  815.557843][ T2942] hsr_slave_1: left promiscuous mode
[  815.575656][ T2942] batman_adv: batadv0: Removing interface: batadv_slave_0
[  816.585669][ T2942] batman_adv: batadv0: Removing interface: batadv_slave_1
[  816.802211][T11839] loop0: detected capacity change from 0 to 2048
[  816.878777][T11839] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  818.034524][ T2942] team0 (unregistering): Port device team_slave_1 removed
[  818.062582][ T2942] team0 (unregistering): Port device team_slave_0 removed
[  819.398144][T11824] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  820.381880][T11621] hsr_slave_0: entered promiscuous mode
[  820.448332][T11621] hsr_slave_1: entered promiscuous mode
[  821.086553][T11867] netlink: 'syz.5.1491': attribute type 4 has an invalid length.
[  826.682245][T11902] SQUASHFS error: Failed to read block 0x0: -5
[  832.053336][T11735] chnl_net:caif_netlink_parms(): no params data found
[  833.394410][T11958] loop0: detected capacity change from 0 to 1024
[  834.465591][   T36] hfsplus: b-tree write err: -5, ino 25
[  834.498933][   T36] hfsplus: b-tree write err: -5, ino 4
[  834.505043][   T36] hfsplus: b-tree write err: -5, ino 2
[  834.603226][  T138] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  835.836328][  T138] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  837.683578][T11735] bridge0: port 1(bridge_slave_0) entered blocking state
[  837.895613][T11735] bridge0: port 1(bridge_slave_0) entered disabled state
[  838.745996][T11735] bridge_slave_0: entered allmulticast mode
[  838.910320][T11735] bridge_slave_0: entered promiscuous mode
[  841.147543][T12003] loop0: detected capacity change from 0 to 512
[  841.228855][T12003] EXT4-fs (loop0): blocks per group (95) and clusters per group (32768) inconsistent
[  841.273232][  T138] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  841.575854][T11735] bridge0: port 2(bridge_slave_1) entered blocking state
[  841.589038][T11735] bridge0: port 2(bridge_slave_1) entered disabled state
[  841.596678][T11735] bridge_slave_1: entered allmulticast mode
[  842.380071][T11735] bridge_slave_1: entered promiscuous mode
[  842.548280][T12016] netlink: 'syz.0.1525': attribute type 13 has an invalid length.
[  842.677769][T12016] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1525'.
[  843.725075][  T138] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  844.172746][T12016] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  844.236827][T11735] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  844.250275][T11735] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  844.294097][T11735] team0: Port device team_slave_0 added
[  844.303430][T11735] team0: Port device team_slave_1 added
[  844.508682][ T5842] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  845.228651][ T5842] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  845.267489][ T5842] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  845.526294][ T5842] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  845.534267][ T5842] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  846.785754][T11735] batman_adv: batadv0: Adding interface: batadv_slave_0
[  846.847997][T11735] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  846.947888][T11586] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  846.965462][T11735] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  847.738841][T11735] batman_adv: batadv0: Adding interface: batadv_slave_1
[  847.761328][T11586] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  847.778685][T11735] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  847.999071][T11586] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  848.010361][T11735] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  848.019002][ T5832] Bluetooth: hci2: command tx timeout
[  848.787979][T11586] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[  848.847868][T11586] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  848.892640][T11586] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  848.942596][T11586] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  848.951990][T11586] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  848.968609][T11586] usb 1-1: Product: syz
[  849.034573][T11586] usb 1-1: Manufacturer: syz
[  849.085146][T11586] cdc_wdm 1-1:1.0: skipping garbage
[  849.099441][T11586] cdc_wdm 1-1:1.0: skipping garbage
[  849.161141][T11586] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  849.167090][T11586] cdc_wdm 1-1:1.0: Unknown control protocol
[  849.887478][T12077] ptrace attach of "./syz-executor exec"[5826] was attempted by ""[12077]
[  850.080384][ T5964] usb 1-1: USB disconnect, device number 4
[  850.118168][ T5832] Bluetooth: hci2: command tx timeout
[  850.222273][T12037] vxcan1 speed is unknown, defaulting to 1000
[  851.107464][T12091] loop0: detected capacity change from 0 to 764
[  851.183704][T11735] hsr_slave_0: entered promiscuous mode
[  851.369130][T11735] hsr_slave_1: entered promiscuous mode
[  851.375595][T11735] debugfs: 'hsr0' already exists in 'hsr'
[  851.438869][T11735] Cannot create hsr debugfs directory
[  852.617869][ T5832] Bluetooth: hci2: command tx timeout
[  853.893850][  T138] bridge_slave_1: left allmulticast mode
[  853.900257][  T138] bridge_slave_1: left promiscuous mode
[  853.906155][  T138] bridge0: port 2(bridge_slave_1) entered disabled state
[  854.660776][ T5832] Bluetooth: hci2: command tx timeout
[  855.194733][  T138] bridge_slave_0: left allmulticast mode
[  855.352857][  T138] bridge_slave_0: left promiscuous mode
[  855.430148][  T138] bridge0: port 1(bridge_slave_0) entered disabled state
[  857.207893][  T138] bond1 (unregistering): (slave bridge1): Releasing backup interface
[  857.227450][  T138] bridge1 (unregistering): left promiscuous mode
[  857.236601][  T138] bridge1 (unregistering): left allmulticast mode
[  857.302305][  T138] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  857.314607][  T138] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  857.342586][  T138] bond0 (unregistering): Released all slaves
[  858.178870][  T138] bond1 (unregistering): Released all slaves
[  858.225157][  T138] bond2 (unregistering): Released all slaves
[  858.636959][  T138] tipc: Left network mode
[  859.311490][T12174] loop0: detected capacity change from 0 to 256
[  863.906099][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  864.348042][ T5842] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  864.357332][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  864.367348][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  864.375623][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  866.480291][ T5832] Bluetooth: hci1: command tx timeout
[  866.509517][T11779] INFO: trying to register non-static key.
[  866.515380][T11779] The code is fine but needs lockdep annotation, or maybe
[  866.522664][T11779] you didn't initialize this object before use?
[  866.528903][T11779] turning off the locking correctness validator.
[  866.535240][T11779] CPU: 1 UID: 0 PID: 11779 Comm: khidpd_00050001 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  866.535296][T11779] Tainted: [L]=SOFTLOCKUP
[  866.535309][T11779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  866.535330][T11779] Call Trace:
[  866.535341][T11779]  <TASK>
[  866.535353][T11779]  dump_stack_lvl+0x100/0x190
[  866.535411][T11779]  register_lock_class+0x549/0x560
[  866.535468][T11779]  ? srso_alias_return_thunk+0x5/0xfbef5
[  866.535514][T11779]  ? rcu_is_watching+0x12/0xc0
[  866.535552][T11779]  ? srso_alias_return_thunk+0x5/0xfbef5
[  866.535596][T11779]  ? trace_sched_exit_tp+0x13a/0x180
[  866.535651][T11779]  __lock_acquire+0x3cb/0x2630
[  866.535713][T11779]  lock_acquire+0x1cf/0x380
[  866.535769][T11779]  ? __mutex_lock+0xcc7/0x1b90
[  866.535815][T11779]  ? schedule+0x2bf/0x390
[  866.535849][T11779]  ? srso_alias_return_thunk+0x5/0xfbef5
[  866.535893][T11779]  ? _raw_spin_lock_irqsave+0x52/0x60
[  866.535932][T11779]  _raw_spin_lock_irqsave+0x3a/0x60
[  866.535967][T11779]  ? __mutex_lock+0xcc7/0x1b90
[  866.536010][T11779]  __mutex_lock+0xcc7/0x1b90
[  866.536054][T11779]  ? __pfx_debug_object_deactivate+0x10/0x10
[  866.536106][T11779]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  866.536142][T11779]  ? l2cap_unregister_user+0x71/0x240
[  866.536195][T11779]  ? __pfx___mutex_lock+0x10/0x10
[  866.536239][T11779]  ? __try_to_del_timer_sync+0x107/0x160
[  866.536285][T11779]  ? srso_alias_return_thunk+0x5/0xfbef5
[  866.536327][T11779]  ? rcu_is_watching+0x12/0xc0
[  866.536364][T11779]  ? srso_alias_return_thunk+0x5/0xfbef5
[  866.536407][T11779]  ? lockdep_hardirqs_on+0x78/0x100
[  866.536449][T11779]  ? __try_to_del_timer_sync+0x107/0x160
[  866.536493][T11779]  ? __pfx___try_to_del_timer_sync+0x10/0x10
[  866.536544][T11779]  ? l2cap_unregister_user+0x71/0x240
[  866.536589][T11779]  l2cap_unregister_user+0x71/0x240
[  866.536640][T11779]  hidp_session_thread+0x459/0x680
[  866.536677][T11779]  ? __pfx_hidp_session_thread+0x10/0x10
[  866.536714][T11779]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  866.536781][T11779]  ? srso_alias_return_thunk+0x5/0xfbef5
[  866.536826][T11779]  ? rcu_is_watching+0x12/0xc0
[  866.536863][T11779]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  866.536922][T11779]  ? srso_alias_return_thunk+0x5/0xfbef5
[  866.536966][T11779]  ? srso_alias_return_thunk+0x5/0xfbef5
[  866.537010][T11779]  ? __kthread_parkme+0x18c/0x230
[  866.537059][T11779]  ? kthread+0x13a/0x450
[  866.537122][T11779]  ? __pfx_hidp_session_thread+0x10/0x10
[  866.537157][T11779]  kthread+0x370/0x450
[  866.537210][T11779]  ? __pfx_kthread+0x10/0x10
[  866.537266][T11779]  ret_from_fork+0x754/0xd80
[  866.537326][T11779]  ? __pfx_ret_from_fork+0x10/0x10
[  866.537385][T11779]  ? srso_alias_return_thunk+0x5/0xfbef5
[  866.537429][T11779]  ? __switch_to+0x7b4/0x1120
[  866.537469][T11779]  ? __pfx_kthread+0x10/0x10
[  866.537524][T11779]  ret_from_fork_asm+0x1a/0x30
[  866.537575][T11779]  </TASK>
[  866.817437][T11779]  non-slab/vmalloc memory
[  866.821870][T11779] list_del corruption. prev->next should be ffffc90003567c50, but was 0000000000000000. (prev=ffff8880368e80a8)
[  866.834862][T11779] ------------[ cut here ]------------
[  866.840413][T11779] kernel BUG at lib/list_debug.c:62!
[  866.845708][T11779] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
[  866.852492][T11779] CPU: 1 UID: 0 PID: 11779 Comm: khidpd_00050001 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  866.863894][T11779] Tainted: [L]=SOFTLOCKUP
[  866.868212][T11779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  866.878360][T11779] RIP: 0010:__list_del_entry_valid_or_report+0x14a/0x1d0
[  866.885417][T11779] Code: 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 8d 00 00 00 48 8b 55 00 48 89 e9 48 89 de 48 c7 c7 40 fa 1a 8c e8 87 c2 25 fc 90 <0f> 0b 4c 89 e7 e8 fc 7c 52 fd 48 89 ea 48 b8 00 00 00 00 00 fc ff
[  866.905136][T11779] RSP: 0018:ffffc90003567b20 EFLAGS: 00010082
[  866.911220][T11779] RAX: 000000000000006d RBX: ffffc90003567c50 RCX: 0000000000000000
[  866.919206][T11779] RDX: 000000000000006d RSI: ffffffff81e77f29 RDI: fffff520006acf55
[  866.927187][T11779] RBP: ffff8880368e80a8 R08: 0000000000000005 R09: 0000000000000000
[  866.935172][T11779] R10: 0000000000000002 R11: 6c65645f7473696c R12: ffff8880368e80a8
[  866.943165][T11779] R13: 0000000000000246 R14: ffffc90003567c50 R15: ffff888059283d00
[  866.951151][T11779] FS:  0000000000000000(0000) GS:ffff888124445000(0000) knlGS:0000000000000000
[  866.960264][T11779] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  866.966878][T11779] CR2: 000000110c35b446 CR3: 000000002b160000 CR4: 0000000000350ef0
[  866.974864][T11779] Call Trace:
[  866.978146][T11779]  <TASK>
[  866.981077][T11779]  __mutex_remove_waiter+0x1a/0x1a0
[  866.986492][T11779]  ? __mutex_lock+0x7ca/0x1b90
[  866.991293][T11779]  __mutex_lock+0x828/0x1b90
[  866.995899][T11779]  ? __pfx_debug_object_deactivate+0x10/0x10
[  867.001907][T11779]  ? l2cap_unregister_user+0x71/0x240
[  867.007306][T11779]  ? __pfx___mutex_lock+0x10/0x10
[  867.012357][T11779]  ? __try_to_del_timer_sync+0x107/0x160
[  867.018015][T11779]  ? srso_alias_return_thunk+0x5/0xfbef5
[  867.023761][T11779]  ? rcu_is_watching+0x12/0xc0
[  867.028547][T11779]  ? srso_alias_return_thunk+0x5/0xfbef5
[  867.034233][T11779]  ? lockdep_hardirqs_on+0x78/0x100
[  867.039451][T11779]  ? __try_to_del_timer_sync+0x107/0x160
[  867.045103][T11779]  ? __pfx___try_to_del_timer_sync+0x10/0x10
[  867.051109][T11779]  ? l2cap_unregister_user+0x71/0x240
[  867.056502][T11779]  l2cap_unregister_user+0x71/0x240
[  867.061736][T11779]  hidp_session_thread+0x459/0x680
[  867.066867][T11779]  ? __pfx_hidp_session_thread+0x10/0x10
[  867.072516][T11779]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  867.078791][T11779]  ? srso_alias_return_thunk+0x5/0xfbef5
[  867.084454][T11779]  ? rcu_is_watching+0x12/0xc0
[  867.089321][T11779]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  867.095618][T11779]  ? srso_alias_return_thunk+0x5/0xfbef5
[  867.101285][T11779]  ? srso_alias_return_thunk+0x5/0xfbef5
[  867.106939][T11779]  ? __kthread_parkme+0x18c/0x230
[  867.111986][T11779]  ? kthread+0x13a/0x450
[  867.116257][T11779]  ? __pfx_hidp_session_thread+0x10/0x10
[  867.121903][T11779]  kthread+0x370/0x450
[  867.125998][T11779]  ? __pfx_kthread+0x10/0x10
[  867.130700][T11779]  ret_from_fork+0x754/0xd80
[  867.135322][T11779]  ? __pfx_ret_from_fork+0x10/0x10
[  867.140466][T11779]  ? srso_alias_return_thunk+0x5/0xfbef5
[  867.146140][T11779]  ? __switch_to+0x7b4/0x1120
[  867.150828][T11779]  ? __pfx_kthread+0x10/0x10
[  867.155442][T11779]  ret_from_fork_asm+0x1a/0x30
[  867.160230][T11779]  </TASK>
[  867.163239][T11779] Modules linked in:
[  867.167125][T11779] ---[ end trace 0000000000000000 ]---
[  867.172580][T11779] RIP: 0010:__list_del_entry_valid_or_report+0x14a/0x1d0
[  867.179625][T11779] Code: 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 8d 00 00 00 48 8b 55 00 48 89 e9 48 89 de 48 c7 c7 40 fa 1a 8c e8 87 c2 25 fc 90 <0f> 0b 4c 89 e7 e8 fc 7c 52 fd 48 89 ea 48 b8 00 00 00 00 00 fc ff
[  867.199242][T11779] RSP: 0018:ffffc90003567b20 EFLAGS: 00010082
[  867.205317][T11779] RAX: 000000000000006d RBX: ffffc90003567c50 RCX: 0000000000000000
[  867.213285][T11779] RDX: 000000000000006d RSI: ffffffff81e77f29 RDI: fffff520006acf55
[  867.221365][T11779] RBP: ffff8880368e80a8 R08: 0000000000000005 R09: 0000000000000000
[  867.229333][T11779] R10: 0000000000000002 R11: 6c65645f7473696c R12: ffff8880368e80a8
[  867.237388][T11779] R13: 0000000000000246 R14: ffffc90003567c50 R15: ffff888059283d00
[  867.245364][T11779] FS:  0000000000000000(0000) GS:ffff888124445000(0000) knlGS:0000000000000000
[  867.254297][T11779] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  867.260898][T11779] CR2: 000000110c35b446 CR3: 000000002b160000 CR4: 0000000000350ef0
[  867.268877][T11779] Kernel panic - not syncing: Fatal exception
[  867.275022][T11779] Kernel Offset: disabled
[  867.279423][T11779] Rebooting in 86400 seconds..